An Insider Threat Activity in a Software Security Course

Software development teams face a critical threat to the security of their systems: insiders. A malicious insider is a person who violates an authorized level of access in a software system. Unfortunately, when creating software, developers do not typically account for insider threat. Students learning software development are unaware of the impacts of malicious actors and are far too often untrained in prevention methods against them. A few of the defensive mechanisms to protect against insider threats include eliminating system access once an employee leaves an organization, enforcing principle of least privilege, code reviews, and constant monitoring for suspicious activity. At the Department of Software Engineering at the Rochester Institute of Technology, we require a course titled Engineering of Secure Software and have created an activity designed to prepare students for the problem of insider threats. At the beginning of this activity, student teams are given the task of designing a moderately sized secure software system. The goal of this insider is to manipulate the team into creating a flawed system design that would allow attackers to perform malicious activities once the system has been created. When the insider is revealed at the conclusion of the project, students discuss countermeasures regarding the malicious actions the insiders were able to plan or complete, along with methods of prevention that may have been employed by the team to detect the malicious developer. In this paper, we describe the activity along with the results of a survey. We discuss the benefits and challenges of the activity with the goal of giving other instructors the tools they need to conduct this activity at their institution. While many institutions do not offer courses in computer security, this self-contained activity may be used in any computing course to enforce the importance of protecting against insider threats

Patterns for Active E-Learning in CMS Environments

The proliferation of course management systems (CMS) in the last decade stimulated educators in establishing novel active e-learning practices. Only a few of these practices, however, have been systematically described and published as pedagogic patterns. The lack of formal patterns is an obstacle to the systematic reuse of beneficial active e-learning experiences. This paper aims to partially fill the void by offering a collection of active e-learning patterns that are derived from our continuous course design experience in standard CMS environments, such as Moodle and Black-board. Our technical focus is on active e-learning patterns that can boost student interest in computing-related fields and increase student enrolment in computing-related courses. Members of the international e-learning community can benefit from active e-learning patterns by applying them in the design of new CMS-based courses – in computing and other technical fields

Patterns for Active E-learning in CMS Environments

The proliferation of course management systems (CMS) in the last decade stimulated educators in establishing novel active e-learning practices. Only a few of these practices, however, have been systematically described and published as pedagogic patterns. The lack of formal patterns is an obstacle to the systematic reuse of beneficial active e-learning experiences. This paper aims to partially fill the void by offering a collection of active e-learning patterns that are derived from our continuous course design experience in standard CMS environments, such as Moodle and Black-board. Our technical focus is on active e-learning patterns that can boost student interest in computing-related fields and increase student enrollment in computing-related courses. Members of the international e-learning community can benefit from active e-learning patterns by applying them in the design of new CMS-based courses – in computing and other technical fields

A First Look at the Year in Computing

In this paper, we discuss students’ expectations and experiences in the first term of the Year in Computing, a new programme for non-computing majors at the University of Kent, a public research university in the UK. We focus on the effect of students’ home discipline on their experiences in the programme and situate this work within the context of wider efforts to make the study of computing accessible to a broader range of students

Pregled literature o empirijskim istraživanjima o utjecaju digitalnih igara na stilove učenja i višestruke inteligencije

The paper presents a review of literature resources that studied the effects of digital games on students\u27 learning and intelligence. The research included 5,740 scientific papers from 11 electronic repositories that presented various evidence of multidimensional impact of digital games on students. Categorization and application of multiple qualitative criteria identified 36 representative papers that presented empirical evidence. Various indicators and benchmarks used in papers were analysed, taking into account the methodological limitations. The results confirm the complex relations between digital games andlearning styles and multiple intelligences on which the recommendations and questions for future research are created.U radu se daje pregled literature koja prikazuje rezultate istraživanja o utjecaju digitalnih igara na učenje i inteligencije učenika. Istraživanje je obuhvatilo 5740 znanstvenih radova iz 11 elektroničkih repozitorija, a koji su pružili raznolike dokaze o višedimenzionalnom utjecaju digitalnih igara na učenike. Kategorizacijom i primjenom višestrukih kvalitativnih kriterija pronađeno je 36 odgovarajućih radova koji su sadržavali empirijske dokaze. U radovima su analizirani raznovrsni indikatori i referentne točke, uzimajući u obzir metodološka ograničenja. Rezultati potvrđuju kompleksne veze između digitalnih igara i stilova učenja, kao i višestrukih inteligencija, na temelju kojih se stvaraju preporuke i pitanja za buduća istraživanja

Feedback 2.0: An Investigation into Using Sharable Feedback Tags as Programming Feedback

Objectives: Learning and teaching computer programming is a recognised challenge in Higher Education. Since feedback is regarded as being the most important part of the learning process, it is expected that improving it could support students' learning. This thesis aims to investigate how new forms of feedback can improve student learning of programming and how feedback sharing can further enhance the students' learning experience. Methods: This thesis investigates the use of new forms of feedback for programming courses. The work explores the use of collaborative tagging often found in Web 2.0 software systems and a feedback approach that requires examiners to annotate students source code with short, potentially reusable feedback. The thesis utilises a variety of research methods including questionnaires, focus groups and collection of system usage data recorded from student interactions with their feedback. Sentiment and thematic analysis are used to investigate how well feedback tags communicate the intended message from examiners to students. The approaches used are tested and refined over two preliminary investigations before use in the final investigation. Results: The work identified that a majority of students responded positively to the new feedback approach described. Student engagement was high with up to 100% viewing their feedback and at least 42% of students opting to share their feedback. Students in the cohort who achieved either the lower or higher marks for the assignment appeared more likely to share their feedback. Conclusions: This thesis has demonstrated that sharing of feedback can be useful for disseminating good practice and common pitfalls. Provision of feedback which is contextually rich and textually concise has resulted in higher engagement from students. However, the outcomes of this research have been shown to be influenced by the assessment process adopted by the University. For example, students were more likely to engage with their feedback if marks are unavailable at the time of feedback release. This issue and many others are proposed as further work

Lean Implementations in the University Classroom and Curriculum Design

The Lean process improvement philosophy has been proposed as a method for improving components of Higher Education (HE), including student learning outcomes; however, current lean applications to HE have focused on administrative operations or general institutional interventions. Comparatively little work has been performed applying lean to teaching. This work fills this gap in the lean HE literature. Specifically, we investigate how lean can be applied to the university classroom. We used a literature review to assess lean in HE and conducted a case study in an introductory engineering computing class. The current state of the class is measured in terms of course grade performance, curriculum materials, and student feedback and analyzed for root causes of potential problems; improvements are then recommended for implementation based on lean principles and practices. The methodology presented in this work may be applied for educators looking to implement continuous improvement practices in their teaching