2025 ASEE Annual Conference & Exposition

Today, cybernetworks are integral parts of our homeland as physical parts such as cities, coastlines where we do all our day-to-day activities. Cyberspace is susceptible to an increasing spectrum of threats posed by criminals and nation-state actors. For example, in the early cyber period, malware threats were few, and basic pre-execution rules often detected them. Rapid expansion of the Internet and malware made manually constructed detection criteria impractical, necessitating new, powerful protection solutions. Cybersecurity threats of today continue to find ways to fly under the radar. Cybercriminals deploy highly evasive malwares using Trojanized versions of legitimate applications, tools, and services. To combat the exponential growth of cyberthreats, an efficient, robust, and scalable detection module is required. The old tools that rely on pre-execution rules are ineffective and impractical. We require tools based on advanced protection technologies that are capable of processing vast amounts of data and delivering long-lasting defense solutions against current and future attacks. Using AI/ML techniques to automatically learn models and patterns behind such complexity and to develop solutions to keep pace with cyberthreat evolution is one of the most prevalent approaches in the literature.
Though research in intrusion detection has been around for several years, applications are always changing and morphing (for example, the advent of cloud related services). Current intrusion detection processes suffer from several limitations when focusing on highly vulnerable network intrusions. First, with the increasing volume of network traffic -- existing intrusion detection processes fail to analyze the vulnerabilities in time to predict possible network intrusion(s) from the chain of actions of an intruder. Second, current intrusion detection systems produce a high volume of false positive alerts. And third, current approaches consider every sequence of network vulnerability to predict future intrusions rather than analyzing the comparatively significant sequences. Instead of teaching theoretical cybersecurity concepts it will be beneficial to allow the student(s) to be involved in the design and improvements to current and next generation time series intrusion detection systems.
Universities teach students how to write computer software; but that is only a small part of what is required of graduates when they enter the workforce. Industry demands a much broader perspective: that of being equipped with technical skills in identifying requirements, designing a suitable solution, implementing the solution in software, validating that the software satisfies requirements; as well as being equipped with business skills such as estimating cost, monitoring progress, measuring effectiveness, etc. Students who are inculcated with such software engineering skills are more attractive to employers that just have software-coding abilities.
This paper explains our experience and takeaways in immersing students in real-world software engineering practices using a year-long undergraduate research project development. That is, rather than simply coding the Cyber Security research projects, they engineered the Cyber Security product. Our process walked students through producing a working solution by having them use an agile process called Collaborative-Adversarial Pair (CAP) programming that specifically applies cutting-edge software industry techniques at each point in the software lifecycle.