A League of Our Own: The Future of Cyber Defense Competitions

Numerous cyber defense competitions exist today for individuals and teams to test their cyber security skills where each team has to “win or go home.” What is missing from these competitions is a league allowing head to head competitions over the course of a season, much like a sport. Teams playing several hours every week during a ten-week season have the opportunity to improve their cyber security skills. This paper provides an overview of cyber security competitions, and how a National Cyber League can greatly expand the number of and participants in these competitions at a much lower cost leveraging virtual technologies

Addressing Emerging Information Security Personnel Needs. A Look at Competitions in Academia: Do Cyber Defense Competitions Work?

This paper is part of a proposed study that looks at the emerging information security personnel needs of organizations. We are attempting to explore the correlation between components of a regional cyber defense competition and an organization’s needs in terms of employing adequately trained information security personnel. We look to identify some unique characteristics of a regional academic cyber defense competition via the critical success factors method

AiCEF: An AI-assisted Cyber Exercise Content Generation Framework Using Named Entity Recognition

Content generation that is both relevant and up to date with the current threats of the target audience is a critical element in the success of any Cyber Security Exercise (CSE). Through this work, we explore the results of applying machine learning techniques to unstructured information sources to generate structured CSE content. The corpus of our work is a large dataset of publicly available cyber security articles that have been used to predict future threats and to form the skeleton for new exercise scenarios. Machine learning techniques, like named entity recognition (NER) and topic extraction, have been utilised to structure the information based on a novel ontology we developed, named Cyber Exercise Scenario Ontology (CESO). Moreover, we used clustering with outliers to classify the generated extracted data into objects of our ontology. Graph comparison methodologies were used to match generated scenario fragments to known threat actors' tactics and help enrich the proposed scenario accordingly with the help of synthetic text generators. CESO has also been chosen as the prominent way to express both fragments and the final proposed scenario content by our AI-assisted Cyber Exercise Framework (AiCEF). Our methodology was put to test by providing a set of generated scenarios for evaluation to a group of experts to be used as part of a real-world awareness tabletop exercise

Creating a Multifarious Cyber Science Major

Existing approaches to computing-based cyber undergraduate majors typically take one of two forms: a broad exploration of both technical and human aspects, or a deep technical exploration of a single discipline relevant to cybersecurity. This paper describes the creation of a third approach—a multifarious major, consistent with Cybersecurity Curricula 2017, the ABET Cybersecurity Program Criteria, and the National Security Agency Center for Academic Excellence—Cyber Operations criteria. Our novel curriculum relies on a 10-course common foundation extended by one of five possible concentrations, each of which is delivered through a disciplinary lens and specialized into a highly relevant computing interest area serving society’s diverse cyber needs. The journey began years ago when we infused cybersecurity education throughout our programs, seeking to keep offerings and extracurricular activities relevant in society’s increasingly complex relationship with cyberspace. This paper details the overarching design principles, decision-making process, benchmarking, and feedback elicitation activities. A surprising key step was merging several curricula proposals into a single hybrid option. The new major attracted a strong initial cohort, meeting our enrollment goals and exceeding our diversity goals. We provide several recommendations for any institution embarking on a process of designing a new cyber-named major

Cyber Security and Criminal Justice Programs in the United States: Exploring the Intersections

The study of cyber security is an interdisciplinary pursuit that includes STEM disciplines as well as the social sciences. While research on cyber security appears to be central in STEM disciplines, it is not yet clear how central cyber security and cyber crime is to criminal justice scholarship. In order to examine the connections between cyber security and criminal justice, in this study attention is given to the way that criminal justice scholars have embraced cyber crime research and coursework. Results show that while there are a number of cyber crime courses included in criminal justice majors there are not a large number of cyber crime research studies incorporated in mainstream criminal justice journals

2011 Annual Report of the Graduate School of Engineering and Management, Air Force Institute of Technology

The Graduate School\u27s Annual Report highlights research focus areas, new academic programs, faculty accomplishments and news, and provides top-level sponsor-funded research data and information