Session 5C: Lightning Talks
SIGITE’18, October 3-6, 2018, Fort Lauderdale, FL, USA
Using Evolutionary Systems and Ideation Techniques to Enhance Student Cybersecurity Learning David Gould
Greg Block
Simon Cleveland
City University of Seattle
[email protected]
City University of Seattle
[email protected]
City University of Seattle
[email protected]
ABSTRACT
variations, drop the least successful, and deploy the best to vary once more. There are several learning theories and we use the trial and error learning theory in this paper. Nature experiments to drive variation and the more fit variations are selected to reproduce and the cycle repeats. People experiment through trial and error to create or improve something; the more fit the creation or improvement is, the more likely it will be selected and retained for future use and/or improvement. This approach to learning is the evolutionary processes of variation, selection, and retention. Applying SCAMPER (Substitute, Combine, Adapt, Modify, Put to Other Use, Eliminate, and Reverse) to the trial and error approach gives us a well-defined process for driving variation.
Evolution is an established biological theory, but basic concepts can be abstracted and applied to the education domain for knowledge sharing. There is a gap in literature that explores how evolutionary processes can be applied to cybersecurity education. This paper presents an evolutionary algorithm and pairs it with an ideation technique to illustrate how certain evolutionary processes can be applied to cybersecurity education and learning.
1 Introduction
This research-in-process paper explores some evolutionary concepts and an innovative framework to find new approaches or applications to teaching cyber security. We provide definitions, examples, and frameworks as a starting point, and then look at cyber security. The paper concludes with some parting thoughts.
3 Ideation Techniques for Learning
In addressing a multifaceted challenge such as cybersecurity, professionals develop a causal mental model based on reflection, and improve the mental model through social interactions that may include argument, debate, and narrative construction [5].
2 Evolutionary Concepts
A system can be viewed as a network of nodes or components, elements, or objects, which interact with each other as well as with their environment to achieve some purpose and may evolve [1]. The general evolutionary algorithm is elaborate diversity, select from that diversity, amplify the result, and repeat [2]. Knowledge systems show similar patterns as organizational learning drives innovation resulting from knowledge acquisition, distribution, interpretation, and organizational memory [3].
4 SCAMPER and Cybersecurity Leaning
Cybersecurity educators can leverage SCAMPER [6] effectively to teach students how to prepare for cyber threats by arranging thinking processes, cyber educators can facilitate discussions with students to generate rapid innovative solutions in critical scenarios. In existing cyber security program, policy, or guideline instructors can introduce students to these artifacts and lead them to identify key components to apply SCAMPER to create new versions of the artifacts.
2.1 Variation/Diversification and Selection
Organizations introduce variation into cyber security via changes to cyber processes such as standards, guidelines; software products; hardware; networks; and algorithms. For example, the NIST [4] Cyber Security Framework includes functions of Identify, Protect, Detect, Respond, and Recover. These standards, guidelines, and practices are subject to variation as well as the cyber threats. Some, but not all cyber security variations in processes, products, or algorithms will be successful. Selection is a filtering process.
5
Conclusion
This paper proposed an approach to leveraging concepts from the theory of evolution to the cybersecurity education domain. An examination of the evolutionary algorithm performed along with an innovative ideation technique to enhance the knowledge sharing process for cybersecurity education and learning. Future studies should focus on measuring the effectiveness of SCAMPER in preparing and executing cybersecurity defense education programs.
2.2 Retention/Amplification Retention may be the easiest evolutionary process to conceptualize. Keep the most successful cyber security
REFERENCES [1] [2]
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author. SIGITE '18, October 3–6, 2018, Fort Lauderdale, FL, USA © 2018 Copyright is held by the owner/author(s). ACM ISBN 978-1-4503-5954-2/18/10. https://doi.org/10.1145/3241815.3241836
[3] [4] [5] [6]
146
Forrester, J. W. 1971. Principles of systems. Portland, OR: Productivity Press Fichter, L. S., Pyle, E. J., and Whitmeyer, S. J. 2010. Strategies and rubrics for teaching chaos and complex systems theories as elaborating, self-organizing, and fractioning evolutionary systems. Journal of Geoscience Education, 58, 2, 65-85. doi:10.5408/1.3534849 Huber, G. P. 1991. Organizational learning: The contributing processes and the literatures. Organization Science, 2, 1, 88–115. NIST. 2018. Cybersecurity framework. Retrieved from https://www.nist.gov/cyberframework Nixon, J., and McGuiness, B. 2013. Framing the human dimension in cybersecurity. ICST Transactions in Security Safety, 1, 2. Eberle, B. 1996. Scamper on: Games for imagination development. Prufrock Press, In.