Using data clustering to reveal trainees’ behavior in cybersecurity education
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F24%3A00135510" target="_blank" >RIV/00216224:14330/24:00135510 - isvavai.cz</a>
Result on the web
<a href="https://doi.org/10.1007/s10639-024-12480-x" target="_blank" >https://doi.org/10.1007/s10639-024-12480-x</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/s10639-024-12480-x" target="_blank" >10.1007/s10639-024-12480-x</a>
Alternative languages
Result language
angličtina
Original language name
Using data clustering to reveal trainees’ behavior in cybersecurity education
Original language description
In cyber security education, hands-on training is a common type of exercise to help raise awareness and competence, and improve students' cybersecurity skills. To be able to measure the impact of the design of the particular courses, the designers need methods that can reveal hidden patterns in trainee behavior. However, the support of the designers in performing such analytic and evaluation tasks is ad-hoc and insufficient. With unsupervised machine learning methods, we designed a tool for clustering the trainee actions that can exhibit their strategies or help pinpoint flaws in the training design. By using a emph{k-means++} algorithm, we explore clusters of trainees that unveil their specific behavior within the training sessions. The final visualization tool consists of views with scatter plots and radar charts. The former provides a two-dimensional correlation of selected trainee actions and displays their clusters. In contrast, the radar chart displays distinct clusters of trainees based on their more specific strategies or approaches when solving tasks. Through iterative training redesign, the tool can help designers identify improper training parameters and improve the quality of the courses accordingly. To evaluate the tool, we performed a qualitative evaluation of its outcomes with cybersecurity experts. The results confirm the usability of the selected methods in discovering significant trainee behavior. Our insights and recommendations can be beneficial for the design of tools for educators, even beyond cyber security.
Czech name
—
Czech description
—
Classification
Type
J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
<a href="/en/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach<br>I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace
Others
Publication year
2024
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Education and Information Technologies
ISSN
1360-2357
e-ISSN
1573-7608
Volume of the periodical
29
Issue of the periodical within the volume
13
Country of publishing house
US - UNITED STATES
Number of pages
27
Pages from-to
16613-16639
UT code for WoS article
001160428500002
EID of the result in the Scopus database
2-s2.0-85185125911