Abstract A number of schools that teach Information Assurance have formed student clubs to promote Information Assurance. Very little has been written on how to sustain a club. As the Information Assurance discipline matures, our approach to creating and sustaining student clubs should mature as well. This research project was a true “fishing expedition” of contacting existing student clubs and asking... A number of schools that teach Information Assurance have formed student clubs to promote Information Assurance. Very little has been written on how to sustain a club. As the Information Assurance discipline matures, our approach to creating and sustaining student clubs should mature as well. This research project was a true “fishing expedition” of contacting existing student clubs and asking them what worked and what didn’t work at their school. Read More Read Less

Abstract The phrase “Design Thinking (DT) is increasingly used to mean the human-centered “open” problem solving procedure, it can be described as a discipline that uses the designer’s receptivity and methods to balance people’s needs with what is technologically feasible and what a viable business strategy can convert into customer value and market opportunity. It has been used wildly in the... The phrase “Design Thinking (DT) is increasingly used to mean the human-centered “open” problem solving procedure, it can be described as a discipline that uses the designer’s receptivity and methods to balance people’s needs with what is technologically feasible and what a viable business strategy can convert into customer value and market opportunity. It has been used wildly in the industry and business in particular Systems, Applications, and Products in Data Processing (SAP), to satisfy customer needs. Design thinking’s larger used in describing a particular style of creative thinking-in-action. Design Thinking has an increasing influence on twenty-first century education across disciplines. In this paper a new model to introduce information security Curriculum using design thinking methodology; based on: Understanding, Observe, Define, Ideate, Prototype, Test and Feedback. The model has been implemented in build a secure program as a way to understand information security and achieve the course objective and outcomes. The assessment of this course shows high level of student engagements, collaboration, research, and presenting ideas and thoughts. Read More Read Less

Abstract This paper discusses gamification, the application of gaming elements in non-game contexts, with regard to information systems and information security training. The authors have developed gamification tools for use in the classroom as well as several educational games in order to explore the viability of gamified curricula in both high school and college environments. Early results indicate positive student attitudes... This paper discusses gamification, the application of gaming elements in non-game contexts, with regard to information systems and information security training. The authors have developed gamification tools for use in the classroom as well as several educational games in order to explore the viability of gamified curricula in both high school and college environments. Early results indicate positive student attitudes toward gamified approaches, as well as improved attendance and success rate. Issues encountered in curriculum gamification and game development are described along with best practices for both. Read More Read Less

Abstract Hardware components have been designated as required academic content for colleges to be recognized as a center of academic excellence in cyber operations by the National Security Agency (NSA). To meet the hardware requirement, computer science and information technology programs must cover hardware concepts and design skills, topics which are less emphasized in existing programs. This paper describes a new... Hardware components have been designated as required academic content for colleges to be recognized as a center of academic excellence in cyber operations by the National Security Agency (NSA). To meet the hardware requirement, computer science and information technology programs must cover hardware concepts and design skills, topics which are less emphasized in existing programs. This paper describes a new pedagogical model for hardware based on network intrusion detection taught at college and graduate levels in a National Center of Academic Excellence in Information Assurance Education Program (CAE/IAE). The curriculum focuses on the fundamental concepts of network intrusion detection mechanisms, network traffic analysis, rule-based detection logic, system configuration, and basic hardware design and experiments. This new course enriches students with the latest developments in computer security and hands-on projects to better prepare them for their information security and assurance careers. Read More Read Less

Abstract Over the course of history, different means of object as well as person identification and verification have evolved for user authentication. In recent years, a new concern has emerged regarding the accuracy of authentication and of protection of personal identifying information (PII), because previous information systems (IS) misuses have resulted in significant financial loss. Such losses have escalated more noticeably... Over the course of history, different means of object as well as person identification and verification have evolved for user authentication. In recent years, a new concern has emerged regarding the accuracy of authentication and of protection of personal identifying information (PII), because previous information systems (IS) misuses have resulted in significant financial loss. Such losses have escalated more noticeably because of identity-theft incidents due to breaches of PII within multiple public-access environments, such as institutions of higher-education. Although the use of various biometric and radio frequency identification (RFID) technologies is expanding, resistance to using these technologies remains an issue. As such, in this research-in-progress paper, we outline a predictive study to assess the contribution of campus student’s perceptions of the importance of protecting their PII, noted as Perceived Value of Organizational Protection of PII (PVOP), authentication complexity (AC), and invasion of privacy (IOP) on their resistance to using multi-method authentication systems (RMS) in higher-education environments. In this work-in-progress study, we seek to better understand the theoretical foundations for the effect of student’s perceptions on their resistance to using multi-method authentication systems (RMS) in higher-education environments and uncover key constructs that may significantly contribute to such resistance. A quasiexperiment is proposed including clearly identified procedures and data analyses. Read More Read Less

Abstract The creation of an experiential capstone experience for Information Security and Assurance students has been a decade-long challenge. Not long after security-based programs began offering degrees and concentrations in the discipline, the faculty struggled to create an industry-focused, balanced approach for security students. While some programs embraced the “capture-the-flag” approach to learning security through both offensive and defensive exercises, the... The creation of an experiential capstone experience for Information Security and Assurance students has been a decade-long challenge. Not long after security-based programs began offering degrees and concentrations in the discipline, the faculty struggled to create an industry-focused, balanced approach for security students. While some programs embraced the “capture-the-flag” approach to learning security through both offensive and defensive exercises, the faculty of the ISA degree program described in this article instead elected to adopt the purely defensive approach adapting a rapidly growing inter-collegiate competition structure as the capstone to their program. The purpose of this paper is share the experiences of the authors in planning and delivering that a cyber defense capstone course. Read More Read Less