TY - GEN
T1 - Exploring Trainees’ Behaviour in Hands-on Cybersecurity Exercises Through Data Mining
AU - ur Rehman, Muaan
AU - Bahsi, Hayretdin
AU - Bukauskas, Linas
AU - Knox, Benjamin James
N1 - Publisher Copyright:
© 2024 Curran Associates Inc.. All rights reserved.
PY - 2024
Y1 - 2024
N2 - Despite the rising number of cybersecurity professionals, the demand for more experts in this field is still substantial. Cybersecurity professionals must also possess up-to-date knowledge and skills to counter cybersecurity threats’ dynamicity and rapidly evolving nature. Hands-on cybersecurity training is mandatory to practice various tools and improve one’s technical cybersecurity skills. Generally, an interactive learning environment is set, where trainees perform sophisticated tasks by accessing complete operating systems, applications, and networks. One of the main challenges that cybersecurity organizations are facing today is the generation of massive data through practice exercises. So, it becomes a problem to convert this data into knowledge to improve the overall quality of the learning system. The large amount of interaction data and its complexity also limit us to do automated analysis. Thus, these challenges for cybersecurity learners can be addressed through appropriate educational data analysis by having insights or testing hypotheses or models on a proper dataset. Revealing the patterns, rules, item sets and time taken by trainees while using any command line tool could help the trainer to assess the trainees and to provide feedback. Therefore, in this paper we are analyzing the frequency patterns and timing information captured from the trainees’ command line log to reveal their solving techniques, easy and struggling stages, slipups, and individual performance. Through our study, we aim to show how education and training providers can foresee learners who are less likely to succeed in a task or exhibit low performance, which can impede learning proficiency. With this knowledge, organizations and trainers can identify trainees who require additional attention or support. It may also be able to identify elements related to an organization like training aids, training methodology, etc. that need improvement. This study demonstrates the utility of data-mining techniques, specifically rule mining and sequential mining, to empower training designers to delve into datasets derived from cyber security training exercises.
AB - Despite the rising number of cybersecurity professionals, the demand for more experts in this field is still substantial. Cybersecurity professionals must also possess up-to-date knowledge and skills to counter cybersecurity threats’ dynamicity and rapidly evolving nature. Hands-on cybersecurity training is mandatory to practice various tools and improve one’s technical cybersecurity skills. Generally, an interactive learning environment is set, where trainees perform sophisticated tasks by accessing complete operating systems, applications, and networks. One of the main challenges that cybersecurity organizations are facing today is the generation of massive data through practice exercises. So, it becomes a problem to convert this data into knowledge to improve the overall quality of the learning system. The large amount of interaction data and its complexity also limit us to do automated analysis. Thus, these challenges for cybersecurity learners can be addressed through appropriate educational data analysis by having insights or testing hypotheses or models on a proper dataset. Revealing the patterns, rules, item sets and time taken by trainees while using any command line tool could help the trainer to assess the trainees and to provide feedback. Therefore, in this paper we are analyzing the frequency patterns and timing information captured from the trainees’ command line log to reveal their solving techniques, easy and struggling stages, slipups, and individual performance. Through our study, we aim to show how education and training providers can foresee learners who are less likely to succeed in a task or exhibit low performance, which can impede learning proficiency. With this knowledge, organizations and trainers can identify trainees who require additional attention or support. It may also be able to identify elements related to an organization like training aids, training methodology, etc. that need improvement. This study demonstrates the utility of data-mining techniques, specifically rule mining and sequential mining, to empower training designers to delve into datasets derived from cyber security training exercises.
KW - Cybersecurity Education
KW - Cybersecurity Training
KW - Educational Data-Mining
KW - Learning Analytics
UR - https://www.scopus.com/pages/publications/105021475604
UR - https://www.scopus.com/pages/publications/105021475604#tab=citedBy
M3 - Conference contribution
AN - SCOPUS:105021475604
T3 - European Conference on Information Warfare and Security, ECCWS
SP - 581
EP - 589
BT - Proceedings of the 23rd European Conference on Cyber Warfare and Security, ECCWS 2024
A2 - Lehto, Martti
PB - Curran Associates Inc.
T2 - 23rd European Conference on Cyber Warfare and Security, ECCWS 2024
Y2 - 27 June 2024 through 28 June 2024
ER -