Formalizing and Integrating User Knowledge into Security Analytics

Böhm, Fabian; Vielberth, Manfred; Pernul, Günther

doi:10.1007/s42979-022-01209-7

Cited by 1 publication

(1 citation statement)

References 30 publications

(41 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…ICS 31,3 3. Related work Böhm et al (2022) propose to use a VPL to simplify cybersecurity tasks that require a high amount of operational knowledge, such as the syntax of a specific security analytics tool. For this matter, the authors present a prototype that integrates a VPL into the productive security operations of an organization.…”

Section: Cybersecurity Training In Cyber Rangesmentioning

confidence: 99%

Improving cybersecurity skill development through visual programming

Glas

Vielberth

Reittinger

et al. 2023

ICS

Self Cite

View full text Add to dashboard Cite

Purpose Cybersecurity training plays a decisive role in overcoming the global shortage of cybersecurity experts and the risks this shortage poses to organizations' assets. Seeking to make the training of those experts as efficacious and efficient as possible, this study investigates the potential of visual programming languages (VPLs) for training in cyber ranges. For this matter, the VPL Blockly was integrated into an existing cyber range training to facilitate learning a code-based cybersecurity task, namely, creating code-based correlation rules for a security information and event management (SIEM) system. Design/methodology/approach To evaluate the VPL’s effect on the cyber range training, the authors conducted a user study as a randomized controlled trial with 30 participants. In this study, the authors compared skill development of participants creating SIEM rules using Blockly (experimental group) with participants using a textual programming approach (control group) to create the rules. Findings This study indicates that using a VPL in a cybersecurity training can improve the participants' perceived learning experience compared to the control group while providing equally good learning outcomes. Originality/value The originality of this work lies in studying the effect of using a VPL to learn a code-based cybersecurity task. Investigating this effect in comparison with the conventional textual syntax through a randomized controlled trial has not been investigated yet.

show abstract

Section: Cybersecurity Training In Cyber Rangesmentioning

confidence: 99%