Generative AI Misuse Potential in Cyber Security Education: A Case Study of a UK Degree Program
Carlton Shepherd
TL;DR
This study tackles the problem of generative AI misuse in higher education by quantifying how exposed a UK-certified MSc Cyber Security program is to LLM-based cheating. It extends the Hickey et al. framework to compute both module-level and program-level exposure, revealing predominantly high exposure driven by take-home and project-based assessments, with the 60-credit Dissertation Project as a major contributor. The findings indicate a program-wide exposure range of $3.10$ to $3.34$, signaling high to very high risk, and underscore the role of contextual factors such as block teaching and international cohorts in amplifying incentives to misuse LLMs. The authors advocate a pedagogy-first approach, favoring authentic, performance-based assessments and transparent LLM integration over sole reliance on detection tools, to preserve integrity while preparing graduates for professional cyber security practice.
Abstract
Recent advances in generative artificial intelligence (AI), such as ChatGPT, Google Gemini, and other large language models (LLMs), pose significant challenges for maintaining academic integrity within higher education. This paper examines the structural susceptibility of a certified M.Sc. Cyber Security program at a UK Russell Group university to the misuse of LLMs. Building on and extending a recently proposed quantitative framework for estimating assessment-level exposure, we analyse all summative assessments on the program and derive both module-level and program-level exposure metrics. Our results show that the majority of modules exhibit high exposure to LLM misuse, driven largely by independent project- and report-based assessments, with the capstone dissertation module particularly vulnerable. We introduce a credit-weighted program exposure score and find that the program as a whole falls within a high to very high risk band. We also discuss contextual factors -- such as block teaching and a predominantly international cohort -- that may amplify incentives to misuse LLMs. In response, we outline a set of LLM-resistant assessment strategies, critically assess the limitations of detection-based approaches, and argue for a pedagogy-first approach that preserves academic standards while preparing students for the realities of professional cyber security practice.
