Cybersecurity as a Crosscutting Concept Across an Undergrad Computer
Science Curriculum: An Experience Report
- URL: http://arxiv.org/abs/2310.07625v2
- Date: Tue, 16 Jan 2024 14:14:00 GMT
- Title: Cybersecurity as a Crosscutting Concept Across an Undergrad Computer
Science Curriculum: An Experience Report
- Authors: Azqa Nadeem
- Abstract summary: We advocate to integrate cybersecurity as a crosscutting concept in Computer Science curricula.
The security education was incorporated within CS courses using a partnership between the responsible course instructor and a security expert.
We conducted a post-course survey to collect student perceptions, and semi-supervised interviews with responsible course instructors and the security expert to gauge their experience.
- Score: 1.6317061277457001
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: Although many Computer Science (CS) programs offer cybersecurity courses,
they are typically optional and placed at the periphery of the program. We
advocate to integrate cybersecurity as a crosscutting concept in CS curricula,
which is also consistent with latest cybersecurity curricular guidelines, e.g.,
CSEC2017. We describe our experience of implementing this crosscutting
intervention across three undergraduate core CS courses at a leading technical
university in Europe between 2018 and 2023, collectively educating over 2200
students. The security education was incorporated within CS courses using a
partnership between the responsible course instructor and a security expert,
i.e., the security expert (after consultation with course instructors)
developed and taught lectures covering multiple CSEC2017 knowledge areas. This
created a complex dynamic between three stakeholders: the course instructor,
the security expert, and the students. We reflect on our intervention from the
perspective of the three stakeholders -- we conducted a post-course survey to
collect student perceptions, and semi-supervised interviews with responsible
course instructors and the security expert to gauge their experience. We found
that while the students were extremely enthusiastic about the security content
and retained its impact several years later, the misaligned incentives for the
instructors and the security expert made it difficult to sustain this
intervention without organizational support. By identifying limitations in our
intervention, we suggest ideas for sustaining it.
Related papers
- Cybersecurity Study Programs: What's in a Name? [0.2999888908665658]
Higher education institutions are introducing new cybersecurity programs, attracting students to this expanding field.
Top-ranked universities have not yet fully implemented the guidelines and offer programs that have "cyber" in their name but lack some essential elements of a cybersecurity program.
graduates of these programs may not meet employer expectations and may require additional training.
arXiv Detail & Related papers (2024-11-14T07:14:52Z) - S3C2 Summit 2023-11: Industry Secure Supply Chain Summit [60.025314516749205]
This paper summarizes the Industry Secure Supply Chain Summit held on November 16, 2023.
The goal of this summit was to enable open discussions, mutual sharing, and shedding light on common challenges that industry practitioners with practical experience face when securing their software supply chain.
arXiv Detail & Related papers (2024-08-29T13:40:06Z) - Using Real-world Bug Bounty Programs in Secure Coding Course: Experience Report [1.099532646524593]
Training new cybersecurity professionals is a challenging task due to the broad scope of the area.
We propose a solution: integrating a real-world bug bounty programme into cybersecurity curriculum.
We let students choose to participate in a bug bounty programme as an option for the semester assignment in a secure coding course.
arXiv Detail & Related papers (2024-04-18T09:53:49Z) - The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge.
This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI)
We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
arXiv Detail & Related papers (2024-01-03T07:47:22Z) - Designing a Security System Administration Course for Cybersecurity with a Companion Project [2.188233359684067]
A cybersecurity program has been constructed at University of Central Oklahoma.
As a core course, Secure System Administration focuses on the essential knowledge and skill set for system administration.
To enrich students with hands-on experience, we also develop a companion coursework project, named PowerGrader.
arXiv Detail & Related papers (2023-09-04T22:28:01Z) - Want to Raise Cybersecurity Awareness? Start with Future IT
Professionals [0.4893345190925178]
Our university designed an innovative cybersecurity awareness course that is freely available online for students, employees, and the general public.
The course offers simple, actionable steps that anyone can use to implement defensive countermeasures.
To measure the course impact, we administered it to 138 computer science undergraduates within a compulsory information security and cryptography course.
arXiv Detail & Related papers (2023-07-14T20:07:27Z) - XSS for the Masses: Integrating Security in a Web Programming Course
using a Security Scanner [3.387494280613737]
Cybersecurity education is an important part of undergraduate computing curricula.
Many institutions teach it only in dedicated courses or tracks.
An alternative approach is to integrate cybersecurity concepts across non-security courses.
arXiv Detail & Related papers (2022-04-26T16:20:36Z) - A System for Automated Open-Source Threat Intelligence Gathering and
Management [53.65687495231605]
SecurityKG is a system for automated OSCTI gathering and management.
It uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors.
arXiv Detail & Related papers (2021-01-19T18:31:35Z) - What's the worth of having a single CS teacher program aimed at teachers
with heterogeneous profiles? [68.8204255655161]
We discuss the results of a 400-hour teacher training program conducted in Argentina aimed at K-12 teachers with no Computer Science background.
Our research aims at understanding whether a single teacher training program can be effective in teaching CS contents and specific pedagogy to teachers with very heterogeneous profiles.
arXiv Detail & Related papers (2020-11-09T15:03:31Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z) - Adversarial Machine Learning Attacks and Defense Methods in the Cyber
Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques.
It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.