SPICE To Present CTF Game Research at the 16th European Conference on Games-Based Learning (ECGBL)

During the 16th Annual European Conference on Games-Based Learning (ECGBL) to be held on October 6 and 7, 2022, Luddy’s Security & Privacy in Informatics, Computing, and Engineering (SPICE) will present work in progress research on cybersecurity educational gaming. Center project manager, Joshua Streiff will present center research on a cybersecurity educational gaming system that the center developed under a DOD CySP Capacity Building grant and deployed for testing with the Boys & Girls Clubs of Bloomington, Indiana. This will be presented in the research poster “Everyone’s Flag: Using Entry Level Capture the Flag to Engage Low SES Student Groups.”

The ECGBL conference provides scholars and practitioners interested in the issues related to game-based learning (GBL) the chance to share their thinking and research findings. ECGBL is a dynamic way to engage learners and help educators assess learning through repetition, failure and the accomplishment of goals. This year the event will be hosted by the Lusófona University in Lisbon, Portugal in hybrid form.

The ECGBL conference typically has attendees from 40+ countries and is focused on the ways in which education and training are delivered, implemented, and reformed for best practice. Inspired by technology, pedagogy, and social and ethical issues, the conference keynote speeches emphasize mixed reality learning, STEM teaching, and movement games.

The research reported in “Everyone’s Flag: Using Entry Level Capture the Flag to Engage Low SES Student Groups” is the design of a scalable Capture the Flag (CTF) educational system, used to engage young students on specific educational topics within cybersecurity. The researchers’ objective was to design a modular educational system that could be implemented for grades 7 and up in schools with little infrastructure or expert support.

Researchers Joshua Streiff, Jayati Dev, and L. Jean Camp designed CTF challenges are designed to teach cybersecurity fundamentals in an easily understood manner. Modules covering passwords and hashing, cryptography, social engineering, and ethical hacking provide students with short educational lessons coupled with interactive gaming challenges as well as real world examples of lessons learned. Additionally, the gaming system provides three mental model narratives for cybersecurity: cybersecurity as conflict, cybersecurity as caring, and cybersecurity as curiosity with the theory that self-exclusion may occur among students only presented models of conflict (due to exclusionary stereotypes) and the additional models will thus increase inclusion.

Developed with the iterative assistance of educators, an initial set of educators acted as design focus group members and a later set acted as game testers. The CTF system was then fielded to three locations of the Boy’s & GIrl’s Clubs of Bloomington, Indiana where summer students tested the system and provided feedback on their learning and experience. Post summer exit interviews provided valuable feedback for researcher Tatiana Ringenberg to analyze, indicating increased interest in cybersecurity as well as diagnostic information about student educational needs.

SPICE is dedicated to world class research in privacy and security as well as creating a more secure future through educational efforts that both create the next generation of cybersecurity experts, as well as close the educational gaps between students attending high and low SES schools. SPICE believes that educational and career opportunities should be open to all students and approaches this goal by providing low SES students the educational foundations that are needed in forms that meet their real world needs.