Northern Kentucky University
Covert Eye Op App: An Offense Based Learning Approach Towards Developing Mobile Security Awareness and Interest in Cybersecurity
Grade Level at Time of Presentation
Senior
Major
Computer Information Technology
Minor
Organizational Leadership
KY House District #
68
KY Senate District #
24
Faculty Advisor/ Mentor
Dr. Ankur Chattopadhyay
Department
Department of Computer Science
Abstract
This paper introduces a unique approach of teaching mobile security awareness at the high school level through a nifty offense-based learning strategy. Our approach involves creating an eye-opening experience for learners through our mobile app, which has been designed and developed strategically to request unnecessary permissions from users and secretly exploit them in the form of a covert offensive operation, that includes recording their audio plus tracking their location. When users notice this exploit activity orchestrated by our app and realize how their provided permissions have backfired on them, they get to learn first-hand about the ways in which a mobile app can misuse user permissions and covertly compromise user information. We have used this app to implement a hands-on experiential learning activity that is intended to teach users the importance of privacy and security in mobile devices by breaching them and making them self-discover issues with how users grant permissions to mobile apps. To our knowledge, there has been limited prior work that focuses on studying how offense-based user hacking techniques impact leaning of mobile security topics. In this paper, we attempt to address this research gap. This paper describes our mobile app and offense-based lesson plan, which have been used in several workshop sessions as a hands-on learning activity for the high school community since 2019. It also includes our learner assessment study that involves analysis of the quantitative and qualitive data that we have collected in the form of survey responses from different users at the high school level. The results from our study indicate that our offense-based learning approach using our unique app was able to successfully engage users and create a positive learning experience for the high school community by developing user awareness of mobile security related issues, plus overall interest in cybersecurity topics.
Covert Eye Op App: An Offense Based Learning Approach Towards Developing Mobile Security Awareness and Interest in Cybersecurity
This paper introduces a unique approach of teaching mobile security awareness at the high school level through a nifty offense-based learning strategy. Our approach involves creating an eye-opening experience for learners through our mobile app, which has been designed and developed strategically to request unnecessary permissions from users and secretly exploit them in the form of a covert offensive operation, that includes recording their audio plus tracking their location. When users notice this exploit activity orchestrated by our app and realize how their provided permissions have backfired on them, they get to learn first-hand about the ways in which a mobile app can misuse user permissions and covertly compromise user information. We have used this app to implement a hands-on experiential learning activity that is intended to teach users the importance of privacy and security in mobile devices by breaching them and making them self-discover issues with how users grant permissions to mobile apps. To our knowledge, there has been limited prior work that focuses on studying how offense-based user hacking techniques impact leaning of mobile security topics. In this paper, we attempt to address this research gap. This paper describes our mobile app and offense-based lesson plan, which have been used in several workshop sessions as a hands-on learning activity for the high school community since 2019. It also includes our learner assessment study that involves analysis of the quantitative and qualitive data that we have collected in the form of survey responses from different users at the high school level. The results from our study indicate that our offense-based learning approach using our unique app was able to successfully engage users and create a positive learning experience for the high school community by developing user awareness of mobile security related issues, plus overall interest in cybersecurity topics.