Teaching Cybersecurity Using the Cloud

Cloud computing platforms can be highly attractive to conduct course assignments and empower students with valuable and indispensable hands-on experience. In particular, the cloud can offer teaching staff and students (whether local or remote) on-demand, elastic, dedicated, isolated, (virtually) unlimited, and easily configurable virtual machines. As such, employing cloud-based laboratories can have clear advantages over using classical ones, which impose major hindrances against fulfilling pedagogical objectives and do not scale well when the number of students and distant university campuses grows up. We show how the cloud paradigm can be leveraged to teach a cybersecurity course. Specifically, we share our experience when using cloud computing to teach a senior course on cybersecurity across two campuses via a virtual classroom equipped with live audio and video. Furthermore, based on this teaching experience, we propose guidelines that can be applied to teach similar computer science and engineering courses. We demonstrate how cloud-based laboratory exercises can greatly help students in acquiring crucial cybersecurity skills as well as cloud computing ones, which are in high demand nowadays. The cloud we used for this course was the Amazon Web Services (AWS) public cloud. However, our presented use cases and approaches are equally applicable to other available cloud platforms such as Rackspace and Google Compute Engine, among others

Report of the 2014 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure

This event was supported in part by the National Science Foundation under Grant Number 1234408. Any opinions, findings, and conclusions or recommendations expressed at the event or in this report are those of the authors and do not necessarily reflect the views of the National Science Foundation

Report of the 2013 NSF Cybersecurity Summit for Cyberinfrastructure and Large Facilities: Designing Cybersecurity Programs in Support of Science

This 3-day summit focused on challenges of supporting those who secure scientific cyberinfrastructure. Tutorials covered identity management, network security and monitoring cybersecurity planning, and secure software development. Working group efforts continue in the Trusted CI Forum (trustedci.groupside.com). Future summits were discussed.This event was supported in part by the National Science Foundation under Grant Number 1234408. Any opinions, findings, and conclusions or recommendations expressed at the event or in this report are those of their authors and do not necessarily reflect the view of the National Science Foundation or any other organization

Report of the 2015 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure

This event was supported in part by the National Science Foundation under Grant Number 1234408. Any opinions, findings, and conclusions or recommendations expressed at the event or in this report are those of the authors and do not necessarily reflect the views of the National Science Foundation

National Science Foundation Advisory Committee for Cyberinfrastructure Task Force on Campus Bridging Final Report

The mission of the National Science Foundation (NSF) Advisory Committee on Cyberinfrastructure (ACCI) is to advise the NSF as a whole on matters related to vision and strategy regarding cyberinfrastructure (CI). In early 2009 the ACCI charged six task forces with making recommendations to the NSF in strategic areas of cyberinfrastructure: Campus Bridging; Cyberlearning and Workforce Development; Data and Visualization; Grand Challenges; High Performance Computing (HPC); and Software for Science and Engineering. Each task force was asked to offer advice on the basis of which the NSF would modify existing programs and create new programs. This document is the final, overall report of the Task Force on Campus Bridging.National Science Foundatio

Awareness and perception of phishing variants from Policing, Computing and Criminology students in Canterbury Christ Church University

This study focuses on gauging awareness of different phishing communication students in the School of Law, Policing and Social Sciences and the School of Engineering, Technology and Design in Canterbury Christ Church University and their perception of different phishing variants. There is an exploration of the underlying factors in which students fall victim to different types of phishing attacks from questionnaires and a focus group. The students’ perception of different types of phishing variants was varied from the focus group and anonymised questionnaires. A total of 177 respondents participated in anonymised questionnaires in the study. Students were asked a mixture of scenario-based questions on different phishing attacks, their awareness levels of security tools that can be used against some phishing variants, and if they received any phishing emails in the past. Additionally, 6 computing students in a focus group discussed different types of phishing attacks and recommended potential security countermeasures against them. The vulnerabilities and issues of anti-phishing software, firewalls, and internet browsers that have security toolbars are explained in the study against different types of phishing attacks. The focus group was with computing students and their knowledge about certain phishing variants was limited. The discussion within the focus group was gauging the computing students' understanding and awareness of phishing variants. The questionnaire data collection sample was with first year criminology and final year policing students which may have influenced the results of the questionnaire in terms of their understanding, security countermeasures, and how they identify certain phishing variants. The anonymised questionnaire awareness levels on different types of phishing fluctuated in terms of lack of awareness on certain phishing variants. Some criminology and policing students either did not know about phishing variants or had limited knowledge about different types of phishing communication, security countermeasures, the identifying features of a phishing message, and the precautions they should take against phishing variants from fraudsters