Information Security Education Journal Volume 2 Number 1 June 2015
41
employees in identifying cyber threat in early stages, and broadens our ability to protect information systems and cyber-
infrastructure against user-centric cyber threats.
It is difficult to detect internal threats within an organization. The trend of “Bring Your Own Device” (BYOD) and the increasing
development of cloud computing environments have increased the risks of malice data leakage. Additional hands-on labs based
on cloud computing are in demand in real-world as well.
7. References
[1] Cappos, J., Weiss, R. (2014, March). Teaching the security mindset with reference monitors. In SIGCSE (p. 523-528).
[2] Cone, B. D., Irvine, C. E., Thompson, M. F., Nguyen, T. D. (2007). A video game for cyber security training and awareness.
computers& security
, 26 (1), 63-72.
[3] Chi, H., Jones, E. L., Brown, J. (2013, October). Teaching Secure Coding Practices to STEM Students.
In
: Proceedings of the
2013 on InfoSecCD’13:
Information Security Curriculum Development Conference
(p. 42). ACM.
[4] Claycomb, W. R., Huth, C. L., Flynn, L., McIntire, D. M., Lewellen, T. B., Center, C. I. T. (2012). Chronological examination of
insider threat sabotage: preliminary observations. Journal of Wireless Mobile Networks,
Ubiquitous Computing, and Dependable
Applications
, 3 (4), 4-20.
[5] Crawford, M., Peterson, G. (2013, January). Insider Threat Detection using Virtual Machine Introspection.
In
: System Sciences
(HICSS), 2013 46
th
Hawaii International Conference on (p. 1821-1830). IEEE.
[6] Du, W. (2011). SEED: hands-on lab exercises for computer security education. Security & Privacy, IEEE, 9 (5), 70-73.
[7] Farahmand, F., Spafford, E. H. (2013). Understanding insiders: An analysis of risk-taking behavior. Information Systems
Frontiers, 15(1), 5-15.
[8] Greitzer, F. L., Ferryman, T. A. (2013, May). Methods and Metrics for Evaluating Analytic Insider Threat Tools. In:
Security and
Privacy Workshops
(SPW), 2013 IEEE (p. 90-97). IEEE.
[9] Guo, M., Bhattacharya, P., Yang, M., Qian, K., Yang, L. (2013, March). Learning mobile security with android security labware.
In Proceeding of the 44
th
ACM technical symposium on Computer science education (p. 675-680). ACM.
[10] Jones, J., Yuan, X., Carr, E., Yu, H. (2010, March). A comparative study of CyberCIEGE game and Department of Defense
Information Assurance Awareness video. In IEEE SoutheastCon 2010 (SoutheastCon),
In
: Proceedings of the (p. 176-180). IEEE.
[11] Mirkovic, J., Benzel, T. (2012). Teaching cybersecurity with DeterLab. Security & Privacy, IEEE, 10 (1), 73-76.
[12] Tao, L., Chen, L. C., Lin, C. (2010). Virtual Open-Source Labs for Web Security Education.
In
: Proceedings of the World
Congress on Engineering and Computer Science
(1).
[13] Simmons, M., Chi, H. (2012, October). Designing and implementing cloud-based digital forensics hands-on labs.
In
: Proceedings
of the 2012
Information Security Curriculum Development Conference
(p. 69-74). ACM.
[14] Young, W. T., Goldberg, H. G., Memory, A., Sartain, J. F., Ted, E. (2013). Use of Domain Knowledge to Detect Insider Threats
in Computer Activities. In Security and Privacy Workshops (SPW), 2013 IEEE (p. 60-67). IEEE.
[15] Zeng, H. (2013, June). Research on Developing a Lab Environment for Cookie Spoofing Attack and Defense Education. In
Computational and Information Sciences (ICCIS), 2013 Fifth International Conference on (p. 1979-1982). IEEE.
[16] CERT Coordination Center (CERT/CC):
http://www.cert.org/