Collaborative Research: SaTC: EDU: Dual-track Role-based Learning for Cybersecurity Analysts and Engineers for Effective Defense Operation with Data Analytics

协作研究：SaTC：EDU：网络安全分析师和工程师基于角色的双轨学习，通过数据分析实现有效的防御操作

• 批准号: 2228001
• 负责人: Shanchieh Yang
• 金额: $ 36.74万
• 依托单位: Rochester Institute of Tech
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-06-15 至 2026-05-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2228001&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; EDU; Dual

Cybersecurity defense operations (cyber-ops) are in dire need of effective and expedited learning programs for practicing professionals to infuse data analytics (i.e., data science, artificial intelligence, and machine learning) into their day-to-day tasks. To combat the evolving threat landscape, effective cyber-ops often involve a team of cybersecurity analysts and engineers with complementary expertise. The analysts need effective, usable, and potentially customized data analytics, which are developed by or in collaboration with the engineers. Currently, in-service training for cybersecurity analysts and engineers who need to use data analytics for cyber-ops are limited. No existing program addresses the need to develop the collaborative mindsets and practices that are necessary to work effectively together. This project aims to develop an innovative dual-track learning program for working cybersecurity analysts and engineers that leverages role-playing within a simulated organization and involves tasks that are specific to each group as well as tasks where they need to work together as a team. This innovative design will help promote collaboration while also enhancing learning of specific data analytic knowledge and skills needed by each type of professional in a realistic work environment. The program features a combination of remote learning modules and tasks, team coach sessions, and team-based incident response exercises. Progressively deeper learning about data analytics will occur as the scale and complexity of the cyber-op tasks assigned to the participants, as members of a simulated organization, are gradually increased. The program was designed in collaboration with education researchers. The design is informed by education theories and principles, including Identity Theory, Project-based Design, Understanding by Design, and Universal Design for Learning. The program’s design will also build on prior successful experiences with entry-level cybersecurity bootcamps employing simulations, cybersecurity competitions, and teaching and deployment of research advances for cyber-ops. The program will be refined through three iterations following a Design-based Research approach, and its effects evaluated by an external evaluation team.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

网络安全防御操作（网络-OPS）直接需要有效且加快的学习计划，以实践学习，以将数据分析（即数据科学，人工智能和机器学习）注入其日常任务。为了应对进化威胁的景观，有效的网络操作通常涉及具有完整专业知识的网络安全分析师和工程师团队。分析师需要由工程师或合作开发的有效，可用和潜在定制的数据分析。当前，需要使用数据分析的网络安全分析师和工程师的网络安全培训有限。没有现有的计划满足开发有效合作所必需的协作思维方式和实践的必要性。该项目旨在为工作网络安全分析师和工程师制定创新的双轨学习计划，该计划利用模拟组织内的角色扮演角色扮演，并涉及每个小组特定的任务以及他们需要作为团队共同工作的任务。这种创新的设计将有助于促进协作，同时还可以增强在现实的工作环境中每种专业人员所需的特定数据分析知识和技能的学习。该计划具有远程学习模块和任务，团队教练会议和基于团队的事件响应练习的结合。随着分配给参与者的网络操作任务的规模和复杂性，随着模拟组织的成员的逐渐增加，对数据分析的学习将逐渐增加。该计划是与教育研究人员合作设计的。该设计由教育理论和原理（包括身份理论，基于项目的设计，设计理解以及通用学习设计）所告知。该计划的设计还将以先前的成功经验为基础，该经验通过使用模拟，网络安全竞赛以及网络op的研究进展的入门级网络安全训练营进行。该计划将在基于设计的研究方法之后的三个迭代以及由外部评估团队评估的效果进行完善。该奖项反映了NSF的法定任务，并使用基金会的知识分子优点和更广泛的影响评估标准，被认为值得通过评估来提供支持。