TY - GEN
T1 - A Gamified Learning Approach for IoT Security Education Using Capture-the-Flag Competitions
T2 - 29th Nordic Conference on Secure IT Systems, NordSec 2024
AU - Hamad, Mohammad
AU - Finkenzeller, Andreas
AU - Hasan, Monowar
AU - Pahl, Marc Oliver
AU - Steinhorst, Sebastian
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.
PY - 2025
Y1 - 2025
N2 - Cybersecurity is one of the most critical issues for Internet of Things (IoT) systems today and in the future. Therefore, it is essential to educate students about cybersecurity and provide them with the skills needed to design and protect secure IoT systems. We share the experience we gained using a gamified learning approach to IoT security by integrating Capture the Flag (CTF) competitions into our university course. During the semester, students form teams and compete against each other in hacking various educational systems designed in a practically relevant way on our CTF platform. In our paper, we introduce the architecture of the CTF platform and provide student feedback on its effectiveness in teaching IoT security. The evaluation reflects student feedback over three semesters. We also share our lessons learned from creating and maintaining the CTF platform and discuss ideas on how to improve it further. Overall, the students engaged extensively in the CTF, had positive experiences with the provided platform and challenges, and were highly satisfied with our teaching approach. Based on the positive feedback, we believe our approach is an effective way to educate students in IoT security, and we encourage others to adopt this method.
AB - Cybersecurity is one of the most critical issues for Internet of Things (IoT) systems today and in the future. Therefore, it is essential to educate students about cybersecurity and provide them with the skills needed to design and protect secure IoT systems. We share the experience we gained using a gamified learning approach to IoT security by integrating Capture the Flag (CTF) competitions into our university course. During the semester, students form teams and compete against each other in hacking various educational systems designed in a practically relevant way on our CTF platform. In our paper, we introduce the architecture of the CTF platform and provide student feedback on its effectiveness in teaching IoT security. The evaluation reflects student feedback over three semesters. We also share our lessons learned from creating and maintaining the CTF platform and discuss ideas on how to improve it further. Overall, the students engaged extensively in the CTF, had positive experiences with the provided platform and challenges, and were highly satisfied with our teaching approach. Based on the positive feedback, we believe our approach is an effective way to educate students in IoT security, and we encourage others to adopt this method.
KW - Active Learning
KW - Capture the Flag
KW - Internet-of-Things
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85218492602&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-79007-2_9
DO - 10.1007/978-3-031-79007-2_9
M3 - Conference contribution
AN - SCOPUS:85218492602
SN - 9783031790065
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 161
EP - 175
BT - Secure IT Systems - 29th Nordic Conference, NordSec 2024, Proceedings
A2 - Horn Iwaya, Leonardo
A2 - Kamm, Liina
A2 - Martucci, Leonardo
A2 - Pulls, Tobias
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 6 November 2024 through 7 November 2024
ER -