The research on using process mining in learning analytics of cybersecurity exercises relies on datasets that reflect the real behavior of trainees. Although modern cyber ranges, in which training sessions are organized, can collect behavioral data in the form of event logs, the organization of such exercises is laborious. Moreover, the collected raw data has to be processed and transformed into a specific format required by process mining techniques. We present two datasets with slightly different characteristics. While the first exercise with 52 participants was not limited in time, the second supervised exercise with 42 trainees lasted two hours. Also, the cybersecurity tasks were slightly different. A total of 11757 events were collected. Of these, 3597 were training progress events, 5669 were Bash commands, and 2491 were Metasploit commands. Joint CSV files distilled from the raw event data can be used as input for existing process mining tools.

Faculty of Informatics Masaryk University Botanická 68a Brno 60200 Czech Republic

Zobrazit více v PubMed

Vykopal J., Ošlejšek R., Čeleda P., Vizváry M., Tovarňák D. KYPO cyber range: design and use cases. Proceedings of the 12th International Conference on Software Technologies: ICSOFT; Madrid, Spain: SciTePress; 2017. pp. 310–321. DOI

Vykopal J., Čeleda P., P Šeda, Švábenský V., Tovarňák D. 2021 IEEE Frontiers in Education Conference (FIE) IEEE; New York, NY, USA: 2021. Scalable learning environments for teaching cybersecurity hands-on; pp. 1–9. DOI

Švábenský V., Vykopal J., Tovarňák D., Čeleda P. P, Toolset for collecting shell commands and its application in hands-on cybersecurity training. 2021 IEEE Frontiers in Education Conference (FIE); New York, NY, USA: IEEE; 2021. pp. 1–9. DOI

Aalst Wil van der. 2nd ed. Springer Publishing Company, Incorporated; 2016. Process Mining: Data Science in Action. ISBN : 978-3-662-49850-7. DOI

Ošlejšek R., Macak M., Burská K.D. Zenodo; 2023. Dataset: Behavior of Participants in Hands-on Cybersecurity Training Suitable for Process Mining [Data set] K. DOI

Švábenský V., Vykopal J., Cermak M., Laštovička M. Enhancing cybersecurity skills by creating serious games. Proceedings of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education (ITiCSE 2018), ACM; New York, NY, USA; 2018. pp. 194–199. DOI

Macak M., Vaclavek R., Kusnirakova D., Matulevičius R., Buhnova B. Proceedings of the 17th International Conference on Availability, Reliability and Security. 2022. Scenarios for process-aware insider attack detection in manufacturing; pp. 1–10. DOI

Macák M., Ošlejšek R., Bühnová B. Proceedings of the 27th ACM Conference on Innovation and Technology in Computer Science Education Vol. 1 (ITiCSE '22) Association for Computing Machinery; New York, NY, USA: 2022. Process mining analysis of puzzle-based cybersecurity training; pp. 449–455. DOI

Michalewicz Z. Hybrid Pub; 2008. Puzzle-Based Learning: An Introduction to Critical Thinking, Mathematics, and Problem Solving; p. 328. ISBN 1876462639.

Harms K.J., Rowlett N., Kelleher C. 2015 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) IEEE; 2015. Enabling independent learning of programming concepts through programming completion puzzles.

Merrick K.E. IEEE Transactions on Education. Vol. 53. 2010. An empirical evaluation of puzzle-based learning as an interest approach for teaching introductory computer science; pp. 677–680.

Ukwandu E., et al. A review of cyber-ranges and test-beds: current and future trends. Sensors. 2020;20(24):7148. doi: 10.3390/s20247148. PubMed DOI PMC

Maennel K. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW) 2020. Learning analytics perspective: evidencing learning from digital datasets in cybersecurity exercises; pp. 27–36. DOI

Tovarňák D., Špaček S., Vykopal J. Data in Brief. Vol. 31. 2020. Traffic and log data captured during a cyber defense exercise. PubMed DOI PMC

Švábenský V., Vykopal J., Seda P., Čeleda P. Data in Brief. Vol. 38. 2021. Dataset of shell commands used by participants of hands-on cybersecurity training. PubMed DOI PMC

Macák M., Ošlejšek R., Bühnová B. Applying process discovery to cybersecurity training: an experience report. 2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW); Neuveden: IEEE; 2022. pp. 394–402. DOI