Enhancing cybersecurity education using Capture-the-Flag

During the Spring semester of the 2016/2017 academic year, I collaborated with Salvatore Petrilli (Adelphi University, Mathematics) on a study that investigated if realistic gamified simulations of cybersecurity attack scenarios enhances outcomes of cybersecurity education. Such simulations are increasingly popular in cybersecurity training and are referred to as Capture-the-Flag (CTF) sessions.

Intuitively and anecdotally, the answer is affirmative. It only makes sense that playing a game based on realistic scenarios has a positive outcome of a player's abilities.

However, as important as intuition is, science looks for measurable facts. Our study was designed to look at a few criteria:

  1. Do students enjoy the subject matter more by participating in a CTF?
  2. Does participating in a CTF deepen understanding of theoretical cybersecurity concepts?
  3. Does participating in a CTF develop offensive and defensive cybersecurity skills?

While our sample size was relatively small, the study confirmed that participating in a CTF does indeed, through enjoyment and engagement, students are willing to spend more time on mastering the practical skills discussed in class. Our research were less definitive about deepening theoretical understanding, but we are currently designing a follow-up study that focuses on those aspects.

Based on our study, we wrote a paper that will be published in the conference proceedings of the Special Interest Group for IT Education (SIGITE) and Research in Information Technology (RIIT), which is part of the Association for Computing Machinery (ACM).

When the paper is published, I'll post full details here.

Scientific Computing at Brookhaven National Laboratories

I was fortunate enough to have been able to spend this past week at Brookhaven National Laboratories with several of my Adelphi colleagues. Brookhaven (BNL) is one of 17 U.S. National Laboratories that is tasked by the Department of Energy to conduct research in a wide range of topics.

BNL Logo

BNL describes its mission as "to advance fundamental research in nuclear and particle physics to gain a deeper understanding of matter, energy, space, and time; apply photon sciences and nanomaterials research to energy challenges of critical importance to the nation; and perform cross-disciplinary research on climate change, sustainable energy, and Earth’s ecosystems."

We spent the week learning how BNL could benefit from introducing more scientific computing into academic curriculae.

Scientific Computing is an interesting field, since it brings together the Sciences (biology, physics, chemistry, etc.) with Computer Science and Mathematics. Most cutting-edge research requires researchers to be proficient in mathematical and computational techniques. Unfortunately, that is not always how colleges and universities teach their undergraduate students.

By engaging in a week-long workshop with colleagues from different disciplines, we developed a deeper (and better) mutual appreciation of the nature of the work that we all do, and we identified a variety of skills that may be useful across the disciplines.

We have some ideas how we can improve ways in which we collaborate, and how we can incorporate teaching scientific computing in our daily practices. It was a week well spent.

Updated July 22, 2017: Typo fixes

About this blog

As of today, my academic writings will be separate from my other public work. This blog is solely related to my academic research portfolios, which revolves around research that is grounded in conceptual modeling and knowledge representation, and which is most commonly applied to defensive cybersecurity.