Learning Objectives
The learning objectives I want to cover this semester (some of which I want to develop for the current minor "Cyber") are as followed: Mathematica
| subject | elaborate | explanation |
|---|---|---|
| Calculus | Mathematics | |
| Logic | X | Logical proof and reasoning |
| Sets | Set theory - study and formalization of sets | |
| Statistics | X | Statistics is the science and technique of collecting, processing, interpreting, and presenting data |
| Algorithmics | X | Algorithmics is obviously about algorithms. The course covers various general algorithmic methods for solving problems |
Language
| subject | elaborate | explanation |
|---|---|---|
| English C1 | Cambridge English level C1 Advanced |
Tooling
| subject | elaborate | explanation |
|---|---|---|
| Machine learning | X | Applied to forensics |
| Python | X | For applying machine learning |
| Vim | For writing python in an effective way |
Cyber:
| subject | elaborate | explanation |
|---|---|---|
| Forensics | X | Identification, acquisition, processing, analysis and reporting of data - (Individual) |
| OSINT | X | Open-source intelligence - (Group project) |
I elaborate on the major learning objectives marked with an X below:
Learning Objectives and their Assignments (Body of Knowledge).
Initial status knowledge
Prior to this semester, I am going to get a clear vision about my knowledge. Because of my previous cyber security specialization semesters, I can conclude that I have attained basic knowledge regarding these topics. On the other hand, I have no prior knowledge regarding the learning objectives (stated above). With this in mind I am going to immerse myself in these topics and make assignments that are going to prove that I have gained a basic knowledge to these topics.
PDR
Introduction
This page serves as a reading guide and also as my evaluation of the assignments made within the minor. We will focus on 3 aspects as described in the Cyber course. I will describe each learning objective briefly and give an evaluation. I will also talk about the group project and the tasks that we made within this group. I will also briefly show my peer assessment results as I have been assessed by my group members. In the conclusion, a reflection about all assignments is written; how it went and what could be better etc.
LO1 – Digital forensics
My specialization that I chose for this minor is Digital Forensics. This specialization is about collecting digital evidence that can show that an organization or person has performed things in a digital environment that are not acceptable. During this specialization route, I am going to look at ethical issues and the different possibilities within this specialization. I will also look at how tooling is used within an investigation. I will also shift my focus to the field of machine-learning and its applications within the cyber aspect.
What a digital forensic does exactly can be read in my portfolio. Herein, I map out different topics and techniques.
Learning activies
| Task | Status | Pre-knowledge |
|---|---|---|
| Machine-learning Enron Dataset | Done | None |
| Machine-learning Gibbarish | Done | None |
| Machine-learning seclab | Done | None |
| Statistics formula’s | Done | None |
| Statistical research | Done | None |
| Captcha mechanism | Done | Some prior knowledge |
| Digital forensics methodology | Done | None |
| Course code cyber analysis (Secure code review) | Done | Prior knowledge |
| Regular expressions “Regex” evil “Regex” | Done | Some prior knowledge |
| OSINT | Busy | None |
| GDPR FDA 21 CFR Part 11 | Busy | Prior knowledge |
| Pentest Methodology | Done | Prior knowledge |
| Own a linux system | Done | None |
| Algorithms | Done | Prior knowledge |
Technical learning activities
For machine learning aspect I had to make a model that would detect so-called gibberish. This was part of a statistical research project where I was looking for a correlation between malicious URL's and gibberish. Since there was no open source model that would detect gibberish I had to make one myself. This was a challenge but I managed to make it work. After I got the model working I was able to write my research document for my statistical course. So these courses are connected to each other and have a cyber aspect to them. I also did some side project to further broaden my knowledge about other topics relating to cyber.
Nontechnical learning activities
The non-technical learning activities are methodologies about different aspects within the Cyber security atmosphere. I also did some ethical research on topics of my interest. This gave me a broad view of what I can and can not do within my professional field.
Conclusion
As of now I have gained knowlegde in a number of technical learning objectives. I made this measurable by documenting the steps I took to get to my learning objectives. Before this, I did not have any prior knowledge in any of these topics so I have gained most of my knowledge during the execution of the assignments. It is fair to say that I have created a steady basis for myself to build up more knowledge regarding cyber related aspects.
LO2
This chapter will address how I personally developed within the group project. In doing so, I will talk about the research and tasks I have made within the OSINT Project. I will also talk briefly about the communication within the group and the meetings with both the group members and stakeholders.
Project setting
OSINT is an important part of the current state of the world. With OSINT, you can find a lot of information that is publicly known. Think about news websites, articles, social media and so on. Since Fontys wants to make their students more familiar with OSINT and the dangers and possibilities of it, we set up this project plan. The idea is to develop a CTF environment where students and government students can gain knowledge on how to use OSINT and what the possibilities and dangers are. At Fontys, government trainees and students come to learn what OSINT is all about. To keep this topic interesting, a fun and interactive way to demonstrate OSINT must be found. One way to accomplish this is a CTF related to OSINT. Capture the flags are a fun and interactive way to accomplish this.
The goal is to develop a running, stable and reachable CTF system. Users should be able to play challenges independently and these challenges should have a storyline/goal. Challenges are exercises that a user will have to perform in order to learn more about OSINT. Challenges should be fun and encouraging in order to motivate users to learn more. We also need to describe ethics and scenarios. With scenarios you can think of the Bellingcat and MH17 example. In challenges, users learn what tooling is applied, when it is applied and what tooling is available.
Contribution
I was the scrum leader during the definition phase of the project. This meant that I was the first to define the tasks within the group and then assign them. I also have a big role within the creation of challenges within our platform. In doing so, I made sure that there was a set format and a set theme. The theme has to do with aliens who try to infiltrate our society. It is up to the trainee to track down these aliens. I have also contributed to the research within our group by helping to formulate the research questions and applying the .dot framework. I also made sure there was good communication within the group so that everyone knows what they are doing and the other way around. During the final sprint we showed all our challenges within our platform. We did this as a group in the form of a workshop with other students. These students gave feedback about our final challenges. After that we transformed the two group project is to one whole platform with combined challenges from both groups.
Conclusion
Finally, in terms of my growth as an innovator, I have had experience expressing my ideas in the early stages of project development and sharing them with my colleagues. In addition, I have interacted with clients through interviews, meetings, a presentation, and reports.
LO3
This chapter will focus on a peer review of my project skills and feedback from my coach, stakeholders, and other external sources. It will also review and analyze things as well as my contributions to professional writing and communication tasks which include presenting, interviewing, relationship management and advising. It will also cover the ethical aspects of my professional development as a security professional.
Peerassement (1)
Below are the points that can be seen as given by my teammates within my project group. Score evaluation 1 t/m 5
| *Description* | Marks | -- | -- | -- | -- |
|---|---|---|---|---|---|
| Comes up with new, original, or usable ideas for the project | 3 | 3 | 3 | 4 | 4 |
| Meets deadlines | 5 | 5 | 4 | 5 | 5 |
| Delivers quality work | 4 | 5 | 4 | 5 | 4 |
| Helps others | 4 | 4 | 5 | 4 | 4 |
| Brings up problems, challenges, areas of concern for discussion | 4 | 4 | 4 | 4 | 4 |
| Has a positive effect on the group's work atmosphere | 5 | 5 | 5 | 5 | 5 |
Strengths
- Wanneer je bezig bent met iets, bijt je je er in vast. Altijd goede kwaliteit oplevering.
- Works hard on creating new challenges and makes really creative and difficult ones.
- Goede focus op je werkzaamheden
- Works hard and shows others what you did. The work you do is always very good.
Improvements
- Communiceer gedurende de dag wat meer met het team
- Mag gedurende de dag wat meer laten weten waar hij mee bezig is als hij niet aanwezig is.
- Communiceer wat meer op een werkdag
- Working very hard, maybe sometimes a bit too hard.
As you can see, the overall assessment is very positive. It is nice to hear that my groupmates think positively of me. This is very motivating to continue developing the project. Nevertheless, there are also some things in which I can still improve myself. The most important point is communication. The first few weeks, this went very well but due to matters outside of school I was unable to come to school on location for the last two weeks.
Peerassement (2)
Below are the points that can be seen as given by my teammates within my project group. Score evaluation 1 t/m 4
| *Description* | Marks | -- v | -- r | -- j | -- jo |
|---|---|---|---|---|---|
| Helps others | 4 | 3 | 3 | 4 | 4 |
| Takes responsibility within the project for the work to be done | 4 | 3 | 3 | 4 | 4 |
| Open to receive feedback from others | 4 | 3 | 4 | 4 | 4 |
| Capable of giving feedback to others | 4 | 3 | 4 | 4 | 4 |
| Delivers results as agreed on (meets deadlines) | 4 | 3 | 4 | 4 | 4 |
| Particpates actively in group process | 4 | 3 | 3 | 4 | 4 |
| Cooperative attitude (team player) | 4 | 3 | 4 | 4 | 4 |
| Contributes to group ambience | 4 | 3 | 4 | 4 | 4 |
| Signals problems and contributes to solving them | 4 | 3 | 4 | 4 | 4 |
| Quality of work | 4 | 3 | 4 | 4 | 4 |
Strengths
- Great focus on your tasks
- Works very hard on assignments
- works hard when at home
- Betrokken en sociaal
Improvements
- Let others know what you're doing and maybe show them, this way they know what you're doing.
As you can see, the overall assessment is very positive. It is nice to hear that my groupmates think positively of me. I also see a improvement in my communication skills on a professional level.
Conclusion
Overall, I have developed myself well this semester the feedback I received was generally very positive. there was a point of development for communication I worked on this and it is reflected in the reviews of my team members. Because of the alternating corona measures and consequences of working from home, it was sometimes difficult to switch. I did have trouble with that, but generally speaking the whole group did. Despite all this, it went well and we were able to deliver a nice product.
Professional writing
For the professional writing I chose to write my portfolio in English. Currently I am taking an English course to bring my English to a professional level so writing my portfolio in English is a very good exercise. I have also done different researches like the static research. This has also contributed to my professionalism so I have learned how to set up a hypothesis, do research and analyze the data. In the process I also learned how to draw a conclusion from the results as found in the research.
Ethical aspect.
I have delved quite deeply into the ethical processes within the topics I cover. I have also done this for the group project. This has taught me how to approach certain things and what things cannot be done within the field and specialization.
Network
During this minor I was actively searching graduating position in Software Engineering. For this I look some time to setup my LinkedIn profile. I have been in contact with multiple companies and chose one that took my interest. In doing so i expanded my social network on LinkedIn. I also developed the site you're looking at this during this minor. Within this site you can read about all the topic I covered.
Intercultural competence
During this semester I followed an English C1 Cambridge course in the evening hours. The focus is mainly on cultural aspects and which words fit best in a situation to speak fluently and native. I also chose to write documentation in English this entire semester, and the workshops that were in English also contributed to this.
General Conslusion
As I define my own learning path, I sometimes found it difficult to determine when something is worked out enough to tick off a learning objective. Because I thought it would be super cool to immerse myself in data science without any prior knowledge of the subject, I think I'm on the right track with all the assignments I have done and has given me a good foundation for an eventual master's. I found it difficult at first to determine how I could make the connection between data science and cyber, based on the assignment that I made I think I have succeeded well in that. Since it took an immense amount of research to get started at all with no prior knowledge of statistics, machine learning, data science and maths, I personally think I have done enough to prove that I developed myself. These studies are also documented and can be read on this site.
Overall, I think I learned a lot in this minor. In doing so, I placed my focus mainly on performing machine learning in the area of cyber. I had no prior knowledge of this topic. Now I have a broad scale of knowledge both technical and non technical aspects working on the group project and on the portfolio helped to improve my technical and non-technical and professional and innovations skills. I was happy in the way this minor was structured. It was very open minded I was free in learning about things of interest what I personally find very motivating. It was also allowed to combined different aspects within the cyber atmosphere. I did a lot of side projects that interested me I learned a lot about all of them and besides you really benefit if you are free in what you want to learn because you only learn what you are interested in. Finally, I would like to conclude this minor by thanking all the teachers, especially Stefan and Peter, for their great guidance.
I will evetually graduate in the field of software-engineering, but all the knowledge I have gained during this minor is very valuable.
TL;DR Learning Objectives for minor Cyber summarized & PDR with evaluation