Subscribe to RSS Feed

Saturday, October 12th
10:30 AM

Adversarial Thinking: Teaching Students to Think Like a Hacker

Frank Katz, Georgia Southern University

KSU Center Rm 460

10:30 AM - 10:55 AM

Today’s college and university cybersecurity programs often contain multiple laboratory activities on various different hardware and software-based cybersecurity tools. These include preventive tools such as firewalls, virtual private networks, and intrusion detection systems. Some of these are tools used in attacking a network, such as packet sniffers and learning how to craft cross-site scripting attacks or man-in-the-middle attacks. All of these are important in learning cybersecurity. However, there is another important component of cybersecurity education – teaching students how to protect a system or network from attackers by learning their motivations, and how they think, developing the students’ “abilities to anticipate the strategic actions of cyber adversaries, including where, when, and how they might attack, and their tactics for evading detection.”

This paper describes the content and implementation of a 6 hour 15 minute (5 class sessions) module in Adversarial Thinking in a Network Security course, the students’ perceptions of the value and importance of the module as a result of their anonymous responses to a survey on the module, and the statistical results of a Data Breach Pretest-Posttest Assessment to measure how well they understood the concepts involved in Adversarial Thinking as part of learning cybersecurity.

10:55 AM

Proposal for a Joint Cybersecurity and Information Technology Management Program

Christopher Simpson, National University
Debra Bowen, National University
William Reid, National University
James Juarez, National University

KSU Center Rm 460

10:55 AM - 11:20 AM

Cybersecurity and Information Technology Management programs have many similarities and many similar knowledge, skills, and abilities are taught across both programs. The skill mappings for the NICE Framework and the knowledge units required to become a National Security Agency and Department of Homeland Security Center of Academic Excellence in Cyber Defense Education contain many information technology management functions. This paper explores one university’s perception on how a joint Cybersecurity and Information Technology Management program could be developed to upskill students to be work force ready.

11:30 AM

IOT: Challenges in Information Security Training

Lech J. Janczewski, The University of Auckland
Gerard Ward, The University of Auckland

KSU Center Rm 460

11:30 AM - 11:55 AM

Both consumers and businesses are rapidly adopting IoT premised on convenience and control. Industry and academic literature talk about billions of embedded IoT devices being implemented with use-cases ranging from smart speakers in the home, to autonomous trucks, and trains operating in remote industrial sites. Historically information systems supporting these disparate use-cases have been categorised as Information Technology (IT) or Operational Technology (OT), but IoT represents a fusion between these traditionally distinct information security models.

This paper presents a review of IEEE and Elsevier peer reviewed papers that identifies the direction in IoT education and training around information security. It concludes that the education/training still is largely distinct and is not addressing the needs of this hybrid IT and OT model. IoT is complex as it melds embedded systems and software in support of interaction with physical systems. While literature contains implementation specific research, papers that address appropriate methodologies and content around secure design are piecemeal in nature.

We conclude that in the rush to find implementation specific strategies the overarching strategy around education and training of secure IoT design is not being adequately addressed. Consequently, we propose a novel approach to how IoT education training can better incorporate the topic of secure design at a foundational level.

11:55 AM

MalAware Defensive: A Game to Combat Malware

Tyler Moon, University of North Georgia
Tamirat Abegaz, University of North Georgia
Bryson Payne, University of North Georgia
Abi Salimi, University of North Georgia

KSU Center Rm 460

11:55 AM - 12:20 PM

Several research findings indicate that basic cyber hygiene can potentially deter the majority of cyber threats. One of the ways cybersecurity professionals can prepare users to ensure proper hygiene is to help them develop their ability to spot the difference between normal and abnormal behavior in a computer system. Malware disrupts the normal behavior of a computer system. The lack of appropriate user training has been one of the main reasons behind the exposure of computer systems to threats, from social engineering to viruses, trojans, and ransomware. Basic knowledge about common behavioral characteristics of malware could help users identify potentially abnormal behavior in the systems they use on a daily basis.

Games with a purpose beyond entertainment are becoming an integral part of educational training. This is even more relevant to the field of cybersecurity, where there are many threat agents targeting individuals and organizations. The purpose of this paper is to describe a game, MalAware Defensive, developed to increase users’ awareness of common malware behaviors and their impact on a system, as well as to explain ways to combat various major types of malware. The game’s design is based on research showing that content disseminated in an interactive game provides a lasting impact on the retention of concepts. The game provides relevant knowledge about various types of malware, the behavior and impact of malware on a computer system, and several ways to avoid infection and compromise. The game, through its interactive gameplay environment, with rewards for answering questions correctly, could potentially help players improve their understanding of malware, how to detect its presence, and how to defend against it.

1:25 PM

Effectiveness of Tools in Identifying Rogue Access Points on a Wireless Network

Ryan VanSickle, University of North Georgia
Tamirat Abegaz, University of North Georgia
Bryson Payne, University of North Georgia

KSU Center Rm 460

1:25 PM - 1:50 PM

Wireless access points have greatly improved users' ability to connect to the Internet. However, they often lack the security mechanisms needed to protect users. Malicious actors could create a rogue access point (RAP), using a device such as the WiFi Pineapple Nano, that could trick users into connecting to an illegitimate access point (AP). To make them look legitimate, adversaries tend to setup RAPs to include a captive portal. This is very effective, since most public networks use captive portals as a means to provide genuine access. The objective of this study is to examine the effectiveness of RAP identification tools in identifying WiFi Pineapple RAPs. Three common RAP identifications tools were used, namely Aircrack-ng, Kismet, and inSSIDer. The result indicated that RAPs could easily be identified through actively monitoring networks using tools such as Aircrack-ng, Kismet, and inSSIDer.

2:00 PM

A Course Module on Malware Analysis

Mnsa Maat
Mesafint Fanuel, North Carolina Agricultural and Technical State University
Xiahong Yuan, North Carolina Agricultural and Technical State University
Huiming Yu, North Carolina Agricultural and Technical State University

KSU Center Rm 460

2:00 PM - 2:25 PM

According to a 2019 mid-year report by Check Point Research, a cyber-intelligence firm, malware-related security attacks are as pervasive as ever and have paralyzed numerous organizations worldwide. Increasingly, malware authors are developing and incorporating more complex techniques into their code to offset known cyber-security defense mechanisms. As such, it is critical for students to analyze the low-level structure of Malware's and their run-time effects on a system in order to develop a precise understanding of threats. The department of Computer Science at North Carolina A&T designed two Hand-on Labs that help students learn Malware Analysis. In the first lab, students conducted a dynamic analysis by actively infecting a virtual machine with a backdoor Trojan. In the second lab, students conducted a static analysis of the Trojans executable file. They used open-source tools to extract parameters from its source code in order to do a lightweight review of code capabilities. The analysis of survey data shows that students learned to build an accurate picture of a malware-infected system using the disentangled data collected by the various analyzing instruments. Additionally, the lightweight review of the malware's source code demystified malware engineering to participants. Overall, our observations hold that lightweight source-code presentation is a good approach for in-depth teaching of malware analysis and is a dominant contributing factor for increasing student knowledge of the subject matter.

2:25 PM

Experiential Activities for the Instruction of Risk Management

Michael E. Whitman, Kennesaw State University

KSU Center Rm 400

2:25 PM - 2:50 PM

A core premise in the instruction of Information Security/Cybersecurity is that risk management is a cornerstone of security management, as evidenced in the promotion of GRC (Governance, Risk Management and Compliance) as the strategic triad in the trade press. While teaching the theory of Risk Management can be accomplished through either an asset assessment approach or other less common approach like an attack tree. While a theoretical exploration of risk management is important, the provision of an experiential activity to support the theory is valuable in cementing the knowledge in students. This presentation will cover popular risk management methodologies and examine a number of tools to support the application of the more common methodologies that can be used by instructors without substantial cost or learning curve.

Role-Play as a Teaching Methodology for General-Education Cyber Security

Elizabeth Rasnick

KSU Center Rm 460

2:25 PM - 2:50 PM

Undergraduates of all majors take our introductory class in cyber security. In order to appeal to their digital native learning style, we are experimenting with how we teach foundational level cyber security. We are using a role-play, scenario-based style that uses collaboration between team members. We also anticipate that this teaching method will keep more tech-savvy students engaged without being too digitally intensive for students from less technical majors.