TY - GEN
T1 - A User Experience Study of MeetingMayhem
T2 - 29th Conference Innovation and Technology in Computer Science Education, ITiCSE 2024
AU - Huang, Shan
AU - Lee, Ji Woo
AU - Zhao, Chenyan
AU - Herman, Geoffrey L.
AU - Olano, Marc
AU - Oliva, Linda
AU - Sherman, Alan
N1 - Publisher Copyright:
© 2024 Owner/Author.
PY - 2024/7/3
Y1 - 2024/7/3
N2 - We report on our experiences fielding MeetingMayhem, an interactive game that we developed, which introduces students to fundamental concepts in network security, cybersecurity, and adversarial thinking. The game is intended for students who do not necessarily have any prior background in computer science. Assuming the role of agents, two players exchange messages over a network to try to agree on a meeting time and location, while an adversary interferes with their plan. Following the Dolev-Yao model, the adversary has full control of the network: they can see all messages and modify, block, or forward them. We designed the game as a web application, where groups of three students play the game, taking turns being the adversary. The adversary is a legitimate communicant on the network, and the agents do not know who is the other agent and who is the adversary. Through gameplay, we expect students to be able to (1) identify the dangers of communicating through a computer network, (2) describe the capabilities of a Dolev-Yao adversary, and (3) apply three cryptographic primitives: symmetric encryption, asymmetric encryption, and digital signatures. We conducted surveys, focus groups, and interviews to evaluate the effectiveness of the game in achieving the learning objectives. The game helped students achieve the first two learning objectives, as well as using symmetric encryption. We found that students enjoyed playing Meeting Mayhem. We are revising MeetingMayhem to improve its user interface and to better support students to learn about asymmetric encryption and digital signatures.
AB - We report on our experiences fielding MeetingMayhem, an interactive game that we developed, which introduces students to fundamental concepts in network security, cybersecurity, and adversarial thinking. The game is intended for students who do not necessarily have any prior background in computer science. Assuming the role of agents, two players exchange messages over a network to try to agree on a meeting time and location, while an adversary interferes with their plan. Following the Dolev-Yao model, the adversary has full control of the network: they can see all messages and modify, block, or forward them. We designed the game as a web application, where groups of three students play the game, taking turns being the adversary. The adversary is a legitimate communicant on the network, and the agents do not know who is the other agent and who is the adversary. Through gameplay, we expect students to be able to (1) identify the dangers of communicating through a computer network, (2) describe the capabilities of a Dolev-Yao adversary, and (3) apply three cryptographic primitives: symmetric encryption, asymmetric encryption, and digital signatures. We conducted surveys, focus groups, and interviews to evaluate the effectiveness of the game in achieving the learning objectives. The game helped students achieve the first two learning objectives, as well as using symmetric encryption. We found that students enjoyed playing Meeting Mayhem. We are revising MeetingMayhem to improve its user interface and to better support students to learn about asymmetric encryption and digital signatures.
KW - cybersecurity education
KW - educational game
KW - network security
UR - http://www.scopus.com/inward/record.url?scp=85198903736&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85198903736&partnerID=8YFLogxK
U2 - 10.1145/3649217.3653538
DO - 10.1145/3649217.3653538
M3 - Conference contribution
AN - SCOPUS:85198903736
T3 - Annual Conference on Innovation and Technology in Computer Science Education, ITiCSE
SP - 611
EP - 617
BT - ITiCSE 2024 - Proceedings of the 2024 Conference Innovation and Technology in Computer Science Education
PB - Association for Computing Machinery
Y2 - 8 July 2024 through 10 July 2024
ER -