This paper explores the factors and theory behind the user-centered research
that is necessary to create a successful game-like prototype, and user
experience, for malicious users in a cybersecurity context. We explore what is
known about successful addictive design in the fields of video games and
gambling to understand the allure of breaking into a system, and the joy of
thwarting the security to reach a goal or a reward of data. Based on the
malicious user research, game user research, and using the GameFlow framework,
we propose a novel malicious user experience design approac