APPLICATION OF ARTIFICIAL INTELLIGENCE FOR IMPROVING SITUATIONAL TRAINING OF CYBERSECURITY SPECIALISTS
Keywords:information technologies, cyber security, professional competencies in cyber security, situational learning, artificial intelligence
The article identifies the problem of the need for continuous development and improvement of practical skills for cybersecurity professionals due to the constant growth and evolution of threats to information and cyber security for organizations, businesses, society, and the state. The relevance of implementing innovative technologies to improve the methods of developing technical and managerial competencies of cybersecurity specialists in higher education institutions is justified in accordance with the strategic direction of education reform in Ukraine. The relevance of developing the ability and skills for cybersecurity professionals to respond promptly to threats is associated with the use of artificial intelligence by cybercriminals. The analysis conducted in this work allowed us to conclude the need for improvement of the situational teaching method as one of the main ways to develop the competencies of students majoring in Cybersecurity and Information Security in higher education institutions. One of the ways to improve the method is to use artificial intelligence tools in creating various types of tasks for classes. To create educational situations and options for resolving conflicting situations in cybersecurity management and cyber incidents with the aim of developing skills in future cybersecurity managers to make timely, correct, and effective decisions, it proposed to use the artificial intelligence tool - the ChatGPT language model. Thanks to its excellent capabilities, which include summarizing and analyzing articles, encoding, debugging, and generating thematic blocks of situations, it represents significant progress in the field of artificial intelligence. The application of ChatGPT allowed the creation of the necessary number of situational tasks with options for correct solutions in a short time, covering all areas of activity for cybersecurity specialists. However, during the research, there was a need for critical evaluation and verification of the information provided by the model for compliance with the context and rules, laws, and ethical norms that apply in each specific situation. This issue addressed by refining and specifying the request to the ChatGPT language model to generate situations.
Decree of the Cabinet of Ministers of Ukraine of February 23, 2022, No. 286. “On the approval of the Strategy for the Development of Higher Education in Ukraine for 2022-2032”. [Online]. Available: https://www.kmu.gov.ua/npas/pro-shvalennya-strategiyi-rozvitku-vishchoyi-osviti-v-ukrayini-na-20222032-roki-286- . Accessed on: Apr. 08, 2023. (in Ukrainian).
Verkhovna Rada of Ukraine. (2014), Law of Ukraine “On Higher Education”dated July 1, 2014 No. 1556 – VII, Gazette of the Verkhovna Rada (GVR), [Online]. Available: https://zakon.rada.gov.ua/laws/show/1556-18#Text. Accessed on: Apr. 10, 2023). (in Ukrainian).
Rawat, B. and Dwivedi, S.K, “An Architecture for Recommendation of Courses in E-learning System”. International Journal of Information Technology and Computer Science (IJITCS) Vol.9, No.4, Apr. 2017, рр.39-47. doi: https://doi.org/10.5815/ijitcs.2017.04.06 (in English).
Sonali Sharma and Shilpa Mahajan, “Design and Implementation of a Security Scheme for Detecting System Vulnerabilities”. International Journal of Computer Network and Information Security (IJCNIS) Vol.9, No.10, Oct. 2017, pp. 24–32 doi: https://doi.org/10.5815/ijcnis.2017.10.03. (in English).
Yu. Nosenko, M. V. Popel, M. P. Shishkina, “Cloud services and technologies in scientific and pedagogical activity: Methodological recommendations”, Under the editorship M. P. Shishkina. - K.: IITZN National Academy of Sciences of Ukraine, 2016, 73 p. (in Ukrainian).
А. Nashynets-Naumova., V. Buriachok., N. Korshun, О. Zhyltsov, P. Skladannyi, and L. Kuzmenko, “Technology for information and cyber security in higher education institutions of ukraine”, Information Technologies and Learning Tools (ITLT), vol. 77, no. 3, pp. 337–354, Jun. 2020. doi: https://doi.org/10.33407/itlt.v77i3.3424. (in Ukrainian).
V. Buriachok and V. Sokolov, “Implementation of Active Learning in the Master’s Program on Cybersecurity”. Advances in Computer Science for Engineering and Education II, 2020, Volume 938. pp. 610–624. doi: https://doi.org/10.1007/978-3-030-16621-2_57. (in English).
S. Loboda and S. Denisenko, “Use of information and communication. interactive technologies in the professional training of publishing and printing specialists”, Information Technologies and Learning Tools (ITLT), 2017. pp. 58-69. doi: https://doi.org/10.33407/itlt.v62i6.1939 . (in Ukrainian).
van der Kleij, R., Leukfeldt, R. “Cyber Resilient Behavior: Integrating Human Behavioral Models and Resilience Engineering Capabilities into Cyber Security”. In: Advances in Human Factors in Cybersecurity. AHFE 2019. Advances in Intelligent Systems and Computing, vol 960. Ahram, T., Karwowski, W. (eds) Springer, Cham. 2020. pp. 16-27. https://doi.org/10.1007/978-3-030-20488-4_2 (in English).
O. Burov, et al. “Cybersecurity in educational networks”. Intelligent Human Systems Integration 2020: Proceedings of the 3rd International Conference on Intelligent Human Systems Integration (IHSI 2020): Integrating People and Intelligent Systems, February 19-21, 2020, Modena, Italy. – Springer International Publishing, 2020, pp. 359-364. (in English).
L. Arsenovych, “Further development of the system of professional training of cyber security specialists in the conditions of the development of digital technologies”, public, vol. 3, September 2022, pp. 3-13, doi: https://doi.org/10.32851/tnv-pub.2022.3.1. (in Ukrainian).
V. Buryachok, S. Shevchenko and P. Skladannyi, “A virtual laboratory for modeling processes in information and cyber security as a means of forming students' practical skills”. Cyber security: education, science, technology. 2018. № 2, pр. 98–104. doi: https://doi.org/10.28925/2663-4023.2018.2.98104 . (in Ukrainian).
M. Frank, M. Leitner and T. Pahi, “Design Considerations for Cyber Security Testbeds: A Case Study on a Cyber Security Testbed for Education”. 2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech), Orlando, FL, USA, 2017, pp. 38-46, doi: https://doi.org/10.1109/DASC-PICom-DataCom-CyberSciTec.2017.23. (in English).
M. Kianpour, S. Kowalski, H. Øverby and E. Zoto, “From Cyber Incidents to Training Cognitive Situation Management: Work in Progress”. 2020 IEEE Conference on Cognitive and Computational Aspects of Situation Management (CogSIMA), Victoria, BC, Canada, 2020, pp. 163-166, doi: https://doi.org/10.1109/CogSIMA49017.2020.9216102. (in English).
C. Pham, D. Tang, K. Chinen and R. Beuran, “CyRIS: a cyber range instantiation system for facilitating security training”. SoICT '16: Proceedings of the 7th Symposium on Information and Communication Technology. December 2016, Pages 251–258, doi: https://doi.org/10.1145/3011077.3011087 . (in English).
N. Chowdhury, S. Katsikas and V. Gkioulos, “Modeling effective cybersecurity training frameworks: A delphi method-based study”. Computers & Security, Volume 113, 2022, doi: https://doi.org/10.1016/j.cose.2021.102551. (in English).
R. Beuran, D. Tang, C. Pham, K. Chinen, Y. Tan, and Y. Shinoda, “Integrated framework for hands-on cybersecurity training: CyTrONE”. Computers & Security. Volume 78, 2018, Pages 43-59, doi: https://doi.org/10.1016/j.cose.2018.06.001. (in English).
H. Aldawood and G. Skinner, “Reviewing Cyber Security Social Engineering Training and Awareness Programs–Pitfalls and Ongoing Issues, Future Internet, vol. 11, no. 3, p. 73, Mar. 2019, doi: https://doi.org/10.3390/fi11030073 . (in English).
J. Abawajy, “User preference of cyber security awareness delivery methods”. Behaviour & Information Technology. 33:3, 2014, pp. 237-248. doi: https://doi.org/10.1080/0144929X.2012.708787. (in English).
B. Akhmetov, V. Lakhno, Y. Boiko, and A. Mishchenko, “Designing a decision support system for the weakly formalized problems in the provision of cybersecurity”, EEJET, vol. 1, no. 2 (85), pp. 4–15, Feb. 2017. (in English).
V. Buriachok, V. Bogush, Y. Borsukovsky, P. Skladnannyi, and V. Borsukovskaya, “Model of training specialists in information and cyber security in higher education institutions of Ukraine”, ITLT, VOL. 67, NO. 5, pp. 277–291, Oct. 2018. doi: https://doi.org/10.33407/itlt.v67i5. (in Ukrainian).
N. Rotanova, T. Shabelnyk, S. Krivenko and Yu. Lazarevska, “The problem of training cyber security specialists: applied direction of mathematical disciplines”. Cyber security: education, science, technology. № 1 (13), 2021, pp. 123-132. doi: https://doi.org/10.28925/2663-4023.2021.13.123132. (in Ukrainian).
R. Gurnani, K. Pandey and S. K. Rai, "A scalable model for implementing Cyber Security Exercises," 2014 International Conference on Computing for Sustainable Global Development (INDIACom), New Delhi, India, 2014, pp. 680-684, doi: https://doi.org/10.1109/IndiaCom.2014.6828048. (in English).
Management of information security, Educational and professional program of the second (master's) level of the higher world of the State University of Telecommunications. [Electronic resource]. Available: https://www.dut.edu.ua/uploads/p_1826_51261889.pdf. Accessed on: Apr. 10, 2023). (in Ukrainian).
A. Zapf, S. Castell, L. Morawietz, Measuring inter-rater reliability for nominal data – which coefficients and confidence intervals are appropriate?. BMC Med Res Methodol 16, 93, 2016. doi: https://doi.org/10.1186/s12874-016-0200-9. (in English).
How to Cite
Copyright (c) 2023 Юрій Віталійович Щавінський, Тетяна Михайлівна Мужанова, Юрій Михайлович Якименко, Михайло Михайлович Запорожченко
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Authors who publish in this journal agree to the following terms:
- Authors hold copyright immediately after publication of their works and retain publishing rights without any restrictions.
- The copyright commencement date complies the publication date of the issue, where the article is included in.
- Authors grant the journal a right of the first publication of the work under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0) that allows others freely to read, download, copy and print submissions, search content and link to published articles, disseminate their full text and use them for any legitimate non-commercial purposes (i.e. educational or scientific) with the mandatory reference to the article’s authors and initial publication in this journal.
- Original published articles cannot be used by users (exept authors) for commercial purposes or distributed by third-party intermediary organizations for a fee.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) during the editorial process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (see this journal’s registered deposit policy at Sherpa/Romeo directory).
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Post-print (post-refereeing manuscript version) and publisher's PDF-version self-archiving is allowed.
- Archiving the pre-print (pre-refereeing manuscript version) not allowed.