Collaborative Research: Modeling Student Activity and Learning on Cybersecurity Testbeds

协作研究：在网络安全测试平台上对学生活动和学习进行建模

• 批准号: 1723717
• 负责人: Jelena Mirkovic
• 金额: $ 25万
• 依托单位: University of Southern California
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-09-01 至 2021-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1723717&HistoricalAwards=false
• 关键词: Collaborative; Research; Modeling; Student; Activity

This project led by the University of Southern California, in collaboration with Evergreen State College and Lewis and Clark College, aims to develop tools that automatically assess student learning in practical cybersecurity tasks, both for individual students and for the entire class. This is currently a challenge because such tasks are often open-ended and exploratory in nature. Because they can be completed in many ways, student learning in cybersecurity may not always be recognized by the instructor. This makes it hard to assess the sophistication of a student's path to success. Similarly, it may also be a challenge to identify the reasons why students experience failure, and to provide useful and timely feedback to students and instructors. The proposed project work will uncover reasons behind student underperformance in practical cybersecurity exercises, and will help identify effective interventions. The proposed research may also help network test beds retain and better serve their users. The impact of these activities will be three-fold. First, the developed tools will be integrated with two previously developed platforms for cybersecurity exercises: DeterLab and EDURange. This will directly impact approximately 2,000 students annually. Second, the tools will be highly portable to other platforms that use Linux in practical cybersecurity exercises, and can reach a wider audience. Third, the tools will help retain talent from disadvantaged and minority populations, as it will allow for earlier intervention and feedback to complete challenging, practical tasks. This project will develop ACSLE, a framework for automated assessment of student learning in practical cybersecurity exercises. ACSLE will engage in constant and extensive monitoring of student interaction with the computer, and will allow for the correlation with desired learning outcomes. ACSLE starts with the development of tools that monitor low-level student activities, such as commands typed, traffic generated and files and processes created. These low-level records are then synthesized into high-level indicators of student progress on a given cybersecurity task. The outcomes will allow for: (1) classification of students into several learning styles based on proficiency with a task and level of foundational skill; (2) clustering of solutions to specific learning challenges identified in student groups that have similar learning styles; (3) collection of successful learning paths developed over time and methods for identifying struggling students; (4) identification of causes of failure and delivery of appropriate learning interventions; and (5) aggregation of performance data for a class as well as identification of tasks that are difficult for many students. ACSLE will thus provide useful information for students and teachers, and improve overall learning in practical cybersecurity exercises.

该项目由南加州大学牵头，与常青州立学院和刘易斯与克拉克学院合作，旨在开发工具，自动评估学生在实际网络安全任务中的学习情况，既适用于个别学生，也适用于整个班级。这是目前的一个挑战，因为这类任务通常是开放性和探索性的。因为他们可以通过多种方式完成，学生在网络安全方面的学习可能并不总是得到老师的认可。这使得我们很难评估一个学生通往成功之路的复杂程度。同样，确定学生经历失败的原因，并向学生和教师提供有用和及时的反馈也可能是一个挑战。拟议的项目工作将揭示学生在实际网络安全练习中表现不佳的原因，并将有助于确定有效的干预措施。拟议的研究也可能有助于网络试验台留住和更好地服务他们的用户。这些活动的影响将是三重的。首先，开发的工具将与先前开发的两个网络安全演习平台（detlab和EDURange）集成。这将直接影响到每年大约2000名学生。其次，这些工具将高度可移植到在实际网络安全练习中使用Linux的其他平台上，并且可以覆盖更广泛的受众。第三，这些工具将有助于从弱势群体和少数群体中留住人才，因为它将允许更早的干预和反馈，以完成具有挑战性的实际任务。该项目将开发ACSLE，这是一个在实际网络安全演习中对学生学习进行自动评估的框架。ACSLE将持续和广泛地监测学生与计算机的互动，并将与期望的学习成果相关联。ACSLE从开发监控底层学生活动的工具开始，例如输入的命令、生成的流量以及创建的文件和进程。然后将这些低级记录合成为学生在给定网络安全任务中取得进展的高级指标。结果将允许：(1)根据对任务的熟练程度和基本技能水平将学生分为几种学习风格；(2)在具有相似学习风格的学生群体中发现的特定学习挑战的解决方案聚类；(3)收集长期发展的成功学习路径和识别困难学生的方法；(4)找出失败的原因并提供适当的学习干预；(5)汇总一个班级的表现数据，并确定对许多学生来说困难的任务。ACSLE将为学生和教师提供有用的信息，并在实际网络安全练习中提高整体学习水平。

项目成果

Using Terminal Histories to Monitor Student Progress on Hands-on Exercises

使用终端历史记录来监控学生的实践练习进度

• DOI: 10.1145/3328778.3366935
• 发表时间: 2020
• 期刊: Proceedings of ACM SIGCSE
• 作者: Mirkovic, Jelena;Aggarwal, Aashray;Weinman, David;Lepe, Paul;Mache, Jens;Weiss, Richard
• 通讯作者: Weiss, Richard

HANDS-ON CYBERSECURITY EXERCISES

网络安全实践练习

• 发表时间: 2018
• 期刊: Journal of computing sciences in colleges
• 作者: Mache, Jens;Weiss, Richard
• 通讯作者: Weiss, Richard