A Survey of Serious Games for Cybersecurity Education and Training

Serious games can challenge users in competitive and entertaining ways. Educators have used serious games to increase student engagement in cybersecurity education. Serious games have been developed to teach students various cybersecurity topics such as safe online behavior, threats and attacks, malware, and more. They have been used in cybersecurity training and education at different levels. Serious games have targeted different audiences such as K-12 students, undergraduate and graduate students in academic institutions, and professionals in the cybersecurity workforce. In this paper, we provide a survey of serious games used in cybersecurity education and training. We categorize these games into four types based on the topics they cover and the purposes of the games: security awareness, network and web security, cryptography, and secure software development. We provide a catalog of games available online. This survey informs educators of available resources for cybersecurity education and training using interactive games. Keywords: Serious games; Game-based Learning; Cybersecurity

Modelling the phishing avoidance behaviour among internet banking users in Nigeria: The initial investigation

The positive usage of Internet Technology advantage had inspired the banking sector in Nigeria to invest in digitalizing the banking platform, which has been a move towards the usage of IB for financial services; however, such move also implies an increase opportunity for Phishing Attacks (PA). Despite this huge enhancement, the ratio of usage has been relatively low, among IB users in Nigeria. This evidence indicates that there is an urgent requirement to investigate the factors behind the issue. Therefore, this study is conducted to develop a conceptual model based on Technology Threat Avoidance Theory (TTAT) and Modified TTAT to evaluate the PA among IB users in Nigeria and to enhance avoidance behaviour. As the study is still in the early stage, this paper will present the initial investigation that leads to the development of the conceptual model, including the background of the study, literature review and research methodology that the study wishes to employ. Finally, this study seeks to contribute some understandings on how the new Conceptual Model can predict the success of phishing avoidance behaviour among Nigerian IB users

Developing a usable security approach for user awareness against ransomware

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonThe main purpose of the research presented in this thesis is to design and develop a game prototype for improving user awareness against ransomware, which has been reported as the most significant cyber security threat to the United Kingdom by the National Cyber Security Centre. Digital transformation is helping individuals, organisations, governments and Industrial control systems to modernise and improve their effectiveness. At the same time, cyber crimes are evolving and targeting essential services. A successful cyber attack can compromise users’ privacy, bring bad publicity and financial damage to organisations and target national security. A literature review was conducted to understand threats to the cyber social system. Literature in this thesis reports attackers exploit humans as the weakest link to execute successful security breaches. Therefore to address this challenge, a significant gap has been identified as an opportunity to contribute to user awareness of the ransomware cyber security threat. The current thesis proposes RansomAware a novel game prototype to improve user awareness. The game is based on Technology Threat Avoidance Theory (TTAT) model. In this thesis two studies are carried out, study 1 empirically validates the elements of TTAT to be embedded in the RansomAware prototype and reports a significant change in users’ motivation to avoid ransomware cyber security threat 55% and avoidance behaviour 29%, whereas study 2 evaluates game usability and report significant results of SUS average score of 87.58 and statistical results of p < 0.01 indicate user’s satisfaction of the RansomAware. Finally, the research provides guidelines on how the proposed RansomAware game can be adopted by practitioners and individuals to improve their awareness against the ransomware cyber security threat

Mitigation strategies against the phishing attacks : a systematic literature review

Phishing attacks are among the most prevalent attack mechanisms employed by attackers. The consequences of successful phishing include (and are not limited to) financial losses, impact on reputation, and identity theft. The paper presents a systematic literature review featuring 248 articles (from the beginning of 2018 until March 2023) across the main digital libraries to identify, (1) the existing mitigation strategies against phishing attacks, and the underlying technologies considered in the development of these strategies; (2) the most considered phishing vectors in the development of the mitigation strategies; (3) anti-phishing guidelines and recommendations for organizations and end-users respectively; and (4) gaps and open issues that exist in the state of the art. The paper advocates for the need to consider the abilities of human users during the design and development of the mitigation strategies as only technology-centric solutions will not suffice to cater to the challenges posed by phishing attacks

Strategies Used to Mitigate Social Engineering Attacks

Cybercriminal activity performed widely through social engineering attacks is estimated to be one of the substantial challenges the world will face over the next 20 years. Cybercriminal activity is important to chief information security officers (CISOs) because these attacks represent the largest transfer of economic wealth in history and pose risks to the incentives for organizational innovation and investment and eventually become more profitable than the global trade of all major illegal drugs combined. Grounded in the balanced control theory, the purpose of this multiple case study was to explore strategies CISOs use to mitigate social engineering attacks within their organizations. Participants consisted of 6 CISOs across 6 small to medium-sized organizations that handle payment card industry data in the West Coast region of the United States of America. Data were collected from CISOs by semi structured telephone interviews. Data were analyzed through interview transcription, in-depth exploration of phenomena, data coding development, and the identification of links to themes. Three major themes emerged from the data analysis: information technology (IT) risks, security awareness, and IT strategies. A key recommendation is for CISOs to develop security awareness programs and implement technical, formal, and informal controls, to sustain operations and protect their networks from potential social engineering attacks. The implications for positive social change include the potential for (a) the mitigation of social engineering attacks, (b) the protection of both organizational and consumer data, and (c) an increase in consumer confidence resulting in increased economic prosperity

Advanced Threat Intelligence: Interpretation of Anomalous Behavior in Ubiquitous Kernel Processes

Targeted attacks on digital infrastructures are a rising threat against the confidentiality, integrity, and availability of both IT systems and sensitive data. With the emergence of advanced persistent threats (APTs), identifying and understanding such attacks has become an increasingly difficult task. Current signature-based systems are heavily reliant on fixed patterns that struggle with unknown or evasive applications, while behavior-based solutions usually leave most of the interpretative work to a human analyst. This thesis presents a multi-stage system able to detect and classify anomalous behavior within a user session by observing and analyzing ubiquitous kernel processes. Application candidates suitable for monitoring are initially selected through an adapted sentiment mining process using a score based on the log likelihood ratio (LLR). For transparent anomaly detection within a corpus of associated events, the author utilizes star structures, a bipartite representation designed to approximate the edit distance between graphs. Templates describing nominal behavior are generated automatically and are used for the computation of both an anomaly score and a report containing all deviating events. The extracted anomalies are classified using the Random Forest (RF) and Support Vector Machine (SVM) algorithms. Ultimately, the newly labeled patterns are mapped to a dedicated APT attacker–defender model that considers objectives, actions, actors, as well as assets, thereby bridging the gap between attack indicators and detailed threat semantics. This enables both risk assessment and decision support for mitigating targeted attacks. Results show that the prototype system is capable of identifying 99.8% of all star structure anomalies as benign or malicious. In multi-class scenarios that seek to associate each anomaly with a distinct attack pattern belonging to a particular APT stage we achieve a solid accuracy of 95.7%. Furthermore, we demonstrate that 88.3% of observed attacks could be identified by analyzing and classifying a single ubiquitous Windows process for a mere 10 seconds, thereby eliminating the necessity to monitor each and every (unknown) application running on a system. With its semantic take on threat detection and classification, the proposed system offers a formal as well as technical solution to an information security challenge of great significance.The financial support by the Christian Doppler Research Association, the Austrian Federal Ministry for Digital and Economic Affairs, and the National Foundation for Research, Technology and Development is gratefully acknowledged

Cyber Security and Critical Infrastructures

This book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles: an editorial explaining current challenges, innovative solutions, real-world experiences including critical infrastructure, 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems, and a review of cloud, edge computing, and fog's security and privacy issues

Cyberscience Undergraduate Faculty and School Official Perspectives of the Innovation and Implementation of Curriculum for Inclusion

AbstractA disproportionate number of European American male students are enrolled in cyberscience undergraduate degree programs, despite attempts to attract diverse student populations in the field. The purpose of the basic qualitative study was to gain a better understanding on how cyberscience academic experts perceive the challenges related to the disproportionate number of European American male students enrolled in cyberscience degree programs nationwide and how to attract college students from diverse backgrounds for cyberscience programs. Using Rogers’s diffusion of innovation, the research questions explored cyberscience academic expert perceptions of the challenges of enrollment in cyberscience programs and attracting students from diverse backgrounds. Purposeful sampling was used to recruit individuals who met the definition of academic experts in cyberscience and with knowledge of the challenges posed by the disproportionate number of European American male students in the cyberscience field. Data were collected using semistructured interviews with eight participants. Data were analyzed using a priori and open coding of interview transcripts. Four conclusions can be drawn from the findings: all experts agree that diversity is needed in the field and that higher education has an important role in bringing about diversity, more workers are needed in the United States, several academic experts do not see cyberscience curriculum as appropriate to address the need for more diversity, and there is a consensus that properly briefed and informed college and university enrollment teams do have a key role in bringing about this needed diversity. Positive social change may occur because the findings could inform university officials on how to attract diverse populations, thereby increasing inclusion in this field while addressing the job shortage