Deconstructing Gamified Approaches to Security and Privacy
Co-located with SOUPS 2023
Sunday August 6, 2023 — 10.00am ‐ 1.30pm PDT (GMT-7)
Important Dates
All dates are Anywhere on Earth (AoE) time,
unless otherwise specified
Acceptance Notification to Authors
Thursday June 8th 2023
Camera Ready Papers Due
Thursday June 22nd 2023
Attend the Workshop!
10.00am — 11.30pm. Sunday 6th August 2023
About the Workshop
The importance of understanding and interpreting knowledge in the areas of security and privacy is paramount as we observe the rise of the Internet of Things (IoT), Artificial Intelligence (AI), and many other influential technologies. Unfortunately, many aspects of security and privacy are often undermined by perceptions of steep learning curves, a requirement of specialist knowledge and a lack of appropriate training and funding within organisations. In particular, this may relate more to non-technical individuals and those who may use computing equipment and write software code without any formal software engineering training. As a solution to this, the use of gamified approaches can be employed to increase user awareness and engagement in activities related to security and privacy, such as training and risk management, which can lead to better understanding and outcomes related to best practices in security and privacy. This workshop will aim to develop and stimulate discussions around how gamified approaches can be used in the fields of security and privacy, looking into areas such as the design challenges that one may face when designing cybersecurity games, or how serious games (and others) can be used in cybersecurity.
Call for Papers
The importance of understanding and interpreting knowledge in the areas of security and privacy is paramount as we observe the rise of the Internet of Things (IoT), Artificial Intelligence (AI), and many other influential technologies. Unfortunately, many aspects of security and privacy are often undermined by perceptions of steep learning curves, a requirement of specialist knowledge and a lack of appropriate training and funding within organisations. In particular, this may relate more to non-technical individuals and those who may use computing equipment and write software code without any formal software engineering training. As a solution to this, the use of gamified approaches can be employed to increase user awareness and engagement in activities related to security and privacy, such as training and risk management, which can lead to better understanding and outcomes related to best practices in security and privacy.
This workshop aims to develop and stimulate discussions around how gamified approaches can be used in the fields of security and privacy. We will consider topics including, but not limited to:
- Novel experimental games, environments and interactions in the area of security and privacy
- Design challenges related to gamified approaches in security and privacy
- Game dynamics, game mechanics and learning mechanics applicable to security and privacy
- Serious games in cybersecurity
- Misuse of gamified approaches
We solicit papers describing new research contributions that spark interest in this area, as well as case studies, preliminary results, novel ideas and position papers. Papers should be at most 4 pages (excluding references and appendices) and 6 pages at most in total, using the SOUPS template format (MS Word or LaTeX). Papers must be submitted as a PDF file. Please note that committee members are not required to read the appendices, so the paper should be intelligible without them. All submissions must be written in English.
Submissions not meeting these guidelines risk rejection without consideration of their merits.
Submissions should be fully anonymised for double-blind review. Submissions may be made at the workshop's HotCRP submission page. Papers should be succinct and contributions made clear, but also thorough in presentation of the work. Each paper will be allocated a 10-minute slot for presentation with 5 minutes for questions/discussion. Successful submissions to this workshop will gain valuable insights into the various elements that compose successful gamified approaches to understanding security and privacy, and how various challenges in this field can be addressed. Accepted papers will be encouraged to publish their work on arXiv and reference this workshop, with papers also being listed with their corresponding authors on this workshop webpage before the conference and will remain here thereafter.
Registration
There is no fee for attending this workshop. Registration is done through the SOUPS portal. Once the main registration is complete, please fill out the workshop registration form. If you would like to invite someone, they are required to register separately as well. Registration closes on TBC, 2023. Please note that all accepted workshop papers require at least one author to attend the event in-person and attendees will participate during in-workshop activities (remember to bring your laptop!).
Schedule
| Time | Details |
|---|---|
| 10.00am ‐ 10.10am | Opening Remarks |
| Session 1 | |
| 10.10am ‐ 10.20am | Paper 1 |
| 10.25am ‐ 10.35am | Paper 2 |
| 10.40am ‐ 10.55am | Paper 3 |
| 10.55am ‐ 11.10am — Break (15 mins) | |
| 11.10am ‐ 12.30am | Workshop Activity ‐ Deconstructing Serious Games Using Cards |
| Session 2 | |
| 12.30am ‐ 12.40am | Paper 4 |
| 12.45am ‐ 12.55am | Paper 5 |
| 13.00pm ‐ 13.10pm | Paper 6 |
| 13.10pm ‐ 13.25pm | Discussion on Deconstruction Approach |
| 13.25pm ‐ 13.30pm | Closing Remarks |
Note: the schedule will be updated accordingly closer to the date of the workshop.
Workshop Activity
Participants will take part in an activity during the workshop which focuses on the deconstruction of serious games. Participants will be split into groups, who will then play a provoking game. After playing the provoking game and reflecting on the experience, participants will then be introduced to cybersecurity cards, which showcase key topics that encompass the attack-defence-vulnerability dichotomy in cybersecurity, as well as game mechanics and learning mechanics cards, which will be used to deconstruct the provoking game into these three components of Triadic Game Design (TGD). The groups will then have a first opportunity to select a subset of the cards which represent their discussions on the deconstruction of the game and these will be placed onto a wall, where all groups will be able to see what they have chosen. Throughout the workshop, these choices may be reviewed and discussed in the breaks by other groups. Before the end of the workshop, an expert in game and learning mechanics will present a strategic approach to using the learning and game mechanics cards to deconstruct the provoking game, and the workshop activity will end with choosing the best card selection from a group of participants based on a peer vote at the end of the workshop.
Organising Committee
Ryan Shah
Manuel Maarek
Lynne Baillie
Shenando Stals
Sandy Louchart
Program Committee
Lynne Coventry
Jessica Vitak
Nalin Asanka Gamagedara Arachchilage
Ryan Shah
Manuel Maarek
Lynne Baillie
Shenando Stals
Sandy Louchart
Contact
For enquiries, feel free to mail us at soups23-dgasp@usenix.org.