Collaborative Research: Modeling Student Activity and Learning on Cybersecurity Testbeds

协作研究：在网络安全测试平台上对学生活动和学习进行建模

• 批准号: 1723717
• 负责人: Jelena Mirkovic
• 金额: $ 25万
• 依托单位: University of Southern California
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-09-01 至 2021-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1723717&HistoricalAwards=false
• 关键词: Collaborative; Research; Modeling; Student; Activity

This project led by the University of Southern California, in collaboration with Evergreen State College and Lewis and Clark College, aims to develop tools that automatically assess student learning in practical cybersecurity tasks, both for individual students and for the entire class. This is currently a challenge because such tasks are often open-ended and exploratory in nature. Because they can be completed in many ways, student learning in cybersecurity may not always be recognized by the instructor. This makes it hard to assess the sophistication of a student's path to success. Similarly, it may also be a challenge to identify the reasons why students experience failure, and to provide useful and timely feedback to students and instructors. The proposed project work will uncover reasons behind student underperformance in practical cybersecurity exercises, and will help identify effective interventions. The proposed research may also help network test beds retain and better serve their users. The impact of these activities will be three-fold. First, the developed tools will be integrated with two previously developed platforms for cybersecurity exercises: DeterLab and EDURange. This will directly impact approximately 2,000 students annually. Second, the tools will be highly portable to other platforms that use Linux in practical cybersecurity exercises, and can reach a wider audience. Third, the tools will help retain talent from disadvantaged and minority populations, as it will allow for earlier intervention and feedback to complete challenging, practical tasks. This project will develop ACSLE, a framework for automated assessment of student learning in practical cybersecurity exercises. ACSLE will engage in constant and extensive monitoring of student interaction with the computer, and will allow for the correlation with desired learning outcomes. ACSLE starts with the development of tools that monitor low-level student activities, such as commands typed, traffic generated and files and processes created. These low-level records are then synthesized into high-level indicators of student progress on a given cybersecurity task. The outcomes will allow for: (1) classification of students into several learning styles based on proficiency with a task and level of foundational skill; (2) clustering of solutions to specific learning challenges identified in student groups that have similar learning styles; (3) collection of successful learning paths developed over time and methods for identifying struggling students; (4) identification of causes of failure and delivery of appropriate learning interventions; and (5) aggregation of performance data for a class as well as identification of tasks that are difficult for many students. ACSLE will thus provide useful information for students and teachers, and improve overall learning in practical cybersecurity exercises.

该项目由南加州大学牵头，与长青州立学院以及刘易斯和克拉克学院合作，旨在开发工具，自动评估学生在实际网络安全任务中的学习情况，无论是针对个别学生还是针对整个班级。目前这是一个挑战，因为此类任务本质上通常是开放式和探索性的。由于可以通过多种方式完成，学生在网络安全方面的学习可能并不总是得到教师的认可。这使得评估学生成功之路的复杂程度变得困难。同样，找出学生失败的原因并向学生和教师提供有用且及时的反馈也可能是一个挑战。拟议的项目工作将揭示学生在实际网络安全练习中表现不佳的原因，并将有助于确定有效的干预措施。拟议的研究还可能有助于网络测试台保留并更好地服务其用户。这些活动的影响将是三重的。首先，开发的工具将与之前开发的两个网络安全练习平台集成：DeterLab 和 EDURange。这每年将直接影响约 2,000 名学生。其次，这些工具将高度可移植到在实际网络安全练习中使用 Linux 的其他平台，并且可以覆盖更广泛的受众。第三，这些工具将有助于留住弱势群体和少数族裔的人才，因为它将允许更早的干预和反馈，以完成具有挑战性的实际任务。该项目将开发 ACSLE，这是一个用于自动评估学生在实际网络安全练习中的学习情况的框架。 ACSLE 将持续广泛地监控学生与计算机的交互，并将与期望的学习成果建立关联。 ACSLE 首先开发监控低级学生活动的工具，例如输入的命令、生成的流量以及创建的文件和流程。然后，这些低级记录被综合成学生在给定网络安全任务上的进展的高级指标。结果将允许：（1）根据任务的熟练程度和基础技能水平将学生分为几种学习风格； (2) 对具有相似学习风格的学生群体中确定的特定学习挑战的解决方案进行聚类； (3) 收集长期发展的成功学习路径以及识别陷入困境的学生的方法； (4) 查明失败原因并提供适当的学习干预措施； (5) 汇总班级的表现数据以及识别对许多学生来说困难的任务。因此，ACSLE 将为学生和教师提供有用的信息，并提高实际网络安全练习中的整体学习。

项目成果

Using Terminal Histories to Monitor Student Progress on Hands-on Exercises

使用终端历史记录来监控学生的实践练习进度

• DOI: 10.1145/3328778.3366935
• 发表时间: 2020
• 期刊: Proceedings of ACM SIGCSE
• 作者: Mirkovic, Jelena;Aggarwal, Aashray;Weinman, David;Lepe, Paul;Mache, Jens;Weiss, Richard
• 通讯作者: Weiss, Richard

HANDS-ON CYBERSECURITY EXERCISES

网络安全实践练习

• 发表时间: 2018
• 期刊: Journal of computing sciences in colleges
• 作者: Mache, Jens;Weiss, Richard
• 通讯作者: Weiss, Richard