Social engineering awareness game (SEAG): an empirical evaluation of using game towards improving information security awareness
The sharp rise of social engineering attacks in recent years poses serious threats to technology consumers.This is due to the degree of damage that can be done through social engineering. This paper seeks to elaborate on the use of a Social Engineering Awareness Game (SEAG) to improve the rate of aw...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://repo.uum.edu.my/15544/1/PID080.pdf http://repo.uum.edu.my/15544/ http://www.icoci.cms.net.my/proceedings/2015/TOC.html |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Utara Malaysia |
| Language: | English |
| Summary: | The sharp rise of social engineering attacks in recent years poses serious threats to technology consumers.This is due to the degree of damage that can be done through social engineering. This paper seeks to elaborate on the use of a Social Engineering Awareness Game (SEAG) to improve the rate of awareness of social engineering.This game was tailored towards the needs of technology consumers that are intended to make use of it by ensuring that not only it is knowledgeable but also attractive and fun. In this paper we highlighted the objectives of this study and how it was done.A control laboratory experiment involving participants randomly assigned
to either the experimental group or control group (using paper-based) to evaluate the outcome. The impact that the game had on the participants
was recorded with an average of 71% improvement in their knowledge and awareness of social engineering, this made them to find the game beneficial and informative.The major drawback of the game is it needs to be more user-friendly
and centered.We conclude by showing the need for more research to be put in place pertaining to the aspect of using games in the educational
field especially in the network security field that has more threats growing rapidly. |
|---|