Multimedia, Security & Networking Lab Tagline space
For the purpose of our study, we reviewed the frameworks proposed for the design of educational games (such as the Activity Theory Model for Serious Games – ATMSG model). Subsequently, we performed a survey on studies and frameworks proposed for designing cyber security serious games and gamified cyber security learning and training approaches. We analyzed the structure of cyber security game-based approaches and the structure of cyber security live competitions, such as Capture the Flag (CtF). We proposed a concept map of key elements of cyber security game-based approaches (presented in the “Conceptualization of Game Based Approaches for Learning and Training on Cyber Security” in ACM’s 21st Pan-Hellenic Conference on Informatics 2017) and a concept map of pedagogical and technological characteristics of live competitions (presented in “Conceptual analysis of cyber security education based on live competitions” paper in EDUCON2017 conference). Subsequently, we contrasted the proposed concept maps with the problems and challenges of cyber security education. The comparison revealed the pitfalls and the unaddressed gaps of current cyber security game-based approaches and the approaches that adopt gamification techniques.
In the next step, we performed a new literature search oriented towards the realization of cyber security standards that support the development of highly organized learning and training environments. To this end, we adopted modeling techniques and methodologies that can be seamlessly integrated in game settings and capture the malicious goals and actions of cyber criminals that design and unleash cyberattacks. In the final step, we elaborated a cyber security serious games development framework by fusing the ATMSG model with the concept map of key elements of cyber security game-based approaches, the concept map of pedagogical and technological characteristics of live competitions, the cyber security modeling techniques and methodologies (i.e., CAPEC APs and cyber kill chain), and the cognitive learning theories and innovative teaching methods.
