IT/CYSE 200T

Cybersecurity, Technology, and Society

Students in IT/CYSE 200T will explore how technology is related to cybersecurity from an interdisciplinary orientation.  Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains. The learning outcomes for this course are as follows:

  1. Describe how cyber technology creates opportunities for criminal behavior,
  2. Identify how cultural beliefs interact with technology to impact cybersecurity strategies,
  3. Understand and describe how the components, mechanisms, and functions of cyber systems produce security concerns,
  4. Discuss the impact that cyber technology has on individuals’ experiences with crime and victimization,
  5. Understand and describe ethical dilemmas, both intended and unintended, that cybersecurity efforts, produce for individuals, nations, societies, and the environment,
  6. Describe the costs and benefits of producing secure cyber technologies,
  7. Understand and describe the global nature of cybersecurity and the way that cybersecurity efforts have produced and inhibited global changes,
  8. Describe the role of cybersecurity in defining definitions of appropriate and inappropriate behavior,
  9. Describe how cybersecurity produces ideas of progress and modernism.

Course Material

Students in this course have completed a number of activities including a reflection essay, weekly technology, and cybersecurity journal,  and several quizzes and exams. Please include some of these artifacts on this page, particularly the reflection essay, explaining what you did and how these projects helped you engage with the outcomes listed above.

Be sure to remove this instructional language when you have completed updating content on this page.

Personal Write-Ups

Throughout my time in CYSE 200-T, Professor Kirkland assigned a plethora of different topics for us to read into and become more knowledgeable on. Here are my top 3 that write-ups that I enjoyed the most.

SCADA Systems:

SCADA Systems play an important role in a plethora of critical infrastructure. Failure of critical infrastructure can tend to come with a large cost, whether that be a large sum of money or death of a fellow human being. Difficulty with operations of the critical infrastructure as well as identification of faulty parts can make the handling of these systems a grueling process. The introduction of SCADA systems does multiple things which include the introduction of developed hardware that can withstand high temperatures, voltage, and vibration. These SCADA systems allow the identification of specific parts of systems that may go down with less risk.

Specialized systems make documentation easier as well. A specific SCADA system is the Remote Terminal Unit or otherwise known as RTU. The RTU is put on physical equipment and monitors operations such as flow, pressure, current, and voltage. The RTU may also control speed settings or valve operations. Another specific piece to SCADA systems that is commonly used on critical infrastructure is the Human Machine Interface or the HMI. The HMI pairs up to these systems to provide diagnostic data and logistic information. One more piece to the SCADA system branch is a supervisory station. This refers to software and servers responsible for the communication between any field equipment. The supervisory station and the HMI work together to relay information.


The development of the SCADA system operations has changed vastly over a short period of time. SCADA protocol is very defined but has been specially made to be extremely compact and is updated often by big SCADA system vendors. These protocols consist of Conitel, Profibus, Modbus RTU, and RP-570 Overall SCADA systems provide a better understanding and work environment for people who handle any of these critical infrastructure systems around the world. Business owners who operate any of these systems can account for less stress and ease of the working dynamic between the critical infrastructure and SCADA systems.

CIA Triad:

The CIA triad can be viewed as a three-legged stool that is the foundation of cybersecurity, the CIA triad represents confidentiality, integrity, and accessibility. Each step relies on the other and helps build a stronger form of cybersecurity for anyone going into the field. The concept wasn’t viewed as a triad until a book by Donn Parker was released in 1998 that explained how they can be viewed as this interlinking concept. Over time the concept of the CIA triad has been developed but it is not attributed to a single creator. 

Confidentiality refers to the companies or businesses efforts in keeping their data or information private and protected. Early mentions of each part of the trifecta date back as far as 1976, where an Air Force study laid out the ideas behind confidentiality. This typically involves making sure that only authorized users can access the specific information that they are authorized to access. Often, authorization and authentication may get confused to those who are new in the field of cybersecurity. Authorization determines who can use what data, where authentication makes the user attempting to access the data prove who they are through passwords or biometrics.

Integrity refers to the validity of data and information.  In 1987 a paper was created about the importance of data correctness which laid down a foundation for integrity. Data integrity can be tampered with relatively easily through modifying configuration files or changing system logs, or even through unintentional human error. Ways to protect data integrity involve hashing, encryption, digital certificates, auditing, and intrusion detection. Lack of integrity can lead to mishaps for big companies including banking information, this helps customers trust that the information in their bank accounts is the correct information..

Availability refers to reliable access to information and resources on the internet.  Discussion about availability started to make an appearance after the Morris Worm in 1988 knocked out a significant portion of the internet. Availability can be affected by hardware and software failure, power failure, natural disasters, human error, as well as DDoS attacks. There are multiple ways in ensuring availability to information such as backups, redundancy, and hardware fault tolerance (RAID), 

Due to the fact that cybersecurity and the computer industry are relatively new, there have been great leaps and bounds in the research and concept of the CIA triad. New methods and advancements in technology have changed the face of computer science and security and will be due to change every day. Future cybersecurity technicians will have to learn to adapt to ever-changing environment of cybersecurity but will consistently use the foundation of the CIA triad to guide them

Buffer Overflow:

Attack Vector: Buffer Overflow

1: Attackers exploit buffer overflow issues by overwriting the memory of an application.

  – Stack-based buffer overflows are more common, and leverage stack memory that only exists during the execution time of a function.

   – Heap-based attacks are harder to carry out and involve flooding the memory space allocated for a program beyond memory used for current runtime operations.

3: By changing the execution path of the program, triggering a response that damages files or exposes private information. For example, an attacker may introduce extra code, sending new instructions to the application to gain access to IT systems.

4:  Notable events were The Morris Worm (1988)–  It exploited a buffer overflow vulnerability in the Unix sendmail, finger, and rsh/rexec, infecting 10% of the internet within two days. The Morris worm exploitation infected over 60,000 machines between 1988 and 1990. It has sometimes been referred to as the “Great Worm”, or the “Grand Daddy” when it comes to buffer overflows, because of the devastating impact it had on the internet at that time, both in overall system downtime and in psychological impact on the perception of security and reliability of the internet. , SQL Slammer (2003) – 2003 computer worm that exploited a buffer overflow bug in Microsoft’s SQL Server and Desktop Engine database products. It is a small piece of code that does little other than generate random IP addresses and send itself out to those addresses., and Adobe Flash Player (2016) – buffer overflow vulnerability was found in Adobe Flash Player for Windows, macOS, Linux and Chrome OS. The vulnerability was due to an error in Adobe Flash Player while parsing a specially crafted SWF (Shockwave Flash) file. Malicious entities could exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, and obtain sensitive information by enticing users to open the SWF files or Office documents with embedded malicious Flash Player content distributed via email. Adobe responded by releasing security updates that addressed and resolved the issues. 

5: – Address space randomization (ASLR)—randomly moves around the address space locations of data regions. Typically, buffer overflow attacks need to know the locality of executable code, and randomizing address spaces makes this virtually impossible.

Data execution prevention—flags certain areas of memory as non-executable or executable, which stops an attack from running code in a non-executable region.

Structured exception handler overwrite protection (SEHOP)—helps stop malicious code from attacking Structured Exception Handling (SEH), a built-in system for managing hardware and software exceptions. It thus prevents an attacker from being able to make use of the SEH overwrite exploitation technique. At a functional level, an SEH overwrite is achieved using a stack-based buffer overflow to overwrite an exception registration record, stored on a thread’s stack.