Hardware Components in Cybersecurity Education

Hardware components have been designated as required academic content for colleges to be recognized as a center of academic excellence in cyber operations by the National Security Agency (NSA). To meet the hardware requirement, computer science and information technology programs must cover hardware concepts and design skills, topics which are less emphasized in existing programs. This paper describes a new pedagogical model for hardware based on network intrusion detection taught at college and graduate levels in a National Center of Academic Excellence in Information Assurance Education Program (CAE/IAE). The curriculum focuses on the fundamental concepts of network intrusion detection mechanisms, network traffic analysis, rule-based detection logic, system configuration, and basic hardware design and experiments. This new course enriches students with the latest developments

Using Bloom\u27s and Webb\u27s Taxonomies to Integrate Emerging Cybersecurity Topics into a Computic Curriculum

Recent high profile hackings have cost companies millions of dollars resulting in an increasing priority to protect government and business data. Universities are under increased pressure to produce graduates with better security knowledge and skills, particularly emerging cybersecurity skills. Although accredited undergraduate computing programs recognize the need to solve this problem, these computing programs are constrained by accreditation standards and have limited ability to modify their curricula. This paper discusses a case study on how one Accreditation Board for Engineering and Technology (ABET) accredited undergraduate IT program created a strategy to continue to teach existing security-related topics as well as emerging cybersecurity topics within its IT curriculum without increasing credit requirements. The faculty developed an IT Security-related and Cybersecurity Curriculum Taxonomy to identify strategies to move security-related topics taught in the higher level courses to lower and intermediate courses. Thus emerging cybersecurity topics could be added to high-level courses. The faculty also created the IT Student Learning (Security-related) Taxonomy by combining Bloom’s Taxonomy’s six levels of thinking with Webb’s Depth of Knowledge Model. This student learning taxonomy enabled the faculty to review the student learning outcomes for each of the existing security-related core topics and develop new ones for the emerging cybersecurity topics. Challenges, benefits, and application of this strategy to other disciplines are discussed

Development of Information Technology Auditing Teaching Modules: An Interdisciplinary Endeavor between Seidenberg and Lubin Faculty

The original goals of the project were to develop interdisciplinary Information Technology (IT) Auditing teaching modules, to be integrated into courses offered by both Business and Information Technology disciplines during Fall 2009 and Spring 2010. IT Auditing is an interdisciplinary field which requires understanding audit, control, technology and security concepts in accordance with audit standards, guidelines, and best practices. Thus, IT Auditing requires interdisciplinary knowledge across IT and Accounting/Auditing domains. With increasing use of IT in business processes, the demand for IT Auditors is increasing rapidly, offering a lucrative career path. Acquiring IT Audit related knowledge and skills will help our students improve their career opportunities by exploring this growing field. Based upon the curriculum content areas of the CISA Exam as well as the ISACA Model Curriculum, we proposed the following three interdisciplinary teaching modules for IT Auditing: 1) IT Auditing Frameworks & Business Continuity; 2) IT Lifecycle Management & Service Delivery; and 3) Protection of Information Assets. We had developed the three teaching modules. Each individual module can be covered in one to two weeks. The entire set of three IT Auditing modules can then be covered in 3-4 weeks of class time. For each of the individual modules, we had developed presentation slides, reading lists and online quizzes based on the CISA Exam. We had also identified an overarching case study to be used throughout the three individual modules for continuity reasons

Laboratory Exercises to Accompany Industrial Control and Embedded Systems Security Curriculum Modules

The daily intrusion attempts and attacks on industrial control systems (ICS) and embedded systems (ES) underscore the criticality of the protection of our Critical Infrastructures (CIs). As recent as mid-July 2018, numerous reports on the infiltration of US utility control rooms by Russian hackers have been published. These successful infiltration and possible manipulation of the utility companies could easily translate to a devastating attack on our nation’s power grid and, consequently, our economy and well-being. Indeed, the need to secure the control and embedded systems which operate our CIs has never been so pronounced. In our attempt to address this critical need, we designed, developed and implemented ICS and ES security curriculum modules with pertinent hands-on laboratory exercises that can be freely adopted across the national setting. This paper describes in detail the modules and the accompanying exercises and proposes future enhancements and extensions to these pedagogical instruments. It highlights the interaction between control and embedded systems security with Presidential Policy Directive 8- the National Preparedness Plan (NPP), cyber risk management, incident handling. To establish the premise the laboratory exercises were developed. This paper outlines the description and content of the modules in the areas of (1) Industrial Control Systems (ICS) Security, (2) embedded systems (ES), and (3) guidelines, standards, and policy. The ICS security modules cover the predominant ICS protocols, ladder logic programming, Human Machine Interface (HMI), defensive techniques, ICS reconnaissance, vulnerability assessment, Intrusion detection, and penetration testing. The ES security modules include topics such as secure firmware programming and authentication mechanisms. In the guidelines, standards, and policy section, the topics covered by the modules include the NPP as it relates to CI protection, risk management, system protection and policy design, and managing operations and controls. An overview of the various hands-on exercises that accompany the course modules is also presented. Further, to evaluate the effectiveness of the pedagogical materials, an initial evaluation was conducted and the survey data were collected, analyzed, and presented. The paper concludes with future enhancements and directives on opportunities for module extensions and course adoption

Firewall monitoring using intrusion detection systems

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2005Includes bibliographical references (leaves: 79-81)Text in English Abstract: Turkish and Englishviii,79 leavesMost organizations have intranet, they know the benefits of connecting their private LAN to the Internet. However, Internet is inherently an insecure network. That makes the security of the computer systems an imported problem. The first step of network security is firewalls. Firewalls are used to protect internal networks from external attacks through restricting network access according to the rules. The firewall must apply previously defined rules to each packet reaching to its network interface. If the application of rules are prohibited due to malfunction or hacking, internal network may be open to attacks and this situation should be recovered as fast as possible. In order to be sure about the firewall working properly, we proposed to use Intrusion Detection Systems (IDS)to monitor firewall operation. The architecture of our experimental environment is composed of a firewall and two IDSs. One IDS is between external network and firewall, while the other is between firewall and private network. Those two IDSs are invisible to the both networks and they send their information to a monitoring server, which decides, based on two observations, whether the firewall is working properly or not

Security and computer forensics in web engineering education

The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security should be an integral part of a Web Engineering curriculum. One aspect of Computer forensics investigates failures in security. Hence, students should be aware of the issues in forensics and how to respond when security failures occur; collecting evidence is particularly difficult for Web-based applications