A story-driven gamified education on USB-based attack

Abstract

AbstractIn recent years, gamification has seen a rise in usage for cyber-security training, with some of the most used elements being story and narrative. Yet there seems to be a lack of research on story-based gamification as well as how this type of gamification affects a training’s effectiveness. The goal of this study was to test the effectiveness of story-driven gamification in the prevention of USB-based attacks among students. To do this a story-driven gamified training was designed and deployed among students. It was found that story-elements were perceived to have a positive impact on the effectiveness of gamification. Testing the game showed that adding elements such as a guide and introducing characters caused the game to be more engaging and participants to learn more. Even to the extent that it was stated to be better than other gamification attempts lacking a focus on narrative. Because this research focuses on just story-elements and not other often used gamification elements such as rewards and leaderboards, it creates a clear image of how they should be used. It aids the design of a gamified training by showing what questions need to be answered to make story-elements work as effectively as possible towards the goal of the training. This also provides a foothold for future frameworks that could be made in regard to the usage of story-elements in gamification and education. During the research, there were also some questions raised that could be researched further such as a difference in results between participants with different study backgrounds.