My research interests include cybersecurity education (secure coding), computer science education, universal usability, and learning sciences. I have worked on NSA and NSF funded projects including Security Injections@Towson. I am currently working on the following projects and also summarize my past projects.
Research Project Descriptions:
In-Progress Projects
- Using Eye-tracking to Assess Students’ Ability to Read and Write Secure Code in Lower Level Programming Courses
In this research, I collaborate with Leon Bernard, doctoral student in the Department of Computer & Information Sciences, Towson University, to investigate how students in lower level programming courses apply secure coding practices while reading and writing code using an eye tracking tool. The study is in preliminary phase.
2. Security of Home Internet of Things (HIoT)
In this research, I collaborate with Dr. Leon Bernard, to investigate a model that users can use to evaluate the security of Home based Internet of Things . The study is in preliminary phase.
3. A novel approach to Authentication Mechanism for Computing Devices
Past Projects:
1.Cybersecurity Labs and Resource Knowledgebase(CLARK)
CLARK is a prototype curriculum management platform that hosts a diverse cybersecurity learning objects. The project is implemented by Department of Computer & Information Sciences, Towson University and funded by National Security Agency (NSA). In this project, I am involved in conducting a study to assess CLARK’s 1) Section 508 compliance and 2) System Usability.
2. Digital Library Security
In this research, I collaborated with Nnatubemugo “Ugo” Ngwum, doctoral student at Towson University. Below, I provide the summary of the project. The use of digital libraries (DLs) is increasing. To attract users and sustain digital libraries, security of these systems is critical. However, few studies in the digital library literature have focus on evaluating the security of a DL system. Through review of existing literature, standards and other security guidelines, we proposed a novel model for security evaluation of digital libraries. We test the effectiveness of the model using the CLARK cybersecurity curriculum digital library (www. clark. center) at Towson University. We identify five core security criteria that are broken down into several requirements, in the model, that a DL should fulfill to achieve security. Results from the evaluation, which include static code analysis and expert review of CLARK’s security mechanisms, indicate the proposed model is significantly effective in evaluating the security requirements of digital libraries.
3. Security Injections 2.0
Learning interventions based on modules are common in computer science education. Traditional learning modules that present a large amount of content in a linear format can lead to students skimming and skipping content resulting in lower student engagement and effectiveness. In this paper, we present theoretical support for increasing engagement and effectiveness of learning modules, describe a system that implements these principles, and discuss the results of a study across four sections of CS0. Using the Security Injections @Towson cybersecurity modules, we enhanced select modules by incorporating the e-learning design principles of segmentation and interactivity. The study compares student engagement between the current (1.0) modules and the enhanced (2.0) modules. The use of the enhanced (2.0) modules significantly increased student engagement and these results persisted across gender and race. Feedback from instructors indicates higher student and instructor interest in the enhanced modules; in spring 2015, more than 20 instructors are using the enhanced (2.0) modules.
External Grants:
Sub-PI, “The Cybersecurity Labs and Resource Knowledge-base (CLARK) – A prototype” funded by- National Security Agency/Towson University, $14,893, 2018-19. PTE Federal Award No: H98230-17-1-0405, Sub-award No: 33/Project#: 5040534/ PO#: 8451