Cybersecurity serious games development: A systematic review

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computers & Security Pub Date : 2025-03-01 Epub Date: 2024-12-30 DOI:10.1016/j.cose.2024.104307

Chiu Yeong Ng, Mohammad Khatim Bin Hasan

{"title":"Cybersecurity serious games development: A systematic review","authors":"Chiu Yeong Ng, Mohammad Khatim Bin Hasan","doi":"10.1016/j.cose.2024.104307","DOIUrl":null,"url":null,"abstract":"<div><div>Cybercrime tactics evolve alongside technology, prompting researchers to enhance cybersecurity training for diverse internet users. Serious games have been developed as modern training methods over the years. However, despite all efforts, cybercrime cases continue to rise. This motivated the paper to conduct a comprehensive review of cybersecurity game development from 2014 to 2024, using PRISMA guidelines. The type of games covered include serious games, gamification and entertainment games. The scope of the games studied cover basic or general cybersecurity knowledge and specific fields such as ethical hacking and computer networking. A total of 53 papers were identified and analyzed in this study. The analysis results showed that most cybersecurity games were developed for users who already possessed prior knowledge of the topics delivered, though there were quite a number of games targeting general internet users. The majority of the games seemed to focus on technical aspects more than human aspects by training users on technology-related topics such as hacking, network architectures, and more. Game design suggestions and potential features were also discussed in this paper. Considering game design aspects could help practitioners and researchers in the future when developing new games, the discussions in this paper could be beneficial in improving cybersecurity training efficacy and mitigating cybercrime risks.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"150 ","pages":"Article 104307"},"PeriodicalIF":5.4000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824006138","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/12/30 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Cybercrime tactics evolve alongside technology, prompting researchers to enhance cybersecurity training for diverse internet users. Serious games have been developed as modern training methods over the years. However, despite all efforts, cybercrime cases continue to rise. This motivated the paper to conduct a comprehensive review of cybersecurity game development from 2014 to 2024, using PRISMA guidelines. The type of games covered include serious games, gamification and entertainment games. The scope of the games studied cover basic or general cybersecurity knowledge and specific fields such as ethical hacking and computer networking. A total of 53 papers were identified and analyzed in this study. The analysis results showed that most cybersecurity games were developed for users who already possessed prior knowledge of the topics delivered, though there were quite a number of games targeting general internet users. The majority of the games seemed to focus on technical aspects more than human aspects by training users on technology-related topics such as hacking, network architectures, and more. Game design suggestions and potential features were also discussed in this paper. Considering game design aspects could help practitioners and researchers in the future when developing new games, the discussions in this paper could be beneficial in improving cybersecurity training efficacy and mitigating cybercrime risks.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

网络安全严肃游戏开发：系统回顾

网络犯罪策略随着技术的发展而发展，这促使研究人员加强对不同互联网用户的网络安全培训。多年来，严肃游戏已经发展成为现代训练方法。然而，尽管所有的努力，网络犯罪案件继续上升。这促使本文使用PRISMA指南对2014年至2024年的网络安全游戏开发进行全面审查。所涵盖的游戏类型包括严肃游戏、游戏化和娱乐游戏。研究的游戏范围涵盖了基本或一般的网络安全知识和特定领域，如道德黑客和计算机网络。本研究共识别和分析了53篇论文。分析结果显示，大多数网络安全游戏是为那些已经掌握了所传递主题的用户开发的，尽管有相当多的游戏针对的是普通互联网用户。大多数游戏似乎更关注技术方面，而不是人的方面，通过训练用户了解与技术相关的主题，如黑客、网络架构等。本文还讨论了游戏设计建议和潜在功能。考虑到游戏设计方面可以帮助从业者和研究人员在未来开发新游戏时，本文的讨论可能有助于提高网络安全培训效率和降低网络犯罪风险。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.