A Serious Game for Simulating Cyberattacks to Teach Cybersecurity
- URL: http://arxiv.org/abs/2305.03062v1
- Date: Thu, 4 May 2023 08:04:24 GMT
- Title: A Serious Game for Simulating Cyberattacks to Teach Cybersecurity
- Authors: Christopher Scherb and Luc Bryan Heitz and Frank Grimberg and Hermann
Grieder and Marcel Maurer
- Abstract summary: Traditional training methods have proven to be less effective over time.
In this paper we suggest an alternative approach -- a serious game.
Our game explains the intention of each attack and shows the consequences of a successful attack.
- Score: 0.3149883354098941
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: With the rising number of cyberattacks, such as ransomware attacks and cyber
espionage, educating non-cybersecurity professionals to recognize threats has
become more important than ever before. However, traditional training methods,
such as phishing awareness campaigns, training videos and assessments have
proven to be less effective over time. Therefore, it is time to rethink the
approach on how to train cyber awareness. In this paper we suggest an
alternative approach -- a serious game -- to educate awareness for common
cyberattacks. While many serious games for cybersecurity education exist, all
follow a very similar approach: showing people the effects of a cyber attack on
their own system or company network. For example, one of the main tasks in
these games is to sort out phishing mails. We developed and evaluated a new
type of cybersecurity game: an attack simulator, which shows the entire setting
from a different perspective. Instead of sorting out phishing mails the players
should write phishing mails to trick potential victims and use other forms of
cyberattacks. Our game explains the intention of each attack and shows the
consequences of a successful attack. This way, we hope, players will get a
better understanding on how to detect cyberattacks.
Related papers
- Towards in-situ Psychological Profiling of Cybercriminals Using Dynamically Generated Deception Environments [0.0]
Cybercrime is estimated to cost the global economy almost $10 trillion annually.
Traditional perimeter security approach to cyber defence has so far proved inadequate to combat the growing threat of cybercrime.
Deceptive techniques aim to mislead attackers, diverting them from critical assets whilst simultaneously gathering cyber threat intelligence on the threat actor.
This article presents a proof-of-concept system that has been developed to capture the profile of an attacker in-situ, during a simulated cyber-attack in real time.
arXiv Detail & Related papers (2024-05-19T09:48:59Z) - knowCC: Knowledge, awareness of computer & cyber ethics between CS/non-CS university students [0.0]
This research focuses on the relations between cybersecurity awareness, cyber knowledge, computer ethics, cyber ethics, and cyber behavior.
The findings express that while internet users are alert of cyber threats, they only take the most elementary and easy-to-implement precautions.
arXiv Detail & Related papers (2023-10-19T12:29:26Z) - Targeted Attacks: Redefining Spear Phishing and Business Email Compromise [0.17175834535889653]
Some rare, severely damaging email threats - known as spear phishing or Business Email Compromise - have emerged.
We describe targeted-attack-detection techniques as well as social-engineering methods used by fraudsters.
We present text-based attacks - with textual content as malicious payload - and compare non-targeted and targeted variants.
arXiv Detail & Related papers (2023-09-25T14:21:59Z) - Graph Mining for Cybersecurity: A Survey [61.505995908021525]
The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society.
Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities.
With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
arXiv Detail & Related papers (2023-04-02T08:43:03Z) - A systematic literature review on Ransomware attacks [0.0]
Cyber attacks, which are on the rise and include Ransomware, are the first thing that springs to mind when we think about cybersecurity.
Despite several cybersecurity measures, ransomware continues to terrify people.
arXiv Detail & Related papers (2022-12-08T04:09:40Z) - Thinking Two Moves Ahead: Anticipating Other Users Improves Backdoor
Attacks in Federated Learning [102.05872020792603]
We propose an attack that anticipates and accounts for the entire federated learning pipeline, including behaviors of other clients.
We show that this new attack is effective in realistic scenarios where the attacker only contributes to a small fraction of randomly sampled rounds.
arXiv Detail & Related papers (2022-10-17T17:59:38Z) - Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the
Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers.
We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions.
We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z) - Adversarial Machine Learning Attacks and Defense Methods in the Cyber
Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques.
It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z) - Phishing and Spear Phishing: examples in Cyber Espionage and techniques
to protect against them [91.3755431537592]
Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards.
This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5 steps which magnify the outcome.
arXiv Detail & Related papers (2020-05-31T18:10:09Z) - Arms Race in Adversarial Malware Detection: A Survey [33.8941961394801]
Malicious software (malware) is a major cyber threat that has to be tackled with Machine Learning (ML) techniques.
ML is vulnerable to attacks known as adversarial examples.
Knowing the defender's feature set is critical to the success of transfer attacks.
The effectiveness of adversarial training depends on the defender's capability in identifying the most powerful attack.
arXiv Detail & Related papers (2020-05-24T07:20:42Z) - Deflecting Adversarial Attacks [94.85315681223702]
We present a new approach towards ending this cycle where we "deflect" adversarial attacks by causing the attacker to produce an input that resembles the attack's target class.
We first propose a stronger defense based on Capsule Networks that combines three detection mechanisms to achieve state-of-the-art detection performance.
arXiv Detail & Related papers (2020-02-18T06:59:13Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.