EAGER: SaTC-EDU: A Life-Cycle Approach for Artificial Intelligence-Based Cybersecurity Education

EAGER：SaTC-EDU：基于人工智能的网络安全教育的生命周期方法

基本信息

批准号：
2114680
负责人：
Elisa Bertino
金额：
$ 29.82万
依托单位：
Purdue University
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2021
资助国家：
美国
起止时间：
2021-05-01 至 2023-10-31
项目状态：
已结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=2114680&HistoricalAwards=false
关键词：
EAGER SaTC EDU Life Cycle

项目摘要

In order to devise more effective defenses against a rising number of cyber attacks, recent security solutions leverage artificial intelligence (AI) techniques. While there are plenty of publicly available AI approaches to cybersecurity, successful use depends on users’ technical and soft skills. Moreover, AI-based approaches have been intensely scrutinized with respect to their security and ethics, delaying deployment. AI itself can be attacked and there can also be issues with discrimination in AI-based classification. Thus, for AI to be effectively and quickly adopted for cybersecurity, AI security and ethics need to be assured. Training cybersecurity professionals to understand how to effectively use AI for cybersecurity and to be aware of AI security and ethics issues is critical for effective design and deployment of AI-based cybersecurity solutions. Future cybersecurity professionals must also be able effectively to communicate relevant information related to AI-based security mechanisms and policies to a variety of stakeholders. This project will design competency-driven educational activities focusing on AI techniques for cybersecurity that will increase the effective and ethical application of AI-enhanced cybersecurity. The project’s educational approach is based on four interrelated pillars. The first pillar focuses on educational activities covering a systematic AI-powered approach to cybersecurity, based on defender and attacker perspectives. The second pillar focuses on educational activities covering a systematic analysis of categories of AI attack and corresponding mitigation techniques. The third and fourth pillars focus on AI ethics and approaches to cybersecurity communications, respectively. A combination of social, philosophical, and technical perspectives will create a unique approach to cybersecurity communication. Together, the pillars provide a systematic perspective of AI-powered cybersecurity. They provide both foundational and technical competencies related to AI ethics and cybersecurity communication that benefit multiple stakeholders, from students and educators to employers and regulators. An important goal of the project is to make sure that students and educators understand that cybersecurity, including AI-based defense techniques, requires deployment of different types of defense approaches. The project includes design of educational projects, focusing on well-known data breaches and other types of attack and how AI-based security techniques could prevent or mitigate these attacks.This project is supported by a special initiative of the Secure and Trustworthy Cyberspace (SaTC) program to foster new, previously unexplored, collaborations between the fields of cybersecurity, artificial intelligence, and education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

为了防止更有效的防御能力抵抗数量不断增加的网络攻击，最近的安全解决方案利用人工智能（AI）技术。尽管有许多公开可用的网络安全方法，但成功使用取决于用户的技术和软技能。此外，基于AI的方法已在其安全性和道德规范上进行了积极审查，从而延迟了部署。 AI本身可以受到攻击，并且在基于AI的分类中也可能存在歧视问题。这是为了使AI有效而迅速用于网络安全，需要假定AI安全和道德规范。培训网络安全专业人员了解如何有效地将AI用于网络安全并了解AI安全和道德问题对于有效设计和部署基于AI的网络安全解决方案至关重要。未来的网络安全专业人员还必须能够有效地传达与基于AI的安全机制和政策相关的相关信息，并向各种利益相关者传达。该项目将设计以能力驱动的教育活动，重点介绍了网络安全的AI技术，这将增加AI增强网络安全的有效和道德应用。该项目的教育方法基于四个相互关联的支柱。第一个支柱的重点是基于防御者和攻击者的观点，涵盖了系统的网络安全方法的教育活动。第二个支柱着重于教育活动，涵盖了对AI攻击类别和相应缓解技术类别的系统分析。第三和第四支柱分别侧重于AI伦理和网络安全通信的方法。社会，哲学和技术观点的结合将创造一种独特的网络安全沟通方法。这些支柱共同提供了AI驱动的网络安全的系统观点。他们提供与AI伦理和网络安全沟通相关的基础和技术能力，从学生和教育者到雇主和监管机构，从而使多个利益相关者受益。该项目的一个重要目标是确保学生和教育工作者了解，包括基于AI的防御技术在内的网络安全需要部署不同类型的国防方法。该项目包括教育项目的设计，专注于知名的数据呼吸和其他类型的攻击以及基于AI的安全技术如何防止或减轻这些攻击。该项目得到了一项特别主动性的主动性，由安全且可信赖的网络空间（SATC）计划培养新的，以前出乎意料的，意外的，是出乎意料的，在Cyberseburity领域之间进行的，人工智能，人为的，人为的，教育和教育。 SATC计划与联邦网络安全研究与发展战略计划以及国家隐私研究战略保持一致，以保护和维护网络系统的不断增长的社会和经济利益，同时确保安全和隐私。该奖项反映了NSF的法定任务，并被认为是通过使用基金会的知识分子和更广泛影响的评估来审查Criteria来通过评估来通过评估来支持的。