ABSTRACT
This paper presents a multi-year undergraduate computing capstone project that holistically contributes to the development of cybersecurity knowledge and skills in non-computing high school and college students. We describe the student-built Vulnerable Web Server application, which is a system that packages instructional materials and pre-built virtual machines to provide lessons on cybersecurity to non-technical students. The Vulnerable Web Server learning materials have been piloted at several high schools and are now integrated into multiple security lessons in an intermediate, general education information technology course at the United States Military Academy. Our paper interweaves a description of the Vulnerable Web Server materials with the senior capstone design process that allowed it to be built by undergraduate information technology and computer science students, resulting in a valuable capstone learning experience. Throughout the paper, a call is made for greater emphasis on educating the non-technical user.
- ACM Inroads. March 2014. Volume 5, No. 1.Google Scholar
- ACM Inroads. June 2015. Volume 6, No. 2.Google Scholar
- Association for Computing Machinery and IEEE Computer Society. 2013. Computer Science Curricula 2013 Curriculum Guidelines for Undergraduate Degree Programs in Computer Science. http://www.acm.org/education/curricula-recommendations.Google Scholar
- Association for Computing Machinery and IEEE Computer Society. 2008. Information Technology 2008 Curriculum Guidelines for Undergraduate Degree Programs in Information Technology. http://www.acm.org/education/curricula-recommendations.Google Scholar
- Brown, C. et al. 2012. "Anatomy, Dissection, and Mechanics of an Introductory Cyber-Security Course's Curriculum at the United States Naval Academy." Proceedings of the ACM Conference on Innovation and Technology in Computer Science Education. Google ScholarDigital Library
- Chard, S. and Lloyd, B. 2014. "The Evolution of Information Technology Capstone Projects into Research Projects." Proceedings of the ACM Special Interest Group for Information Technology Education Conference. Google ScholarDigital Library
- Cyber Education Project. 2016. http://www.cybereducationproject.org.Google Scholar
- CyberPatriot -- The National Youth Cyber Education Program. 2016. http://cybereducationproject.org/.Google Scholar
- Dutta, S., and Mathur, R. 2012. "Cybersecurity-An Integral Part of STEM." Proceedings of the IEEE Conference on Integrated STEM Education Conference.Google Scholar
- DVWA. Accessed 2016. http://www.dvwa.co.uk/Google Scholar
- Fedoruk A., Gong, M. and McCarthy, M. 2014. "Student Initiated Capstone Projects." Proceedings of the ACM Special Interest Group for Information Technology Education Conference. Google ScholarDigital Library
- Google. 2015. "Searching for Computer Science: Access and Barriers in U.S. K-12 Education." https://services.google.com/fh/files/misc/searching-for-computer-science_report.pdf.Google Scholar
- Google. 2014. "Women Who Choose Computer Science -- What Really Matters." http://static.googleusercontent.com/media/www.wenca.cn/en/us/edu/pdf/women-who-choose-what-really.pdf.Google Scholar
- Hislop, G. et al. 2012. "Panel: Capstone Experiences for Information Technology." Proceedings of the ACM Special Interest Group for Information Technology Education Conference. Google ScholarDigital Library
- Jonas, M. 2014. "Capstone Experience -- Achieving Success with an Undergraduate Research Group in Speech." Proceedings of the ACM Special Interest Group for Information Technology Education Conference. Google ScholarDigital Library
- Klaper, D. and Hovy. E. 2014. "A Taxonomy and a Knowledge Portal for Cybersecurity." Proceedings of the 15th Annual International Conference on Digital Government Research. Google ScholarDigital Library
- Maconachy, W. et al. 2001. "A Model for Information Assurance: An Integrated Approach." Proceedings of the IEEE Workshop on Information Assurance and Security. http://grothoff.org/christian/teaching/2009/3704/w2c3.pdf.Google Scholar
- McGettrick, A. et al. 2014. Panel: "Toward Curricular Guidelines for Cybersecurity." Proceedings of the ACM Special Interest Group for Computer Science Education Conference. Google ScholarDigital Library
- Military Academy CYBER Education Working Group. 2015. Draft Cyber Body of Knowledge. http://computingportal.org/sites/default/files/CEWG%20-%20Draft%20Body%20of%20Knowledge.pdf.Google Scholar
- National Collegiate Cyber Defense Competition. 2016. http://www.nationalccdc.org.Google Scholar
- National Cyber League. 2016. http://www.nationalcyberleague.org.Google Scholar
- National CyberWatch Center. 2016. http://www.nationalcyberwatch.org.Google Scholar
- National Initiative for Cybersecurity Education (NICE) Careers and Studies. Accessed 25 May 2015. DRAFT National Cybersecurity Workforce Framework Version 2.0. http://niccs.us-cert.gov/research/draft-national-cybersecurity-workforce-framework-version-20.Google Scholar
- National Security Agency and the Department of Homeland Security National Centers of Academic Excellence in Information Assurance (IA)/Cyber Defense (CD). Accessed 2015. https://www.nsa.gov/ia/academic_outreach/nat_cae/index.shtml.Google Scholar
- Rowe, D., Lunt, B., and Ekstrom, J. 2011. "The Role of Cyber-Security in Information Technology Education." Proceedings of the ACM Special Interest Group for Information Technology Education Conference. Google ScholarDigital Library
- Sobiesk, E. et al. 2015. "Cyber Education: a Multilayer, Multidiscipline Approach." Proceedings of the ACM Special Interest Group for Information Technology Education Conference. Google ScholarDigital Library
- United States Department of Energy. Accessed 25 May 2015. Essential Body of Knowledge -- A Competency and Functional Framework for Cyber Security Workforce Development. http://energy.gov/cio/downloads/essential-body-knowledge-ebk.Google Scholar
- United States Department of Labor. Accessed 25 May 2015. Cybersecurity Competency Model. http://www.careeronestop.org/competencymodel/competency-models/cybersecurity.aspx.Google Scholar
- Zhang, C. and Wang, J. A. 2011. "Performance on Successful IT Capstone Projects: A Case Study." Proceedings of the ACM Special Interest Group for Information Technology Education Conference.Google Scholar
- Zheng, G., Zhang, C., and Li, L. 2015. "Practicing and Evaluating Soft Skills in IT Capstone Projects." Proceedings of the ACM Special Interest Group for Information Technology Education Conference. Google ScholarDigital Library
Index Terms
- A Capstone Design Project for Teaching Cybersecurity to Non-technical Users
Recommendations
Game based Cybersecurity Training for High School Students
SIGCSE '18: Proceedings of the 49th ACM Technical Symposium on Computer Science EducationCybersecurity is critical to the national infrastructure, federal and local government, military, industry, and personal privacy. To defend the U.S. against the cyber threats, a significant demand for skilled cybersecurity workforce is predicted in ...
A capstone design project for teaching cybersecurity to nontechnical users
This paper presents a multi-year undergraduate computing capstone project that holistically contributes to the development of cybersecurity knowledge and skills in non-computing high school and college students. We describe the student-built Vulnerable ...
Shaping Curricular Guidelines for Associate-Degree Cybersecurity Programs
SIGCSE '19: Proceedings of the 50th ACM Technical Symposium on Computer Science EducationAs projections of the shortage of cybersecurity workers grow [4], the spotlight is on cybersecurity education. In December of 2017, the Joint Task Force on Cybersecurity Education published Cybersecurity Curricula 2017: Curriculum Guidelines for Post-...
Comments