Timely Feedback in Unstructured Cybersecurity Exercises

Result code in IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F18%3A00102073" target="_blank" >RIV/00216224:14610/18:00102073 - isvavai.cz</a>

Result on the web

<a href="https://dl.acm.org/citation.cfm?doid=3159450.3159561" target="_blank" >https://dl.acm.org/citation.cfm?doid=3159450.3159561</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3159450.3159561" target="_blank" >10.1145/3159450.3159561</a>

Result language

angličtina

Original language name

Timely Feedback in Unstructured Cybersecurity Exercises

Original language description

Cyber defence exercises are intensive, hands-on learning events for teams of professionals who gain or develop their skills to successfully prevent and respond to cyber attacks. The exercises mimic the real-life, routine operation of an organization which is being attacked by an unknown offender. Teams of learners receive very limited immediate feedback from the instructors during the exercise; they can usually see only a scoreboard showing the aggregated gain or loss of points for particular tasks. An in-depth analysis of learners' actions requires considerable human effort, which results in days or weeks of delay. The intensive experience is thus not followed by proper feedback facilitating actual learning, and this diminishes the effect of the exercise. In this initial work, we investigate how to provide valuable feedback to learners right after the exercise without any unnecessary delay. Based on the scoring system of a cyber defence exercise, we have developed a new feedback tool that presents an interactive, personalized timeline of exercise events. We deployed this tool during an international exercise, where we monitored participants' interactions and gathered their reflections. The results show that learners did use the new tool and rated it positively. Since this new feature is not bound to a particular defence exercise, it can be applied to all exercises that employ scoring based on the evaluation of individual exercise objectives. As a result, it enables the learner to immediately reflect on the experience gained.

Czech name

—

Czech description

—

Type

D - Article in proceedings

CEP classification

—

OECD FORD branch

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Project

<a href="/en/project/VI20162019014" target="_blank" >VI20162019014: Simulation, detection, and mitigation of cyber threats endangering critical infrastructure</a><br>

Continuities

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Publication year

2018

Confidentiality

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Article name in the collection

Proceedings of Special Interest Group on Computer Science Education, Baltimore, Maryland, USA, February 21–24, 2018(SIGCSE’18)

ISBN

9781450351034

ISSN

—

e-ISSN

—

Number of pages

6

Pages from-to

173-178

Publisher name

ACM

Place of publication

New York, NY, USA

Event location

Baltimore, Maryland, USA

Event date

Jan 1, 2018

Type of event by nationality

WRD - Celosvětová akce

UT code for WoS article

—