SaTC: EDU: RUI: Enabling a New Generation of Experts by Finding and Fixing Students' Persistent Misconceptions

SaTC：EDU：RUI：通过查找和纠正学生持续存在的误解来培养新一代专家

• 批准号: 1821788
• 负责人: Peter Peterson
• 金额: $ 31.6万
• 依托单位: University of Minnesota Duluth
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-09-01 至 2022-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1821788&HistoricalAwards=false
• 关键词: SaTC; EDU; RUI; Enabling; New

The stream of high-profile computer security breaches resulting from errors well-known to security experts provides an opportunity to improve cybersecurity education to effectively prepar the next generation of cybersecurity professionals. Students have deeply ingrained misconceptions about how computer security ought to work, and students rely on this false intuition when reasoning about security. The goal of this project is to develop a series of active learning exercises, that use videos, and hands-on exercises, to address these misconceptions. The learning modules will be validated in the classroom, and then published using an open source license.This research will follow the iterative model created by Hestenes and Halloun, but it will be applied to common misconceptions in the computer security knowledge of computer science majors. Misconceptions will be identified through pre- and post-tests and used to create a reusable security concept inventory (SCI). A large pool of volunteer experts from industry and academia will be surveyed to determine their ideas about misconceptions that non-experts have about cybersecurity. This will result in a list of the most significant misconceptions in cybersecurity. Using volunteer instructors at multiple colleges and universities, students will be questioned about these topics resulting in a SCI that can be used to assess understanding of these issues. Data generated from administering the SCI will be used to create a set of open source active learning modules, where each module will target a specific misconception identified in the inventory.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

由安全专家熟知的错误导致的一系列备受瞩目的计算机安全漏洞为改善网络安全教育提供了机会，以有效地为下一代网络安全专业人员做好准备。 学生们对计算机安全应该如何工作有着根深蒂固的误解，学生们在推理安全性时依赖于这种错误的直觉。 这个项目的目标是开发一系列主动学习练习，使用视频和动手练习，以解决这些误解。 学习模块将在课堂上进行验证，然后使用开源许可证发布。这项研究将遵循Hestenes和Halloun创建的迭代模型，但它将应用于计算机科学专业的计算机安全知识中的常见误解。 将通过前后测试确定误解，并用于创建可重复使用的安全概念清单（SCI）。 来自工业界和学术界的大量志愿专家将接受调查，以确定他们对非专家对网络安全的误解的看法。 这将导致网络安全中最重要的误解清单。 在多个学院和大学使用志愿者教师，学生将被问及这些主题，从而产生一个SCI，可用于评估对这些问题的理解。 管理SCI产生的数据将用于创建一套开源主动学习模块，其中每个模块将针对清单中确定的特定误解。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。