SaTC: EDU: Vertically-Aligned Hands-on Cybersecurity Curriculum Based on Adversarial Thinking

Cybersecurity threats take a psychological and financial toll on individuals, governments, and industry. Therefore, it is critical that academic institutions produce a workforce capable of handling the nation’s increasing cybersecurity challenges. Existing educational materials focus mainly on teaching cybersecurity from the perspective of principles and concepts. However, it is essential to develop materials that teach students how to think like an adversary (attacker). The goal of this project is to address the cybersecurity workforce shortage as well as gaps in available university-level cybersecurity programs through the development of undergraduate cybersecurity education labs focused on adversarial thinking. The three lab modules will be designed to be stackable and adaptable and will be made available to the cybersecurity community nationwide.The project will develop a vertically-aligned undergraduate curriculum that ensures a logical progression of materials as well as learning objectives that increase in complexity. The modules will incorporate industry best practices and tools, and address both relevant knowledge and hands-on practical skills to simulate real-world cyber problems and environments. Game-theoretical and multi-role approaches will be used to help students think more like an adversary. Module materials will incorporate virtual machine images for lab activities, a student manual with hands-on lab activities, instructional videos on how to deliver the lab lessons, and an instructor’s manual with detailed rationale and instructions. In addition, the module materials will include an assessment guide to evaluate how the activities increase student awareness, adoption, and retention of new knowledge. The modules will be deployed and evaluated at Boise State University. The modules will also be integrated into cybersecurity courses at Northwest Missouri State University and Illinois State University. This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.