Teaching Cybersecurity Using the Cloud

Cloud computing platforms can be highly attractive to conduct course assignments and empower students with valuable and indispensable hands-on experience. In particular, the cloud can offer teaching staff and students (whether local or remote) on-demand, elastic, dedicated, isolated, (virtually) unlimited, and easily configurable virtual machines. As such, employing cloud-based laboratories can have clear advantages over using classical ones, which impose major hindrances against fulfilling pedagogical objectives and do not scale well when the number of students and distant university campuses grows up. We show how the cloud paradigm can be leveraged to teach a cybersecurity course. Specifically, we share our experience when using cloud computing to teach a senior course on cybersecurity across two campuses via a virtual classroom equipped with live audio and video. Furthermore, based on this teaching experience, we propose guidelines that can be applied to teach similar computer science and engineering courses. We demonstrate how cloud-based laboratory exercises can greatly help students in acquiring crucial cybersecurity skills as well as cloud computing ones, which are in high demand nowadays. The cloud we used for this course was the Amazon Web Services (AWS) public cloud. However, our presented use cases and approaches are equally applicable to other available cloud platforms such as Rackspace and Google Compute Engine, among others

Harnessing Artificial Intelligence Capabilities to Improve Cybersecurity

Cybersecurity is a fast-evolving discipline that is always in the news over the last decade, as the number of threats rises and cybercriminals constantly endeavor to stay a step ahead of law enforcement. Over the years, although the original motives for carrying out cyberattacks largely remain unchanged, cybercriminals have become increasingly sophisticated with their techniques. Traditional cybersecurity solutions are becoming inadequate at detecting and mitigating emerging cyberattacks. Advances in cryptographic and Artificial Intelligence (AI) techniques (in particular, machine learning and deep learning) show promise in enabling cybersecurity experts to counter the ever-evolving threat posed by adversaries. Here, we explore AI\u27s potential in improving cybersecurity solutions, by identifying both its strengths and weaknesses. We also discuss future research opportunities associated with the development of AI techniques in the cybersecurity field across a range of application domains

Cybersecurity of Online Proctoring Systems

The online proctored examinations are adopted exceedingly in all forms of academic education and professional training. AI with Machine Learning technology take the leading role in supporting authentication, authorization, and operational control of proctored online examination. The paper discusses how administrative, physical, and technical controls can help mitigate related cybersecurity vulnerabilities of online proctoring systems (OPS). The paper considers two classes of OPS: fully automated AI-enabled systems and hybrid systems (automated AI-enabled with an expert live proctor in control). Based on the review of 20 online proctoring systems, the paper discusses methods and techniques of multi-factor authentication and authorizations, including the use of challenge-response, biometrics (face and voice recognition), and blockchain technology. The discussion of operational controls includes the use of lockdown browsers, webcam detection of behavioral signs of fraud, endpoint security, VPN and VM, screen-sharing and keyboard listening programs, technical controls to mitigate the absence of spatial (physical area) controls, compliance with regulations (GDPR), etc. Other topics discussed include confidentiality of the exam content, logging of control data, video and sound recording for auditing, limitations of endpoint-based security protection and detection techniques of behavior-based cheating and the effect of new intrusive technology on students’ privacy. In conclusion, the paper lists advanced features of online proctoring systems

Overcoming the Challenges of Teaching Cybersecurity in UK Computer Science Degree Programmes

This Innovative Practice Full Paper explores the diversity of challenges relating to the teaching of cybersecurity in UK higher education degree programmes, through the lens of national policy, to the impact on pedagogy and practice.There is a serious demand for cybersecurity specialists, both in the UK and globally; there is thus significant and growing higher education provision related to specialist undergraduate and postgraduate courses focusing on varying aspects of cybersecurity. To make our digital systems and products more secure, all in IT need to know some cybersecurity — thus, there is a case for depth as well as breadth; this is not a new concern, but it is a growing one. Delivering cybersecurity effectively across general computer science programmes presents a number of challenges related to pedagogy, resources, faculty and infrastructure, as well as responding to industry requirements.Computer science and cognate engineering disciplines are evolving to meet these demands — both at school-level, as well as at university — however, doing so is not without challenges. This paper explores the progress made to date in the UK, building on previous work in cybersecurity education and accreditation by highlighting key challenges and opportunities, as well as identifying a number of enhancement activities for use by the international cybersecurity education community. It frames these challenges through concerns with the quality and availability of underpinning educational resources, the competencies and skills of faculty (especially focusing on pedagogy, progression and assessment), and articulating the necessary technical resources and infrastructure related to delivering rigorous cybersecurity content in general computer science and cognate degrees.Though this critical evaluation of an emerging national case study of cybersecurity education in the UK, we also present a number of recommendations across policy and practice — from pedagogic principles and developing effective cybersecurity teaching practice, challenges in the recruitment, retention and professional development of faculty, to supporting diverse routes into post-compulsory cybersecurity education (and thus, diverse careers) — to provide the foundation for potential replicability and portability to other jurisdictions contemplating related education and skills reform initiatives and interventions

Addressing Cybersecurity and Privacy Concerns in E-Learning: Evidence from Kuwaiti Educational Sector

This study explored cybersecurity and privacy concerns within e-learning in the Kuwaiti educational sector. This is done through adopting a mixed-methods approach that incorporates an online questionnaire and semi-structured interviews. Quantitative data from 384 participants indicated moderate to high cybersecurity and privacy concerns. In order to explore further about such concerns, qualitative data were collected from 16 interviewees and highlighted key issues such as lack of awareness, platform security deficiencies, privacy worries and regulatory needs. To address these concerns, the study proposed a comprehensive "Kuwaiti Educational Cybersecurity and Privacy Assurance Framework" (KECPAF) centred around cybersecurity education, platform security enhancement, clear policy development and robust enforcement. The research calls for collective effort among stakeholders and collaboration with cybersecurity experts to effectively implement the framework, adapt to evolving threats and improve the security of e-learning platforms in Kuwait's educational sector. Keywords: Kuwait, Education, e-learning, Cybersecurity, Privacy, Confidentiality, Framework. DOI: 10.7176/EJBM/16-1-01 Publication date: January 31st 202

Autonomous Threat Hunting: A Future Paradigm for AI-Driven Threat Intelligence

The evolution of cybersecurity has spurred the emergence of autonomous threat hunting as a pivotal paradigm in the realm of AI-driven threat intelligence. This review navigates through the intricate landscape of autonomous threat hunting, exploring its significance and pivotal role in fortifying cyber defense mechanisms. Delving into the amalgamation of artificial intelligence (AI) and traditional threat intelligence methodologies, this paper delineates the necessity and evolution of autonomous approaches in combating contemporary cyber threats. Through a comprehensive exploration of foundational AI-driven threat intelligence, the review accentuates the transformative influence of AI and machine learning on conventional threat intelligence practices. It elucidates the conceptual framework underpinning autonomous threat hunting, spotlighting its components, and the seamless integration of AI algorithms within threat hunting processes.. Insightful discussions on challenges encompassing scalability, interpretability, and ethical considerations in AI-driven models enrich the discourse. Moreover, through illuminating case studies and evaluations, this paper showcases real-world implementations, underscoring success stories and lessons learned by organizations adopting AI-driven threat intelligence. In conclusion, this review consolidates key insights, emphasizing the substantial implications of autonomous threat hunting for the future of cybersecurity. It underscores the significance of continual research and collaborative efforts in harnessing the potential of AI-driven approaches to fortify cyber defenses against evolving threats

Shifting Paradigms: Innovations in Teaching History in the Fourth Industrial Revolution

In the context of the Fourth Industrial Revolution, characterized by rapid technological advancements and widespread digitization, this paper delves into the evolving paradigms of historical education. Traditional teaching methods are becoming obsolete, given the tech-savvy nature of current learners. This study explores innovative pedagogical approaches that integrate technology, catering to the unique needs of this generation. By reviewing contemporary literature and gathering expert insights, we offer an overview of emerging trends in historical education. Notably, technology is poised to redefine how history is learned. Modern learners gravitate towards boundary-less learning experiences, enabled by resources like ebooks, ICT-based apps, websites, android platforms, VR, and virtual tours. To stay relevant, a significant shift in historical education is imperative. This paper concludes by emphasizing the profound implications of this transition and proposes actionable recommendations for educators and policymakers

What Are Cybersecurity Education Papers About? A Systematic Literature Review of SIGCSE and ITiCSE Conferences

Cybersecurity is now more important than ever, and so is education in this field. However, the cybersecurity domain encompasses an extensive set of concepts, which can be taught in different ways and contexts. To understand the state of the art of cybersecurity education and related research, we examine papers from the ACM SIGCSE Technical Symposium and ACM ITiCSE conferences. From 2010 to 2019, a total of 1,748 papers were published at these conferences, and 71 of them focus on cybersecurity education. The papers discuss courses, tools, exercises, and teaching approaches. For each paper, we map the covered topics, teaching context, evaluation methods, impact, and the community of authors. We discovered that the technical topic areas are evenly covered (the most prominent being secure programming, network security, and offensive security), and human aspects, such as privacy and social engineering, are present as well. The interventions described in SIGCSE and ITiCSE papers predominantly focus on tertiary education in the USA. The subsequent evaluation mostly consists of collecting students' subjective perceptions via questionnaires. However, less than a third of the papers provide supplementary materials for other educators, and none of the authors published their dataset. Our results are relevant for instructors, researchers, and anyone new in the field of cybersecurity education, since they provide orientation in the area, a synthesis of trends, and implications for further research. The information we collected and synthesized from individual papers are organized in a publicly available dataset

Quantum Computing and IS - Harnessing the Opportunities of Emerging Technologies

Emerging technologies have high potential for impact and are worthy of attention by the Information Systems (IS) community. To date, IS has not been able to lead the research and teaching of emerging technologies in their early stages, arguably because: (1) IS researchers often lack knowledge of the foundational principles of such emerging technologies, and (2) during the emerging phase, there is insufficient data on adoption, use, and impact of these technologies. To overcome these challenges, the IS discipline must be willing to break its own disciplinary research boundaries to go beyond software applications and their related management issues and start studying emerging technologies before they are massively adopted by industry. In this paper, we use quantum computing as an exemplar emerging technology and outline a research and education agenda for IS to harness its opportunities. We propose that IS researchers may conduct rigorous research in emergent technologies through collaboration with researchers from other disciplines. We also see a role for IS researchers in the scholarship of emerging technologies that is of introducing emerging technology in IS curricula