Abstract Conclusions

advertisement
Computer Security Education and Outreach
Judy O. Lantaca
Intern, Naval Postgraduate School, Monterey, CA 93943
Dr. Mark Gondree, Research Associate Professor, Computer Security Laboratory
Abstract
Results
The U.S. is facing a severe shortage in computer security
professionals [1]. Dr. Gondree and Dr. Peterson are
developing teaching tools and informal games to stimulate
interest and promote literacy in this area. This project was
to design a web site for educational outreach, related to
projects for teaching computer security using informal
games. It used WordPress, a popular content management
system deployed on virtual infrastructure. The site will
provide forums, events, a board game, and a complementary
online card creator. The site allows teachers and researchers
to work together for novel curriculum development. By
completion of the internship, the major web aspects have
been implemented on the test site. The next step is to
deploy the site to the public.
The work during the internship involved heavy use of four
programs, that were new to the intern: WordPress, Dropbox,
KeePass, and Evernote (Fig 3). Each of these programs
played a significant role in the design, collaboration, and
deployment of the web site. They are useful tool belt addons for interns in and out of the Computer Science field.
(a)
(c)
(b)
(d)
Figure 3. (a) WordPress is a Content Management System, used to create
and manage web pages. (b) Evernote was used as for our online lab
notebook, for collecting resources. (c) Dropbox was used to backup and
share materials, between mentor and intern. (d) KeePass was used to
store very long administrative passwords, conveniently.
Introduction
After establishing access to WordPress on DreamHost, the
team was able to get together and discuss what was most
important to have on a website dealing with computer
security outreach and what add-ons would make it more
interesting.
Figure 1. To the
left we have Dr.
Gondree giving a
brief lecture to
intern Judy about
web pages on the
board.
Since there were no pre-determined requirements for the
website, a team meeting was required to brainstorm and
filter out various options (Fig 2). Some of the web page
ideas are as follow:
• A News Feed
• An Events List
• Social Media Links
• Flickr Gallery Page
• Easy Spam Control
• Contact Page
• Link to d0x3d Page
• An Events Calendar
• Discussion Forum
• WP Analytics
• and more…
Figure 2. The image above is of a brainstorming session between Dr.
Gondree, Dr. Peterson and Judy Lantaca to determine what, and how,
information should be displayed on the test site.
With a multitude of reading, editing, and installing needed
to be done, running one computer was inefficient. Two
computers (and three monitors) were used to facilitate
multitasking (Fig 4). The desktop was where to bulk of the
internship was done, whereas the laptop was used for
weekly/individual meetings, presentations, and other work.
Dozens of different themes and plugins [3] were tested to
see which best matched the purpose of the website and also
which was easiest to manage. For example, in order to gain
feedback on if the webpage is effectively grabbing people’s
attention, an automated web analytics program was installed
to determine if new/different people are viewing the web
page (Fig 6).
Figure 6. The image above is of a graph made by the web analytics
program that was installed to allow administrators to see when and how
many users view the web page on certain days and how many visits were
from unique IP addresses.
Each page on the network is designed so that they are very
simple to navigate. Since the webpage is designed to be
open to the public for computer outreach, it is helpful to
see where this site is being used the most so that
administrators can work on it being more worldwide
friendly (Fig 7).
Figure 4.
Configuration,
notation, and
visualization are the
three best rules to
follow to make work
flow smoothly.
(Configure the site,
take notes to
backtrack, and get
new ideas from the
display).
Once learning how to establish and manage a website with
general features was accomplished, such as news posts and
galleries, the next task was to learn how to manage a
network of sites [2] whose posts/events/pages could be
linked to one another and get the test sites running (Fig 5).
Figure 5. Top Left: A screenshot of the homepage of the tabletopsecurity
test page. Top Right: A screenshot of the administrative side to WordPress
where one would edit the website they are making.
Conclusions
Developing an educational website using WordPress is
possible, but took longer than assumed. Not all themes
and plugins will work with one another and so some PHP
and HTML knowledge is required to work with the code
and have plugins run accordingly. Also legal
documentation for websites, such as privacy policies, are
needed to be researched and written so that no legal
complications can arise. By completion of the internship,
the major web aspects have been implemented correctly
on the test site and so the next step is to have the actual
site be deployed.
The final network of sites will be equipped with not
only the most qualified plugins but also the most
customizable so that there are more options for future
changes. This website is the framework for the future
website that for computer security outreach and
education.
Figure 9. Dr.
Gondree and
Salinas middle
school students,
playing an
educational
computer security
game, d0x3d.
Literature cited
[1] Booz Allen Hamilton. Cyber IN-security: Strengthening the federal cyber
security workforce, Whitepaper, July 2009.
[2] “Codex: Create a Network.” WordPress.
http://codex.wordpress.org/Create_A_Network, June 2012.
[3] “Codex: Theme Development.” WordPress.
http://codex.wordpress.org/Theme_Development, June 2012.
Figure 7. In addition to the web analytic program that was installed that
pulled information onto a graph, another feature was added which gathers
the IP addresses and marks their location on a map enabling
administrators to see the different locations world-wide where users are
accessing the site, the darker the green the more visitors there are in that
area.
To advertise the web site, a plugin was added that
connected information on the page to different social media
networks, so that users can easily share what they find
interesting to friends/family (Fig 8).
Figure 8. The image at the top is a ‘Share Bar’ which is found under every
post/event so that users can share/like the post that they are viewing. The
bottom image is of the ‘Visit Us’ links that direct users to general pages, for
example, if this project had a Facebook page it would direct them there.
Acknowledgments
Thanks to mentors Dr. Mark Gondree and Dr. Zachary
Peterson. Alison Kerr, Cassandra Martin, Andy Newton
Pat McNeill, Joe Welch, and Kelly Locke.
This Internship was funded by Strengthening Transfer
Pathways, a Title V STEM Grant.
For further information
Please contact judylantaca@yahoo.com or
mgondree@nps.edu. Display of the test site can be found
on test.tabletopsecurity.com until Sept 22nd.
Download