Student Assessment in Cybersecurity Training Automated by
Pattern Mining and Clustering

J 2022

Student Assessment in Cybersecurity Training Automated by Pattern Mining and Clustering

ŠVÁBENSKÝ, Valdemar, Jan VYKOPAL, Pavel ČELEDA, Kristián TKÁČIK, Daniel POPOVIČ et. al.

Basic information

Original name

Student Assessment in Cybersecurity Training Automated by Pattern Mining and Clustering

Authors

ŠVÁBENSKÝ, Valdemar (703 Slovakia, guarantor, belonging to the institution), Jan VYKOPAL (203 Czech Republic, belonging to the institution), Pavel ČELEDA (203 Czech Republic, belonging to the institution), Kristián TKÁČIK (703 Slovakia, belonging to the institution) and Daniel POPOVIČ (703 Slovakia, belonging to the institution)

Edition

Education and Information Technologies, Springer, 2022, 1360-2357

Other information

Language

English

Type of outcome

Článek v odborném periodiku

Field of Study

10201 Computer sciences, information science, bioinformatics

Country of publisher

United States of America

Confidentiality degree

není předmětem státního či obchodního tajemství

References:

Published article in Springer database

Impact factor

Impact factor: 5.500

RIV identification code

RIV/00216224:14610/22:00125355

Organization unit

Institute of Computer Science

DOI

http://dx.doi.org/10.1007/s10639-022-10954-4

UT WoS

000775723900004

Keywords in English

cybersecurity education; security training; data science; educational data mining; learning analytics

Abstract

V originále

Hands-on cybersecurity training allows students and professionals to practice various tools and improve their technical skills. The training occurs in an interactive learning environment that enables completing sophisticated tasks in full-fledged operating systems, networks, and applications. During the training, the learning environment allows collecting data about trainees' interactions with the environment, such as their usage of command-line tools. These data contain patterns indicative of trainees' learning processes, and revealing them allows to assess the trainees and provide feedback to help them learn. However, automated analysis of these data is challenging. The training tasks feature complex problem-solving, and many different solution approaches are possible. Moreover, the trainees generate vast amounts of interaction data. This paper explores a dataset from 18 cybersecurity training sessions using data mining and machine learning techniques. We employed pattern mining and clustering to analyze 8834 commands collected from 113 trainees, revealing their typical behavior, mistakes, solution strategies, and difficult training stages. Pattern mining proved suitable in capturing timing information and tool usage frequency. Clustering underlined that many trainees often face the same issues, which can be addressed by targeted scaffolding. Our results show that data mining methods are suitable for analyzing cybersecurity training data. Educational researchers and practitioners can apply these methods in their contexts to assess trainees, support them, and improve the training design. Artifacts associated with this research are publicly available.

Links

EF16_019/0000822, research and development project

Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Files attached

2022-EAIT-student-assessment-cybersecurity-training-automated-pattern-mining-clustering-paper.pdf

Find similar documents

Citovat

ŠVÁBENSKÝ, Valdemar, Jan VYKOPAL, Pavel ČELEDA, Kristián TKÁČIK and Daniel POPOVIČ. Student Assessment in Cybersecurity Training Automated by Pattern Mining and Clustering. Education and Information Technologies. Springer, 2022, vol. 27, No 7, p. 9231-9262. ISSN 1360-2357. Available from: https://dx.doi.org/10.1007/s10639-022-10954-4.

@article{1832899,
   author = {Švábenský, Valdemar and Vykopal, Jan and Čeleda, Pavel and Tkáčik, Kristián and Popovič, Daniel},
   article_number = {7},
   doi = {http://dx.doi.org/10.1007/s10639-022-10954-4},
   keywords = {cybersecurity education; security training; data science; educational data mining; learning analytics},
   language = {eng},
   issn = {1360-2357},
   journal = {Education and Information Technologies},
   title = {Student Assessment in Cybersecurity Training Automated by Pattern Mining and Clustering},
   url = {http://dx.doi.org/10.1007/s10639-022-10954-4},
   volume = {27},
   year = {2022}
}

TY  - JOUR
ID  - 1832899
AU  - Švábenský, Valdemar - Vykopal, Jan - Čeleda, Pavel - Tkáčik, Kristián - Popovič, Daniel
PY  - 2022
TI  - Student Assessment in Cybersecurity Training Automated by Pattern Mining and Clustering
JF  - Education and Information Technologies
VL  - 27
IS  - 7
SP  - 9231-9262
EP  - 9231-9262
PB  - Springer
SN  - 13602357
KW  - cybersecurity education
KW  - security training
KW  - data science
KW  - educational data mining
KW  - learning analytics
UR  - http://dx.doi.org/10.1007/s10639-022-10954-4
N2  - Hands-on cybersecurity training allows students and professionals to practice various tools and improve their technical skills. The training occurs in an interactive learning environment that enables completing sophisticated tasks in full-fledged operating systems, networks, and applications. During the training, the learning environment allows collecting data about trainees' interactions with the environment, such as their usage of command-line tools. These data contain patterns indicative of trainees' learning processes, and revealing them allows to assess the trainees and provide feedback to help them learn. However, automated analysis of these data is challenging. The training tasks feature complex problem-solving, and many different solution approaches are possible. Moreover, the trainees generate vast amounts of interaction data. This paper explores a dataset from 18 cybersecurity training sessions using data mining and machine learning techniques. We employed pattern mining and clustering to analyze 8834 commands collected from 113 trainees, revealing their typical behavior, mistakes, solution strategies, and difficult training stages. Pattern mining proved suitable in capturing timing information and tool usage frequency. Clustering underlined that many trainees often face the same issues, which can be addressed by targeted scaffolding. Our results show that data mining methods are suitable for analyzing cybersecurity training data. Educational researchers and practitioners can apply these methods in their contexts to assess trainees, support them, and improve the training design. Artifacts associated with this research are publicly available.
ER  -

ŠVÁBENSKÝ, Valdemar, Jan VYKOPAL, Pavel ČELEDA, Kristián TKÁČIK and Daniel POPOVIČ. Student Assessment in Cybersecurity Training Automated by Pattern Mining and Clustering. \textit{Education and Information Technologies}. Springer, 2022, vol.~27, No~7, p.~9231-9262. ISSN~1360-2357. Available from: https://dx.doi.org/10.1007/s10639-022-10954-4.

Detailed Information on Publication Record