Collaborative Research: Modeling Student Activity and Learning on Cybersecurity Testbeds

协作研究：在网络安全测试平台上对学生活动和学习进行建模

• 批准号: 1723717
• 负责人: Jelena Mirkovic
• 金额: $ 25万
• 依托单位: University of Southern California
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-09-01 至 2021-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1723717&HistoricalAwards=false
• 关键词: Collaborative; Research; Modeling; Student; Activity

This project led by the University of Southern California, in collaboration with Evergreen State College and Lewis and Clark College, aims to develop tools that automatically assess student learning in practical cybersecurity tasks, both for individual students and for the entire class. This is currently a challenge because such tasks are often open-ended and exploratory in nature. Because they can be completed in many ways, student learning in cybersecurity may not always be recognized by the instructor. This makes it hard to assess the sophistication of a student's path to success. Similarly, it may also be a challenge to identify the reasons why students experience failure, and to provide useful and timely feedback to students and instructors. The proposed project work will uncover reasons behind student underperformance in practical cybersecurity exercises, and will help identify effective interventions. The proposed research may also help network test beds retain and better serve their users. The impact of these activities will be three-fold. First, the developed tools will be integrated with two previously developed platforms for cybersecurity exercises: DeterLab and EDURange. This will directly impact approximately 2,000 students annually. Second, the tools will be highly portable to other platforms that use Linux in practical cybersecurity exercises, and can reach a wider audience. Third, the tools will help retain talent from disadvantaged and minority populations, as it will allow for earlier intervention and feedback to complete challenging, practical tasks. This project will develop ACSLE, a framework for automated assessment of student learning in practical cybersecurity exercises. ACSLE will engage in constant and extensive monitoring of student interaction with the computer, and will allow for the correlation with desired learning outcomes. ACSLE starts with the development of tools that monitor low-level student activities, such as commands typed, traffic generated and files and processes created. These low-level records are then synthesized into high-level indicators of student progress on a given cybersecurity task. The outcomes will allow for: (1) classification of students into several learning styles based on proficiency with a task and level of foundational skill; (2) clustering of solutions to specific learning challenges identified in student groups that have similar learning styles; (3) collection of successful learning paths developed over time and methods for identifying struggling students; (4) identification of causes of failure and delivery of appropriate learning interventions; and (5) aggregation of performance data for a class as well as identification of tasks that are difficult for many students. ACSLE will thus provide useful information for students and teachers, and improve overall learning in practical cybersecurity exercises.

该项目由南加州大学牵头，与万年青州立学院和刘易斯和克拉克学院合作，旨在开发工具，自动评估学生在实际网络安全任务中的学习情况，无论是针对个别学生还是整个班级。这是目前的一项挑战，因为这些任务往往是开放性和探索性的。因为它们可以通过多种方式完成，所以学生在网络安全方面的学习可能并不总是得到教师的认可。这就很难评估一个学生成功之路的复杂程度。同样，确定学生失败的原因，并向学生和教师提供有用和及时的反馈也可能是一个挑战。拟议的项目工作将揭示学生在实际网络安全练习中表现不佳的原因，并将有助于确定有效的干预措施。拟议中的研究也可能有助于网络测试床保留和更好地为用户服务。这些活动将产生三方面的影响。首先，开发的工具将与先前开发的两个网络安全演习平台集成：DeterLab和EDURange。这将直接影响每年约2,000名学生。其次，这些工具将高度可移植到在实际网络安全演习中使用Linux的其他平台，并可以覆盖更广泛的受众。第三，这些工具将有助于留住来自弱势群体和少数群体的人才，因为它将允许更早的干预和反馈，以完成具有挑战性的实际任务。该项目将开发ACSLE，这是一个在实际网络安全练习中自动评估学生学习的框架。ACSLE将参与学生与计算机的互动的持续和广泛的监测，并将允许与预期的学习成果的相关性。ACSLE从开发监控低级学生活动的工具开始，例如键入的命令、生成的流量以及创建的文件和进程。然后，这些低级别的记录被合成为学生在给定网络安全任务中取得进展的高级别指标。这些成果将有助于：（1）根据任务熟练程度和基础技能水平，将学生分为几种学习风格;（2）对具有相似学习风格的学生群体中确定的特定学习挑战的解决方案进行集群;（3）收集随着时间的推移而开发的成功学习路径和识别有困难学生的方法;（4）确定失败的原因并提供适当的学习干预措施;（5）汇总一个班级的表现数据，并确定对许多学生来说困难的任务。因此，ACSLE将为学生和教师提供有用的信息，并在实际的网络安全练习中提高整体学习。

项目成果

Using Terminal Histories to Monitor Student Progress on Hands-on Exercises

使用终端历史记录来监控学生的实践练习进度

• DOI: 10.1145/3328778.3366935
• 发表时间: 2020
• 期刊: Proceedings of ACM SIGCSE
• 作者: Mirkovic, Jelena;Aggarwal, Aashray;Weinman, David;Lepe, Paul;Mache, Jens;Weiss, Richard
• 通讯作者: Weiss, Richard

HANDS-ON CYBERSECURITY EXERCISES

网络安全实践练习

• 发表时间: 2018
• 期刊: Journal of computing sciences in colleges
• 作者: Mache, Jens;Weiss, Richard
• 通讯作者: Weiss, Richard