Using Offline Activities to Enhance Online Cybersecurity Education

Since the beginning of the 21st century, the United States has experienced the impact of a technological revolution. One effect of this technological revolution is the creation of entirely new careers related to the field of technology, including cybersecurity. Continued growth in the cybersecurity industry means a greater number of jobs will be created, adding to the existing number of jobs that are challenging an under-educated and under-trained workforce. The goal of this thesis is to increase the effectiveness of cybersecurity education. This thesis studies whether an online course in cybersecurity can be enhanced by offline, in-person activities that mirror traditional classroom methods. To validate the research, two groups of high school students participated in an online course with only one group participating in offline activities. The results showed that the group that participated in both the online and offline portions of the course had a higher percentage of student retention, a more positive mindset towards cybersecurity, and an improved performance in the course

THE IMPACT OF ACTIVE LEARNING WITH ADAPTIVE LEARNING SYSTEMS IN GENERAL EDUCATION INFORMATION TECHNOLOGY COURSES

An adaptive learning system is an effective educational tool that meets the individual needs of students, but it is limited in fostering student learning by itself. With active engagement, students learn better than with adaptive learning systems alone. In this study, we investigate the impact of an adaptive learning system with active learning projects on student learning in general education information technology courses. We believe that today\u27s classroom calls for adaptive learning to serve the needs of diverse student populations. Active learning through real-life hands-on learning activities can enhance student learning by allowing them to apply their knowledge to authentic projects. In the classroom, we often find that learning computing with authentic hands-on activities is not only useful, but it contributes to improving student motivation and confidence

Behavioural verification: preventing report fraud in decentralized advert distribution systems

Service commissions, which are claimed by Ad-Networks and Publishers, are susceptible to forgery as non-human operators are able to artificially create fictitious traffic on digital platforms for the purpose of committing financial fraud. This places a significant strain on Advertisers who have no effective means of differentiating fabricated Ad-Reports from those which correspond to real consumer activity. To address this problem, we contribute an advert reporting system which utilizes opportunistic networking and a blockchain-inspired construction in order to identify authentic Ad-Reports by determining whether they were composed by honest or dishonest users. What constitutes a user's honesty for our system is the manner in which they access adverts on their mobile device. Dishonest users submit multiple reports over a short period of time while honest users behave as consumers who view adverts at a balanced pace while engaging in typical social activities such as purchasing goods online, moving through space and interacting with other users. We argue that it is hard for dishonest users to fake honest behaviour and we exploit the behavioural patterns of users in order to classify Ad-Reports as real or fabricated. By determining the honesty of the user who submitted a particular report, our system offers a more secure reward-claiming model which protects against fraud while still preserving the user's anonymity

Exploration of the theory underlying the construction of a multi-puzzle contest

Thesis (S.B.)--Massachusetts Institute of Technology, Dept. of Humanities, Program in Writing and Humanistic Studies, 1998.This is an exploration of the rules and guidelines that underlie the structure of a multi-puzzle contest (a competition consisting of one large puzzle made up of a number of smaller constituent puzzles). The MIT Mystery Hunt, a multi-puzzle contest held on campus each January, is the second-largest annual event of this nature in the United States. The theories put forth in this exploration were culled from personal experience. Having played in four MIT Mystery Hunts and constructed two, as well as participating in other multi-puzzle contests such as the Miami Herald Tropic Hunt, the Random House $10,000 Trivia Challenge, and the National Puzzlers' League convention extravaganza, I am familiar with the specific format in question. Furthermore, I have a firsthand understanding, from both sides of the contest, of what is necessary and what is optional and, more importantly, what works and what does not. It was found that the structural framework of a multi-puzzle contest is rather loose; most of the guidelines and elements are optional. The only necessary aspects are the most basic structural components: an endgame and a number of individual puzzles. However, while a multi-puzzle contest can technically work without a majority of the elements discussed, many of these must be included for such a contest to be a successful form of entertainment. The most vital aspects are theme and variety; others that should be included are puzzles that use the available geography and experimental puzzles. Ultimately, the puzzle maker should design the multi-puzzle contest he would most like to participate in himself.by Mark Louis Gottlieb.S.B

The secret life of Ian Fleming : spies, lies and social ties

This article explores the fascinating interactions and experiences of James Bond creator, Ian Fleming, with the real world of intelligence. It has long been known that Fleming worked in Naval Intelligence during the Second World War. However, accounts of his time there tend to portray him as a lowly and slightly eccentric administrator. Drawing on newly discovered archival materials, plus memoirs and histories, it is argued here that Fleming was a respected and influential figure in the great game of espionage for some three decades. During the war, he was a central cog in the machinery of naval intelligence, planning operations, working with partners in American intelligence and liaising with secret Whitehall departments, including the Government Code and Cypher School at Bletchley Park. Before and after the war, he was involved in a range of intelligence networks, often using journalistic cover to hide his clandestine connections. Throughout his life, his social circle was a ‘who’s who’ of spies and saboteurs, including CIA Director Allen Dulles. In short, he straddled the state-private divide. Taken together, these dealings with real intelligence paved the way for and gave veracity to his fiction, which continues to shape public perceptions of intelligence to this day

How WEIRD is Usable Privacy and Security Research? (Extended Version)

In human factor fields such as human-computer interaction (HCI) and psychology, researchers have been concerned that participants mostly come from WEIRD (Western, Educated, Industrialized, Rich, and Democratic) countries. This WEIRD skew may hinder understanding of diverse populations and their cultural differences. The usable privacy and security (UPS) field has inherited many research methodologies from research on human factor fields. We conducted a literature review to understand the extent to which participant samples in UPS papers were from WEIRD countries and the characteristics of the methodologies and research topics in each user study recruiting Western or non-Western participants. We found that the skew toward WEIRD countries in UPS is greater than that in HCI. Geographic and linguistic barriers in the study methods and recruitment methods may cause researchers to conduct user studies locally. In addition, many papers did not report participant demographics, which could hinder the replication of the reported studies, leading to low reproducibility. To improve geographic diversity, we provide the suggestions including facilitate replication studies, address geographic and linguistic issues of study/recruitment methods, and facilitate research on the topics for non-WEIRD populations.Comment: This paper is the extended version of the paper presented at USENIX SECURITY 202

Unobtrusive Location-Based Access Control Utilizing Existing IEEE 802.11 Infrastructure

Mobile devices can sense several types of signals over the air using different radio frequency technologies (e.g., Wi-Fi, Bluetooth, cellular signals, etc.). Furthermore, mobile devices receive broadcast messages from transmitting entities (e.g., network access points, cellular phone towers, etc.) and can measure the received signal strength from these entities. Broadcast messages carry the information needed in case a mobile device chooses to establish communication. We believe that these signals can be utilized in the context of access control, specifically because they could provide an indication of the location of a user\u27s device. Such a “location proof” could then be used to provide access to location-based services. In this research, we propose a location-based access control (LBAC) system that utilizes tokens broadcasted by IEEE 802.11 (Wi-Fi) access points as a location proof for clients requesting access to a resource. This work differs from existing research in that it allows the verification of a client’s location continuously and unobtrusively, utilizing existing IEEE 802.11 infrastructure (which makes it easily deployable), and resulting in a secure and convenient LBAC system. This work illustrates an important application of location-based services (LBS): security. LBAC systems manage access to resources by utilizing the location of clients. The proposed LBAC system attempts to take advantage of the current IEEE 802.11 infrastructure, making it directly applicable to an existing ubiquitous system infrastructure

FIELD, Issue 65, Fall 2001

https://digitalcommons.oberlin.edu/field/1061/thumbnail.jp

Election Security Is Harder Than You Think

Recent years have seen the rise of nation-state interference in elections across the globe, making the ever-present need for more secure elections all the more dire. While certain common-sense approaches have been a typical response in the past, e.g. ``don't connect voting machines to the Internet'' and ``use a voting system with a paper trail'', known-good solutions to improving election security have languished in relative obscurity for decades. These techniques are only now finally being implemented at scale, and that implementation has brought the intricacies of sophisticated approaches to election security into full relief. This dissertation argues that while approaches to improve election security like paper ballots and post-election audits seem straightforward, in reality there are significant practical barriers to sufficient implementation. Overcoming these barriers is a necessary condition for an election to be secure, and while doing so is possible, it requires significant refinement of existing techniques. In order to better understand how election security technology can be improved, I first develop what it means for an election to be secure. I then delve into experimental results regarding voter-verified paper, discussing the challenges presented by paper ballots as well as some strategies to improve the security they can deliver. I examine the post-election audit ecosystem and propose a manifest improvement to audit workload analysis through parallelization. Finally, I show that even when all of these conditions are met (as in a vote-by-mail scenario), there are still wrinkles that must be addressed for an election to be truly secure.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/163272/1/matber_1.pd