Texas Tech University, Department of Computer Science
TTU Home Whitacre College of Engineering Computer Science Research AdVanced Empirical Software Testing & Analysis

AVESTA: Research


Project:

Building Cybersecurity Workforce and Capacity through Enhancing Defending Skill Sets

Some Quick Facts About the Project:

  • Sponsor: National Science Foundation (NSF) in 2015
  • Title: Building Cybersecurity Workforce and Capacity through Enhancing Defending Skill Sets, National Science Foundation (NSF) (NSF Project Summary). Awarded September 2015, $348,732.00. The project is for two years. This project aims at developing carefully crafted cybersecurity attack/defense scenarios with the help of cognitive task analysis.
  • Type: A multidisciplinrary project
  • Involved Departments: Computer Science, Psychology, and Education (Texas Tech University)
  • Project Investigators:
  • Other Facts:
    • The Sandia National Labroatories is the project partner providing expertise in cyber security to the Project Investigators.

Motivation & Research Goals

This two-year project aims at developing carefully crafted cybersecurity attack/defense scenarios with the help of cognitive task analysis. The developed scenarios will be used to design instructional materials and course modules that will be adapted by educators for enhancing effective teaching of security related concepts. The project targets psychological aspects of attackers in order to adapt them in revitalizing defend- ing skills of defenders when confronting cyber-attacks. This also helps the defender understand or predict the next possible attacks that may take place. The better understanding and modeling of mindsets and emo- tion of both attackers and defenders will help develop appropriate instructional materials and modules with the goal of preparing students, i.e. the future workforce of the nation, to be well-prepared in employing defending tactics to countermeasure attacks received through cyberspace.


Specific Objectives

This capacity building project specifically makes the following efforts and contributions:

  1. Conduct research on the teaching and learning of cybersecurity, including research on materials, methods and small-scale interventions.
  2. Evaluate teaching and learning effectiveness of cybersecurity curricular programs and courses.
  3. Integrate cybersecurity topics into computer science, information technology, engineering and other existing degree programs with plans for pervasive adoption.
  4. Evaluate the effectiveness of cybersecurity competitions, games, and other outreach and retention activities.


Instruments and Artifacts

Coming Soon...


Instructional Modules and Course Materials

A course on Digital Forensics was designed and offered to a group of graduate students in Spring 2017. [Digital Forensics - Spring 2017].


Publications

I) The evaluation results of the first cybersecurity workshop is published in the 7th Annual International Conference on Computer Education: Innovation and Technology (CSEIT 16) to be held in Singapore in October 2016.

Akbar Siami Namin, Zenaida Munoz, and Keith S. Jones (2016). Teaching Cyber Security through Competition An Experience Report about a Participatory Training Workshop. The 7th Annual International Conference on Computing Education: Innovation and Technology (CSEIT'16), 2016, Singapore. [Paper].

II) The preliminary analysis of survey and interview data collected at DefCon and BackHat hacking conferences in Summer 2016 was published in the form of a poster paper. The poster paper was entitiled “What Should Cyber Security Students Learn in School? Results from Interviews with Cyber Professionals” published at ACM SIGCSE 2017 (ACM Special Interest Group on Computer Science Education. The analysis are based on 32 Knowledge, Skills, and Abilities (KSAs) that we found were important for cyber security experts.

Keith Jones, Akbar Siami Namin, and Miriam Armstrong (2017). “What Should Cyber Security Students Learn in School? Results from Interviews with Cyber Professionals” published at ACM SIGCSE 2017 (ACM Special Interest Group on Computer Science Education, SIGCSE 2017: Seattle, WA, USA. [Paper].

III) When interviewing cyber security professionals at DefCon and BlackHat hacking conferences, we observed that most of the participants were not comfortable with the questions being asked. We collected their concerns and prepared a paper that can be useful for other researchers when conducting similar studies. The paper is entitled “Framework for Developing a Brief Interview to Understand Cyber Defense work: An Experience Report” and it is presented at the international Annual Meeting on Human Factors and Ergonomics Society (HFES) 2017 in Austin, TX, USA.

Miriam Armstrong, Keith Jones, and Akbar Siami Namin, “Framework for Developing a Brief Interview to Understand Cyber Defense work: An Experience Report," the International Annual Meeting on Human Factors and Ergonomics Society (HFES) 2017 in Austin. [Paper].

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are

retained by authors or by other copyright holders. All persons copying this material must adhere to the terms of the relevant

copyrights.