Workshop Xenia Mountrouidou Dr X Outline Motivation Cybersecurity amp Liberal Arts Cyber Paths Liberal Arts GENI Motivation Cybersecurity Education Challenges Cybersecurity fast paced changing field ID: 676705
Download Presentation The PPT/PDF document "Cybersecurity Liberal Arts" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Cybersecurity + Liberal ArtsWorkshop
Xenia Mountrouidou (Dr. X)Slide2
OutlineMotivationCybersecurity & Liberal Arts Cyber PathsLiberal ArtsGENI Slide3
Motivation: Cybersecurity Education ChallengesCybersecurity: fast paced, changing fieldPredominantly undergraduate institutions have limited resourcesExperiential learning in cybersecurity requires large investmentsSlide4
Cybersecurity Education: SolutionsGeneral education can feed diverse cohorts to the cybersecurity professionCloud computing infrastructures can be instrumentalSlide5
Broadening the Path to the STEM Profession through Cybersecurity Learning Slide6
Cybersecurity PathsGeneral education – DiscoverIntro to cybersecurity – UnderstandCybersecurity courses & capstone – ApplySlide7
Liberal Arts Education: Gen EdDefinition: a program of education (as in some liberal-arts colleges and secondary schools) intended to develop students as personalities rather than trained specialists and to transmit a common cultural heritage — compare liberal education.Slide8
General Education & CybersecurityAesthetic and interpretive understanding; Hacker = Aesthete (Brian Harvey, UC Berkley), CITA @ CofCCulture and beliefEmpirical reasoning; Security Assessment, Pen TestEthical reasoning; Ethics vs Aesthetics
Science of living systems;
Science of the physical universe;
Societies of the world; and
The United States in the world.
http://
harvardmagazine.com
/2007/03/general-education-
finall.htmlSlide9
Cybersecurity & Liberal ArtsSlide10
Standalone Module
Type
Topics
PUI/LIA Curriculum
Legal issues in
CySec
Case study, essay, discussion
HIPPA/FERPA, Computer Security Act, Laws and Authorities, US Patriot Act
Political Science
International Studies
Social Science
Management
Case study, essay, discussion
Strategic Plan and Management, Business Continuity / Disaster Recovery
Economics
Leadership
Social Science
Human Factors
Case study, essay, discussion, hands on exercise
Privacy, Passwords, Usable Security
Humanities
Social Science
Attacks and DefenseGENI experimentIDS, Traffic, Log Analysis, performanceTechnologyCryptographyHands on exerciseCryptograms, ciphers, encryption, decryptionTechnologyNetwork components and trafficGENI experimentTraffic and performance analysis, protocol introductionTechnologySlide11
CofC Gen EdFYE: First Year ExperienceWritingForeign LanguageHistoryHumanitiesMathematics & LogicNatural ScienceSocial SciencesSlide12
FYE: First Year Experience – Chasing Ghosts in the WiresBasic Command Line Cyber Defense Cyber Threats Fundamental Security Design Principles Intro to Cryptography IA Fundamentals IT System ComponentsSlide13
Denial of Service Lab for non-CS MajorsPre-installed topologyping - verification
Iperf
- performance
Hping3 -
DoS
Hypothesis testing
Experiments on GENI
GENI:
Virtual laboratory for networking and
distributed systems research and educationSlide14
What is GENI? (a sneak preview)Slide15
GENI and Gen EdWoffordComputational Science Gen Ed15 studentsMandatory for Lab requirementCollege of CharlestonFYE20 studentsMandatory for first year students gen
edSlide16
Pilot SurveyConducted at Wofford College. Cohort:15 students – 2 computer science declared majorsSelf-assessment of CS knowledge: 40% novice; 40% intermediate; 20% advancedPilot Questionnaire:
I have a better understanding of CS.
I understand how information is transmitted through the internet.
I understand the basics of computer attacks and computer network attacks.
I understand how computer and network attacks can harm me and my organization.
I am considering to take another CS course.Slide17
ResultsSlide18
CommentsQ: What did you like best about the GENI lab and why?I liked the opportunity to take part in a live experiment with real computers. Doing to the denial of service attack was really cool.
I liked that we did a real world issue in a safe and controlled environment.
Working with terminal and the command line
It
was cool to see how flooding a computer actually works rather than it just happens.
I liked how we were able to simulate a real attack. This really puts it into prospective on
how
hackers can do this to anyone.Slide19
CommentsQ: What did you like least about the GENI lab. I did not like how repetitive it was, and how some things took a very long time to do. I think that my least favorite thing about GENI was trying to get GENI to work.The GENI infrastructure seemed to be
unstable and difficult to work with at times
.
It's
also hard to have a complete understanding of how to perform the lab without
already
having an understanding in computer science
.Slide20
Preliminary results - FYE Lab20 students – 6 computer science declared majorsPre & Post SurveyDemographic questionsPerceptionClassFocus Group – 4 studentsSlide21
Preliminary ResultsSlide22
Cybersecurity courses & GENIIntrusion Detection Systems Digital CertificateAdvanced topicsSlide23
Intrusion Detection Systems and Mitigation
Goals:
Install Snort IDS on monitor machine
Duplicate all traffic to monitor
Create a custom alert for Snort IDS
Use mitigation script
Drop malicious traffic
Send Spoofed SYN
Send
SYN-ACK
Resend SYN-ACK
Attacker
Server
Spoofed ClientSlide24
Digital CertificateCreate a certificate authorityValidate & revoke certificateUnderstand OpenSSLSlide25
Advanced TopicsCovert Channel CommunicationManipulate TCP flags to send exfiltrated passwordsAnalyze traffic using information theorySoftware Defined Networking (SDN) solutions for securityUse SDN flow tables to identify attackerUse network programmability to drop malicious trafficSlide26
ConclusionsWith cybersecurity in liberal arts we produce better citizens in our graduatesCybersecurity labs + cloud infrastructure = experiential learning with low overheadCybersecurity belongs to the liberal artsSlide27
Thank you!Questions?Slide28
goo.gl/i6787aPlease take the survey to help us improve this workshopSlide29
appendixSlide30
Paths to Cybersecurity EducationSlide31
Political Science General Education ModuleInternational ConflictStuxnetDenial of ServiceSlide32
Finance General Education ModuleGordon Loeb Model