Gamifying cybersecurity: A narrative-driven approach to teaching steganography

Abstract

Serious games are increasingly used in educational settings to enhance student engagement and support deeper learning. While research shows that such games can improve holistic understanding and knowledge retention, their application in specialised cybersecurity topics such as steganography, the art of concealing information to avoid detection, remains limited. Current teaching approaches for steganography often rely on traditional methods, such as lectures and textbooks, offering little interactivity or immersion. This study addresses this gap by designing and evaluating StegAdventure, a narrative-based serious game designed to improve student engagement with steganography concepts. To assess the game’s effectiveness, we conducted a controlled study with 54 higher education students in The Netherlands, randomly divided into an experimental group (n = 27) who played the game and a control group (n = 27) who studied the same content through a traditional text-based resource. Participants in both groups completed the User Engagement Scale - Short Form (UES-SF) to assess perceived engagement, and a knowledge test to measure learning outcomes. Our analysis revealed a significant difference in engagement levels, favouring the game-based approach, while no significant difference was observed in knowledge test scores. These findings suggest that StegAdventure can serve as a valuable teaching tool, particularly for increasing student engagement in complex cybersecurity topics, with the potential to support long-term knowledge retention.