J 2024

Using data clustering to reveal trainees’ behavior in cybersecurity education

DOČKALOVÁ BURSKÁ, Karolína, Jakub Rudolf MLYNÁRIK and Radek OŠLEJŠEK

Basic information

Original name

Using data clustering to reveal trainees’ behavior in cybersecurity education

Authors

DOČKALOVÁ BURSKÁ, Karolína (203 Czech Republic, guarantor, belonging to the institution), Jakub Rudolf MLYNÁRIK (703 Slovakia, belonging to the institution) and Radek OŠLEJŠEK (203 Czech Republic, belonging to the institution)

Edition

Education and Information Technologies, Springer, 2024, 1360-2357

Other information

Language

English

Type of outcome

Article in a journal

Field of Study

10201 Computer sciences, information science, bioinformatics

Country of publisher

United States of America

Confidentiality degree

is not subject to a state or trade secret

References:

Impact factor

Impact factor: 4.800 in 2023

Organization unit

Faculty of Informatics

DOI

UT WoS

001160428500002

Keywords in English

visual analytics; clustering analysis; hands-on learning; visualization

Tags

Reviewed
Changed: 18/10/2024 11:14, doc. RNDr. Radek Ošlejšek, Ph.D.

Abstract

V originále

In cyber security education, hands-on training is a common type of exercise to help raise awareness and competence, and improve students' cybersecurity skills. To be able to measure the impact of the design of the particular courses, the designers need methods that can reveal hidden patterns in trainee behavior. However, the support of the designers in performing such analytic and evaluation tasks is ad-hoc and insufficient. With unsupervised machine learning methods, we designed a tool for clustering the trainee actions that can exhibit their strategies or help pinpoint flaws in the training design. By using a \emph{k-means++} algorithm, we explore clusters of trainees that unveil their specific behavior within the training sessions. The final visualization tool consists of views with scatter plots and radar charts. The former provides a two-dimensional correlation of selected trainee actions and displays their clusters. In contrast, the radar chart displays distinct clusters of trainees based on their more specific strategies or approaches when solving tasks. Through iterative training redesign, the tool can help designers identify improper training parameters and improve the quality of the courses accordingly. To evaluate the tool, we performed a qualitative evaluation of its outcomes with cybersecurity experts. The results confirm the usability of the selected methods in discovering significant trainee behavior. Our insights and recommendations can be beneficial for the design of tools for educators, even beyond cyber security.

Links

CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)
Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)
Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research

Files attached

2024-using-data-clustering-reveal-trainees-behavior-cybersecurity-education-paper.pdf Licence Creative Commons File version