ETDs

This collection includes most of the ASU Theses and Dissertations from 2011 to present. ASU Theses and Dissertations are available in downloadable PDF format; however, a small percentage of items are under embargo. Information about the dissertations/theses includes degree information, committee members, an abstract, supporting data or media.

In addition to the electronic theses found in the ASU Digital Repository, ASU Theses and Dissertations can be found in the ASU Library Catalog.

Dissertations and Theses granted by Arizona State University are archived and made available through a joint effort of the ASU Graduate College and the ASU Libraries. For more information or questions about this collection contact or visit the Digital Repository ETD Library Guide or contact the ASU Graduate College at gradformat@asu.edu.

Displaying 1 - 2 of 2
Filtering by

Clear all filters

187772-Thumbnail Image.png

Attacking Computer Security from the Perspective of Educators, Users, and Analysts

Description
As computers and the Internet have become integral to daily life, the potential gains from exploiting these resources have increased significantly. The global landscape is now rife with highly skilled wrongdoers seeking to steal from and disrupt society. In order to safeguard society and its infrastructure, a comprehensive approach to

As computers and the Internet have become integral to daily life, the potential gains from exploiting these resources have increased significantly. The global landscape is now rife with highly skilled wrongdoers seeking to steal from and disrupt society. In order to safeguard society and its infrastructure, a comprehensive approach to research is essential. This work aims to enhance security from three unique viewpoints by expanding the resources available to educators, users, and analysts. For educators, a capture the flag as-a-service was developed to support cybersecurity education. This service minimizes the skill and time needed to establish the infrastructure for hands-on hacking experiences for cybersecurity students. For users, a tool called CloakX was created to improve online anonymity. CloakX prevents the identification of browser extensions by employing both static and dynamic rewriting techniques, thwarting contemporary methods of detecting installed extensions and thus protecting user identity. Lastly, for cybersecurity analysts, a tool named Witcher was developed to automate the process of crawling and exercising web applications while identifying web injection vulnerabilities. Overall, these contributions serve to strengthen security education, bolster privacy protection for users, and facilitate vulnerability discovery for cybersecurity analysts.
ContributorsTrickel, Erik (Author) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Thesis advisor) / Bao, Tiffany (Committee member) / Wang, Ruoyu (Committee member) / Arizona State University (Publisher)
Created2023
193577-Thumbnail Image.png

Hacking the Learning Curve: Effective Cybersecurity Education at Scale

Description
This dissertation introduces a comprehensive framework aimed at reshaping applied cybersecurity education to significantly ease the learning curve, at scale, through three synergistic innovations. These methods address the daunting educational barriers in cybersecurity, enabling learners at all levels to understand complex security concepts more easily. The first innovation, the PWN

This dissertation introduces a comprehensive framework aimed at reshaping applied cybersecurity education to significantly ease the learning curve, at scale, through three synergistic innovations. These methods address the daunting educational barriers in cybersecurity, enabling learners at all levels to understand complex security concepts more easily. The first innovation, the PWN methodology, redefines the traditional Capture The Flag (CTF) model by offering a structured series of modularized, self-guided challenges. This approach helps simplify complex topics into manageable units, each building on the last, which allows students to progress at their own pace. Over five years and with over 400 systems security challenges developed, this method has effectively helped students evolve from beginners to masters of advanced security exploits. The second component is the DOJO platform, an open-source learning environment that uses containerization technology to provide a pre-configured, browser-based interface. This platform reduces the setup complexities associated with applied cybersecurity and has already given over 10,000 students immediate access to practical learning scenarios, from vulnerability discovery to advanced debugging, in a unified, user-friendly environment. Its seamless integration allows educators to quickly launch new challenges and resources, ensuring a continuous and dynamic educational experience. The third component, the SENSAI tutor, is an AI-driven tutoring system that leverages Large Language Models to offer personalized, intelligent support. Integrated with the PWN methodology and DOJO platform, SENSAI serves as an on-demand mentor, providing tailored advice and problem-solving assistance. It adapts to individual student needs, offering specific guidance and theoretical support to enhance understanding and retention of complex concepts. Together, these three components create a powerful, integrated educational strategy that not only equips students with vital cybersecurity skills but also deepens their understanding of digital vulnerabilities and the strategic thinking needed to mitigate them. This strategy prepares a new generation of cybersecurity professionals to navigate the ever-evolving threats of the digital world.
ContributorsNelson, Connor David (Author) / Shoshitaishvili, Yan (Thesis advisor) / Doupe, Adam (Thesis advisor) / Wang, Ruoyu (Committee member) / Bao, Tiffany (Committee member) / Vigna, Giovanni (Committee member) / Arizona State University (Publisher)
Created2024