Purdue University Graduate School
Browse

Cybersecurity Learning Modules for Programming in Java and Computer Networking Courses

thesis
posted on 2024-12-17, 20:17 authored by Kenneth Andrew GuernseyKenneth Andrew Guernsey

As the world becomes increasingly reliant on technology, the role of software and systems in everyday life has increased exponentially. From mobile applications to critical infrastructure systems, software runs at the core of most modern systems. However, with this widespread usage comes the increased risk of cyber threats silently embedded in these systems. As software systems grow in complexity and scale, vulnerabilities become more difficult to detect and mitigate. The growing number of cyberattacks in recent years highlights the importance of not only building functional systems but also ensuring they are secure from the development stages. This emphasizes the need for a strong focus on secure coding practices as a vital component of both the software development process and education. Every computer engineering or computer science student is required to take programming courses as part of their curriculum. These courses teach fundamental programming aspects and skills, but lack the educational material about writing secure code. Many vulnerabilities that are present in software systems are caused by human error, and are introduced in code. This makes it imperative that students must be introduced to secure coding practices and general cybersecurity awareness while they are learning a new programming language. In this research we focus on the development of educational modules for secure software development and secure networking. A total of six secure coding modules were created, and a total of four secure networking modules were created. These modules provide clarity on a variety of vulnerabilities that may be introduced in code, such as lack of input validation, integer overflow, SQL injection, and SlowHTTP attacks. The module are designed as supplemental work that is performed concurrently with the regular curriculum, reinforcing the general information with security aspects. The goal of the modules are to increase the general cybersecurity awareness in students, and teach them how to mitigate to common vulnerabilities in code.

Funding

Cybersecurity Modules Aligned with Undergraduate Computer Science and Engineering Curricula

Directorate for Education & Human Resources

Find out more...

History

Degree Type

  • Master of Science in Electrical and Computer Engineering

Department

  • Electrical and Computer Engineering

Campus location

  • Hammond

Advisor/Supervisor/Committee Chair

Quamar Niyaz

Additional Committee Member 2

Khair A. Al Shamaileh

Additional Committee Member 3

Li-Zhe Tan

Usage metrics

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC