Introductory (Breaking the ice) fun activity for the day
There will be a fun activity at the beginning of each camp day to create a fun-filled learning environment and break the ice among students. These activities include:
- Collaborative Drawing - Each group of four students tries to make a drawing using a given concept within an allocated time. A stopwatch is used for timing.
- Tall Tales - In a group of four students, each member tells three sentences, and the last sentence must end with the word “suddenly”. The next member picks up the story and tells three sentences.
- Icebreaker Questions - The students are asked fun questions to express their exciting ideas, such as When you were little, who was your favorite superhero, and why? Or what’s your favorite thing to do in the summer?
- Unique and Shared - Each group of five students finds their common traits or qualities during the first half. One student in a group writes them down on a paper and reads the list after a timeout. During the second half, the students shuffle into different groups, and then, each new group of five students finds their unique characteristics that exist only in individual members.
Hands-on Activities
There will be three hands-on learning activities each day. They are described as follows, along with their associated GenCyber cybersecurity concepts.
Activity 1: Privacy leakage collection on Facebook. Students will explore the privacy options on Facebook and identify leaked information from other users.
Activity 2: Protect the privacy of social networks. Students will be asked to configure their own online social network accounts to close potential information leakage.
Activity 3: Password security and password guessing. Students will use a popular password guessing tool such as John the Ripper to crack passwords stored in a file.
Activity 1: Webpage creation using HTML language.
Activity 2: Basic Linux administration. Students will learn to use some Linux commands such as file creation, deletion, and file folder navigation.
Activity 3: Web server hacking and website defacement attack. Students will practice how to hack into a web server and deface its home page. They will replace their HTML file (created in activity-1) with the index.html file in the web server’s folder.
Activity 1: Raspberry-Pi programming and networking I. Students will learn how to connect Raspberry-Pi to their computer and use simple commands to control the Raspberry-Pi.
Activity 2: Raspberry-Pi programming and networking II. Students will learn how to connect the Pis for communication through wifi.
Activity 3: Basic hacking skills. Students will learn how to remotely log into someone else’s Pi and copy (steal) their files.
Activity 1: Practice on using basic encryption/decryption/hashing tools.
Activity 2: Malware and Antivirus. Students will learn what Malware is, how to install antivirus software, and how to use VirusTotal.
Activity 3: Firewall configuration. Students will learn how to install a firewall and block a port or IP using a firewall.
Activity 1: File carving to recover a deleted file. The students will create a file on a thumb drive and then delete it. They further utilize the Foremost tool on the drive to quickly recover their deleted files.
Activity 2: Autopsy, a GUI-based open source digital forensic program to investigate email fraud. The students will analyze emails in a given suspect disk image to find a fraudulent email.
Activity 3: Mona Lisa portrait theft investigation. Continuing with the suspect disk image and Autopsy, the students will further find evidence such as a picture or email that identifies the suspect's involvement in the theft.
Elective Session Group Activity
There will be a one-hour time slot every camp day for a group activity, including the following:
- Tour of cybersecurity research labs - The students will visit two cybersecurity labs: 1) Security and Forensics Engineering (SAFE) Lab, and 2) Information and Network Security (RamSec) Lab, equipped with industrial control systems (such as PLCs, Conveyor Belt for sorting parts, Elevator simulator, and traffic light signal) and additive manufacturing infrastructure such as 3D printers.
- Tour of VCU data center - The students will visit the data center located at the VCU Computer Science department. The data center is a cluster called Dogwood, which is composed of 13 nodes. Each of the nodes has 4 CPUs, and each CPU has 16 cores (2.6GHz) – for a total of 832 cores. Each of the nodes has 256GB RAM (4GB per core). They also have 72TB of storage. The nodes and the storage are connected to a fast network achieving transfer rates of up to 1GB/s.
- Tour of security operations center (SOC) - The SOC is equipped to perform forensic investigations and cyberattack analysis.
- Crypto Challenges - We will divide the students into small groups and provide different crypto challenges to solve.
Post-camp Activities Day
We will organize a post camp activities day at VCU for the camp students including the following:
- Essay writing competition - An essay writing competition on a cybersecurity topic such as the internet of things, cyber-physical systems, digital forensics, malware, etc. In return, the students will get a certificate of GenCyber camp completion.
- CTF competition - A capture-the-flag (CTF) competition to solve cyber challenges.
- Career day - A career day at VCU to introduce industry role models in cybersecurity to the camp students.