The SFS Summer Research Study at UMBC: Project-Based Learning Inspires Cybersecurity Students

11/12/2018
by   Alan Sherman, et al.
0

May 30-June 2, 2017, Scholarship for Service (SFS) scholars at the University of Maryland, Baltimore County (UMBC) analyzed the security of a targeted aspect of the UMBC computer systems. During this hands-on study, with complete access to source code, students identified vulnerabilities, devised and implemented exploits, and suggested mitigations. As part of a pioneering program at UMBC to extend SFS scholarships to community colleges, the study helped initiate six students from two nearby community colleges, who transferred to UMBC in fall 2017 to complete their four-year degrees in computer science and information systems. The study examined the security of a set of "NetAdmin" custom scripts that enable UMBC faculty and staff to open the UMBC firewall to allow external access to machines they control for research purposes. Students discovered vulnerabilities stemming from weak architectural design, record overflow, and failure to sanitize inputs properly. For example, they implemented a record-overflow and code-injection exploit that exfiltrated the vital API key of the UMBC firewall. This report summarizes student activities and findings, and reflects on lessons learned for students, educators, and system administrators. Our students found the collaborative experience inspirational, students and educators appreciated the authentic case study, and IT administrators gained access to future employees and received free recommendations for improving the security of their systems. We hope that other universities can benefit from our motivational and educational strategy of teaming educators and system administrators to engage students in active project-based learning centering on focused questions about their university computer systems.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
02/24/2007

Recruitment, Preparation, Retention: A case study of computing culture at the University of Illinois at Urbana-Champaign

Computer science is seeing a decline in enrollment at all levels of educ...
research
09/29/2021

Exploring Individual and Collaborative Storytelling in an Introductory Creative Coding Class

Teaching programming through storytelling is a popular pedagogical appro...
research
09/13/2021

Project 412Connect: Bridging Students and Communities

In this work, we describe some of the challenges Black-owned businesses ...
research
04/15/2019

Predicting Student Performance Based on Online Study Habits: A Study of Blended Courses

Online tools provide unique access to research students' study habits an...
research
01/16/2023

Teaching Computer Science Students to Communicate Scientific Findings More Effectively

Science communication forms the bridge between computer science research...
research
10/27/2020

What Color is this? Explaining Art Restoration Research Methods using Interactive Museum Installations

This case study describes an approach to designing interactive museum in...
research
04/07/2021

SciNote: Collaborative Problem Solving and Argumentation Tool

As educators push for students to learn science by doing science, there ...

Please sign up or login with your details

Forgot password? Click here to reset