Applications of Educational Data Mining and Learning Analytics on Data From Cybersecurity Training
Cybersecurity professionals need hands-on training to prepare for managing the current advanced cyber threats. To practice cybersecurity skills, training participants use numerous software tools in computer-supported interactive learning environments to perform offensive or defensive actions. The interaction involves typing commands, communicating over the network, and engaging with the training environment. The training artifacts (data resulting from this interaction) can be highly beneficial in educational research. For example, in cybersecurity education, they provide insights into the trainees' learning processes and support effective learning interventions. However, this research area is not yet well-understood. Therefore, this paper surveys publications that enhance cybersecurity education by leveraging trainee-generated data from interactive learning environments. We identified and examined 3021 papers, ultimately selecting 35 articles for a detailed review. First, we investigated which data are employed in which areas of cybersecurity training, how, and why. Second, we examined the applications and impact of research in this area, and third, we explored the community of researchers. Our contribution is a systematic literature review of relevant papers and their categorization according to the collected data, analysis methods, and application contexts. These results provide researchers, developers, and educators with an original perspective on this emerging topic. To motivate further research, we identify trends and gaps, propose ideas for future work, and present practical recommendations. Overall, this paper provides in-depth insight into the recently growing research on collecting and analyzing data from hands-on training in security contexts.
READ FULL TEXT