Security threats are evolving and getting more hidden and complicated. Detecting malicious security threats and attacks have become a huge burden to our cyberspace. We should apply proactive prevention and early detections of security vulnerabilities and threats rather than patching security holes afterwards. To analyze the huge amount of data to find out suspicious behaviors, threat patterns, and vulnerabilities, and to predict and prevent future cybersecurity threats is a challenge. Machine Learning (ML) driven artificial intelligence is a powerful instrument to take up such a challenge. Machine Learning (ML) can assist cybersecurity professionals in analyzing malicious patterns and behaviors, by predicting patterns with suitable algorithms. ML can help to prevent similar attacks and respond to attacks more proactively. Many popular ML algorithms (e.g., Naïve Bayes, deep learning) are currently being applied to cybersecurity related event detection. ML can be applied to complex datasets to predict and detect malicious activity like malware, spam, and financial fraud. Further, attacks on machine learning systems are gaining traction among hackers such as adversarial inputs, data poisoning attacks, and model stealing attacks. While the ML is widely used for cybersecurity the big data for machine learning and machine learning algorithms themselves also need to be protected. Therefore the novel cybersecurity for ML needs to be addressed as well.

While ML for both big data analysis and cybersecurity is widely taught in colleges and universities, there is a shortage of teaching and learning materials on ML for Cybersecurity. However, very little or no education resources to train the workforce to increase awareness and mitigate these attacks. Many schools offer ML and cybersecurity courses in their computing curriculum; however, integration of ML into cybersecurity curriculum is not presently commonplace. Cybersecurity professional need every advantage to combat cybersecurity threats. Hands-on activities in cybersecurity education can benefit all types of learners by providing opportunities for them to observe as well as to perform.

This project seeks to explore Cybersecurity education through the development of Portable Case-based Hands-on Labware. It will focus on two directions: (i) ML for Cybersecurity and (ii) Cybersecurity for ML. In the first direction, the project will develop 10 portable hands-on case studies modules on ML for Cybersecurity covering spam email filtering, network Denial of Service (DoS) prediction, SQL injection prevention, malware classification and prevention, intrusion detection, network traffic monitoring, malicious web attack detection, malicious user behavior detection, unauthorized CAPTCHA bypassing, and financial fraud protection with various machine learning techniques. In the second direction, the project will develop 8 portable labware on Cybersecurity for ML on adversarial input, data poisoning, and model stealing. Each case study module explores one typical cybersecurity case and provides ML instrument solutions such as statistical based learning and deeper learning. Each module supports a hands-on engagement learning cycle which consists of a pre-lab activity for conceptualization and getting started with a Hello World example, hands-on lab experience with real-world data sets, and post add-on lab activity for creative enhancement.

The proposed portable labware will be deployed on Docker containerized environment where learners can easily download and practice all labs interactively anywhere anytime, and on any platforms without tedious installation and configuration. Also, the proposed hands-on lab modules will support a broad audience to effectively learn the subjects and result in more efficient student learning and engagement. This project will help to enhance the cybersecurity curricula across computing disciplines integrated with data science, engage student active learning, and increase problem solving capabilities.