Leeds Beckett University and University of Birmingham - Randomised Capture the Flag
Project Leads: Tom Chothia and Cliffe Schreuders
Capture The Flag (CTFs) ethical hacking competitions are a popular means of engaging students learning cyber security. This project will make it possible for the fun and excitement of CTFs to be integrated into cyber security courses. A novel system will be developed which will achieve this by automatically generating unique virtual machines for each student, containing a range vulnerable services and challenge-based exercises. The successful completion of each challenge reveals a flag to the student. Working with companies and other universities we will ensure that the framework we develop is reusable and trains the students in the skills they need.
University of Sunderland – Problem Based Learning (PBL) in Cyber Security
Project Lead: Alastair Irons firstname.lastname@example.org
This project will influence learning and teaching practice across the sector with particular reference to PBL in teaching cyber security. The project seeks to change the way cyber security is taught across the UK by giving students the opportunity to actively engage with their learning by utilising PBL approaches. The project’s PBL approach provides a focussed and constructive approach that enhances the students’ ability to evaluate their learning and synthesize and expand their cyber security knowledge and understanding. The ethos of embedding PBL into the learning and teaching of cyber security is based on the underlying principle of enhancing student engagement as active participants in managing their learning requirements, giving students the opportunity to take responsibility for their learning and encouraging them to actively engage in shaping their learning and teaching requirements. The project culminates in an innovative day long national student workshop at which students have an opportunity to experience some of the findings of the research in an exciting series of PBL based events.
Queen’s University Belfast - Cyber Security CPD for Industry Professionals
Project Lead: Maria Lee email@example.com
Academic Lead: firstname.lastname@example.org
As the risk of cyber security grows, a major issue for business is the capacity to train existing staff in managing this risk in a cost effective and flexible way. Through the design and delivery of an on-line module, the project plans to test the potential for training staff in-house using a flexible course design model, and sharing the learning through a mini mooc.
University of Southampton - Enhancing Campus Cyber Security through Student Constructivist Learning
Project Lead: Federica Paci
The project investigates from a learning and practical perspective how universities can benefit from collaboration between external industrial cyber security experts and their own multidisciplinary staff and students.
One perspective analyses how industrial cyber security best practices can be translated to more open campus environments where, for example, users commonly use their own preferred devices and services, to produce learning materials and improved institutional practices.
Another perspective explores how the student learning experience and a university’s security posture can be enhanced through activities including supervised penetration tests of university systems and establishing an appropriate responsible disclosure policy.
University of York - Practical Cyber Security for Computer Science and IT Courses
Project lead: Howard Chivers
Project Website: cs.york.ac.uk/cyber-practicals
There is an established concern that computer science graduates join industry without knowledge of basic security practices and as a result systems continue to be designed with basic, well known, security errors.
Security teaching within computer science is best integrated within topics such as networks, compilers and software engineering, rather than taught as a separate subject. However, the problem with integrating security teaching in this way is that effective and engaging practical exercises are expensive, and their development requires specialist security skills.
This project will assist computer science teaching in the UK by providing practical exercises to help subject matter lecturers introduce security elements and reinforce learning security skills in undergraduate programs. The exercises are designed for FHEQ levels 4 and 5, allowing their use in Certificate level courses as well as within the first years of a Bachelor's degree.
Edge Hill University - CyberGaTE (A Gamified Virtual Training Environment for Cyber-Security)
Project website: http://cybergate.org.uk/about/
Liverpool John Moores University - CYPHER: InteraCtive CrYPtograpHic Protocol TEaching and LeaRning
The lack of cryptographic knowledge is one factor contributing towards the UK’s cyber security skills gap. Cryptography is a fundamental yet complex topic, with its purpose to conceal and authenticate information. Therefore, teaching cryptography-based security protocols in an effective and engaging manner is a challenging problem throughout international HE sectors. Unfortunately, many students are lacking the mathematical knowledge required to understand cryptographic algorithms underpinning the protocols. Varying educational backgrounds means students on the same module can have differing levels of knowledge. Hence, this influences their level of understanding, and potentially results in knowledge gaps that affect their future careers.
CYPHER aims to provide interactive learning content delivery methods (e.g. visualisation and animation) for popular cryptographic algorithms and protocols, which appeal to a wider variety of learners. CYPHER will improve student understanding by providing more effective, engaging and motivating learning content than the predominately presentation and video-based content. The CYPHER will use gamification to deliver real-world derived challenging games as a form of assessment, which can promote the development of problem-solving skills and be matched to students’ skill levels. Furthermore, gamification will be used as a teaching aid by enabling students to build protocols and validate them, to better understand weaknesses and how to combat them.