Benefits and Pitfalls of Using Capture The Flag Games in University Courses

This publication doesn't include Faculty of Arts. It includes Institute of Computer Science. Official publication website can be found on muni.cz.

Authors

VYKOPAL Jan ŠVÁBENSKÝ Valdemar CHANG Ee-Chien

Type Article in Proceedings
Conference Proceedings of the 51st ACM Technical Symposium on Computer Science Education (SIGCSE '20)
MU Faculty or unit

Institute of Computer Science

Citation
Doi http://dx.doi.org/10.1145/3328778.3366893
Keywords cybersecurity; capture the flag; summative assessment; homework assignment; plagiarism; learning analytics; educational data mining
Attached files
Description The concept of Capture the Flag (CTF) games for practicing cybersecurity skills is widespread in informal educational settings and leisure-time competitions. However, it is not much used in university courses. This paper summarizes our experience from using jeopardy CTF games as homework assignments in an introductory undergraduate course. Our analysis of data describing students' in-game actions and course performance revealed four aspects that should be addressed in the design of CTF tasks: scoring, scaffolding, plagiarism, and learning analytics capabilities of the used CTF platform. The paper addresses these aspects by sharing our recommendations. We believe that these recommendations are useful for cybersecurity instructors who consider using CTF games for assessment in university courses and developers of CTF game frameworks.
Related projects: