Abstract Cloud computing is fast evolving and growing and is rapidly transforming the IT service industry. Many universities are offering or planning to offer cloud computing courses to meet the growing demands for cloud computing professionals. However, most of the course offerings nowadays focus on theoretical aspects of cloud computing, and there is a lack of practical learning experiences for students.... Cloud computing is fast evolving and growing and is rapidly transforming the IT service industry. Many universities are offering or planning to offer cloud computing courses to meet the growing demands for cloud computing professionals. However, most of the course offerings nowadays focus on theoretical aspects of cloud computing, and there is a lack of practical learning experiences for students. A hands-on labware will be a big plus for teaching and learning cloud computing. This paper proposes a cloud computing labware with the open source CloudSim (Cloud modeling and simulation toolkit) and its extension projects to promote authentic learning experiences for students. The proposed labware supports learning on important topics such as cloud principles, concepts, architecture, load balancing, and task scheduling. The proposed labware has been implemented in a cross-listed course (as both an undergraduate course and a graduate course) in two sections (hybrid section and fully-online section). At the end of the semester, an online survey has been conducted to evaluate the effectiveness of the CloudSim in the promotion of student learning experiences, and highly positive feedbacks were received from students. On average, over 80% of students gave non-negative feedback on all evaluation questions, and about 70% students agreed with the design objectives of the labware. Read More Read Less

Abstract This paper discusses the need to establish a contingency plan at the university class level to mitigate the impacts of a disaster. It places the class room plan in context of the contingency plans of higher organizational units. It related the authors’ experience with multiple natural disasters and how those experiences can be used to establish a contingency plan that is... This paper discusses the need to establish a contingency plan at the university class level to mitigate the impacts of a disaster. It places the class room plan in context of the contingency plans of higher organizational units. It related the authors’ experience with multiple natural disasters and how those experiences can be used to establish a contingency plan that is appropriate to the reader’s environment. Read More Read Less

Abstract Robust and resilient cyber defense mechanisms and better educated future workforce are vital components for the protection of our nation’s critical infrastructures. As such, the need for an enhanced information assurance and security curriculum with emphasis on embedded and control systems can no longer be ignored. Recognizing this training gap, we designed and implemented a collection of laboratory projects for an... Robust and resilient cyber defense mechanisms and better educated future workforce are vital components for the protection of our nation’s critical infrastructures. As such, the need for an enhanced information assurance and security curriculum with emphasis on embedded and control systems can no longer be ignored. Recognizing this training gap, we designed and implemented a collection of laboratory projects for an embedded and control systems security curriculum that emphasizes a balance between theory and application. Each project, whose main purpose is to stimulate learning and motivate critical thinking among undergraduate students, is designed with careful attention to details. In this paper, we provide the learning objectives, knowledge prerequisites, activities involved, expected outcomes, and a list of suggested references for additional reading assignments for each one of those projects. Read More Read Less

Abstract Clickjacking is a form of UI-Redress where a victim thinks they are browsing the webpage they see, but click actions are actually on a hidden webpage. Typically, the victim must already be authenticated on the hidden page for the attack to work. There are several available methods to detect or prevent clickjacking attacks on both the server and client side. The... Clickjacking is a form of UI-Redress where a victim thinks they are browsing the webpage they see, but click actions are actually on a hidden webpage. Typically, the victim must already be authenticated on the hidden page for the attack to work. There are several available methods to detect or prevent clickjacking attacks on both the server and client side. The main prevention methods are for the server side, and verify that the website is not being loaded inside an iFrame. If an attacker attempts to load a website with one of these methods in place, it will either “break” out of the frame, i.e. refresh the page directly to its URL, or not load the page in the first place. Currently it is important to increase the implementation rate of these prevention methods. This paper introduces a clickjacking course module which includes a tutorial of clickjacking, a hands-on lab, and a quiz. There is a discussion of the teaching experience with this course module. The module can be integrated into web security or network security courses introducing the topic of clickjacking. Read More Read Less

Abstract Secure application development is becoming even more critical as the impact of insecure code becomes deeper and more pervasive in our personal and professional lives. The approach described in this paper seeks to motivate computer science students to write secure code almost from the very beginning by focusing on concrete examples of common software vulnerabilities in the second freshman-level programming course.... Secure application development is becoming even more critical as the impact of insecure code becomes deeper and more pervasive in our personal and professional lives. The approach described in this paper seeks to motivate computer science students to write secure code almost from the very beginning by focusing on concrete examples of common software vulnerabilities in the second freshman-level programming course. Sample exercises and assignments are given as examples that can be reused in similar courses. While long-term data collection is still ongoing, initial results are promising enough that the method is presented here in detail to support university faculty interested in incorporating lessons and real-world examples in secure app development in their programming courses at any level. Read More Read Less

Abstract Due to the emerging popularity of mobile devices, topics on mobile computing and mobile security started to gain importance in university curriculum. Some universities created concentrated courses to teach these topics. Another approach is to develop course modules on these topics and integrate them into existing courses. This paper introduces a course module on mobile malware, which can be integrated into... Due to the emerging popularity of mobile devices, topics on mobile computing and mobile security started to gain importance in university curriculum. Some universities created concentrated courses to teach these topics. Another approach is to develop course modules on these topics and integrate them into existing courses. This paper introduces a course module on mobile malware, which can be integrated into an existing computer security course. The course module includes a tutorial on mobile malware, and two hands-on labs. Our initial teaching experiences of this course module in an existing computer security course is discussed. Read More Read Less