Visible to the public Biblio

Filters: Keyword is security education  [Clear All Filters]
Nguyen, Thuy D., Irvine, Cynthia E..  2018.  Development of Industrial Network Forensics Lessons. Proceedings of the Fifth Cybersecurity Symposium. :7:1-7:5.

Most forensic investigators are trained to recognize abusive network behavior in conventional information systems, but they may not know how to detect anomalous traffic patterns in industrial control systems (ICS) that manage critical infrastructure services. We have developed and laboratory-tested hands-on teaching material to introduce students to forensics investigation of intrusions on an industrial network. Rather than using prototypes of ICS components, our approach utilizes commercial industrial products to provide students a more realistic simulation of an ICS network. The lessons cover four different types of attacks and the corresponding post-incident network data analysis.

Burley, Diana, Bishop, Matt, Kaza, Siddharth, Gibson, David S., Hawthorne, Elizabeth, Buck, Scott.  2017.  ACM Joint Task Force on Cybersecurity Education. Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education. :683–684.
In this special session, members of the ACM Joint Task Force (JTF) on Cybersecurity Education will provide an overview of the task force mission, objectives, and release a draft of the curricular guidelines. After the overview, task force members will engage session participants in the curricular development process and solicit feedback on the draft guidelines.
Burley, Diana, Bishop, Matt, Hawthorne, Elizabeth, Kaza, Siddharth, Buck, Scott, Futcher, Lynn.  2016.  Special Session: ACM Joint Task Force on Cyber Education. Proceedings of the 47th ACM Technical Symposium on Computing Science Education. :234–235.

In this special session, members of the ACM Joint Task Force on Cyber Education to Develop Undergraduate Curricular Guidance will provide an overview of the task force mission, objectives, and work plan. After the overview, task force members will engage session participants in the curricular development process.

Stanisavljevic, Z., Stanisavljevic, J., Vuletic, P., Jovanovic, Z..  2014.  COALA - System for Visual Representation of Cryptography Algorithms. Learning Technologies, IEEE Transactions on. 7:178-190.

Educational software systems have an increasingly significant presence in engineering sciences. They aim to improve students' attitudes and knowledge acquisition typically through visual representation and simulation of complex algorithms and mechanisms or hardware systems that are often not available to the educational institutions. This paper presents a novel software system for CryptOgraphic ALgorithm visuAl representation (COALA), which was developed to support a Data Security course at the School of Electrical Engineering, University of Belgrade. The system allows users to follow the execution of several complex algorithms (DES, AES, RSA, and Diffie-Hellman) on real world examples in a step by step detailed view with the possibility of forward and backward navigation. Benefits of the COALA system for students are observed through the increase of the percentage of students who passed the exam and the average grade on the exams during one school year.

Frauenstein, E.D., Von Solms, R..  2014.  Combatting phishing: A holistic human approach. Information Security for South Africa (ISSA), 2014. :1-10.

Phishing continues to remain a lucrative market for cyber criminals, mostly because of the vulnerable human element. Through emails and spoofed-websites, phishers exploit almost any opportunity using major events, considerable financial awards, fake warnings and the trusted reputation of established organizations, as a basis to gain their victims' trust. For many years, humans have often been referred to as the `weakest link' towards protecting information. To gain their victims' trust, phishers continue to use sophisticated looking emails and spoofed websites to trick them, and rely on their victims' lack of knowledge, lax security behavior and organizations' inadequate security measures towards protecting itself and their clients. As such, phishing security controls and vulnerabilities can arguably be classified into three main elements namely human factors (H), organizational aspects (O) and technological controls (T). All three of these elements have the common feature of human involvement and as such, security gaps are inevitable. Each element also functions as both security control and security vulnerability. A holistic framework towards combatting phishing is required whereby the human feature in all three of these elements is enhanced by means of a security education, training and awareness programme. This paper discusses the educational factors required to form part of a holistic framework, addressing the HOT elements as well as the relationships between these elements towards combatting phishing. The development of this framework uses the principles of design science to ensure that it is developed with rigor. Furthermore, this paper reports on the verification of the framework.