Human-Computer Interaction Considerations When Developing Cyber Ranges

by   Lynsay A. Shepherd, et al.
Abertay University

The number of cyber-attacks are continuing to rise globally. It is therefore vital for organisations to develop the necessary skills to secure their assets and to protect critical national infrastructure. In this short paper, we outline upon human-computer interaction elements which should be considered when developing a cybersecurity training platform, in an effort to maintain levels of user engagement. We provide an overview of existing training platforms before covering specialist cyber ranges. Aspects of human-computer interaction are noted with regards to their relevance in the context of cyber ranges. We conclude with design suggestions when developing a cyber range platform.



page 1

page 2

page 3

page 4


Threats, Protection and Attribution of Cyber Attacks on Critical Infrastructures

As Critical National Infrastructures are becoming more vulnerable to cyb...

A next-generation platform for Cyber Range-as-a-Service

In the last years, Cyber Ranges have become a widespread solution to tra...

Three Patterns to Support Empathy in Computer-Mediated Human Interaction

We present three patterns for computer-mediated interaction which we dis...

Harnessing Machine Learning, Data Analytics, and Computer-Aided Testing for Cyber Security Applications

While media reports frequently highlight the exciting aspects of the cyb...

Automating the Generation of Cyber Range Virtual Scenarios with VSDL

A cyber range is an environment used for training security experts and t...

Detecting Cyber-Related Discussions in Online Social Platforms

As the use of social platforms continues to evolve, in areas such as cyb...

ExploitWP2Docker: a Platform for Automating the Generation of Vulnerable WordPress Environments for Cyber Ranges

A cyber range is a realistic simulation of an organization's network inf...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1 Introduction

In the field of cybersecurity, there is a growing interest in the design, development, and deployment of training platforms such as cyber ranges which can supplement and improve security professionals’ skills. In this short paper, we aim to present an overview of existing cybersecurity training platforms, alongside a brief discussion of Human-Computer Interaction (HCI) elements which should be considered when developing a specialised cyber range platform. We then offer guidance for improving and maintaining user engagement with these platforms through consideration of appropriate HCI techniques.

2 Background

This section provides a definition of HCI, and gives an overview of cybersecurity training platforms. It then covers cyber ranges and their relevance in a secure modern society.

2.1 Human-Computer Interaction

Human-computer interaction (HCI) is a broad field which initially focused on a combination of human factors engineering and cognitive science [4], and continues to link in with the areas of interaction design, ergonomics, informatics, and psychology. HCI has also been incorporated into the field of cybersecurity, where it is termed HCISec (HCI security) and usable security.

Though HCI is linked to a number of fields and communities, the overarching goal is the “linkage of critical analysis of usability, broadly understood, with development of novel technology and applications” [4].

2.2 Cybersecurity Training Platforms

Training platforms are directly connected with the learning experience of the user; therefore, the user interface plays an essential role in both supporting learning pathways and keeping the users aware of the underlying processes simulated by the training platform.

Cybersecurity training platforms have been used in a number of domains. These educational tools range from small mobile applications geared towards raising public security awareness to those aimed at corporations.

Examples of such training platforms include:

  • Immersive Labs “Human Cyber Readiness Platform” - aimed at businesses, and features hands-on scenarios with Capture The Flag Challenges [11].

  • Cybersecurity Lab - browser-based game targeting young people to help them develop basic cyber security skills. The user plays the role of a Chief Technology Officer who must defend a company against attacks [20].

  • NoPhish - Android application to help the public identify phishing links [3].

2.3 Cyber Ranges

Cyber ranges can be defined as “interactive, simulated representations of an organization’s local network, system, tools, and applications that are connected to a simulated Internet level environment” [19], and are a specific type of training platform created for security professionals. They are typically composed of a virtual network environment and allow for the creation of simulated cyber-attack scenarios and incident response exercises. There is a growing need for training platforms such as cyber ranges. Owing to the sustained increase in cyber-attacks experienced by organizations around the World (particularly in the wake of the COVID-19 pandemic [14]), continually enhancing the cybersecurity resilience of such organizations is essential to help to ensure that critical national infrastructure remains protected.

Existing cyber ranges encompass a variety of areas, but they have generally been created for military, research and commercial purposes. Examples of existing cyber ranges include the US Department of Defence Cyber Security Range [17] (military), the Austrian Institute of Technology Cyber Range [1] (academic) or the IBM Cyber Range [10] (commercial). Cyber ranges are a developing area for research e.g. the European Commission’s H2020 Digital Security programme has funded platforms such as FORESIGHT [8].

3 Discussion

To ensure cyber ranges deliver an appropriate user experience in the context of an educational platform, we present design recommendations which aim to improve knowledge acquisition and maintain a high level of user engagement.

3.1 HCI and cyber ranges

Although human-computer interaction is a large field, there are some key areas which are appropriate in the context of the cyber ranges. This is not an exhaustive list of all applicable elements, but an overview of perhaps the most important aspects. The areas mentioned offer the possibility of keeping the user engaged in the context of a cybersecurity training platform.

3.1.1 User Interface (UI)

The role of interface design in helping users learn has been explored in the context of e-learning. Work by Guralnick [9] highlights key factors in user interface design which aid the user. These include the layout of elements on-screen (to guide the users’ eye to look at the relevant information), consideration of learner paths to help the user stay focused, and well-presented guidance on-screen to provide the user with feedback.

Crucially, if the UI is difficult to navigate, the user will become frustrated, and this will detract from the learning process. Existing cyber ranges such as the Kypo cyber range [5] considered the role of the UI, and have utilised a portal based on Liferay Portals [16] to ensure users of all abilities can interact with the system. Developers should consider building upon existing frameworks to provide a suitable UI for a cyber range.

3.1.2 Visualization

Information visualization has proved successful in supporting learning [13]. Developers should consider deploying the use of user-centred design methods when creating visualisations in the cybersecurity domain [18]. Many examples of cybersecurity visualisations already exist, including Kaspersky Cyber Threat map [12] and the Talos Spam and Malware Map [22]. Such tools could be incorporated into a cyber range to help the user assess the impact of potential threats e.g. identifying the source of a DDOS attack.

3.1.3 Design Patterns

Design patterns are design solutions to resolve common problems in software development. These can utilise theories of motivation [p3] [15] to create an engaging educational platform. Additionally, these patterns can be designed to be gameful, linking in with section 3.1.4 of this paper. Gameful design patterns can incorporate some of the elements which are used in gamification, such as badges and leaderboards. Gameful design patterns are particularly well-suited to applications with “heavy simulation elements that the user should explore”, [p34] [15] a category which cyber ranges fall into.

3.1.4 Gamification

Gamification involves the use of gaming mechanics in traditionally non-gaming environments [23]. Duolingo is a popular application which uses a combination of gamification elements such as learning paths, points, badges, scores, and leaderboards to help users learn new languages [7].

Gamification has been used in several existing cybersecurity training platforms and thus can be applied to cyber ranges. Existing cybersecurity work which has utilised gamification includes prototype mobile applications aimed at raising public security awareness [21]. Furthermore, it has also been suggested for use in cyber defence training [2], and used to tackle threats against critical national infrastructure [6].

4 Conclusion

In this paper, we have provided an overview of existing cybersecurity training platforms, and have highlighted the developing field of cyber ranges. We have also outlined aspects of HCI which may help the end-user remain engaged with the platform, supporting learning and consolidating knowledge gained. We hope that developers of cyber ranges will take these elements of human-computer interaction into consideration, creating an engaging cybersecurity platform.