The global shortage of cybersecurity experts poses a daunting challenge for organizations seeking to protect their assets and data. In response to the global workforce shortage, cyber range exercises (CRXs) have the potential to equip individuals for future positions in cybersecurity. However, CRXs often fall short by overwhelming participants cognitively which, in turn, leads to ineffective learning experiences. This can be attributed to the fact that models and theories on instructional design that focus on learning and motivation are only marginally considered in CRX design. To address this challenge, we take an interdisciplinary approach to integrating insights from instructional design into cybersecurity. We propose six design principles, derived from established instructional models, in order to enable CRX designers to implement these design principles into a CRX that represents an effective learning experience for novices in the field of cybersecurity incident response. To evaluate the effectiveness of this principle-driven CRX design, we conducted a user study with
This project consists of three repositories of the CRX prototype:
-
InstruCRX_backend: The backend of the CRX (consisting of the ICS simulation and the SIEM system):
-
InstruCRX_frontend: The frontend providing the main user interface of the CRX (consisting of the SIEM dashboard and the Learning Management System)
-
InstruCRX_userManagement: The user management platform over which users register for the CRX and collaboratively submit flags (flag submission platform)
The prototype architecture is depicted in the following figure:
For reproducability, we created an additional repository which documents the empirical user study we conducted to evaluate the effectiveness of the CRX design
InstruCRX_userStudy: This reporitory includes (1) all data we retrieved in the user study and (2) the questionnaires that were used in the user study.