SaTC-EDU: Case Analysis for Security Education (CASE)

SaTC-EDU：安全教育案例分析（CASE）

• 批准号: 2247492
• 负责人: Yu Cai
• 金额: $ 39.98万
• 依托单位: Michigan Technological University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-08-01 至 2026-07-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2247492&HistoricalAwards=false
• 关键词: SaTC; EDU; Case; Analysis; Security

The increasing severity and occurrence of cyberattacks, data breaches, and security vulnerabilities have led to a high demand for individuals with strong cybersecurity skills. Utilizing real-world cyber breaches as case studies in classrooms can improve student learning, foster innovation in cybersecurity education, and bridge the gap between university education and industry needs. These cases can generate genuine interest in cybersecurity among students and attract more individuals to the field, helping to build the cybersecurity workforce. Furthermore, cyber case studies offer experiential learning, where students can apply classroom knowledge to real world scenarios. Lastly, they can prepare students to better meet industry needs by offering a comprehensive understanding of enterprise security and complex socio-technical components such as human and business factors.This project will develop a new framework called CASE (Case Analysis for Security Education), which aims to systematically explore the use of case studies in cybersecurity education. By dissecting and analyzing real-world cyber breaches and vulnerabilities, students will gain insight into the entire cyberattack process, from start to finish. Students will learn about relevant security topics and tactics, how to secure networks and systems, and how to prevent or respond to attacks. Additionally, students will be able to replicate certain breaches and vulnerabilities in virtual lab platforms utilizing comparable tools and methods as detailed in real-world scenarios. Through guided hands-on lab challenges centered around the case studies, students will explore a variety of offensive and defensive techniques in cybersecurity, develop a holistic understanding of cyber systems, and acquire knowledge of best practices through real-world scenarios. The project outcomes will consist of a repository of real-world cyber breach case studies, as well as a collection of hands-on and virtual lab platforms that enable students to replicate cyber cases.This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

网络攻击、数据泄露和安全漏洞的日益严重和发生，导致对具有强大网络安全技能的个人的高需求。在课堂上利用真实的网络入侵作为案例研究可以改善学生的学习，促进网络安全教育的创新，并弥合大学教育与行业需求之间的差距。这些案例可以激发学生对网络安全的真正兴趣，并吸引更多的人进入该领域，帮助建立网络安全劳动力。此外，网络案例研究提供了体验式学习，学生可以将课堂知识应用于现实世界的场景。最后，他们可以通过提供对企业安全和复杂的社会技术组件（如人力和商业因素）的全面理解，使学生更好地满足行业需求。该项目将开发一个名为CASE（安全教育案例分析）的新框架，旨在系统地探索案例研究在网络安全教育中的应用。通过剖析和分析现实世界的网络漏洞和漏洞，学生将深入了解整个网络攻击过程，从开始到结束。学生将学习相关的安全主题和策略，如何保护网络和系统，以及如何防止或应对攻击。此外，学生将能够利用类似的工具和方法在虚拟实验室平台中复制某些漏洞和漏洞，这些工具和方法在现实世界场景中详细介绍。通过以案例研究为中心的指导动手实验挑战，学生将探索网络安全中的各种进攻和防御技术，培养对网络系统的整体理解，并通过现实世界的场景获得最佳实践知识。项目成果将包括一个真实世界的网络入侵案例研究库，以及一系列实践和虚拟实验室平台，使学生能够复制网络案例。该项目由安全与可信网络空间（SaTC）计划支持，该计划资助解决网络安全和隐私问题的提案，在这种情况下，特别是网络安全教育。SaTC项目与《联邦网络安全研究与发展战略计划》和《国家隐私研究战略》保持一致，旨在保护和维护网络系统日益增长的社会和经济效益，同时确保安全和隐私。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。