Development of Ontology-Based Software Security Learning System with Contextualized Learning Approach

Learning software security is one of the most challenging tasks in the information technology sector due to the vast amount of security knowledge and the difficulties in understanding the practical applications. The traditional teaching and learning materials, which are usually organized topically and security-centric, have fewer linkages with learners’ experience and prior knowledge that they bring to the learning sessions. Learners often do not associate vulnerabilities or coding practices with programs similar to what they were writing in their previous time. Consequently, their motivation for learning is not touched by conventional methods. Therefore, it is necessary to develop learning tools that can improve learner’ ability of application-scenarios connections by using a meaningful learning approach. In this paper, we present a softwaresecurity learning system based on ontologies that facilitates the contextual learning process by providing contextualized access to security knowledge via real software application scenarios, in which learners can explore and relate the security knowledge to the context they are already familiar

[1]  John D. Bransford,et al.  Some Benefits of Creating Macro-Contexts for Science Instruction: Initial Findings , 1987 .

[2]  W. H. F. Barnes The Nature of Explanation , 1944, Nature.

[3]  M. D. Merrill,et al.  Knowledge objects and mental models , 2000, Proceedings International Workshop on Advanced Learning Technologies. IWALT 2000. Advanced Learning Technology: Design and Development Issues.

[4]  P. Wason,et al.  Natural and contrived experience in a reasoning problem , 1971 .

[5]  Martin Wirsing,et al.  An Ontology for Secure Web Applications , 2015, Int. J. Softw. Informatics.

[6]  Veda C. Storey,et al.  An ontological analysis of the relationship construct in conceptual modeling , 1999, TODS.

[7]  S. Kanmani,et al.  Ontology-based representation of reusable security requirements for developing secure web applications , 2013 .

[8]  Matt Bishop,et al.  A Clinic for "Secure" Programming , 2010, IEEE Security & Privacy.

[9]  N. M. Morris,et al.  On Looking into the Black Box: Prospects and Limits in the Search for Mental Models , 1986 .

[10]  Robert G. Berns,et al.  Contextual Teaching and Learning: Preparing Students for the New Economy. The Highlight Zone: Research @ Work No. 5. , 2001 .

[11]  Mark Guzdial,et al.  Does contextualized computing education help? , 2010, INROADS.

[12]  Steve Cunningham,et al.  Teaching computer science in context , 2010, INROADS.

[13]  Thomas R. Gruber,et al.  A translation approach to portable ontology specifications , 1993, Knowl. Acquis..

[14]  Gary McGraw,et al.  Software Security: Building Security In , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[15]  B. Myers Debugging Reinvented: Asking and Answering Why and Why Not Questions about Program Behavior , 2008 .

[16]  R. Felder,et al.  Learning and Teaching Styles in Engineering Education. , 1988 .

[17]  Judith Bennett,et al.  Bringing science to life: A synthesis of the research evidence on the effects of context‐based and STS approaches to science teaching , 2007 .

[18]  S. Kumar,et al.  Ontology for Detection of Web Attacks , 2013, 2013 International Conference on Communication Systems and Network Technologies.

[19]  R. J. Dean,et al.  Motivational Factors Affecting Advanced Literacy Learning of Community College Students , 2007 .