Fakesbook: A social networking platform for teaching security and privacy concepts to secondary school students

As frequent users of social networking applications, middle and high school students are well-suited for curricular interventions that leverage these technologies. Allowing students to see "behind the curtain" of these applications provides them with a unique opportunity to better understand the discipline of computer science upon which these technologies are built and influences their perceptions of computer security and privacy. We present a novel social networking simulation that allows students to create a social network account, including profile data and images, and to manage privacy settings and friend connections. The platform, named Fakesbook, presents students with a visualization of the social network as a graph, enabling them to observe the spread of profile data (theirs and others') depending on friend connections and choices of privacy settings. We additionally present our lab curriculum which uses Fakesbook to enable active learning and adversarial thinking to engage students and build agency with regard to privacy and computing concepts. We deployed and, over several years, evaluated our platform and curriculum with hundreds of students from a diverse set of backgrounds at educational events designed to introduce these populations to computer science, cybersecurity, and privacy. Survey results indicate that students gained or deepened their understanding of online privacy and security and that 86% of participants found that Fakesbook helped them "think about privacy and computer security."

[1]  MooreMarina,et al.  Introducing privacy to undergraduate computing students , 2018 .

[2]  Robert Biddle,et al.  Password advice shouldn't be boring: Visualizing password guessing attacks , 2013, 2013 APWG eCrime Researchers Summit.

[3]  Yang Wang,et al.  "I regretted the minute I pressed share": a qualitative study of regrets on Facebook , 2011, SOUPS.

[4]  Xiaohong Yuan,et al.  Visualization Tools for Teaching Computer Security , 2010, TOCE.

[5]  Ian Goldberg,et al.  Live Lesson: Netsim: Network simulation and hacking for high schoolers , 2017, ASE @ USENIX Security Symposium.

[6]  Aaron Smith,et al.  Teens, Kindness and Cruelty on Social Network Sites , 2011 .

[7]  Scott Grissom,et al.  Algorithm visualization in CS education: comparing levels of student engagement , 2003, SoftVis '03.

[8]  Michael G. Bailey,et al.  The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems , 2004, CITC5 '04.

[9]  Mike Sharples,et al.  E-safety and Web 2.0 for children aged 11-16 , 2009, J. Comput. Assist. Learn..

[10]  Dhananjay S. Phatak,et al.  How students reason about Cybersecurity concepts , 2016, 2016 IEEE Frontiers in Education Conference (FIE).

[11]  Thomas L. Naps,et al.  Exploring the role of visualization and engagement in computer science education , 2003, ITiCSE-WGR '02.

[12]  Jeff Boleng,et al.  Designing web labs for teaching security concepts , 2009 .

[13]  Dino Schweitzer,et al.  Using visualization to teach security , 2009 .

[14]  Arnaud Sallaberry,et al.  Are All Social Networks Structurally Similar? , 2012, 2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining.

[15]  Jun Ma,et al.  ECvisual: a visualization tool for elliptic curve based ciphers , 2012, SIGCSE '12.

[16]  Lorrie Faith Cranor,et al.  Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish , 2007, SOUPS '07.