key: cord-0553376-bpr2qn34
authors: Shepherd, Lynsay A.; Paoli, Stefano De; Conacher, Jim
title: Human-Computer Interaction Considerations When Developing Cyber Ranges
date: 2020-07-09
journal: nan
DOI: nan
sha: 852c7ec055a483a69aadf3fad2257a1a6ce6b684
doc_id: 553376
cord_uid: bpr2qn34

The number of cyber-attacks are continuing to rise globally. It is therefore vital for organisations to develop the necessary skills to secure their assets and to protect critical national infrastructure. In this short paper, we outline upon human-computer interaction elements which should be considered when developing a cybersecurity training platform, in an effort to maintain levels of user engagement. We provide an overview of existing training platforms before covering specialist cyber ranges. Aspects of human-computer interaction are noted with regards to their relevance in the context of cyber ranges. We conclude with design suggestions when developing a cyber range platform.

In the field of cybersecurity, there is a growing interest in the design, development, and deployment of training platforms such as cyber ranges which can supplement and improve security professionals skills. In this short paper, we aim to present an overview of existing cybersecurity training platforms, alongside a brief discussion of Human-Computer Interaction (HCI) elements which should be considered when developing a specialised cyber range platform. We then offer guidance for improving and maintaining user engagement with these platforms through consideration of appropriate HCI techniques.

This section provides a definition of HCI, and gives an overview of cybersecurity training platforms. It then covers cyber ranges and their relevance in a secure modern society.

Human-computer interaction (HCI) is a broad field which initially focused on a combination of human factors engineering and cognitive science [4] , and continues to link in with the areas of interaction design, ergonomics, informatics, and psychology. HCI has also been incorporated into the field of cybersecurity, where it is termed HCISec (HCI security) and usable security.

Though HCI is linked to a number of fields and communities, the overarching goal is the "linkage of critical analysis of usability, broadly understood, with development of novel technology and applications" [4] .

Training platforms are directly connected with the learning experience of the user; therefore, the user interface plays an essential role in both supporting learning pathways and keeping the users aware of the underlying processes simulated by the training platform.

Cybersecurity training platforms have been used in a number of domains. These educational tools range from small mobile applications geared towards raising public security awareness to those aimed at corporations.

Examples of such training platforms include: 

Cyber ranges can be defined as "interactive, simulated representations of an organizations local network, system, tools, and applications that are connected to a simulated Internet level environment" [19] , and are a specific type of training platform created for security professionals. They are typically composed of a virtual network environment and allow for the creation of simulated cyber-attack scenarios and incident response exercises. There is a growing need for training platforms such as cyber ranges. Owing to the sustained increase in cyber-attacks experienced by organizations around the World (particularly in the wake of the COVID-19 pandemic [14] ), continually enhancing the cybersecurity resilience of such organizations is essential to help to ensure that critical national infrastructure remains protected.

Existing cyber ranges encompass a variety of areas, but they have generally been created for military, research and commercial purposes. Examples of existing cyber ranges include the US Department of Defence Cyber Security Range [17] (military), the Austrian Institute of Technology Cyber Range [1] (academic) or the IBM Cyber Range [10] (commercial). Cyber ranges are a developing area for research e.g. the European Commission's H2020 Digital Security programme has funded platforms such as FORESIGHT [8] .

To ensure cyber ranges deliver an appropriate user experience in the context of an educational platform, we present design recommendations which aim to improve knowledge acquisition and maintain a high level of user engagement.

Although human-computer interaction is a large field, there are some key areas which are appropriate in the context of the cyber ranges. This is not an exhaustive list of all applicable elements, but an overview of perhaps the most important aspects. The areas mentioned offer the possibility of keeping the user engaged in the context of a cybersecurity training platform.

User Interface (UI) The role of interface design in helping users learn has been explored in the context of e-learning. Work by Guralnick [9] highlights key factors in user interface design which aid the user. These include the layout of elements on-screen (to guide the users' eye to look at the relevant information), consideration of learner paths to help the user stay focused, and well-presented guidance on-screen to provide the user with feedback.

Crucially, if the UI is difficult to navigate, the user will become frustrated, and this will detract from the learning process. Existing cyber ranges such as the Kypo cyber range [5] considered the role of the UI, and have utilised a portal based on Liferay Portals [16] to ensure users of all abilities can interact with the system. Developers should consider building upon existing frameworks to provide a suitable UI for a cyber range.

Visualization Information visualization has proved successful in supporting learning [13] . Developers should consider deploying the use of user-centred design methods when creating visualisations in the cybersecurity domain [18] . Many examples of cybersecurity visualisations already exist, including Kaspersky Cyber Threat map [12] and the Talos Spam and Malware Map [22] . Such tools could be incorporated into a cyber range to help the user assess the impact of potential threats e.g. identifying the source of a DDOS attack.

Design Patterns Design patterns are design solutions to resolve common problems in software development. These can utilise theories of motivation [p3] [15] to create an engaging educational platform. Additionally, these patterns can be designed to be gameful, linking in with section 3.1 of this paper. Gameful design patterns can incorporate some of the elements which are used in gamification, such as badges and leaderboards. Gameful design patterns are particularly well-suited to applications with "heavy simulation elements that the user should explore", [p34] [15] a category which cyber ranges fall into.

Gamification Gamification involves the use of gaming mechanics in traditionally non-gaming environments [23] . Duolingo is a popular application which uses a combination of gamification elements such as learning paths, points, badges, scores, and leaderboards to help users learn new languages [7] .

Gamification has been used in several existing cybersecurity training platforms and thus can be applied to cyber ranges. Existing cybersecurity work which has utilised gamification includes prototype mobile applications aimed at raising public security awareness [21] . Furthermore, it has also been suggested for use in cyber defence training [2] , and used to tackle threats against critical national infrastructure [6] .

In this paper, we have provided an overview of existing cybersecurity training platforms, and have highlighted the developing field of cyber ranges. We have also outlined aspects of HCI which may help the end-user remain engaged with the platform, supporting learning and consolidating knowledge gained. We hope that developers of cyber ranges will take these elements of human-computer interaction into consideration, creating an engaging cybersecurity platform.

AIT: Cyber range & training

Gamified training for cyber defence: Methods and automated tools for situation and threat assessment

Nophish app evaluation: lab and retention study

Human computer interaction (hci)

Kypo-a platform for cyber defence exercises

Using gamification to raise awareness of cyber threats to critical national infrastructure

FORESIGHT: Foresight -advanced cyber-security simulation platform for preparedness training in aviation, naval and power-grid environments

IBM: X-force command cyber tactical operations center

Enhancing learning with visualization techniques

Cyber security in the age of covid-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic

Irresistible Apps: Motivational design patterns for apps, games, and web-based communities

Marines-The official website of the United States Marine Corps: DoD Cyber Security Range

Unlocking user-centered design methods for building cyber security visualizations

Accessed

Gamification techniques for raising cyber security awareness

An introduction to gamification in human-computer interaction