[Linux-aus] Grant Application - Building the Open Source Talent Pipeline in Australia: A Cyber Forensics Student Extension Program
Paul Watters
dr.paul.watters at gmail.com
Wed Jun 7 10:13:14 AEST 2017
1. Project name
Building the Open Source Talent Pipeline in Australia: A Cyber Forensics Student Extension Program
2. Aim of the project, including any key stages or milestones of the project
Research indicates that young people are genuinely interested in technology at an early age, but that negative experiences within a highly constrained curriculum, coupled with being taught (in many cases) by unqualified teachers, can led to disengagement. This is coupled with negative stereotypes portrayed in the media and popular culture around “nerds” and “geeks”; peer pressure to conform to social expectations and constructs discourages young people from technology careers, despite industry-identified “skills gaps” and high salaries. Finally, accessing technologies can be very expensive, and groups that face barriers to access (such as young people with a disability, or homeless students). Students may not be aware that there are alternatives to commercial, closed source technologies that are easily accessible, and which provide the freedom to create and contribute.
The aim of this project is to create an open source forensics educational engagement programme in Victoria, that is aligned with the digital literacy VCE syllabus. The project seeks to re-engage students in senior years using the “CSI Effect”; particularly with the publicity given to cyber attacks linked to closed source / proprietary technologies, this is an excellent opportunity to embed open source values early in learning. Especially in the security field, rigorous peer review and critique leads to the best solutions, rather than relying on secrecy and obscurity.
The engagement programme will not seek to replace anything taught on the curriculum, but instead focus on fun, topical and engaging experiences, that may stimulate and motivate students to consider cyber security as a career. The programme will only use open source forensics tools, but will reveal how closed source technologies can be subjected to physical examination.
While the project team will contribute their time as an in-kind contribution to the project, funding is sought to purchase a range of typical hardware devices to physically examine, and create forensic use cases for. This will give students who take the programme some hands-on experience with real-world technologies, using open source tools. Students will also be shown how an open source forensics toolkit can be extended as needed.
The programme will comprise a set of four learning activities, designed to be undertaken over 4 x 1 hour sessions, ideally suited to an “incursion” or workshop run at a school. The hardware devices will be made available free of charge to all schools in Victoria: schools will only be asked to pay for shipping costs to borrow the equipment. All educational materials developed through the programme will be released under a Creative Commons license. The project team hopes that this will encourage law enforcement and private sector security teams to contribute further use cases and data to improve the programme.
To develop the programme, a four-stage project plan is envisaged:
Stage 1: Learning activity design (100 Hours)
In this stage, the four learning activities will be designed to match typical cyber forensic tasks, including evidence acquisition, timeline analysis, media analysis, and data recovery. Students will also be encouraged to compile a report based on their results.
Stage 2: Forensic use case identification (50 Hours)
In this stage, the four learning activities will be mapped to typical use cases, including fraud, scams, malware infection and counter terrorism investigations. The project team shall liaise with law enforcement, as appropriate, to create these use cases, and make them as interesting and realistic as possible.
Stage 3: Software selection (50 Hours)
In this stage, a range of open source forensic toolkits will be obtained and tested to see whether they can meet the requirements of the use cases. Well-known packages, including Autopsy and the Sleuth Kit, will be obtained, as well as specialized packages for iOS forensics, including Logical iOS Forensic Examiner (LIFE).
Stage 4: Hardware purchase and use cases realized (100 Hours)
The equipment requested in this application will be purchased, and data relating to the use cases will be created and imaged. These images will be uploaded to the hardware devices.
Assuming a starting date of 1st July 2017, and spending 10 hours per week, the project should be developed by September 9th 2017. We will then communicate the availability of the programme through appropriate channels, such as the La Trobe University career advisor mailing list, and Quantum Victoria.
3. How the success of the project will be measured
We will create a self-report survey for students to take before and after the activity, and measure whether their awareness of open source has increased, and whether or not they would consider cyber security as a career choice. We will seek ethics approval before administering any questionnaires to students.
4. Estimated cost breakdown of the project, including any materials, projects or online services that are required to deliver the project. The cost breakdown should include estimates of labour costs and/or professional services
The hardware devices requested represent a range of typical forensic use cases, including Android phones and Linux servers (RedHat and Debian), as well as Raspberry pi kits for network forensics. Some basic forensic kits, required for data capture and transfer, will also be requested. Two sets of equipment are requested, so that the teacher can use one for demonstration, and one is available for students to use at the same time.
In-kind contribution (200 Hours x $118ph = $23,755 + GST = $26,130)
Equipment requested:
· Forensicstore.com <http://forensicstore.com/> – Cellphone companion kit, including faraday pouch, cables, media etc x 2= $612
· Dell PowerEdge T130 with Linux x 2 = $3,092
· Samsung Galaxy J7 Prime x 2 = $798
· Ultimate Raspberry Pi Kit x 2 = $478
Total Requested: $4,980
Linux Australia contribution to total project cost: 19.05%
5. The project team, their credentials and professional capabilities, especially their history of open source, open data, open hardware or open culture contributions
Dr Paul A. Watters is Associate Professor in Cyber Security at La Trobe University. Dr Watters has been using Linux for 24 years, having first installed in on 360K floppies on an XT. Dr Watters has written several books on Linux and open source topics, as well as releasing open source packages for neural network modeling and fractal analysis. He has published numerous papers on cyber forensics, and is working with Quantum Victoria to deliver Australia’s first “cyber games”, targeting high school students who may be interested in pursuing cyber security as a career.
Maya F. Watters is a Leading Teacher at Bacchus Marsh College. Ms Watters studied education at the University of Melbourne, and forensics at the University of Auckland. She has worked on a number of forensic projects for Cyber Inc, a not-for-profit incorporated association in Victoria.
6. Person responsible for project
Dr. Watters will be the project manager and will have overall responsibility.
7. A statement including a willingness to provide regular project updates on the project
The project team shall provide updates to Linux Australia at each phase of the project.
—
Dr Paul A. Watters FBCS SMIEEE CITP
Associate Professor in Cybersecurity | Adjunct Professor in Computing
La Trobe University | Unitec Institute of Technology
CRICOS Provider Code 00115M
E: <P.Watters at latrobe.edu.au <mailto:P.Watters at latrobe.edu.au>> P: +61-3-9479-3415
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linux.org.au/pipermail/linux-aus/attachments/20170607/29094e08/attachment-0001.html>
More information about the linux-aus
mailing list