Process-driven visual analysis of cybersecurity capture the flag exercises

IF 3.4 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Information Systems Pub Date : 2025-09-18 DOI:10.1016/j.is.2025.102627

Radek Ošlejšek, Radoslav Chudovský, Martin Macak

引用次数: 0

Abstract

Hands-on training sessions become a standard way to develop and increase knowledge in cybersecurity. As practical cybersecurity exercises are strongly process-oriented with knowledge-intensive processes, process mining techniques and models can help enhance learning analytics tools. The design of our open-source analytical dashboard is backed by guidelines for visualizing multivariate networks complemented with temporal views and clustering. The design aligns with the requirements for post-training analysis of a special subset of cybersecurity exercises — supervised Capture the Flag games. Usability is demonstrated in a case study using trainees’ engagement measurement to reveal potential flaws in training design or organization.

查看原文本刊更多论文

流程驱动的网络安全可视化分析夺旗演习

实践培训课程成为开发和增加网络安全知识的标准方式。由于实际的网络安全演习是具有知识密集型过程的强烈过程导向的，过程挖掘技术和模型可以帮助增强学习分析工具。我们的开源分析仪表板的设计是由多变量网络可视化的指导方针支持的，并辅以时间视图和聚类。该设计符合网络安全演习的一个特殊子集的训练后分析要求-监督夺旗游戏。可用性在一个案例研究中得到证明，该案例研究使用受训人员的参与测量来揭示培训设计或组织中的潜在缺陷。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Information Systems 工程技术-计算机：信息系统

CiteScore

9.40

自引率

2.70%

发文量

112

审稿时长

53 days

期刊介绍： Information systems are the software and hardware systems that support data-intensive applications. The journal Information Systems publishes articles concerning the design and implementation of languages, data models, process models, algorithms, software and hardware for information systems. Subject areas include data management issues as presented in the principal international database conferences (e.g., ACM SIGMOD/PODS, VLDB, ICDE and ICDT/EDBT) as well as data-related issues from the fields of data mining/machine learning, information retrieval coordinated with structured data, internet and cloud data management, business process management, web semantics, visual and audio information systems, scientific computing, and data science. Implementation papers having to do with massively parallel data management, fault tolerance in practice, and special purpose hardware for data-intensive systems are also welcome. Manuscripts from application domains, such as urban informatics, social and natural science, and Internet of Things, are also welcome. All papers should highlight innovative solutions to data management problems such as new data models, performance enhancements, and show how those innovations contribute to the goals of the application.