Abstract
Existing anti-phishing learning games rely on the same simple game mechanics that do not allow for detailed assessment of the players’ acquired knowledge and skills. They focus mostly on factual and conceptual knowledge to remember or understand. To extend the research field, this paper presents two new games: The first game implements an extended classification mechanic to better assess the player’s decision process, while the second game implements a different game mechanic, which requires players to combine given URL parts to construct their own phishing URLs. Both games aim to address higher-order cognitive processes as well as procedural knowledge. The games’ functionality and user experience were evaluated by a group of 40 CS students, resulting in general improvements of the games.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
https://www.alexa.com/topsites/countries, accessed 2021-06-25.
- 2.
https://tranco-list.eu/, accessed 2021-06-25.
- 3.
https://gitlab.com/learntech-rwth/erbse/analysis-game, accessed 07-09-2021.
- 4.
https://gitlab.com/learntech-rwth/erbse/creation-game, accessed 07-09-2021.
- 5.
https://mtlg-framework.gitlab.io/, accessed 07-09-2021.
- 6.
https://createjs.com/, accessed 23-06-2021.
- 7.
https://xapi.com/, accessed 23-06-2021.
References
Alotaibi, F., Furnell, S., Stengel, I., Papadaki, M.: A review of using gaming technology for cyber-security awareness. Inf. Secur. Res. 6(2), 660–666 (2016). https://doi.org/10.20533/ijisr.2042.4639.2016.0076
Anti-Phishing Working Group: Phishing activity trends report, 4th quarter 2020. Report, Anti-Phishing Working Group (2021)
Canova, G., Volkamer, M., Bergmann, C., Borza, R.: NoPhish: an anti-phishing education app. In: Mauw, S., Jensen, C.D. (eds.) STM 2014. LNCS, vol. 8743, pp. 188–192. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11851-2_14
Compte, A.L., Elizondo, D., Watson, T.: A renewed approach to serious games for cyber security. In: International Conference on Cyber Conflict: Architectures in Cyberspace, Tallinn, pp. 203–216. IEEE (2015). https://doi.org/10.1109/CYCON.2015.7158478
Hendrix, M., Al-Sherbaz, A., Bloom, V.: Game based cyber security training: are serious games suitable for cyber security training? Serious Games 3(1), 53–61 (2016). https://doi.org/10.17083/ijsg.v3i1.107
Köhler, K., Röpke, R., Wolf, M.R.: Through a mirror darkly – on the obscurity of teaching goals in game-based learning in IT security. In: Simulation & Gaming Through Times and Across Disciplines, pp. 324–335. Akademia Leona Kozminskiego, Warsaw (2019)
Krathwohl, D.R.: A revision of Bloom’s taxonomy: an overview. Theory Pract. 41(4), 212–218 (2002). https://doi.org/10.1207/s15430421tip4104_2
Lastdrager, E.E.H.: Achieving a consensual definition of phishing based on a systematic review of the literature. Crime Sci. 3(1), 1–10 (2014). https://doi.org/10.1186/s40163-014-0009-y
Oest, A., Safei, Y., Doupé, A., Ahn, G.J., Wardman, B., Warner, G.: Inside a phisher’s mind: understanding the anti-phishing ecosystem through phishing kit analysis. In: APWG Symposium on Electronic Crime Research (eCrime), pp. 1–12 (2018). https://doi.org/10.1109/ECRIME.2018.8376206
Pastor, V., Díaz, G., Castro, M.: State-of-the-art simulation systems for information security education, training and awareness. In: IEEE EDUCON Conference, Madrid, pp. 1907–1916. IEEE (2010). https://doi.org/10.1109/EDUCON.2010.5492435
Roepke, R., Koehler, K., Drury, V., Schroeder, U., Wolf, M.R., Meyer, U.: A pond full of phishing games - analysis of learning games for anti-phishing education. In: Hatzivasilis, G., Ioannidis, S. (eds.) MSTEC 2020. LNCS, vol. 12512, pp. 41–60. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-62433-0_3
Roepke, R., Schroeder, U.: The problem with teaching defence against the dark arts: a review of game-based learning applications and serious games for cyber security education. In: International Conference on Computer Supported Education, vol. 2, pp. 58–66. SciTePress, Heraklion (2019). https://doi.org/10.5220/0007706100580066
Tioh, J.N., Mina, M., Jacobson, D.W.: Cyber security training a survey of serious games in cyber security. In: IEEE Frontiers in Education Conference (FIE), Indianapolis, pp. 1–5. IEEE (2017). https://doi.org/10.1109/FIE.2017.8190712
Acknowledgements
This research was supported by the research training group “Human Centered Systems Security” sponsored by the state of North Rhine-Westphalia, Germany.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Roepke, R., Drury, V., Meyer, U., Schroeder, U. (2021). Exploring Different Game Mechanics for Anti-phishing Learning Games. In: de Rosa, F., Marfisi Schottman, I., Baalsrud Hauge, J., Bellotti, F., Dondio, P., Romero, M. (eds) Games and Learning Alliance. GALA 2021. Lecture Notes in Computer Science(), vol 13134. Springer, Cham. https://doi.org/10.1007/978-3-030-92182-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-92182-8_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-92181-1
Online ISBN: 978-3-030-92182-8
eBook Packages: Computer ScienceComputer Science (R0)