Related papers: Cybersecurity as a Crosscutting Concept Across an Undergrad Computer Science Curriculum: An Experience Report

Cybersecurity as a Crosscutting Concept Across an Undergrad Computer Science Curriculum: An Experience Report

URL: http://arxiv.org/abs/2310.07625v2
Date: Tue, 16 Jan 2024 14:14:00 GMT
Title: Cybersecurity as a Crosscutting Concept Across an Undergrad Computer Science Curriculum: An Experience Report
Authors: Azqa Nadeem
Abstract summary: We advocate to integrate cybersecurity as a crosscutting concept in Computer Science curricula. The security education was incorporated within CS courses using a partnership between the responsible course instructor and a security expert. We conducted a post-course survey to collect student perceptions, and semi-supervised interviews with responsible course instructors and the security expert to gauge their experience.
Score: 1.6317061277457001
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: Although many Computer Science (CS) programs offer cybersecurity courses, they are typically optional and placed at the periphery of the program. We advocate to integrate cybersecurity as a crosscutting concept in CS curricula, which is also consistent with latest cybersecurity curricular guidelines, e.g., CSEC2017. We describe our experience of implementing this crosscutting intervention across three undergraduate core CS courses at a leading technical university in Europe between 2018 and 2023, collectively educating over 2200 students. The security education was incorporated within CS courses using a partnership between the responsible course instructor and a security expert, i.e., the security expert (after consultation with course instructors) developed and taught lectures covering multiple CSEC2017 knowledge areas. This created a complex dynamic between three stakeholders: the course instructor, the security expert, and the students. We reflect on our intervention from the perspective of the three stakeholders -- we conducted a post-course survey to collect student perceptions, and semi-supervised interviews with responsible course instructors and the security expert to gauge their experience. We found that while the students were extremely enthusiastic about the security content and retained its impact several years later, the misaligned incentives for the instructors and the security expert made it difficult to sustain this intervention without organizational support. By identifying limitations in our intervention, we suggest ideas for sustaining it.

Related papers

S3C2 Summit 2023-11: Industry Secure Supply Chain Summit [60.025314516749205]
This paper summarizes the Industry Secure Supply Chain Summit held on November 16, 2023. The goal of this summit was to enable open discussions, mutual sharing, and shedding light on common challenges that industry practitioners with practical experience face when securing their software supply chain.
arXiv Detail & Related papers (2024-08-29T13:40:06Z)
Using Real-world Bug Bounty Programs in Secure Coding Course: Experience Report [1.099532646524593]
Training new cybersecurity professionals is a challenging task due to the broad scope of the area. We propose a solution: integrating a real-world bug bounty programme into cybersecurity curriculum. We let students choose to participate in a bug bounty programme as an option for the semester assignment in a secure coding course.
arXiv Detail & Related papers (2024-04-18T09:53:49Z)
The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
arXiv Detail & Related papers (2024-01-03T07:47:22Z)
Designing a Security System Administration Course for Cybersecurity with a Companion Project [2.188233359684067]
A cybersecurity program has been constructed at University of Central Oklahoma. As a core course, Secure System Administration focuses on the essential knowledge and skill set for system administration. To enrich students with hands-on experience, we also develop a companion coursework project, named PowerGrader.
arXiv Detail & Related papers (2023-09-04T22:28:01Z)
Want to Raise Cybersecurity Awareness? Start with Future IT Professionals [0.4893345190925178]
Our university designed an innovative cybersecurity awareness course that is freely available online for students, employees, and the general public. The course offers simple, actionable steps that anyone can use to implement defensive countermeasures. To measure the course impact, we administered it to 138 computer science undergraduates within a compulsory information security and cryptography course.
arXiv Detail & Related papers (2023-07-14T20:07:27Z)
Pedagogic Challenges in Teaching Cyber Security -- a UK Perspective [0.0]
Cyber security has become an issue of national concern in the UK, USA and many other countries worldwide. We explore the issues relating to student expectations and the CSI effect in students entering cyber security. We highlight the science vs tools debate to bring focus to some of the pedagogic tensions between students/industry and the academics who teach on the degree courses.
arXiv Detail & Related papers (2022-12-13T13:55:21Z)
XSS for the Masses: Integrating Security in a Web Programming Course using a Security Scanner [3.387494280613737]
Cybersecurity education is an important part of undergraduate computing curricula. Many institutions teach it only in dedicated courses or tracks. An alternative approach is to integrate cybersecurity concepts across non-security courses.
arXiv Detail & Related papers (2022-04-26T16:20:36Z)
A System for Automated Open-Source Threat Intelligence Gathering and Management [53.65687495231605]
SecurityKG is a system for automated OSCTI gathering and management. It uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors.
arXiv Detail & Related papers (2021-01-19T18:31:35Z)
What's the worth of having a single CS teacher program aimed at teachers with heterogeneous profiles? [68.8204255655161]
We discuss the results of a 400-hour teacher training program conducted in Argentina aimed at K-12 teachers with no Computer Science background. Our research aims at understanding whether a single teacher training program can be effective in teaching CS contents and specific pedagogy to teachers with very heterogeneous profiles.
arXiv Detail & Related papers (2020-11-09T15:03:31Z)
Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z)
Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.