The Penn State Altoona Team has still been hard at work completing the cyber security workbook. In fact, the individual team members have composed summarized updates of the aspects they have been working on for the application.
My name is Whitney Hernandez and I am the team leader on the Cyber Security workbook. I am currently a junior majoring in security and risk analysis. I came up with this because I became interested in cyber security without any previous knowledge of its concepts or terminology. Once I began taking my introductory courses at Penn State Altoona I felt some of the information should have already been familiar to me. When learning about the smarter planet opportunity I decided to take the idea of introducing cyber security at a younger age and put it into action. Our current focus is establishing the content of each module in detail. In addition, the data model has also been established. To further explain each member has summarized some of their individual work.
First to explain his work thus far is Joshua Clark, a senior at Penn State Altoona majoring in security and risk analysis.
“So far I’ve been working on the data design for the application and investigating the requirements for using Google’s Play Services. The content data model is close to being finished, and I will be transcribing these models into code soon. The user data models will take some more time to complete. They’re currently pending my investigation of Google Play Services and it’s requirements. I have to caution you, that these models are subject to change as the application is implemented. I also made a design decision about how to cache the content data locally inside the application. My idea for this, is versioning the content, which means applying numbers to the content and any changes to it. This will be implemented in the data service backend, and the client will use the version number to check if it needs to grab a new version of the data service. The content will then be stored either as files or in an embedded database. I’m also beginning to work on the data entry website.”
Next, Jessica Seifer a sophomore at Penn State Altoona majoring in security and risk analysis will discuss her accomplishments
“This past week I have worked on the content for modules four, five, and eight. Module four covers cryptography. Cryptography is a broad topic that can often take a lot of time to understand, I tried to focus on the basics. Students will learn a variety of terms, such as encryption and decryption. They will also learn why these concepts are important and how they are beneficial in the different work fields. Near the end of the module, the decoder ring will be introduced and students will learn how a Caesar cipher is created and used. They will then be challenged to decipher a message using a Caesar cipher. Now that they will know how to use one form of encryption and decryption, they can send secret messages back and forth with their classmates! In module five the topic is risk management. A common concept that goes along with risk management is “know yourself, know your enemy.” This concept and its significance will be explained in this module. Next, students will be introduced to the three phases of risk management and partake in a game that uses all three phases in order. The final module that I worked on was module eight, which focuses on threats. Since there is such a broad number of threats I tried to keep the attention on common threats—even ones that students may face in their lifetime. Common types of malware will be introduced as well as the three most common forms of human threats. Key differences between threats are covered in this module as well. After creating the content for these modules, the next step is to come up with visual representations, such as pictures, charts, gifs, and most importantly lesson videos!”
Michelle Colucci a junior majoring in security and risk analysis at Penn State Altoona has also documented her progress with module content development.
“So far, I have been working on two modules for the cyber security workbook application. These topics were focused on components of an information system and firewalls. The topic of firewalls is a difficult topic for even most adults to understand. I am concerned that it will be hard to express what firewalls do without using very technical terms. However, I have been able to compose a general outline for the firewall module. I believe that with the input from my team, we will be able to successfully introduce firewall concepts. Currently my information system outline is complete for that module. Our team leader has introduced us to the tool Storyboard That which will allow us to turn out content scripts into videos. This tool allows us to create animated storyboards that can be used within videos.”
Please continue to follow our blog updates as we continue to create our cyber security application.
The team at Penn State Altoona has started designing the interactive workbook that will teach young students about cyber security. At the first team meeting members decided that to create the workbook in the time allotted we would need to narrow our scope.
Initially we believed we would be able to cover a variety of topics in many different ways. After further discussion and an established timeline we determined that we would create a ten module workbook. Next, we established after two meeting the content topics of each module. The tentative module outline is as follows:
Module one: Introduction (The Internet and You)
Module two: Confidentiality, Integrity, Availability (CIA)
Module three: Components of an Information System (software, hardware, data, people, procedures, networks) Critical Characteristics of Information (availability, accuracy, authenticity, confidentiality, integrity, utility, etc.)
Module four: Cryptography (cryptology (science), cryptography, crypt-analysis, decryption // Cipher methods Encryption)
Module five: Risk management, Risk control, Risk identification (concept of know yourself, know your enemy)
Module six: Review (Test)
Module seven: Risk control strategies (1. defend 2. transfer 3.mitigate 4. accept 5.terminate)
Module eight: Threats (software piracy, malicious code, virus, macro virus, boot virus, worm, Trojan horse, polymorphic threat, industrial espionage, script kiddies, RAT, hoax, etc.)
Module nine: Firewalls (packet filtering, stateful packet filtering, proxy, application level, DMZ, proxy server, proxy firewall)
Module ten: Final review
After determining the content topic of each module the team began deciding how the information would be introduced to users. Currently, each module will contain a short video presenting the lesson with a pull down tab depicting the dialog and images from the video. Following the video and the text there will be a game testing the user on the lesson they have just reviewed. Lastly, each module will conclude with a short assessment, including either multiple choice or matching questions.
In regards to creating the video for each lesson members of the team have been researching several examples that young students can relate to. At this point in our research, we are still determining a particular theme for all of the videos. The Penn State Altoona team is still deciding how students will receive digital badges throughout the workbook as well. In addition, we have been working on the database design for this mobile application. We are in the process of completing a detailed data model. This model will help us understand the logical and physical design choices.This model will help facilitate the creation of our application. We will continue to narrow our tasks as we determine what is a necessity in the completion of this work book.
This past Spring, 11 students began the first semester of Stateware, a novel approach to the pedagogy of software development that engages students in the development process by putting them to work on software tools for Penn State researchers, bringing a cumulative benefit to the whole university community. At the end of the Spring, those 11 students presented Dav3i, the very first Stateware project. Dav3i gave epidemiology researchers like Dr. Matt Ferrari, our client, a much needed edge in analyzing and understanding the available data associated with the Measles virus worldwide.
This semester, we’re proud to launch our new website, and devote our organization to 2 new projects, as well as continuing to develop Dav3i. This semester, the 22 members of Stateware’s Fall 2015 iteration will be tackling the following projects, which are all supported by Students for a Smarter Planet:
Dav3i (Smarter Healthcare) – This semester, we will be expanding Dav3i to encompass data for many infectious diseases worldwide, and adding the ability to project data into the future.
Beep Beep (Smarter Cities) – This project is a traffic system simulator, in which a user will be able to build, modify, and study a modular traffic system, and learn what it takes to optimize that system. Its use cases span a variety of problem domains, including public outreach and research.
Untitled Genome Project (Smarter Healthcare) – This project is a 3D visualization platform for the human genome. By using this simulation to study the genome at varying levels of granularity, researchers will be able to make novel observations quickly about genetic variances of a subject, particular single nucleotide polymorphisms (SNPs).
We have an exciting semester ahead of us, and we’re glad to have IBM on board with us.
Believing that children are capable of understanding the inner workings of cyber security at a young age, Penn Altoona students will produce an interactive workbook for ages eleven to fourteen. It will explain in detail various aspects of Cyber Security featuring real life examples and games to explain how Cyber Security works. The workbook will be a mobile application available on the Android platform, created using IBM Bluemix. The overall goal is to have each student sign in under an individual user ID and complete different levels of the workbook.
Computation brings us unprecedented power to solve tough problems. But when those problems are worlds away, and don’t have an obvious computational solution, we need to leverage that power in a less direct way. Luckily, any problem of reasonable scale has a wealth of data associated with it, and there’s nothing computers are better at than using data in incredible ways.
The Measles virus is one of the largest and most pervasive healthcare problems worldwide, and it’s one Dr. Matt Ferrari spends a good deal of his time with. Each year, Dr. Ferrari composes a large data set for statistics associated with the Measles virus worldwide, and presents it to the World Health Organization to inform vaccination policy. However, this data takes the form of large and difficult to interpret spreadsheets, and any visualization of this data has to be done piecemeal.
That’s why in the inaugural semester of Stateware, a student-led software development group at Penn State, we’re building a web platform for Dr. Ferrari that will allow users to visualize this data transparently, on demand. The platform, called Dav3i (Disease and Virus Vaccination Visualization Interface, pronounced like Davey), is aimed at improving the efficacy of worldwide Measles vaccination policy, and using the power of computation to benefit world health. When the first release of the program is complete, the WHO will have an unprecedented power to visualize, analyze, and understand the state of the Measles virus from a global perspective.