Enhancing Undergraduate Cybersecurity Education using a Mission-Based Learning Model

This project aims to serve the national interest by enhancing undergraduate cybersecurity education and equipping college students with the technical and cognitive skills that are needed to satisfy the needs of the cybersecurity workforce. This project uses an evidence-based approach in which student teams are sent on classroom missions to solve contemporary cybersecurity problems. Mission-based learning increases student engagement and helps to improve the technical, problem-solving, metacognitive, and interpersonal skills that are needed to apply cybersecurity principles in the cybersecurity workforce. As students complete their missions, they learn cybersecurity theories and the approaches cybercriminals take to identify and exploit vulnerabilities. The missions will also provide students with an opportunity to develop the skills required to work individually and in teams. Students will conduct research and learn to think like cybercriminals to better understand adversarial practices and to develop the defensive skills required to respond to these practices. The lesson plans for the cybersecurity missions will serve as a blueprint for other instructors interested in transforming their teaching approach by adopting mission-based learning into their cybersecurity programs.This project will advance our knowledge and understanding of cybersecurity education, by introducing the mission-based learning model, and evaluating its effectiveness as a learning method in cybersecurity. The project team will develop instructor and student lesson plan materials for a set of missions in an existing computer science course. Senior undergraduate or graduate computer science students will be recruited and trained to serve as coaches for students during their missions. The project aims to answer the following research question: how does mission-based learning improve cybersecurity education with respect to student achievement, competency, and attitude? This project will advance our understanding of the advantages and disadvantages of using adversarial practices to teach cybersecurity and will help instructors to design cybersecurity educational materials that utilize the adversarial practice approach. To extend the impact of this project, the lesson plans will be disseminated to the national cybersecurity community through publications, websites, and workshops. The NSF IUSE: EHR Program supports research and development projects to improve the effectiveness of STEM education for all students. Through the Engaged Student Learning track, the program supports the creation, exploration, and implementation of promising practices and tools. Co-funding for this project is being provided by the Secure and Trustworthy Cyberspace (SaTC) Program because the goals of the project align with the overall aims of the education track of that funding opportunity.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.