Abstract – Many computer security programs supplement their courses by providing labs to fortify concepts being taught, however, often these labs are taught in isolation and do not allow students to see the complexity of integrating a systems of systems architecture. The “seams” of these security systems are where deep learning happens and where attacks slip through. This paper discusses a capstone course designed to help students integrate security systems with all of its interconnecting parts and see the importance of putting these pieces together securely.

Abstract – Service learning enables students to provide real service to the community as part of their learning/educational experience. Service learning can take many forms in security, including maturity assessment, security planning, awareness training, product research, product evaluation, and facilities or procedural audit. These projects help students learn to communicate with non-technical staff, apply security training, obtain experience in a real world environment, develop professional documentation, and contribute to their neighborhood. This paper describes the benefits and challenges the author has experienced for each type, but also discusses tools that can help security instructors in implementing service learning in their security courses.

Abstract – The National Security Agency (NSA) began designating colleges and universities as Centers of Academic Excellence (CAE) in 1998 if they met several criteria [1]. The Department of Homeland Security (DHS) now works with the NSA to designate schools as centers of excellence. CAEs must be able to map their curriculum to the government’s standards and demonstrate they have the faculty, organizational structure, scholarship, and commitment to developing a rigorous program. The schools committing resources to obtaining this designation are making a major multi-year commitment and need to get a return on investment. Many schools assume that this return comes in increased student enrollment. To justify this assumption, this project will attempt to determine if the CAE designation impacts the school selection of students.

Abstract –The demand for information systems security education has never been higher, while the availability of high-quality information systems security instruction and of well-qualified instructors are both extremely limited. Meeting the demand requires converting teaching from an individual activity to a community-based research activity. As a result, Carnegie Mellon University’s Open Learning Initiative and the Software Engineering Institute’s CERT® Program have collaborated in the development of an online secure coding module that exemplifies how to capture expert content, ensure high-quality learning, and scale to meet rapidly growing demand. This paper describes this effort and how high-quality information systems security instruction can be scaled to meet existing and projected demand.

Abstract – The modern world of computing familiar to most college students is one based on mobile devices that rely increasingly on cloud storage. In this world, all students need to have a conceptual and practical understanding of the inherent computing, data, and privacy/security issues involved, but most institutions treat CyberSecurity education only as part of the institution’s computing or information security curricula. At best, most students are introduced to this modern world through superficial courses on using mobile devices. The authors propose to make computer security and information assurance part of the general education for all undergraduates.

Abstract - It is of increasing importance that we incorporate security and cryptology in both the undergraduate and graduate curriculums. This paper introduces cryptology in the framework of general cybersecurity and advocates that it is an appropriate mechanism for introducing security issues into the classroom at all level of the curriculum. A practical free software package called CrypTool which can be a major asset in any attempt to teach cryptology to a range of student audiences is presented. Applications and classroom experiences using CrypTool are discussed along with some student feedback.

Abstract - Each year hackers exploit hundreds of vulnerabilities in software, yet the same vulnerabilities continue to appear in code, over and over again, and many educational institutions continue to teach programming as they always have. Companies, such as Microsoft, have found it necessary to conduct secure coding training classes to make up for the absence of the subject in college-level curriculum. Reasons for this lack are many, but our research is motivated by one major barrier: instructor lack of time to convert existing, well-developed curriculum to include secure coding concepts. To address this issue, we have developed an approach that applies the 4+1 Views software-reengineering technique to transform source code that does not incorporate any security concepts, into source code that can defend against attacks.

Abstract – A number of cyber security competitions currently exist. Some are aimed at high school students, some at professionals, and some at security professionals. By far the largest number of competitions take place at the collegiate level. Currently there is very little that ties these competitions together and at times it may seem that the competitions themselves are competing against each other. For these competitions to take the next step toward establishing themselves collectively as a recognized competition program they need to come together and establish a Collegiate Cyber Security Championship Cup and the program that would run it.

Abstract – Discussion on cyberwarfare or information warfare has been dominated by visuals of high tech command centers with giant plasma screens. Tactical exploitation of captured enemy digital devices: laptops, handhelds, PDAs, cell phones, etc. is sometimes neglected. One of the growing challenges posed by the growth of digital information and digital devices is how to train the existing combat force for safe exploitation of captured digital devices. Auburn University researchers have been participating in an ongoing training effort to re-task injured service members to serve as digital investigators.

Abstract – The effort to secure cyberspace continues unabated. Yet, losses continue to mount. If we are to gain ground in this effort, we must understand our adversaries and the mechanisms they use to inflict losses. When we know the threats facing our information assets and the potential losses the assets face, we can begin to build more effective defenses using well defined risk management methodologies. This paper examines top computer executives’ perspectives on current threats to information security, and compares those threats to a previous study from 2002.