CARI Project Postdoctoral Recruitment - Role, Interview Questions, and Information

These materials were primarily intended for internal recruitment purposes; however, these are made available in the interest informing future police-academia collaborations

Generating randomised virtualised scenarios for ethical hacking and computer security education: SecGen implementation and deployment

Computer security students benefit from having hands-on experience with hacking tools and with access to vulnerable systems that they can attack and defend. However, vulnerable VMs are static; once they have been exploited by a student there is no repeatable challenge as the vulnerable boxes never change. A new novel solution, SecGen, has been created and deployed. SecGen solves the issue by creating vulnerable machines with randomised vulnerabilities and services, with constraints that ensure each scenario is catered to specific skills or concepts. SecGen was successfully deployed to generate VMs for a second year undergraduate team module. Future plans are discussed

Student Led Data Recovery Services: Providing Digital Forensics students with relevant work experience

Digital Forensics is a growth market; however, obtaining real world work experience as a student can be challenging due to the high levels of competition, legal, ethical, and confidential aspects of the work. This paper presents a solution to providing students practical work experience that will aid them in obtaining future employment in Forensics. Currently under development at Leeds Beckett University is a student led data recovery service, which will be provided to all staff and students, using mixed level groupings of students. This service is designed to provide a rich, interactive environment that enables students to gain hands-on experience in an unknown and dynamically changing environment. Plans have received positive support from both Faculty Leadership and students. The service is due to start in September 2016

Gamification for Teaching and Learning Computer Security in Higher Education

In many cases students in higher education are driven by assessments and achievements rather than the “learning journey” that can be achieved through full engagement with provided material. Novel approaches are needed to improve engagement in and out of class time, and to achieve a greater depth of learning. Gamification, “the use of game design elements in nongame contexts”, has been applied to higher education to improve engagement, and research also suggests that serious games can be used for gamesbased learning, providing simulated learning environments and increasing motivation. This paper presents the design and evaluation of a gamified computer security module, with a unique approach to assessed learning activities. Learning activities (many developed as open educational resources (OER)) and an assessment structure were developed. A new free and open source software (FOSS) virtual learning environment (VLE) was implemented, which enables the use of three types of experience points (XP), and a semiautomated marking scheme for timely, clear, transparent, and feedbackoriented marking. The course and VLE were updated and evaluated over two years. Qualitative and descriptive results were positive and encouraging. However, ultimately the increased satisfaction was not found to have statistical significance on quantitative measurements of motivation, and the teaching workload of the gamified module was noteworthy

An open cloud-based virtual lab environment for computer security education: A pilot study evaluation of oVirt

Providing an environment that enables students to gain hands-on experience with security tools in rich and complex learning scenarios, while granting them the freedom to experiment with potentially harmful tools, is an issue for many universities and organisations. As is the challenge of enabling students the flexibility to work from home. This paper presents the results of a pilot study of our proposed solution based on oVirt. Opportunities for improvements are identified, and it is concluded that oVirt is a feasible platform on which to build a lab environment for teaching computer security

Source Camera Identification using Non-decimated Wavelet Transform

Source Camera identification of digital images can be performed by matching the sensor pattern noise (SPN) of the images with that of the camera reference signature. This paper presents a non-decimated wavelet based source camera identification method for digital images. The proposed algorithm applies a non-decimated wavelet transform on the input image and split the image into its wavelet sub-bands. The coefficients within the resulting wavelet high frequency sub-bands are filtered to extract the SPN of the image. Cross correlation of the image SPN and the camera reference SPN signature is then used to identify the most likely source device of the image. Experimental results were generated using images of ten cameras to identify the source camera of the images. Results show that the proposed technique generates superior results to that of the state of the art wavelet based source camera identification