Go to DBLP homepageAdvancing CyberSecurity Education and Training: Practical Case Study of Running Capture the Flag (CTF) on the Metaverse vs. Physical Settings
Abstract: The efficacy of cybersecurity education and training relies on the availability of immersive, hands-on learning opportunities that nurture critical, creative, analytical, and problem-solving competencies. To accomplish this objective, it is imperative to develop activities that cultivate practical skills essential for careers in cybersecurity. This research aims to assess the potential of utilizing the Metaverse as a means of supporting cybersecurity education and training. We have created an immersive experience on the Metaverse in the form of a global contest, known as Capture the Flag (CTF), comprising three levels tailored to participants' expertise. Participants have the option to join the red, green, or blue team. The green team undertakes the development of a web or mobile application, or an IoT-based smart city, based on their interests, while the red team executes targeted attacks against the application or the smart city's control system, while blue team fix the application based on red team report. This is a cyclic process. This paper presents a proof of concept to evaluate the feasibility of establishing such an environment on the Metaverse. The system was constructed on a Unity gaming platform, incorporating network security elements. The virtual CTF serves as a replica of a real CTF/case study conducted over two consecutive academic semesters, during which teams constructed a secure messaging system utilizing secure coding and design principles. Our findings indicate that participants found this exercise exceptionally valuable in fostering critical and creative thinking skills, analytical skills, unconventional problem-solving skills, and team-building skills.
Loading