What is it about?
Learning by doing is one of the most effective approaches in education. In the context of cybersecurity using Capture the Flag (CTF) challenges is one such method that is commonly used to test the participants skills. In this paper we discuss how we developed CTF-style exercises for students in IT Forensics courses and its impact on students' stress levels compared with taking part in traditional exams. Our surveys show that this type of assessment significantly reduces students' stress without sacrificing the quality of education or academic integrity.
Featured Image
Photo by Ilya Pavlov on Unsplash
Why is it important?
From technical perspective we have demonstrated that Capture the Flag style assessment generation can be automated for IT Forensics courses which allows to generate multiple instances of the same task design. This allows student collaboration in completing the assessment without causing academic integrity issues and at the same time it keeps the assessment fair to all students. From human aspect we surveyed students to see the impact of replacing traditional exams with CTF-style assessments. The results show significant reduction in stress for students. We should also emphasise that practical tasks where students need to apply their theoretical knowledge to the problem at hand is superior to mostly memory-base traditional exams in assessing students' skills to solve real-life scenarios.
Perspectives
I have been creating parametrised questions in cybersecurity subjects since 2011. It is nice to share a sample of my work in this area with this article and show the good impact of practical assessments on students' learning.
Sepehr Minagar
Monash University
Read the Original
This page is a summary of: Automatic Problem Generation for CTF-Style Assessments in IT Forensics Courses, June 2023, ACM (Association for Computing Machinery),
DOI: 10.1145/3587102.3588788.
You can read the full text:
Resources
Contributors
The following have contributed to this page
