Research Experience for Teachers (2018-2019)
Using Statistics to Detect Cyber Intrusions
|
||||||
Pre/Post Test: A 10 question quiz, covering the statistical principles |
||||||
Keywords:
|
The Big Idea (including global relevance) Cybersecurity is one of the most important emerging fields of the 21st century. The challenges that arise when attempting to secure cyberspace, combined with the increasing amount of information technology being integrated into physical systems, require that individuals who intend to work in the field must have a strong foundation in math and science principals. The Big Idea of this unit is learning how statistical methods can be used to detect. |
Essential Questions
|
The Hook
|
The Challenge Use various statistical tests, along with cybersecurity tools to determine whether or not bad actors are attempting to attack a network. |
Guiding Questions
|
ACS (Real world applications; career connections; societal impact)
Cybersecurity is an issue that affects millions of Americans every year. Both individual citizens and businesses serve as targets for malicious hackers, and the hackers are only becoming more sophisticated with their attacks. With an understanding of basic cybersecurity concepts, students will be able to take steps to prevent an attack on themselves, and will begin to understand the steps professionals take to prevent these attacks from occurring at a massive scale.
This challenge provides a simplified version of a real world scenario. In the real world, information security experts have a plethora of tools to detect network intrusion. In our exercise, we will be using one specific tool and analyze the data it gives us with statistical concepts.
- Information Security Analyst
- Network Administrator
- Cybersecurity Engineer
Misconceptions
- The way in which computers transmit information is commonly misunderstood. Students are going to need to be able to think abstractly to understand that all of the information and content they receive on any of their connected devices is transmitted via wire in a series of zeros and ones. Once students can comprehend this system, then the difficult concepts that underlie IP Addresses, Packet Transfer, Routers, Internet Protocols and Packet Sniffing will become accessible.
Unit Lessons and Activities
- Lesson 1: Information Transfer - Lesson 1 will focus on getting students hooked on the idea of Cybersecurity, and will also cover how univariate data can be summarized. I will teach students about the basics of information transfer over the internet, and will exemplify the vulnerabilities that exist by “hacking” a drone.
- Activity 1: Hook (drone hack), Introduction of the Big Idea, Generating Essential Questions, Challenge and Guiding Questions (4 days)
- Activity 2: Analyzing Packet Transfer with Univariate Statistics (2 days)
- Lesson 2: Determining the Likelihood of an Attack - Lesson 2 will build on the cybersecurity principles that students will have learned in the first lesson. Now that students have learned and practiced summarizing univariate data by looking at network traffic, they will progress to determining the probability that an attack will take place using the normal distribution.
- Activity 3: Identifying Attacks Using Z- Scores (3 days)
- Evidence of CBL:
- Evidence of EDP:
Additional Resources
- Kali Linux OS
- Laptop with Wireless Card that Supports airplay-ng
- Wifi Controlled Drone (Ex: Parrot Bebop)
- Worksheets for Activities