Gamification to Support Cyber Security Community Education in Lebanon



Similar documents
THE HUMAN COMPONENT OF CYBER SECURITY

Teaching Digital Citizenship

DIGITAL CITIZENSHIP. TOJET: The Turkish Online Journal of Educational Technology January 2014, volume 13 issue 1

The Challenges of the Software Industry. WIPO - MOET - ALSI Seminar February 2011 Beirut - Lebanon

The Arab World Online 2014: Trends in Internet and Mobile Usage in the Arab Region

Cyber Security Strategy

Gamification in education: How gamification can encourage learning. Ryan Montville. The Ohio state University

Bachelor of Information Technology

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

THE CULTURE OF INNOVATION AND THE BUILDING OF KNOWLEDGE SOCIETIES. - Issue Paper -

CREATING A SENSE OF PRESENCE IN ONLINE TEACHING: How to Be There for Distance Learners

Jyväskylä Cyber Security Ecosystem

Program Planning Guide Business Administration, Associate in Applied Science General Business Administration Track (A25120)

E-Learning at school level: Challenges and Benefits

Computer and Network Security in Higher Education

PROFESSIONAL DEVELOPMENT: A VISION FOR SAUDI SCIENCE TEACHERS

Gamification from the perspective of service marketing

D R A F T. Faculty Senate Ad Hoc Committee on Quality in Online Learning.

SOCIAL MEDIA MARKETING TRENDS IN TURKEY

BUSINESS PROCESS OUTSOURCING INDUSTRY IN LEBANON

A Detailed Strategy for Managing Corporation Cyber War Security

Cyberspace Situational Awarness in National Security System

A Common North Star: College Summit and the Common Core State Standards

Gamifying Software Development Environments Using Cognitive Principles

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

An Innovative Two Factor Authentication Method: The QRLogin System

i-safe CURRICULUM SCOPE Elementary Grades K - 5

Comprehensive i-safe Curriculum International Scope of Lessons and Language Availability

National Cyber Security Strategy

IMPLEMENTING GAME ELEMENTS INTO DIDACTIC PROCESS: A CASE STUDY

The Zendesk Benchmark Q2 2013

Course Description \ Bachelor of Primary Education Education Core

Mobile Application Security. Helping Organizations Develop a Secure and Effective Mobile Application Security Program

Securing the Nation: Creating cyber security, resilience and readiness

National Cyber Security Strategies

Executive Leadership MBA Course Descriptions

First World Summit Award Mobile Content

C E. 21 st Century Model High Schools That Work. An Enhanced HSTW Design for Implementing the West Virginia Framework for High Performing High Schools

Chariho Regional School District. Technology Education Curriculum. Grades K-8

CyberSecurity Solutions. Delivering

NEW COMPETENCE OF BIOLOGY TEACHER IN THE FACE OF SOCIAL AND CULTURAL CHANGES

Cyber Security Strategy(Information Security Policy Council, June 10, 2013)

Engaging Computer Science Students through Gamification in an Online Social Network Based Collaborative Learning Environment

i-safe K 12 CURRICULUM SCOPE 06-07

This is an example of a response to UNC Tomorrow.ECU Tomorrow And the Implications for Academic Degree Program Planning.

S. ll IN THE SENATE OF THE UNITED STATES

DESIGNING WEB LABS FOR TEACHING SECURITY CONCEPTS ABSTRACT

Government of Kenya Ministry of Information Communications and Technology Telposta Towers, 10th Floor, Kenyatta Ave Nairobi, Kenya

ITU National Cybersecurity/CIIP Self-Assessment Tool

Where Is Interactive Marketing Heading?

Surviving the Era of Hack Attacks Cyber Security on a Global Scale

Richard Kerby Senior Inter-Regional Adviser E-Government and Knowledge Management

LEARNING AND COMPETENCE Strategy of the Finnish National Board of Education (FNBE)

P21 Framework Definitions

CENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE LEADERSHIP. RESEARCH. DEFENCE.

How To Develop A Cyber Security Society

Honourable members of the National Parliaments of the EU member states and candidate countries,

A SURVEY ON ACCEPTABILITY OF E-LEARNING MBA OFFERED BY THE PRIVATE UNIVERSITIES IN BANGLADESH

Brochure More information from

Coggin College of Business Marketing & Logistics Course Descriptions

such as loneliness and computer/ict illiteracy. (see also the staff working paper Ageing well in the information Society )

How To Get A Business Degree

The UK cyber security strategy: Landscape review. Cross-government

BERGENFIELD PUBLIC SCHOOL DISTRICT PUBLIC RELATIONS PLAN

Priority III: A National Cyberspace Security Awareness and Training Program

National Cyber Security Policy -2013

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015

Digital Identity Management for Natural Persons

Department of Education

FREEDOM IN ADULT EDUCATION

TUSKEGEE CYBER SECURITY PATH FORWARD

Embedding English language in an accounting subject: A case of interactive interdisciplinary collaboration and learning

10 Facts about the Australian Curriculum FACT 1 THE AUSTRALIAN CURRICULUM SETS HIGH STANDARDS

3D Class: A gamified learning environment.

Canadians and Their Money Building a brighter financial future

Morris College Teacher Education Curriculum Changes Elementary Education

THE COLLEGE OF THE BAHAMAS GENERAL EDUCATION PROGRAMME

West Windsor-Plainsboro Regional School District Computer Programming Grade 8

Introduction to Runtime Application Self Protection (RASP) Making Applications Self Protecting, Self Diagnosing and Self Testing

POLICY ISSUES IN BRIEF

BC s Digital Literacy Framework (DRAFT)

Characteristics of Effective and Sustainable Teaching Development Programs for Quality Teaching in Higher Education

Caring, one person at a time.

Transcription:

Gamification to Support Cyber Security Community Education in Lebanon Antoine M. Melki 1, Moussa G. Chatrieh 2 1 Instructional Technology Unit, University of Balamand, Balamand, Koura, Amioun 33, Lebanon {amelki@balamand.edu.lb} 2 Ecole Doctorale des Lettres et des Sciences, Université Libaniase, Sin El Fil, Beirut, Lebanon {moussa.chatrieh@balamand.edu.lb} Abstract: The research presented is a part of a larger project going in Lebanon. The aim of this paper is to describe the experience of the University of Balamand in adopting gamification as a means to provide community education in the field of cyber security. The volume of literature in cyber security field is increasing. One of the major highlighted issues is the place of humans in the security processes. On the other hand, digital citizenship and digital lifestyles are posing a number of challenges that are supposed to be met by education, since humans are involved. Meanwhile, the concepts of learning and teaching have changed drastically with the advances in web technologies and telecommunications. The main challenge lies in assuring cyber security, especially for those outside the regular educational setting. In the case of Lebanon, the majority of internet users are outside the regular outreach of any training or awareness program. This fact is a challenge for cybersecurity education in Lebanon. Accordingly, literature review shows that community learning comes as an appropriate solution, where universities have a major role to play. In addition, to avoid the problems underlying community education, like outreach, teaching difficulties, and financing, it is proposed to use gamification. This philosophy is adopted by the University of Balamand, whose experience is exposed in this research. Keywords: cybersecurity education, gamification, community learning 1. INTRODUCTION The cybersecurity studies are interdisciplinary by nature as they involve the study of several different fields: telecommunications, law, management, psychology, and others. With the advance in research in the field, focus is shifting from technology to humans, and the field is getting more involvement of experts from different backgrounds. In this paper, the human factor in cybersecurity is the main issue. The questions raised are primarily addressing the mass of online users, how to reach to them, and how improve their security in the cyber space. The Lebanese case is taken in specific, and gamification is highlighted as a potential solution of the outreach problem in community education which is proven to be the form that can contribute to the improving the cybersecurity of the large number of users who are outside the regular educational settings. In addition, the role of academia in this process and what it can offer to the community is emphasized. 172

2. THE HUMAN FACTOR IN CYBERSECURITY AND THE DIGITAL CITIZENSHIP The increasing number and sophistication of cyber threats is accompanied by concerns over the role of humans in cybersecurity. A large literature exist describing research on people in work settings, with emphasis on their contribution in cybersecurity. Reports cite numbers on the different threats in relation to humans. Threats related to humans include: 75% of people use the same password for multiple accounts, both at work and home, 7% of people use a password, which makes the threat among the top 100 most common problems, 91% of people use a password from the top 1000 most common, and 99.8% of people use a password from the top 10,000 most common. 2.1. FROM SECURITY TO LIFESTYLE On the other hand, attention is not anymore focused on security as a technical issue, as people are getting more immersed in technology and telecommunications. This immersion is tinting the lifestyle of humans as they become more and more dependent on ICT. In this endeavor, humans become the weakest link in cyber security, as they prefer to minimize their own inconvenience, as they reveal their predictability, apathy and general naivety about the potential impacts of their actions [1]. This digital lifestyle places the twenty first century people in the digital citizenship field. As expressed by Jason Ohler: The digital age beckons us to usher in a new era of character education, aimed directly at addressing the opportunities and challenges of living a digital lifestyle [2]. Meanwhile, digital citizenship is interpreted as being character education for the digital age [3]. 2.2. DIGITAL CITIZENSHIP Digital citizenship challenges the different components of societies by being expressed as nine elements as follows: a. Digital Access: full electronic participation in society. b. Digital Commerce: electronic buying and selling of goods. c. Digital Communication: electronic exchange of information. d. Digital Literacy: process of teaching and learning about technology and the use of technology. e. Digital Etiquette: electronic standards of conduct or procedure. f. Digital Law: electronic responsibility for actions and deeds g. Digital Rights and Responsibilities: those freedoms extended to everyone in a digital world. h. Digital Health and Wellness: physical and psychological well-being in a digital technology world. i. Digital Security (self-protection): electronic precautions to guarantee safety [4]. The sequence of citing the themes might not reflect their importance or chronology. If we try to list them by their significance in the cybersecurity context, digital literacy, etiquette, rights and responsibilities, should show before access and commerce. This rearrangement of the sequence highlights the central role of education in forming digital citizens. Shedding the light of this role on the cybersecurity field, education becomes a major challenge. 3. GAMIFICATION IN THE CYBERSECURITY ARENA Gamification is the process of enhancing a specific service by implementing game design elements in a non-game context to enhance the user s overall value creation and experience [5]. In addition, when designed and applied in an appropriate manner and setting, 173

gamification provides an alignment between motivation and desire that leads to the anticipated purpose of its use [6]. Gamification is used for educational purposes, not only entertainment. There exist games for science [7](Rouse, 2013), maths [8] (Goehle, 2013), foreign languages [9] (Danowska Florczyk & Mostowski, 2012), cultural heritage [10] (Gordillo, Gallego, Barra, & Quemada, 2013), health [11] (Gabarron, Schopf, Serrano, Fernandez Luque, & Dorronzoro, 2012), computer science [12] (Li, Dong, Untch, & Chasteen, 2013), software engineering [13] (Sheth, Bell, & Kaiser, 2012), business and logistics [14] (Reiners, et al., 2012), and lately for cybersecurity awareness training [15] (Adams and Makramalla). 3.1. GAMIFICATION OF CYBERSECURITY EDUCATION An important principle of game design is the meaningfulness of the content to the players. Literature review shows that for a learning environment to be engaging, its context has to connect to the everyday lives of the learners. In the case of cybersecurity, the context is not a fictional world but a real one. The pervasiveness of cybersecurity affects the everyday lives of the users and their communities, so they are expected to meaningfully engage in the different tasks and activities created around this context, and presented as games. To conclude this section, this paper is advising the use of educational games as a means for community education to address the human weakness in cybersecurity, raise awareness of it, and assist abandoned users in getting protected. But the issue of cost and financial support remains unsolved. It is proposed to involve higher education institutions. 4. COMMUNITY EDUCATION Since issues of infrastructure are outside the interest of this research, and since this research is dedicated more to handle the matters of human weakness in cyberspace than infrastructure concerns, the problem of lack of awareness is the subject of emphasis. Under these circumstances, community education can be proposed as a solution. Community Education is a process whereby learning is used for both individual and community betterment. It is characterized by: 1) involvement of people of all ages, 2) the use of community learning, resources and research to bring about community change, and 3) the recognition that people can learn through, with and for each other to create a better world (Mezirow & Taylor, 2011). The problems facing community education can be summarized in the following: 1) it relies on non-traditional teaching, 2) its structure is so different from the school structure, 3) relationships between students and instructors, students among themselves, students and administration and instructors and administration are harder to manage and more sophisticated, 4) reaching out to students is more difficult than in school setting, and 5) the cost and financial support is usually the responsibility of the government or local authorities. 4.1. CYBERSECURITY COMMUNITY EDUCATION In the case of teaching about cybersecurity following community education principles, some of the factors dissolve. The issue of reaching out to students is not a problem as the environment is the online itself. In the same course, issues of relationships and administration get different orientation, since the instructor can become confined with the computer or smartphone. The age issue can be linked to learning which involves a process and content with corresponding characteristics. At this stage, gamification is proposed as a solution. 4.2. THE ROLES OF UNIVERSITIES IN COMMUNITY EDUCATION In principle, universities play a number of roles in their communities. They 1) assure continuity of basic education, 2) generate knowledge to drive and transform the community, 174

3) improve lives, raise wages and productivity, cultural and political benefits, etc. 4) answer to both governments and communities, 5) widen access and create equity in higher education, 6) work with communities on creating, mobilizing and applying knowledge, 7) and lastly, managing and creating sustainable community initiatives (Ali, 2010). So, the commitment of universities to their communities is obvious. Raising awareness, developing awareness and training programs and running them, doing research, developing software including educational games, can be some of the activities that universities can do as a contribution to nurture cybersecurity. So, since there is a need to raise awareness, develop the Internet ecosystem, and since community education contributes to the solution, universities shall contribute in cybersecurity education through providing community learning. 5. THE LEBANESE CASE A study made by We Are Social titled Digital Landscape: Middle East, North Africa & Turkey in July 2014 stated that in Lebanon whose population is 4,137,000 persons, the internet penetration amounts to 81% represented by 3,337,000 internet users, 94% of mobile subscription penetration represented by 3,900,000 users (We are social). Based on the numbers provided by the Bureau of Statistics in Lebanon, the total number of schools and universities students and the information users amount to 1,302,283. By taking a very optimistic stance in dealing with numbers, and assuming that all those in schools and information organization are reachable for raising awareness on cybersecurity, those who are left with no assistance is 2,034,717. Figure 1: Lebanon Overview Figure 2: Internet users in Lebanon Studies show that more than 50% of the users are not secure in the cyberspace due to 2 main factors: 1) issues related to infrastructure, and 2) lack of awareness. It can be easily concluded that in Lebanon two thirds of the users need assistance for both reasons mentioned above. 6. A PROPOSED PLAN FOR LEBANON Due to the large number of users in need to be reached in Lebanon under any awareness campaign or procedure, community education is needed. Accordingly, the more involved components of the society, the better the results can be. In the case of our study, universities have to play a major role. The case of the University of Balamand (UOB) can be cited as an example to show commitment and show how gamification can be a tool to support community education. 175

6.1. UOB S EXPERIENCE Since 2009, UOB had committed its self to raise awareness on cybersecurity. A cybersecurity awareness component was added in a number of courses across all the curricula at the university. A specialized graduate program is under study. A number of projects in the community were completed to raise awareness, like community campaigns at schools, NGOs, youth groups and others, training people on how to deal with cyber risks, development of training material, development of software, delivering training, in addition to creating some partnerships which are project based. Some memoranda of understanding were signed with specialized institutions. 6.2. GAMIFICATION AS A TOOL FOR COMMUNITY EDUCATION As the process dealt with in this paper is online and the players are online users, and based on the facts stated above on the validity of educational games to raise awareness on cybersecurity, UOB started a project named Asfalia in 2014 2015. Asfalia is a cybersecurity gamification lab, aiming at: 1): the arabization of open source cyber security games to reach the masses, 2) organizing a summer camp to materialize the community partnership, and 3) games development. 7. CONCLUSION Cybersecurity is not anymore a purely academic issue, but a national concern with multinational dimensions. The diversity of users and their backgrounds requires innovative solutions. Universities, as a workroom of innovation, are expected to offer contributions that go beyond simple teaching of courses. A commitment to innovate solutions that nurture awareness, and encourage the development of a secure cyber ecosystem is required. UOB, as a leading university in Lebanon, is exploiting gamification to increase the outreach of cybersecurity awareness outreach as a means of community education. 8. REFERENCES [1]. Thales (2013). The Human Component of Cyber Security. November 2013. Retrieved from www.thalescyberassurance.com on 1/6/2015. [2]. Ohler, J. (2011). Digital Citizenship Means Character Education for the Digital Age, Kappa Delta Pi Record, 47:sup1, 25-27, DOI: 10.1080/00228958.2011.10516720 [3]. Ribble, M. (2012). Digital Citizenship for Educational Change. Kappa Delta Pi Record, 48:4, 148-151, DOI: 10.1080/00228958.2012.734015 [4]. Brownell, L. (2013). Nine Elements of Digital Citizenship. http://www.sophia.org/ tutorials/nine-elements-of-digital-citizenship. Retrieved on 1/6/2015. [5]. Huotari, K., & Hamari, J. (2012). Defining Gamification - A Service Marketing Perspective. In Proceedings of The 16th International Academic Mindtrek Conference, Tampere, Finland, October 3-5, 2012. [6]. Korolov, M. (2012) Gamification on the Enterprise. Networkworld.com, 10 September 2012, pp.30-36. [7]. Rouse, K. (2013). Gamification in science education: The relationship of educational games to motivation and achievement. The University Of Southern Mississippi. Publication number: 3569748. [8]. Goehle, G. (2013). Gamification and Web based Homework. PRIMUS, 23(3), 234 246. [9]. Danowska-Florczyk, E. & Mostowski, P. (2012). Gamification as a new direction in teaching Polish as a foreign language. Proceedings of the international conference ICT for Language Learning, 5 th edition, Florence, Italy, 15-16 November 2012. [10]. Gordillo, A., Gallego, D., Barra, E., & Quemada, J. (2013). The city as a learning 176

gamified platform. Frontiers in Education Conference (pp. 372 378). [12]. Gabarron, E., Schopf, T., Serrano, J. A., Fernandez Luque, L., & Dorronzoro, E. (2012). Gamification Strategy on Prevention of STDs for Youth. Studies in health technology and informatics, 192, 1066 1066. [12]. Li, C., Dong, Z., Untch, R. H., & Chasteen, M. (2013). Engaging Computer Science Collaborative Learning Environment. International Journal of Information and Educational Technology, 3(1), 72 77. [13]. Sheth, S. K., Bell, J. S., & Kaiser, G. E. (2012). Increasing Student Engagement in Software Engineering with Gamification. Retrieved from www.academiccommons.columbia.edu [14]. Reiners, T., Wood, L. C., Chang, V., Gütl, C. H., Teräs, H., & Gregory, S. (2012). Operationalising gamification in an educational authentic environment. IADIS Internet Technologies and Society, (pp. 93 100). Perth, Australia. [15]. Adams, M. and Makramalla, M. (2015) Cybersecurity Skills Training: An Attacker- Centric Gamified Approach. Technology Innovation Management Review. January 2015. P 5-14. [16]. Mezirow, J. & Taylor, E. W. (2011). Transformative Learning in Practice: Insights from Community, Workplace, and Higher Education. John Wiley & Sons. pp. 121-126. [17]. Ali, A. (2010). Developing the Community: The Role of Universities and Open and Distance Learning. The 6 th Pan-Commonwealth Forum on Open Learning. 24-28 November 2010. Kochi, India. Retrieved on 24/4/2015 from http://www.col.org/resources/speeches /2010presentation/Pages/2010-11-26.aspx. [18]. We Are Social (2014). Digital Landscape: Middle East, North Africa & Turkey. Retrieved from http://www.slideshare.net/wearesocialsg/social-digital-mobile-in-themiddle-east-north-africa-turkey, on 1/6/2015 177

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information