F3-COMP4-2 - Teaching Cybersecurity to Computer Science Students Utilizing Terminal Sessions Recording Software as a Pedagogical Tool.

1. Innovative Practice Full Paper
Ismail Hassan1
1 Department of Computer Science, OsloMet – Oslo Metropolitan University

This Innovate Practice Full Paper presents our experience with teaching a cybersecurity course to undergraduate students utilizing terminal sessions recording software as a pedagogical tool.

The rapid advancement of Information and Communication Technology (ICT) is profoundly impacting the way we communicate, socialize, purchase goods, or consume services. Despite the substantial benefits brought by ICT, vulnerabilities, threats, and attacks are a growing phenomenon. Governments and businesses are finding it very difficult to safeguard their assets from potential attacks, and the need for cybersecurity professionals is overwhelming.

To meet the increasing demand, universities have a significant role and responsibility in educating skilled professionals. Teaching cybersecurity theories and principles are essential in understanding the subject matter. Nevertheless, it is also indispensable to equip students with the practical skills required to execute that knowledge.

Developing a practical cybersecurity course demands numerous amount of preparation and the deployment of various security tools.  One of the significant benefits of providing hands-on assignments is the opportunity for students to practice and experiment with tools similar to the ones used by both the professionals and malicious actors.

A vast amount of tools are freely available online, providing anyone the possibility to scan, attack, and compromise resources connected to the net. These tools may provide a graphical user interface, but often a command-line interface (CLI) through a  terminal emulator is used. There are concerns that students might spend too much time trying to figure out how to use the software rather than learning the subject matter. Novice students might get discouraged due to the steep learning curve some of the software could impose. To remedy this difficulty, many educators have resorted to using screencasts as a pedagogical tool.

Screencasts are video recordings that capture an instructor's computer screen activities. Audio or textual annotation can be inserted into the video to describe the process. Some screencasts have simple editing capabilities, but generally, supplementary editing applications are required to produce the video. Depending on the screencasting software, a considerable time might be needed to edit the final product.

Unlike screencasts, our proposed method does not require any editing or specialized applications for post-processing the result. The output from commands executed on the terminal is instantly captured, saved, and uploaded to a web site. Students can then access the captured session from anywhere and playback the recording at their convenience.

This paper presents an innovative approach to conducting interactive demonstrations in the classroom and as a supplement to the weekly practical assignments. By combining two simple open-source software, we managed to create several short tutorials on how to use various command-line security tools.  The educational tool was deployed in an undergraduate cybersecurity class, and the results from the anonymous online survey were overwhelmingly positive. Furthermore, the participants responded that the demos improved their understanding of the subject content and enabled them to learn the material effectively.