Process Mining Analysis of Puzzle-Based Cybersecurity Training

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

MACÁK Martin OŠLEJŠEK Radek BÜHNOVÁ Barbora

Year of publication 2022
Type Article in Proceedings
Conference Proceedings of the 27th ACM Conference on on Innovation and Technology in Computer Science Education Vol. 1 (ITiCSE '22)
MU Faculty or unit

Faculty of Informatics

Citation
Web
Doi http://dx.doi.org/10.1145/3502718.3524819
Keywords cybersecurity training; CTF game; process mining; data analysis
Attached files
Description The hands-on cybersecurity training quality is crucial to mitigate cyber threats and attacks effectively. However, practical cybersecurity training is strongly process-oriented, making the post-training analysis very difficult. This paper presents process-mining methods applied to the learning analytics workflow. We introduce a unified approach to reconstruct behavioral graphs from sparse event logs of cyber ranges. Furthermore, we discuss significant data features that affect their practical usability for educational process mining. Based on that, methods of dealing with the complexity of process graphs are presented, taking advantage of the puzzle-based gamification of in-class training sessions.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.