Abstract:

Predictions based on Teoh et al. [1] show that more and more IT-Security specialists will be needed in the future. The current higher education teaching in the bachelor's degree in engineering disciplines barely deals with this topic, but prospective engineers must be able to develop future systems securely. For this reason, it is important to take a closer look at this gap and incorporate the topic of IT-Security into their curriculum, to impart knowledge and raise awareness for this subject.

Newer learning methods and techniques such as game-based learning (GBL) are enjoying an increasing popularity as their improvement in the education of subject specific topics can be proven by a variety of studies. Several studies and publications have shown that GBL can be implemented through so-called Educational Escape Rooms in order to convey new learning fields more sustainably. More specifically, in the escape room, the participants try to solve puzzles and riddles with learned knowledge to receive success experience and finally escape from the room. Therefore, we chose escape rooms as a tool to impart IT-Security in higher education of engineers.

To identify and evaluate already existing publications and experiences on educational escape rooms combined with different topics of IT-Security, this paper first deals with a systematic literature review (SLR) based on the process of Kitchenham et al. [2]. This process focused on both, the main topic Escape Rooms for Teaching IT-Security as well as additional metrics, e.g., type of paper, educational institution or target group. In total, we identified seven papers that discuss experimental studies, that used Educational Escape Rooms or escape room-like approaches with explicit learning tasks, e.g. cryptography tasks with different encryption algorithms, as well as two theoretical frameworks with exact step-by-step procedures for the development of such an educational escape room for the subject of IT-Security.

We then contribute with a concept and design of an educational escape room containing different learning tasks with focus on the topic of cryptography. We chose cryptography because it is currently an often discussed topic in society and an important topic of IT-Security. The tasks cover different cryptographic methods and hash algorithms, e.g. AES-256, RSA, SHA3-512, which are state of the art and currently used in many areas. The developed design is based on the identified frameworks of the literature review and considers all important aspects for the conception of an Educational Escape Room, which can influence the playing and learning experience e.g. Goals and Objectives/Tasks, Participants, Activities, Context and Trajectory Design. We defined specific goals and learning objectives for the topic of cryptography using the SOLO (Structure of the Observed Learning Outcome) taxonomy. The taxonomy was chosen, because it makes it possible to measure if the learning objectives have been met, e.g., with an exam. The escape room will be evaluated in the near future. A first design and metrics of the experimental study will be provided in the paper.

References:
[1] C. S. Teoh and A. K. Mahmood, “Cybersecurity workforce development for digital economy,” The Educational Review, USA, 2018.
[2] B. Kitchenham and P. Brereton, “A systematic review of systematic review process research in software engineering,” Information and Software Technology, vol. 55, no. 12, pp. 2049–2075, 2013.

Keywords:

IT security, educational escape room, higher education, cryptography, game-based learning.