Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

1-2022

Abstract

This innovative practice full paper describes our experiences conducting cybersecurity capture the flag (CTF) competition for cybersecurity enthusiast participants (inclusive of both tertiary students and working professionals) local and abroad during the COVID-19 pandemic. Learning and appreciation of cybersecurity concepts for our participants with little to no technical background can be challenging. Gamification methods such as capture the flag competition style is a popular form of cybersecurity education to help participants overcome this challenge and identify talents. Participants get to apply theoretical concepts in a controlled environment, solve hands-on tasks in an informal, game-like setting and gain hands-on active learning experience. CTF competitions can be held at physical locations or virtually. However, the COVID-19 pandemic catalyses all major events that are traditionally held physicallyto go virtual (likewise for physical CTF events). The pandemic limits our physical interactions, changes the dynamics of our engagements with the participants and how participants learn. We have to adapt our CTF competition design and conduct it in a virtual format during the COVID-19 pandemic that is compliantwith local pandemic regulations as well.This paper describes these adaptations for a semi-international CTF competition conducted for our participants. We conduct the competition entirely virtual and adapt the cybersecurity exercises to be attempted without the participant’s physical presence. While we devise ways to validate participants’ involvement, it is still more challenging to limit cheating than in a physical environment. However, with appropriate mitigating controls in place (reducing risks to acceptable levels), we were able to achieve similar outcomes compared to a physical event despite the lack of physical interactions. Over 1400 participants registered for our competition, and with the help of over 40 staff, we successfully conducted this 48 hours virtual CTF competition. We further analyse the participants’ online activity during thecompetition, their survey responses after the competition and derive our lessons learnt.We hope that these experiences, analysis and findings are useful for educators or organisers who wish to adopt online CTF to improve the learning outcomes of teaching cybersecurity education.

Keywords

Computing skills, higher education, continuing education, cybersecurity, capture the flag

Discipline

Higher Education | Information Security

Research Areas

Software and Cyber-Physical Systems

Publication

2021 IEEE Frontiers in Education Conference (FIE)

Identifier

10.1109/FIE49875.2021.9637404

Publisher

IEEE

City or Country

Lincoln, Nebraska USA

Additional URL

https://doi.org/10.1109/FIE49875.2021.9637404

Download

Share

COinS