SaTC: EDU: Transdisciplinary Cybersecurity Education for Law and Engineering Students

SaTC：EDU：法律和工程专业学生的跨学科网络安全教育

• 批准号: 2028397
• 负责人: Chansu Yu
• 金额: $ 39.78万
• 依托单位: Cleveland State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-05-01 至 2025-04-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2028397&HistoricalAwards=false
• 关键词: SaTC; EDU; Transdisciplinary; Cybersecurity; Education

While cyberattacks and defenses are technical in nature, the legal and regulatory environment shapes both the risks they pose and the responses available. As a result, there is an urgent need to train future cybersecurity professionals in the technical IT skills as well as the relevant legal and policy issues. In addition, it is critical to have legal professionals with sufficient technical knowledge to work with their cybersecurity counterparts. This project will design and implement a cybersecurity education framework that integrates law and engineering students in a single classroom and trains them to assess and respond to real-life scenarios. The objective is to provide students with a holistic view of cybersecurity issues across multiple dimensions and to prepare them to develop new countermeasures, regulations, and policies. The resulting curriculum will be made available so that other institutions can adapt the approach and provide similar education and training programs.This project will develop a scenario-based cybersecurity course for both law and engineering students, with the effort including (i) implementing the cybersecurity scenarios on a virtual machine environment, (ii) developing modules on legal issues concerning security and privacy regulations, jurisdiction over data, and data governance, and (iii) developing transdisciplinary interaction sessions. The seven cybersecurity scenarios will include cyberattacks at the level of software, hardware, data and networks, and social engineering. These scenarios will also cover a wide range of legal and policy issues including data breach notification laws, legal analysis of when to disclose vulnerabilities, challenges in addressing low-level cybercrime, limits of law enforcement, and legal and ethical issues in compliance. The project team’s objective is to facilitate adoption of this transdisciplinary approach by developing an open-source textbook, which will include well-documented software-hardware platforms and cybersecurity scenarios.This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

虽然网络攻击和防御本质上是技术性的，但法律的和监管环境决定了它们构成的风险和可用的应对措施。因此，迫切需要对未来的网络安全专业人员进行IT技术技能以及相关法律的和政策问题的培训。此外，至关重要的是要有具备足够技术知识的法律的专业人员与网络安全同行合作。该项目将设计和实施一个网络安全教育框架，将法律和工程专业的学生整合到一个教室中，并培训他们评估和应对现实生活中的场景。目标是为学生提供跨多个维度的网络安全问题的整体视图，并为他们制定新的对策，法规和政策做好准备。该项目将为法律和工程专业的学生开发一个基于网络安全的课程，其努力包括：（i）在虚拟机环境中实施网络安全方案，（ii）开发关于安全和隐私法规、数据管辖权、和数据治理，以及（iii）开发跨学科互动会议。这七个网络安全场景将包括软件、硬件、数据和网络以及社会工程层面的网络攻击。这些方案还将涵盖广泛的法律的和政策问题，包括数据泄露通知法律、何时披露漏洞的法律的分析、解决低级别网络犯罪的挑战、执法的局限性以及合规方面的法律的和道德问题。该项目团队的目标是通过开发一本开源教科书来促进这种跨学科方法的采用，这本教科书将包括记录良好的软件-硬件平台和网络安全场景。该项目得到了安全和值得信赖的网络空间（SaTC）计划的支持，该计划资助解决网络安全和隐私问题的提案，在这种情况下特别是网络安全教育。SATC计划与联邦网络安全研究和发展战略计划和国家隐私研究战略保持一致，以保护和维护网络系统日益增长的社会和经济效益，同时确保安全和隐私。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

SDN-based Federated Learning approach for Satellite-IoT Framework to Enhance Data Security and Privacy in Space Communication

• DOI: 10.1109/wisee49342.2022.9926943
• 发表时间: 2022-10
• 期刊: 2022 IEEE International Conference on Wireless for Space and Extreme Environments (WiSEE)
• 作者: Ryhan Uddin;Sathish A. P. Kumar

Power Analysis Side Channel Attacks and Countermeasures for the Internet of Things

• DOI: 10.1109/paine56030.2022.10014854
• 发表时间: 2022-10
• 期刊: 2022 IEEE Physical Assurance and Inspection of Electronics (PAINE)
• 作者: Christopher Liptak;Sanchita Mal-Sarkar;S. Kumar

Detection and Localization of DDoS Attack During Inter-Slice Handover in 5G Network Slicing

• DOI: 10.1109/ccnc51644.2023.10060402
• 发表时间: 2023-01
• 期刊: 2023 IEEE 20th Consumer Communications & Networking Conference (CCNC)
• 作者: Himanshu Bisht;Moumita Patra;Sathish A. P. Kumar

Tail Time Defense Against Website Fingerprinting Attacks

针对网站指纹攻击的尾部时间防御

• DOI: 10.1109/access.2022.3146236
• 发表时间: 2022
• 期刊: IEEE Access
• 影响因子: 3.9
• 作者: Liang, Jingyuan;Yu, Chansu;Suh, Kyoungwon;Han, Hyoil
• 通讯作者: Han, Hyoil

Enhancing Space Security Utilizing the Blockchain: Current Status and Future Directions

• DOI: 10.1109/wisee49342.2022.9926843
• 发表时间: 2022-10
• 期刊: 2022 IEEE International Conference on Wireless for Space and Extreme Environments (WiSEE)
• 作者: Anastasios N. Bikos;Sathish A. P. Kumar