CTF for education
Yi Lyu, Luke Dotson, Nic Draves, Andy Zhang
TL;DR
This paper analyzes various categories of Capture The Flag (CTF) competitions and discusses how combining different formats can enhance cybersecurity education and learning outcomes.
Contribution
It categorizes CTF types, compares their educational benefits, and advocates for combining formats to improve cybersecurity training.
Findings
Combining all four CTF types enhances cybersecurity knowledge.
Different CTF formats have unique learning objectives and accessibility features.
A comprehensive approach benefits cybersecurity education.
Abstract
In this paper, we take a close look at how CTF can be used in cybersecurity education. We divide the CTF competitions into four different categories, which are attack-based CTFs, defense-based CTFs, jeopardy CTFs and gamified and wargames CTFs. We start our analysis by summarizing the main characteristics of different CTF types. We then compare them with each other in both learning objectives and other aspects like accessibility. We conclude that combining all four CTF formats can help participants build one's cybersecurity knowledge. By doing that, we hope that our findings will provide some useful insights for future CTF educators.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Teaching and Learning Programming · Web Application Security Vulnerabilities