SaTC: EDU: Advancing Cybersecurity Education through Self-Learning Cybersecurity Training Kit

SaTC：EDU：通过自学网络安全培训套件推进网络安全教育

• 批准号: 1723687
• 负责人: Swaroop Ghosh
• 金额: $ 30万
• 依托单位: Pennsylvania State Univ University Park
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-01 至 2022-01-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1723687&HistoricalAwards=false
• 关键词: SaTC; EDU; Advancing; Cybersecurity; Education

There is an exponential growth in the number of cyber-attack incidents resulting in significant financial loss and national security concerns. A secure cyberspace has been designated as one of the National Academy of Engineering Grand Challenges in engineering. Broadly, security threats are targeted on software programs, operating systems and networks with the intention to launch cyber-attacks. There is a need to increase student-centered, inquiry-based teaching approaches in cybersecurity as these are known to improve student learning outcomes. A comprehensive understanding can be achieved with a hands-on course on cybersecurity, where students can learn key concepts and get hands-on experience making changes to hardware, software, operating systems, and, network policies. This project proposes a self-learning, hands-on Cybersecurity Training (CST) Kit, which will be accompanied by Do-It-Yourself training modules that can be used to model and investigate cybersecurity issues and strategies for prevention. It can be customized to a wide range of cybersecurity stakeholders, including undergraduate and graduate students, K-12 science and technology teachers, industry professionals and the community at large. This project will advance cybersecurity education among students and professionals through the use the CST Kit and training modules, which will allow students to immediately apply newly acquired knowledge as part of the learning process.The CST kit will cover all aspects of cybersecurity issues including, hardware, software, operating system and network security. A 3-tier coursework will be developed to provide cybersecurity education to Junior and Senior-level undergraduate students, graduate students and professionals. Pilot Tier-1 and Tier-2 courses will be introduced to assess the learning modules and the CST Kit. The Kit hardware and software will be customizable to allow for easy adoption in a wide range of academic and professional levels. The components of the CST Kit will be used to foster interest in cybersecurity with underrepresented and underserved students at the high school and community college level. Approaches for cybersecurity education will be enhanced by increased student engagement though the proposed Classroom Cybersecurity Challenges. The developed training modules combined with the Challenges activity will provide quality curriculum for K-12 computer science courses linking computer science and broader areas of STEM education.

网络攻击事件的数量呈指数级增长，导致重大财务损失和国家安全问题。安全的网络空间已被指定为美国国家工程院工程重大挑战之一。从广义上讲，安全威胁针对软件程序、操作系统和网络，意图发起网络攻击。有必要增加以学生为中心、基于探究的网络安全教学方法，因为众所周知，这些方法可以提高学生的学习成果。通过网络安全实践课程可以实现全面的理解，学生可以学习关键概念并获得更改硬件、软件、操作系统和网络策略的实践经验。该项目提出了一个自学、实践的网络安全培训 (CST) 套件，该套件将附带 DIY 培训模块，可用于建模和调查网络安全问题和预防策略。它可以针对广泛的网络安全利益相关者进行定制，包括本科生和研究生、K-12 科学技术教师、行业专业人士和整个社区。该项目将通过使用 CST 套件和培训模块来推进学生和专业人员的网络安全教育，这将使学生能够在学习过程中立即应用新获得的知识。CST 套件将涵盖网络安全问题的各个方面，包括硬件、软件、操作系统和网络安全。将开发三层课程，为初中和高中本科生、研究生和专业人士提供网络安全教育。将引入试点 Tier-1 和 Tier-2 课程来评估学习模块和 CST 套件。该套件的硬件和软件将可定制，以便在广泛的学术和专业水平上轻松采用。 CST 套件的组件将用于培养高中和社区大学中代表性不足和服务不足的学生对网络安全的兴趣。 通过拟议的课堂网络安全挑战，提高学生的参与度，网络安全教育方法将得到加强。开发的培训模块与挑战活动相结合，将为 K-12 计算机科学课程提供优质课程，将计算机科学与更广泛的 STEM 教育领域联系起来。

项目成果

TrappeD: DRAM Trojan Designs for Information Leakage and Fault Injection Attacks

TrappeD：针对信息泄露和故障注入攻击的 DRAM 木马设计

• 发表时间: 2019-12
• 期刊: Microprocessor test and validation
• 作者: Karthikeyan Nagarajan; Asmit De
• 通讯作者: Asmit De

HeapSafe: Securing Unprotected Heaps in RISC-V

HeapSafe：保护 RISC-V 中未受保护的堆

• 发表时间: 2021-06
• 期刊: ArXivorg
• 作者: De; Asmit and
• 通讯作者: Asmit and

ReLOPE: Resistive RAM-Based Linear First-Order Partial Differential Equation Solver

ReLOPE：基于电阻 RAM 的线性一阶偏微分方程求解器

• 发表时间: 2021-01
• 期刊: IEEE transactions on very large scale integration VLSI systems
• 作者: Ensan; Sina Sayyah
• 通讯作者: Sina Sayyah

Hands-on cybersecurity curriculum using a modular training kit

使用模块化培训套件的网络安全实践课程

• 发表时间: 2020-07
• 期刊: ASEE annual conference
• 作者: Asmit De; Swaroop Ghosh
• 通讯作者: Swaroop Ghosh

Hardware Assisted Buffer Protection Mechanisms for Embedded RISC-V

嵌入式 RISC-V 的硬件辅助缓冲区保护机制

• DOI: 10.1109/tcad.2020.2984407
• 发表时间: 2020-04
• 期刊: IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
• 影响因子: 2.9
• 作者: De, Asmit;Basu, Aditya;Ghosh, Swaroop;Jaeger, Trent
• 通讯作者: Jaeger, Trent