Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Towards Designing Conceptual Data Models for Big Data Warehouses: The Genomics Case Read chapter Read first chapter

2020 | OriginalPaper | Chapter

Game-Based Information Security/Privacy Education and Awareness: Theory and Practice

Authors : Stylianos Karagiannis, Thanos Papaioannou, Emmanouil Magkos, Aggeliki Tsohou

Published in: Information Systems

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

This paper reviews and assesses classical and novel methods and tools towards engaging students and workforce in the concepts of information security and privacy. We investigate the theoretical basis for deploying a game-based approach for security/privacy learning and awareness, and assess state-of-the-art tools and methods that could be used as part of a challenge-based or game-based framework for learning, including serious games, CTF platforms, escape rooms, puzzle/interactive books and Alternate Reality Games (ARGs), while also identifying key-elements and important aspects that should be taken into consideration when designing a security and privacy learning/awareness program. For each of the above approaches and tools’ categories, we highlight their potential for using them for education and awareness of information security and privacy.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Telemedicine in Shipping Made Easy - Shipping eHealth Solutions
next chapter Big Data Analytics in Healthcare Applications: Privacy Implications for Individuals and Groups and Mitigation Strategies
Footnotes
Literature
1.
Beuran, R., Chinen, K., Tan, Y., Shinoda, Y.: Towards effective cybersecurity education and training. Research report (School of Information Science, Graduate School of Advanced Science and Technology, Japan Advanced Institute of Science and Technology). IS-RR-2016, pp. 1–16 (2016)
2.
Caballero, A.: Security Education, Training, and Awareness. Elsevier, Amsterdam (2017)CrossRef
3.
4.
Berger, H., Jones, A.: Cyber security & ethical hacking for SMEs. In: ACM International Conference Proceeding Series. Part F1305 (2016)
5.
6.
Liegle, J.O., Woo, H.-G.: Developing adaptive intelligent tutoring systems: a general framework and its implementations. In: Proceedings of 2001 Informing Science Conference, pp. 392–397 (2001)
7.
Sottilare, R.A., Brawner, K.W., Sinatra, A.M., Johnston, J.H.: An updated concept for a generalized intelligent framework for tutoring (GIFT). GIFTtutoring.org. pp. 1–19 (2017)
8.
Hendrix, M., Al-Sherbaz, A., Bloom, V.: Game based cyber security training: are serious games suitable for cyber security training? Int. J. Serious Games. 3, 53–61 (2016)CrossRef
9.
Mora, A., Riera, D., Gonzalez, C., Arnedo-Moreno, J.: A literature review of gamification design frameworks. In: VS-Games 2015 - 7th International Conference on Games and Virtual Worlds for Serious Applications (2015)
10.
Gonzalez, H., Llamas, R., Ordaz, F.: Cybersecurity teaching through gamification: aligning training resources to our syllabus. Res. Comput. Sci. 146, 35–43 (2017)CrossRef
11.
Beltran, M., Calvo, M., Gonzalez, S.: Experiences using capture the flag competitions to introduce gamification in undergraduate computer security labs. In: Proceedings - 2018 International Conference on Computational Science and Computational Intelligence, CSCI 2018, pp. 574–579 (2018)
12.
Bada, M., Creese, S., Goldsmith, M., Mitchell, C., Phillips, E.: Improving the effectiveness of CSIRTs, vol. 42 (2014)
13.
Olusegun, S.: Constructivism learning theory: a paradigm for teaching and learning. IOSR J. Res. Method Educ. 5, 2320–7388 (2015). Ver. I
14.
Bereiter, C.: Constructivism, socioculturalism, and Popper’s world 3. Educ. Res. 23, 21–23 (2015)CrossRef
15.
von Glasersfeld, E.: Cognition, construction of knowledge, and teaching. Synthese 80, 121–140 (1989)CrossRef
16.
von Glasersfeld, E.: A Constructivist Approach to Teaching. In: Steffe, L.P., Gale, J. (eds.) Constructivism in Education, pp. 3–15. Lawrence Erlbaum Associates Publishers, NJ (1995). ISBN-13 978-0805810950
17.
Chen, C.: A constructivist approach to teaching: implications in teaching computer networking. Inf. Technol. Learn. Perform. J. 21, 17–27 (2003)
18.
Steffe, L.P., Thompson, P.W.: Steffe, L.P., Thompson, P.W.: Teaching experiment methodology: underlying principles and essential elements. In: Lesh, R., Kelly, A.E. (eds.) Research Design in Mathematics and Science Education, pp. 267–307. Erlbaum, Hillsdale (2000)
19.
Tam, M.: Constructivism, instructional design, and technology: implications for transforming distance learning. J. Educ. Technol. Soc. 3(2), 50–60 (2000)
20.
Vygotsky, L.S.: Interaction between learning and development. Read. Dev. Child. 23, 34–41 (1978)
21.
Crawford, K.: Vygotskian approaches to human development in the information era. Educ. Stud. Math. 31, 43–62 (1978)CrossRef
22.
Leaning, M.: A study of the use of games and gamification to enhance student engagement, experience and achievement on a theory-based course of an undergraduate media degree. J. Media Pract. 16, 155–170 (2015)CrossRef
23.
Zichermann, G., Cunningham, C.: Gamification by Design: Implementing Game Mechanics in Web and Mobile Apps. O’Reilly Media Inc., Newton (2011)
24.
Deterding, S., O’Hara, K., Sicart, M., Dixon, D., Nacke, L.: Gamification: using game design elements in non-gaming contexts. In: Conference on Human Factors in Computing Systems – Proceedings, pp. 2425–2428 (2011)
25.
Yang, Y.: Three questions to ask before you embark on gamification. eLearn 2014, 4 (2014)CrossRef
26.
27.
Chou, Y.: Actionable Gamification: Beyond Points, Badges, and Leaderboards. Packt Publishing Ltd., Birmingham (2015)
28.
de Freitas, S., Oliver, M.: How can exploratory learning with games and simulations within the curriculum be most effectively evaluated? Comput. Educ. 46, 249–264 (2006)CrossRef
29.
Dondi, C., Moretti, M.: Quality in eLearning and quality of learning games. In: Digital Game Based Learning: Proceedings of the 4th International Symposium for Information Design, June 2 2005. Stuttgart Media University (2006)
30.
Kim, B., By, V., Jackson, R., Karp, J., Patrick, E., Thrower, A.: Social constructivism social constructivism emphasizes the importance of culture and context in understanding what occurs in. Emerging Perspectives on Learning, Teaching and Technology (2006)
31.
Kalina, C., Powell, K.C.: Cognitive and social constructivism: developing tools for an effective classroom. Education 130(2), 241–250 (2009)
32.
Chaiklin, S.: The zone of proximal development in Vygotsky’s analysis of learning and instruction. Vygotsky’s Educ. Theory Cult. Context 1(2), 39–64 (2003)CrossRef
33.
Chan, S.C.H., Wan, J.C.L., Ko, S.: Interactivity, active collaborative learning, and learning performance: the moderating role of perceived fun by using personal response systems. Int. J. Manag. Educ. 17, 94–102 (2019)CrossRef
34.
de Freitas, S., Rebolledo-Mendez, G., Liarokapis, F., Magoulas, G., Poulovassilis, A.: Learning as immersive experiences: using the four-dimensional framework for designing and evaluating immersive learning experiences in a virtual world. Br. J. Educ. Technol. 41, 69–85 (2010)CrossRef
35.
Facer, K., Joiner, R., Stanton, D., Reid, J., Hull, R., Kirk, D.: Savannah: mobile gaming and learning? J. Comput. Assist. Learn. 20, 399–409 (2004)CrossRef
36.
Cone, B.D., Irvine, C.E., Thompson, M.F., Nguyen, T.D.: A video game for cyber security training and awareness. Comput. Secur. 26, 63–72 (2007)CrossRef
37.
Zeissig, E.M., Lidynia, C., Vervier, L., Gadeib, A., Ziefle, M.: Online privacy perceptions of older adults. In: International Conference on Human Aspects of IT for the Aged Population (2017)
38.
Trepte, S., et al.: Reforming european data protection law (2015)
39.
Correia, J., Compeau, D.: Information privacy awareness (IPA): a review of the use, definition and measurement of IPA. In: Proceedings of the 50th Hawaii International Conference on System Sciences, pp. 4021–4030 (2017)
40.
Schreuders, Z.C., Shaw, T., Shan-A-Khuda, M., Ravichandran, G., Keigh-ley, J., Ordean, M.: Security scenario generator (SecGen): a framework for generating randomly vulnerable rich-scenario VMs for learning computer security and hosting CTF events. In: ASE 2017 (2017)
41.
Noor Azam, M.H., Beuran, R.B.: Usability evaluation of open source and online capture the flag platforms. Informe de investigación (Escuela de Ciencias de la Información, Escuela Superior de Ciencia y Tecnología, Instituto Avanzado de Ciencia y Tecnología de Japón). IS-RR-2018 (2018)
42.
Ford, V., Siraj, A., Haynes, A., Brown, E.: Capture the flag unplugged: an offline cyber competition. In: Proceedings of the Conference on Integrating Technology into Computer Science Education, ITiCSE, pp. 225–230 (2017)
43.
Pham, C., Tang, D., Chinen, K., Beuran, R.: CyRIS: a cyber range instantiation system for facilitating security training, pp. 251–258 (2016)
44.
Beuran, R., Pham, C., Tang, D., Chinen, K.I, Tan, Y., Shinoda, Y.: Cytrone: an integrated cybersecurity training framework. In: ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy, January 2017, pp. 157–166 (2017)
45.
Thomps, M., Irvine, C.: Active learning with the CyberCIEGE video game. In: 4th Workshop on Cyber Security Experimentation and Test, CSET 2011, pp. 1–8 (2011)
46.
Denning, T., Lerner, A., Shostack, A., Kohno, T.: Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 915–928 (2013)
47.
Denning, T., Shostack, A., Kohno, T.: Practical lessons from creating the Control-Alt-Hack Card game and research challenges for games in education and research. In: Usenix (2014)
48.
Mirkovic, J., Dark, M., Du, W., Vigna, G., Denning, T.: Evaluating cybersecurity education interventions: three case studies. IEEE Secur. Priv. 13, 63–69 (2015)CrossRef
49.
Gondree, M., Peterson, Z.N.J.: Valuing security by getting [d0x3d!] experiences with a network security board game. In: 6th Workshop on Cyber Security Experimentation and Test, CSET 2013 (2013)
50.
Flushman, T.R., Gondree, M., Peterson, Z.N.J.: This is not a game: early observations on using alternate reality games for teaching security concepts to first-year undergraduates. In: 8th Workshop on Cyber Security Experimentation and Test, CSET 2015 (2015)
51.
Gondree, M., Peterson, Z.N.J., Denning, T.: Security through play. IEEE Secur. Priv. 11, 64–67 (2013)CrossRef
52.
Shostack, A.: Elevation of privilege: drawing developers into threat modeling. In: USENIX Summit on Gaming, Games, and Gamification in Security Education, pp. 1–15 (2014)
53.
Thompson, M., Takabi, H.: Effectiveness of using card games to teach threat modeling for secure web application developments. Issues Inf. Syst. 17, 244–253 (2016)
54.
Hart, S., Margheri, A., Paci, F., Sassone, V.: Riskio: a serious game for cyber security awareness and education. Comput. Secur. 95, 101827 (2020)CrossRef
55.
Mcdonald, J., et al.: Designing authentic cybersecurity learning experiences: lessons from the cybermatics playable case study. In: Proceedings of the 52nd Hawaii International Conference on System Sciences, vol. 6, pp. 2507–2516 (2019)
56.
Wiemker, M., Elumir, E., Clare, A.: Escape room games: can you transform an unpleasant situation into a pleasant one? Game Learn. 55, 55–68 (2015)
57.
Clarke, S.J., Peel, D.J., Arnab, S., Morini, L., Keegan, H., Wood, O.: EscapED: a framework for creating educational escape rooms and interactive games to for higher/further education. Int. J. Serious Games 4, 73–86 (2017)CrossRef
58.
Nicholson, S.: Creating engaging escape rooms for the classroom. Child. Educ. 94, 44–49 (2018)CrossRef
59.
Mcgonigal, J.: Reality is broken: why games make us better and how they can change the world. Penguin 10, 51–73 (2011)
60.
Blohm, I., Leimeister, J.M.: Gamification: design of IT-based enhancing services for motivational support and behavioral change. Bus. Inf. Syst. Eng. 5, 275–278 (2013)CrossRef
61.
Borrego, C., Fernández, C., Blanes, I., Robles, S.: Room escape at class: escape games activities to facilitate the motivation and learning in computer science. J. Technol. Sci. Educ. 7, 162–171 (2017)CrossRef
62.
Kokolakis, S.: Privacy attitudes and privacy behaviour: a review of current research on the privacy paradox phenomenon. Comput. Secur. 64, 122–134 (2017)CrossRef
63.
Metadata
Title
Game-Based Information Security/Privacy Education and Awareness: Theory and Practice
Authors
Stylianos Karagiannis
Thanos Papaioannou
Emmanouil Magkos
Aggeliki Tsohou
Copyright Year
2020
Book
Information Systems

Print ISBN: 978-3-030-63395-0

Electronic ISBN: 978-3-030-63396-7

Copyright Year: 2020

DOI
https://doi.org/10.1007/978-3-030-63396-7_34

Premium Partner

    Image Credits