Gamifying Cybersecurity Course Content for Entry Level Students

The growing shortage of skilled professionals in cybersecurity and forensics has increased global demand for information systems professionals. In an effort to identify and attract more students to cybersecurity and forensics programs, the authors developed a game engine along with a GUI-based game creator to generate a sequence of entertaining, engaging, and educational games, suitable for forensics and cybersecurity courses. This multi-partner project is funded in part by the National Science Foundation under Award DUE-1400567. This paper introduces the design and development of a browser-based educational game framework using game-based learning approach. Several digital forensic games will be introduced to demonstrate how students will conduct forensic investigation by following narrative and storylines of the game via interactive dialogs and using real tools and technologies. The GUI-based game creator allows educators to create and develop new educational games in any subject field by only focusing on game content

Insider threat mitigation and access control in healthcare systems

Rapid and reliable information sharing of patient healthcare information has become critical for achieving better care with lower costs. However, such healthcare information sharing requires to be done securely with privacy guarantees, as required by law. Among its other requirements, the Health Insurance Portability and Accountability Act (HIPAA) requires the use of appropriate access control mechanisms to protect healthcare information. Despite these legal requirements, currently implemented access control models in the healthcare domain are typically inadequate as demonstrated by the large and increasing numbers of successful attacks on healthcare systems. In particular, current access control models do not provide sufficient protection for healthcare systems from attacks by insiders, i.e., authorized healthcare personnel. This paper examines how healthcare information can be protected from unauthorized or improper use, disclosure, alteration, and destruction by health- care providers. Using a holistic approach toward modeling access control, the authors construct a threat model for access control in healthcare systems. The constructed model is then used to assess the effectiveness of current access control mechanisms such as Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC), as well as the BiLayer Access Control (BLAC) model, which was proposed as a flexible, higher-performance replacement for both RBAC and ABAC

Gamified Digital Forensics Course Modules for Undergraduates

Cyber security and forensics are among the most critical areas of national importance with a rising demand for knowledgeable professionals. In response to the increasing need for advanced studies in forensics, we propose game-based modules using the game-based learning approach that enable first-year students to learn basic digital forensics concepts without pre-requisite knowledge. This paper focuses on the design and development of an interactive game framework and the educational digital forensics modules that will be plugged into the game framework in a real computing environment. In contrast to the traditional teaching approaches, this modular approach will use game-based learning and visualization techniques to engage students to learn abstract concepts and to explore forensics investigation technologies and procedures through interactive games. The general design of the game framework can be replicated and adapted by other science education programs

Automated Detection of Acute Leukemia using K-mean Clustering Algorithm

Leukemia is a hematologic cancer which develops in blood tissue and triggers rapid production of immature and abnormal shaped white blood cells. Based on statistics it is found that the leukemia is one of the leading causes of death in men and women alike. Microscopic examination of blood sample or bone marrow smear is the most effective technique for diagnosis of leukemia. Pathologists analyze microscopic samples to make diagnostic assessments on the basis of characteristic cell features. Recently, computerized methods for cancer detection have been explored towards minimizing human intervention and providing accurate clinical information. This paper presents an algorithm for automated image based acute leukemia detection systems. The method implemented uses basic enhancement, morphology, filtering and segmenting technique to extract region of interest using k-means clustering algorithm. The proposed algorithm achieved an accuracy of 92.8% and is tested with Nearest Neighbor (KNN) and Naive Bayes Classifier on the data-set of 60 samples.Comment: Presented in ICCCCS 201

A Framework for Computerized Adaptive Assessment based on Trajectory Driven Pedagogy Implemented in an Engineering Course

Engineering education needs to be flexible with the changing technology, and it must blend traditional and new teaching pedagogy for the overall knowledge creation in the students. A survey of prevalent experiential learning methods has shown tremendous potential to improve engineering students' learning. However, existing experiential learning methods are hard to integrate with current teaching-learning process at Amity University, Uttar Pradesh, Lucknow Campus, India. A pilot study conducted during Power plant Instrumentation taught in the seventh semester of the Electrical and Electronics undergraduate program balances the current teaching method with the proposed Trajectory -driven pedagogy as an alternative teaching pedagogy. A trajectory driven computerized adaptive assessment procedure for teaching has been proposed in this paper. The system follows a trajectory of courses to generate the subsequent questions from the vast database of questions. A sequence of questions is guided by Concept Map which represents the questions from three courses in a hierarchical manner. Analysis of students' assessments shows that the proposed methodology could is accurate for quantitative measurement of the course learning outcomes in a summative assessment. &nbsp

NAT Denial of Service: An Analysis of Translation Table Behavior on Multiple Platforms

Network Address Translation or NAT, is a technology that is used to translate internal addresses to globally routable addresses on the internet. NAT continues to be used extensively in almost every network due to the current lack of IPv4 addresses. Despite being exceptionally commonplace, this networking technique is not without its weaknesses, and can be disabled with a fairly straightforward attack. By overpopulating the translation table, the primary mechanism used to translate the internal to external addresses, an attacker can effectively deny all internal users access to the external network. This paper takes an in-depth look at how five different vendors: Cisco, Extreme, Linksys, VMWare, and Vyatta, implement the translation table during active NAT sessions and how they are affected by TCP, UDP, and ICMP variations of the DOS attack