A CTF-Based Approach in Cyber Security Education for Secondary School Students

Md Nabil Ahmad Zawawi,Ahmad Dahaqin Ibrahim Ahmad Dahaqin Ibrahim,Ahmad Haziq Ashrofie Hanafi Ahmad Haziq Ashrofie Hanafi,Haikal Rokman Haikal Rokman,Zul-Azri Ibrahim,Fiza Abdul Rahim

doi:10.52650/ejcsit.v7i1.107

Md Nabil Ahmad Zawawi, Ahmad Dahaqin Ibrahim Ahmad Dahaqin Ibrahim

Open Access

https://doi.org/10.52650/ejcsit.v7i1.107

Copy DOI

Abstract

Cybersecurity education topics require technical understanding. However, it is a challenging task for any teacher to introduce topics to students who have no technical background. Recently, the concept of gamification has been implemented as a tool to inculcate student’s interest using a variety of popular in-games techniques and applying them to educational modules. Extending from this notion, it was found that Capture the Flag (CTF) competition style is a successful way of introducing students to various technical concepts in the standard computer science curriculum. During the 2019 school holiday, a CTF for secondary school students was run at Universiti Tenaga Nasional (UNITEN) with the primary goal of introducing secondary school students to various cybersecurity topics and also to inculcate their interest in cybersecurity. The method that we used is different from other CTF or similar events, in which we use a scenario-based approach. We found that this method attracts participants in solving each challenge in a competitive environment.

Highlights

Since 2017, the Malaysian education system has integrated computer science in the secondary school curriculum through the Standard Based Curriculum for Secondary Schools (KSSM)
Since most of the pre-requisites for enrolling in cybersecurity courses at the university are a credit in the subject of Additional Mathematics in Sijil Pelajaran Malaysia (SPM), this limits the selection of cybersecurity courses at the university level among school leavers
From our review in Malaysian school syllabus as of 2019 based on computer science stream in secondary school’s textbooks “Basic Computer Science” for lower secondary and “Computer Science” for upper secondary, we found out that for computer science stream students in secondary school, most of the syllabus consists of programming, algorithm and problemsolving

Summary

Introduction

Since 2017, the Malaysian education system has integrated computer science in the secondary school curriculum through the Standard Based Curriculum for Secondary Schools (KSSM). This implementation is seen as a great initiative to increase the number of students with computer science skills. Statistics show a steady drop in student enrolment in the Science stream at the secondary school [1]. Since most of the pre-requisites for enrolling in cybersecurity courses at the university are a credit in the subject of Additional Mathematics in SPM, this limits the selection of cybersecurity courses at the university level among school leavers

Methods

Results

Conclusion