Ankur Chattopadhyay, Tyler Poe, Hoang Nguyen, Abel Tsegaye, Lolar Moua
{"title":"Covert Eye Op App:一种基于攻击的学习方法,旨在培养移动安全意识和网络安全兴趣","authors":"Ankur Chattopadhyay, Tyler Poe, Hoang Nguyen, Abel Tsegaye, Lolar Moua","doi":"10.1145/3537674.3554741","DOIUrl":null,"url":null,"abstract":"This paper introduces a unique approach of teaching mobile security awareness at the high school level through a nifty offense-based learning strategy. Our approach involves creating an eye-opening experience for learners through our own mobile app, which has been designed and developed strategically, so that it requests unnecessary permissions from users and secretly exploits them in the form of a covert offensive operation, that includes recording their audio plus tracking their location. When the users notice this exploit activity orchestrated by our app and realize how their provided permissions have backfired on them, they get to learn first-hand about the ways in which a mobile app can misuse user permissions and covertly compromise user information. We have used this app to implement a hands-on experiential learning activity that is intended to teach users the importance of privacy and security in mobile devices by breaching them and making them self-discover issues with how users grant permissions to mobile apps. To our knowledge, there has been limited prior work that focuses on studying how offense-based user hacking techniques impact leaning of mobile security topics. In this paper, we attempt to address this research gap. This paper describes our mobile app, as well as our offense-based lesson plan, which has been used in several workshop sessions as a hands-on learning activity for the high school community since 2019. It also includes our learner assessment study that involves analysis of the quantitative and qualitive data that we have collected in the form of survey responses from different users at the high school level. The results from our study indicate that our offense-based learning approach using our unique app was able to successfully engage users and create a positive learning experience for the high school community by developing user awareness of mobile security related issues, plus overall interest in cybersecurity topics.","PeriodicalId":201428,"journal":{"name":"Proceedings of the 23rd Annual Conference on Information Technology Education","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Covert Eye Op App: An Offense Based Learning Approach Towards Developing Mobile Security Awareness and Interest in Cybersecurity\",\"authors\":\"Ankur Chattopadhyay, Tyler Poe, Hoang Nguyen, Abel Tsegaye, Lolar Moua\",\"doi\":\"10.1145/3537674.3554741\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper introduces a unique approach of teaching mobile security awareness at the high school level through a nifty offense-based learning strategy. Our approach involves creating an eye-opening experience for learners through our own mobile app, which has been designed and developed strategically, so that it requests unnecessary permissions from users and secretly exploits them in the form of a covert offensive operation, that includes recording their audio plus tracking their location. When the users notice this exploit activity orchestrated by our app and realize how their provided permissions have backfired on them, they get to learn first-hand about the ways in which a mobile app can misuse user permissions and covertly compromise user information. We have used this app to implement a hands-on experiential learning activity that is intended to teach users the importance of privacy and security in mobile devices by breaching them and making them self-discover issues with how users grant permissions to mobile apps. To our knowledge, there has been limited prior work that focuses on studying how offense-based user hacking techniques impact leaning of mobile security topics. In this paper, we attempt to address this research gap. This paper describes our mobile app, as well as our offense-based lesson plan, which has been used in several workshop sessions as a hands-on learning activity for the high school community since 2019. It also includes our learner assessment study that involves analysis of the quantitative and qualitive data that we have collected in the form of survey responses from different users at the high school level. The results from our study indicate that our offense-based learning approach using our unique app was able to successfully engage users and create a positive learning experience for the high school community by developing user awareness of mobile security related issues, plus overall interest in cybersecurity topics.\",\"PeriodicalId\":201428,\"journal\":{\"name\":\"Proceedings of the 23rd Annual Conference on Information Technology Education\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-09-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 23rd Annual Conference on Information Technology Education\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3537674.3554741\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 23rd Annual Conference on Information Technology Education","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3537674.3554741","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Covert Eye Op App: An Offense Based Learning Approach Towards Developing Mobile Security Awareness and Interest in Cybersecurity
This paper introduces a unique approach of teaching mobile security awareness at the high school level through a nifty offense-based learning strategy. Our approach involves creating an eye-opening experience for learners through our own mobile app, which has been designed and developed strategically, so that it requests unnecessary permissions from users and secretly exploits them in the form of a covert offensive operation, that includes recording their audio plus tracking their location. When the users notice this exploit activity orchestrated by our app and realize how their provided permissions have backfired on them, they get to learn first-hand about the ways in which a mobile app can misuse user permissions and covertly compromise user information. We have used this app to implement a hands-on experiential learning activity that is intended to teach users the importance of privacy and security in mobile devices by breaching them and making them self-discover issues with how users grant permissions to mobile apps. To our knowledge, there has been limited prior work that focuses on studying how offense-based user hacking techniques impact leaning of mobile security topics. In this paper, we attempt to address this research gap. This paper describes our mobile app, as well as our offense-based lesson plan, which has been used in several workshop sessions as a hands-on learning activity for the high school community since 2019. It also includes our learner assessment study that involves analysis of the quantitative and qualitive data that we have collected in the form of survey responses from different users at the high school level. The results from our study indicate that our offense-based learning approach using our unique app was able to successfully engage users and create a positive learning experience for the high school community by developing user awareness of mobile security related issues, plus overall interest in cybersecurity topics.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
