2022-01-07: @WebSciDL, with "Web Science and Web Security," Wins COVA CCI Academic Curriculum Development Grant


Profs. Michael L. Nelson, Michele C. Weigle, and Jian Wu have been awarded a $10,000 COVA CCI Academic Curriculum Development Grant (RFP COVACCI-21-05) with their proposal "Web Science and Web Security".  The deliverables of this project will include preparing and packaging for use outside of ODU four existing Web Science and Digital Libraries (WS-DL) Research Group courses that involve Web Security.

Recently, WS-DL’s research and course offerings have moved toward the intersection of the web and security. In the process of developing and delivering our courses, it has become clear that we needed to offer a 400/500 level course focused on web client security.  Given the central role that the web plays in our daily commerce, education, and entertainment, we should be doing a better job producing BS and MS students with expertise in securing web applications. While web security is a significant portion of cybersecurity, it is often overlooked or taken for granted. And web security requires thorough knowledge of the web itself

In the context of this proposal, we will develop, enhance, and share a four course sequence that focuses on web programming, web server development, web science, and most importantly, web security. These courses are currently in various stages of readiness for sharing, but have all been taught successfully in the CS department of ODU in the recent past. This will be a preeminent four course advanced undergraduate/beginning graduate sequence in all matters of the web.  The four courses are:

  • CS 418/518 Web Programming; which teaches: LAMP (Linux, Apache, MySQL, PHP/Python) & MEAN (MongoDB, Express.js, AngularJS, Node.js) stacks, MVC (Model- View-Control), Search Engines, GitHub. This is the frontend for the Web.
  • CS 431/531 Web Server Design; which teaches HTTP methods & headers, Representational State Transfer (REST) / Hypermedia as the Engine of Application State (HATEOAS). This is the backend for the Web.
  • CS 432/532 Web Science; which teaches Python, D3, R, ML, APIs, data vis, social networks, collective intelligence. This is the web ecosystem.
  • CS 495/595 Web Security; which teaches HTTP, Cross-Site Request Forgery, Same Origin Policy, Cross-Site Scripting (XSS), Fingerprinting, Denial-of-service, Phishing. This is how you attack and defend all of the above.

In CY 2022, we will revise and offer all four courses, with the goal for creating sharable content. All course materials will be available in standard web formats (pdf, ppt, html, md, Youtube videos, etc.) and will be made available as a GitHub repository, so other instructors can fork, clone, and issue pull request against the repository as they desire. These are primarily programming courses, so assignment submissions will be via GitHub, Docker, VMs, and other technologies as appropriate.