游戏化能帮助教授网络安全吗?

2022 20th International Conference on Information Technology Based Higher Education and Training (ITHET) Pub Date : 2022-11-07 DOI:10.1109/ITHET56107.2022.10031716

Christopher J Berisford, Leighton Blackburn, Jennifer M Ollett, Thomas B Tonner, Chun San Hugh Yuen, Ryan Walton, Olakunle Olayinka

{"title":"游戏化能帮助教授网络安全吗?","authors":"Christopher J Berisford, Leighton Blackburn, Jennifer M Ollett, Thomas B Tonner, Chun San Hugh Yuen, Ryan Walton, Olakunle Olayinka","doi":"10.1109/ITHET56107.2022.10031716","DOIUrl":null,"url":null,"abstract":"Over the last decade, there has been an increase in the number of attacks on web applications. The proliferation of these attacks is partially a result of increased adoption of IT systems in organisations and the increasing role digital technologies play in our lives. The success of an attack relies upon the existence of vulnerabilities in the code base and there is consensus within literature that many of these vulnerabilities can be avoided through developers adopting secure code practices and standards which are often not formally taught.Whilst gamification has been shown to be an effective educational tool in fields such as health, education and security awareness, there is a scarcity of research regarding the application of gamification in the context of secure code practices. This paper evaluates the efficacy of a bespoke gamified application in creating awareness and fostering an understanding of the threats and secure coding practices. The application presented in this work focuses on JavaScript with the aim of reducing the number of vulnerabilities in web applications. The analysis is conducted using first and second-year undergraduate participants, who are viewed as the primary target for this software.As part of a participant study involving the application, it was found that gamification elements were effective in increasing user engagement. Initial findings suggest potential for the integration of secure-code gamification in traditional pedagogical methods, but further investigation is required to strengthen this claim.","PeriodicalId":125795,"journal":{"name":"2022 20th International Conference on Information Technology Based Higher Education and Training (ITHET)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Can gamification help to teach Cybersecurity?\",\"authors\":\"Christopher J Berisford, Leighton Blackburn, Jennifer M Ollett, Thomas B Tonner, Chun San Hugh Yuen, Ryan Walton, Olakunle Olayinka\",\"doi\":\"10.1109/ITHET56107.2022.10031716\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Over the last decade, there has been an increase in the number of attacks on web applications. The proliferation of these attacks is partially a result of increased adoption of IT systems in organisations and the increasing role digital technologies play in our lives. The success of an attack relies upon the existence of vulnerabilities in the code base and there is consensus within literature that many of these vulnerabilities can be avoided through developers adopting secure code practices and standards which are often not formally taught.Whilst gamification has been shown to be an effective educational tool in fields such as health, education and security awareness, there is a scarcity of research regarding the application of gamification in the context of secure code practices. This paper evaluates the efficacy of a bespoke gamified application in creating awareness and fostering an understanding of the threats and secure coding practices. The application presented in this work focuses on JavaScript with the aim of reducing the number of vulnerabilities in web applications. The analysis is conducted using first and second-year undergraduate participants, who are viewed as the primary target for this software.As part of a participant study involving the application, it was found that gamification elements were effective in increasing user engagement. Initial findings suggest potential for the integration of secure-code gamification in traditional pedagogical methods, but further investigation is required to strengthen this claim.\",\"PeriodicalId\":125795,\"journal\":{\"name\":\"2022 20th International Conference on Information Technology Based Higher Education and Training (ITHET)\",\"volume\":\"53 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 20th International Conference on Information Technology Based Higher Education and Training (ITHET)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITHET56107.2022.10031716\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 20th International Conference on Information Technology Based Higher Education and Training (ITHET)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITHET56107.2022.10031716","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

在过去十年中，针对web应用程序的攻击数量有所增加。这些攻击的扩散部分是由于组织中越来越多地采用IT系统以及数字技术在我们生活中扮演越来越重要的角色。攻击的成功依赖于代码库中漏洞的存在，文献中有一个共识，即许多漏洞可以通过开发人员采用通常没有正式教授的安全代码实践和标准来避免。虽然游戏化已被证明在健康、教育和安全意识等领域是一种有效的教育工具，但关于游戏化在安全代码实践背景下的应用的研究却很少。本文评估了定制的游戏化应用程序在创建意识和培养对威胁和安全编码实践的理解方面的功效。本文介绍的应用程序主要关注JavaScript，目的是减少web应用程序中的漏洞数量。分析是使用一年级和二年级的本科生参与者进行的，他们被视为该软件的主要目标。在一项涉及该应用的参与者研究中，我们发现游戏化元素能够有效提高用户粘性。最初的研究结果表明，在传统的教学方法中整合安全代码游戏化的潜力，但需要进一步的调查来加强这一主张。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Can gamification help to teach Cybersecurity?

Over the last decade, there has been an increase in the number of attacks on web applications. The proliferation of these attacks is partially a result of increased adoption of IT systems in organisations and the increasing role digital technologies play in our lives. The success of an attack relies upon the existence of vulnerabilities in the code base and there is consensus within literature that many of these vulnerabilities can be avoided through developers adopting secure code practices and standards which are often not formally taught.Whilst gamification has been shown to be an effective educational tool in fields such as health, education and security awareness, there is a scarcity of research regarding the application of gamification in the context of secure code practices. This paper evaluates the efficacy of a bespoke gamified application in creating awareness and fostering an understanding of the threats and secure coding practices. The application presented in this work focuses on JavaScript with the aim of reducing the number of vulnerabilities in web applications. The analysis is conducted using first and second-year undergraduate participants, who are viewed as the primary target for this software.As part of a participant study involving the application, it was found that gamification elements were effective in increasing user engagement. Initial findings suggest potential for the integration of secure-code gamification in traditional pedagogical methods, but further investigation is required to strengthen this claim.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 20th International Conference on Information Technology Based Higher Education and Training (ITHET)

自引率

0.00%

发文量