Embracing the Kobayashi Maru: Why You Should Teach Your Students to Cheat

@article{Conti2011EmbracingTK,
  title={Embracing the Kobayashi Maru: Why You Should Teach Your Students to Cheat},
  author={Gregory J. Conti and James Caroland},
  journal={IEEE Security \& Privacy},
  year={2011},
  volume={9},
  pages={48-51}
}
Every day, security professionals face off against adversaries who don't play by the rules. Traditional information security education programs further compound the problem by forcing students to behave in a flawlessly ethical manner. As an alternative, this article suggests techniques for fostering creativity and an adversary mindset in information security students through carefully structured classroom cheating exercises. 

Figures from this paper

Teaching Information Security Students to "Think thief"
TLDR
An educational experiment where information security master students were encouraged to think out of the box and challenge the students to take the point of view of the motivated offender is reported on.
Lessons learned during Covid-19 concerning cheating in e-examinations by university students
Purpose The researchers aim to investigate how students can be deterred from cheating, whether legal or ethical policies and procedures are effective and whether there are gender differences.
Against Mindset
TLDR
This work suggests an alternative approach, consisting of multiple security-relevant attitudes, which are linked to security roles within the systems development life-cycle, and shows how the framework can be used to help shape curricula.
Teaching Engineering students to "Think thief"
TLDR
It is reported that thinking thief inspires students to design creative projects, working with real subjects creates a powerful learning experience, and students are struggling with methodological issues.
Advancing Cybersecurity Education
  • M. Dark
  • Education
    IEEE Security & Privacy
  • 2014
The incoming department editor discusses trends over the past five years of the Education department and current and new topics she'd like to see going forward in an attempt to advance the art and
Teaching Adversarial Thinking for Cybersecurity
TLDR
This paper sheds new light on adversarial thinking by exploring it through the lens of Sternberg's triarchic theory of intelligence, which produces a novel, multidimensional definition of adversarialthinking that leads immediately to three clearly defined learning outcomes.
Improving the Cybersecurity of Cyber-Physical Systems Through Behavioral Game Theory and Model Checking in Practice and in Education
TLDR
This dissertation applies the SPIN model checker to an electric power protection system and demonstrates a straightforward and effective technique for rigorously characterizing the degree of fault tolerance of complex CPSs, a key step in improving their defensive posture.
Gamification for Teaching and Learning Computer Security in Higher Education
TLDR
The design and evaluation of a gamified computer security module, with a unique approach to assessed learning activities, was presented, and ultimately the increased satisfaction was not found to have statistical significance on quantitative measurements of motivation.
Engineering Education Today: Capturing the Afterlife of Sisyphus in Five Snapshots
TLDR
Five snapshots are provided that seek to explore the current state of engineering education from different perspectives of scale: the student, the program, policy, society, and technology, indicating that engineering education is a complex, adaptive system that operates on different spatial and temporal scales.
Can Security Become a Routine?: A Study of Organizational Change in an Agile Software Development Group
TLDR
Interestingly, group members acknowledged an unfulfilled need for change but defended the structure inhibiting change, and security initiatives need to consider this interplay of structure and situated practice, and manage change in addition to providing expertise and tools.
...
...

References

SHOWING 1-4 OF 4 REFERENCES
No Tech Hacking
Hackers Are People Too
  • Documentary. Managed Mischief
  • 2008
James Caroland is a member of the US Cyber Command Commander's Action Group and an adjunct associate professor in the University of Maryland University College's Cybersecurity Program
  • James Caroland is a member of the US Cyber Command Commander's Action Group and an adjunct associate professor in the University of Maryland University College's Cybersecurity Program