Employing Model-Eliciting Activities in Cybersecurity Education
Primary Investigator:
Baijian Yang
Mayari Serrano, Prof. Alejandra Magana, Prof. Baijian Yang
Abstract
College cybersecurity courses should ensure that the activities employed can engage students in learning and allow translation from conceptual knowledge to practice. We propose to use model-eliciting activities (MEAs) to develop students’ representational fluency in the cybersecurity domain. The cybersecurity topic chosen for the MEA implementation was Hyper-Text Transfer Protocol Secure (HTTPS). The MEA developed, “Migration to HTTPS”, comprises core concepts of HTTPS and their application on a real-world cybersecurity tasks. The activity was pilot tested with a group of 12 third-year Electrical and Computer Engineering undergraduate students who participated in a five-hour workshop in cryptography.
In this paper we describe the underlying learning theory that guided our rationale for using MEA as a pedagogical approach to promote deep learning in cybersecurity principles. We also illustrate how design principles were applied to construct a “Migration to HTTPS” MEA, along with the justifications of how learning objectives were aligned with the assessment procedures. We then explain how the MEA was implemented followed by presenting the results of our pilot study. The paper concludes with the implications of the MEA and future work to future promote teaching and learning in Cybersecurity education.