•  
  •  
 

Publisher

The Association of Digital Forensics, Security and Law (ADFSL)

Abstract

A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel. These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability. This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study the use of games in training security teams. Studying how information security teams work, especially considering the topic of shared-situational awareness, could lead to better ways of forming, managing, and training teams. Studying the effectiveness of the game as a training tool could lead to better training for security teams.

References

Cebrowski, A. K., & Garstka, J. (1997). “Network centric warfare: Its origin and future. Naval Institute Proceedings,” 124(1), 28-36.

Dempsey, J. V., Haynes, L. L., Lucassen, B. A., & Casey, M. S. (2002). “Forty simple computer games and what they could mean to educators.” Simulation & Gaming, 33(2), 157-168.

Hevner, A. R., March, S. T., Park, J., & Ram, S. (2004). “Design science in information systems research.” MIS Quarterly, 28(1), 75-105.

Irvine, C. E., Thompson, M. F., & Allen, K. (2005). “CyberCIEGE: Gaming for information assurance.” Security & Privacy Magazine, 3(3), 61-64.

Kayes, A. B., Kayes, C. D., & Kolb, D. A. (2005). “Experiential learning in teams.” Simulation & Gaming, 36(3), 303-329.

Keys, B., & Wolfe, J. (1990). “The role of management games and simulations in education and research.” Journal of Management, 16(2), 307-337.

Kolb, D. A. (1984). Experiential learning: experience as the source of learning and development. Englewood Cliffs, N.J.: Prentice-Hall.

Saunders, J. H. (2002). “Simulation approaches in information security education.” Journal of Information Security, 1(2).

Twitchell, D. P., Wiers, K., Adkins, M., Burgoon, J. K., & Nunamaker, J., Jay F. (2005). ‘StrikeCOM: A multi-player online strategy game for researching and teaching group dynamics.’ Paper presented at the Thirty-Eighth Hawaii International Conference on System Sciences (CD/ROM), Big Island, Hawaii

DOI

https://doi.org/10.15394/jdfsl.2007.1029

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.