2025 ASEE Annual Conference & Exposition

Extra Credit, Extra Security: Lessons Learned from a Bonus-Based IoT Security Class

Presented at Computing and Information Technology Division (CIT) Technical Session 6

The Internet of Things (IoT) devices and technologies are increasingly integral to the global market, enabling enhanced interaction and control over the physical world through networks of smart devices in homes, offices, and urban environments. However, the pervasive security design flaws within these systems have become prime targets for hackers, heightening the risk of security breaches. This highlights the critical need for specialized education programs that prepare students with the skills and knowledge to tackle these security challenges. This paper introduces our security class on IoT which is designed with the goal to address this gap by integrating hands-on projects that enable both graduate and undergraduate students to help them practice security concepts on real devices. This approach effectively helps bridge theoretical knowledge with practical applications. By implementing a bonus-based teaching approach, we aim to enhance the learning outcomes. We also evaluate the course's effectiveness through student surveys conducted over four years, which indicate significant improvements in student expertise and satisfaction with the course content and bonus activities. We share our lessons and experiences from the course.

Authors

Derin Cayir Florida International University [biography]

Derin Cayir is pursuing her Ph.D. at Florida International University, Miami, FL USA, where she is currently a graduate research assistant in the Cyber-Physical Systems Security Lab. Her research interests include privacy/security systems for extended reality devices. Cayir received her bachelor's degree in electrical electronics engineering from Bilkent University, Ankara, Turkey. She also worked as a Machine Learning Researcher in Meta, Redmond WA.
Dr. Mark Allen Weiss Florida International University [biography]

Mark Allen Weiss is Distinguished University Professor, Associate Dean for Undergraduate Education in the College of Engineering and Computing, and Associate Director in the School of Computing and Information Sciences at Florida International University
Prof. Selcuk Uluagac Florida International University [biography]

Prof. Selcuk Uluagac is currently a Program Director at US NSF CISE/CNS as a rotator from his home institution Florida International University, where he is an Eminent Scholar Chaired Professor in the School of Computing and Information Science, leading the Cyber-Physical Systems Security Lab. Before, he was a Senior Researcher at Georgia Tech and Symantec. He holds a PhD from Georgia Tech and MS from Carnegie Mellon University. He received US National Science Foundation CAREER Award, US Air Force Office of Sponsored Research’s Summer Faculty Fellowship, and Google’s ASPIRE Research award in security and privacy, inter alia. He is an expert in the areas of cybersecurity and privacy. He has hundreds of publications in the most reputable venues as well as numerous patents. His research has been funded by numerous government agencies and industry. He has chaired/served on the of top-tier security conferences, e.g., NDSS, USENIX, ACM CCS, IEEE SP, and serving as the deputy editor in-chief of IEEE TIFS and associate editor of Elsevier COMNET journals. More information can be obtained from http://nweb.eng.fiu.edu/selcuk/.

Note

The full paper will be available to logged in and registered conference attendees once the conference starts on June 22, 2025, and to all visitors after the conference ends on June 25, 2025

« View session