Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
126 tokens/sec
GPT-4o
28 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Enhancing Security Awareness Through Gamified Approaches (2404.09052v1)

Published 13 Apr 2024 in cs.CR

Abstract: With the advent of smart grid (SG) systems, electricity networks have been able to ensure greater efficiency and utility by interconnecting their grids through cloud-based technology. As SGs become increasingly complex, a wide range of security challenges arise, threatening the grid's reliability, safety, efficiency, and stability. The security challenges include the potential exposure of personal data due to hackers intercepting the communications between the SG infrastructure and the smart meters. Security awareness plays a vital role in addressing some of these challenges. However, the traditional training programs are no longer efficient for instilling information security culture in organisations or from an individual user perspective. Gamification is a new concept in the field of information security awareness training (SAT) campaigns that can be introduced to fill in this gap by providing employees with a means of practising and learning about many security flaws and risks that exist within the organisation. Thus, this paper examines the effectiveness of gamification in promoting security awareness among smart meter components for smart grid users/operators. A gaming application is developed as part of the study with the aim of training and evaluating the results through three difficulty levels of questionnaires. Furthermore, the results are evaluated for the three difficulty levels as well as the overall flag captured. It can be demonstrated that the scores of participants in the three levels have improved by 40%, 35% and 29%, respectively. This reflects the awareness of learning within our system.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (68)
  1. The effect of a data breach announcement on customer behavior: Evidence from a multichannel retailer. Journal of marketing, 82(2):85–105, 2018.
  2. Cost of a data breach 2022. https://www.ibm.com/reports/data-breach, 2023. Accessed: 2023-06-14.
  3. Ibm security report: Energy sector becomes uk’s top target for cyberattacks as adversaries take aim at nation’s critical industries. https://uk.newsroom.ibm.com/2022-02-23-IBM-Security-Report-Energy-Sector-Becomes-UKs-Top-Target-for-Cyberattacks-as-Adversaries-Take-Aim-at-Nations-Critical-Industries, 2022. Accessed: 2022-02-23.
  4. How cybercrime costs the uk economy nearly £27b every year. https://www.ramsac.com/blog/cybercrime-costs-27-billion-to-uk-economy-every-year, 2023. Accessed: 2023-05-15.
  5. Jemal Abawajy. User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3):237–248, 2014.
  6. 80% of data breaches caused by lack of cyber security skills. https://www.itpro.com/security/data-breaches/367528/report-80-of-data-breaches-caused-by-lack-of-cyber-security-skills, 2023. Accessed: 2023-05-10.
  7. 2022 data breach investions report. https://www.verizon.com/business/resources/reports/dbir/, 2023. Accessed: 2023-07-17.
  8. Understanding consumer trust in internet shopping: A multidisciplinary approach. Journal of the American society for Information Science and Technology, 57(4):479–492, 2006.
  9. Gamification of information security awareness and training. In ICISSP, pages 59–70, 2017.
  10. How cyber-attacks in ukraine show the vulnerability of the us power grid. The Electricity Journal, 30(3):30–35, 2017.
  11. Allegra Hobbs. The colonial pipeline hack: Exposing vulnerabilities in us cybersecurity. In SAGE Business Cases. SAGE Publications: SAGE Business Cases Originals, 2021.
  12. Smart meter statistics in great britain: Quarterly report to end march 2023. urlhttps://assets.publishing.service.gov.uk/government/ uploads/system/uploads/attachment_data/file/1159350/ Q1_2023_Smart_Meters_Statistics_Report.pdf, 2023. Accessed: 2023-06-14.
  13. A survey on security assessment of metering infrastructure in smart grid systems. In SoutheastCon 2015, pages 1–4. IEEE, 2015.
  14. Demand response in smart electricity grids equipped with renewable energy sources: A review. Renewable and Sustainable Energy Reviews, 18:64–72, 2013.
  15. Security information sharing in smart grids: persisting security audits to the blockchain. Electronics, 9(11):1865, 2020.
  16. Moses Jeremiah Barasa Kabeyi and Oludolapo Akanni Olanrewaju. The use of smart grids in the energy transition. In 2022 30th Southern African Universities Power Engineering Conference (SAUPEC), pages 1–8. IEEE, 2022.
  17. Smart grid cyber-physical attack and defense: A review. IEEE Access, 9:29641–29659, 2021.
  18. Cybersecurity metrics for enhanced protection of healthcare it systems. In 2019 13th International Symposium on Medical Information and Communication Technology (ISMICT), pages 1–9. IEEE, 2019.
  19. An effective cybersecurity awareness training model: First defense of an organizational security strategy. International Research Journal of Engineering and Technology (IRJET), 09, 2022.
  20. The human aspects of information security questionnaire (hais-q): two further validation studies. Computers & Security, 66:40–51, 2017.
  21. The impact of information richness on information security awareness training effectiveness. Computers & Education, 52(1):92–100, 2009.
  22. Assessing the effects of gamification on enhancing information security awareness knowledge. Applied Sciences, 11(19):9266, 2021.
  23. The role of information security learning and individual factors in disclosing patients’ health information. Computers & Security, 65:64–76, 2017.
  24. Towards information security behavioural compliance. Computers & security, 23(3):191–198, 2004.
  25. Gender difference and employees’ cybersecurity behaviours. Computers in Human Behavior, 69:437–443, 2017.
  26. Information security awareness in higher education: An exploratory study. Computers & security, 27(7-8):241–253, 2008.
  27. Relationships among undergraduates’ problematic information security behavior, compulsive internet use, and mindful awareness in taiwan. Computers & Education, 164:104131, 2021.
  28. Information security policy compliance: a higher education case study. Information & Computer Security, 26(1):91–108, 2018.
  29. From information security to cyber security. computers & security, 38:97–102, 2013.
  30. Students’ awareness on information security between own perception and reality–an empirical study. Accounting and Management Information Systems, 15(1):112–130, 2016.
  31. Establishing information security policy compliance culture in organizations. Information & Computer Security, 2018.
  32. Gamification in education: A systematic mapping study. Journal of educational technology & society, 18(3):75–88, 2015.
  33. A web-based collaborative reading annotation system with gamification mechanisms to improve reading performance. Computers & Education, 144:103697, 2020.
  34. Studying student differentiation in gamified education: A long-term study. Computers in Human Behavior, 71:550–585, 2017.
  35. Does gamification work?–a literature review of empirical studies on gamification. In 2014 47th Hawaii international conference on system sciences, pages 3025–3034. Ieee, 2014.
  36. The use of gamification in education: a bibliometric and text mining analysis. Journal of computer assisted learning, 32(6):663–676, 2016.
  37. Teacher perceptions on the use of digital gamified learning in tourism education: The case of south african secondary schools. Computers & Education, 111:172–190, 2017.
  38. Individualising gamification: An investigation of the impact of learning styles and personality traits on the efficacy of gamification using a prediction market. Computers & Education, 106:43–55, 2017.
  39. Towards understanding the effects of individual gamification elements on intrinsic motivation and performance. Computers in Human Behavior, 71:525–534, 2017.
  40. Juho Hamari. Do badges increase user activity? a field experiment on the effects of gamification. Computers in human behavior, 71:469–478, 2017.
  41. How gamification motivates: An experimental study of the effects of specific game design elements on psychological need satisfaction. Computers in human behavior, 69:371–380, 2017.
  42. What perception do students have about the gamification elements? IEEE Access, 8:134386–134392, 2020.
  43. Assessing the effects of gamification in the classroom: A longitudinal study on intrinsic motivation, social comparison, satisfaction, effort, and academic performance. Computers & education, 80:152–161, 2015.
  44. Gamification in the classroom: Examining the impact of gamified quizzes on student learning. Computers & Education, 144:103666, 2020.
  45. Digital game-based l2 learning outcomes for primary through high-school students: A systematic literature review. Computers & Education, 143:103667, 2020.
  46. The interactivity of video and collaboration for learning achievement, intrinsic motivation, cognitive load, and behavior patterns in a digital game-based learning environment. Computers & Education, 133:43–55, 2019.
  47. Experiencing cybersecurity one game at a time: A systematic review of cybersecurity digital games. Simulation & Gaming, 51(5):586–611, 2020.
  48. Using a game to explore notions of responsibility for cyber security in organisations. In Extended abstracts of the 2019 CHI conference on human factors in computing systems, pages 1–6, 2019.
  49. The impact of gamification on learning and instruction: A systematic review of empirical evidence. Educational research review, 30:100326, 2020.
  50. A review of using gaming technology for cyber-security awareness. Int. J. Inf. Secur. Res.(IJISR), 6(2):660–666, 2016.
  51. Farzana Quayyum. Cyber security education for children through gamification: research plan and perspectives. In Proceedings of the 2020 ACM Interaction Design and Children Conference: Extended Abstracts, pages 9–13, 2020.
  52. Mobile learning via educational apps: an interpretative study. In Proceedings of the 2019 5th International Conference on education and training technologies, pages 88–92, 2019.
  53. Game-based learning platform to enhance cybersecurity education. Education and Information Technologies, pages 1–25, 2022.
  54. Riskio: A serious game for cyber security awareness and education. Computers & Security, 95:101827, 2020.
  55. Overview of learning cybersecurity through game based systems. In 2019 CIEC, 2019.
  56. Gamification of cyber security training-ensuresecure. In 2022 IEEE International Conference on e-Business Engineering (ICEBE), pages 7–12. IEEE, 2022.
  57. What. hack: engaging anti-phishing training through a role-playing phishing simulation game. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, pages 1–12, 2019.
  58. Evaluating and improving cybersecurity capabilities of the energy critical infrastructure. In 2015 ieee international symposium on technologies for homeland security (hst), pages 1–6. IEEE, 2015.
  59. Addressing cyber security for the oil, gas and energy sector. In 2014 North American Power Symposium (NAPS), pages 1–8. IEEE, 2014.
  60. Co-simulation training platform for smart grids. IEEE Transactions on Power Systems, 29(4):1989–1997, 2014.
  61. Cyber-physical security testbeds: Architecture, application, and evaluation for smart grid. IEEE Transactions on Smart Grid, 4(2):847–855, 2013.
  62. Smart grid security educational training with thundercloud: a virtual security test bed. In Proceedings of the 2013 on InfoSecCD’13: Information Security Curriculum Development Conference, pages 105–110, 2013.
  63. Model-based cybersecurity assessment with nescor smart grid failure scenarios. In 2015 IEEE 21st Pacific Rim international symposium on dependable computing (PRDC), pages 319–324. IEEE, 2015.
  64. Cyber security for a smart grid-what about phishing? In IEEE PES ISGT Europe 2013, pages 1–5. IEEE, 2013.
  65. Design science research process: A model for producing and presenting information systems research. arXiv preprint arXiv:2006.02763, 2020.
  66. Information security awareness and behavior: a theory-based literature review. Management Research Review, 37(12):1049–1092, 2014.
  67. Root the box. https://github.com/moloch--/RootTheBox, 2023. Accessed: 2023-07-04.
  68. Real-time vision-based warning system for prevention of collisions between workers and heavy equipment. Journal of Computing in Civil Engineering, 33(5):04019029, 2019.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now