Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud Interviews
We conducted an observational study to document student misconceptions about cybersecurity using thematic analysis of 25 think-aloud interviews. By understanding patterns in student misconceptions, we provide a basis for developing rigorous evidence-based recommendations for improving teaching and a...
Saved in:
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Kennesaw State University
2018-07-01
|
| Series: | Journal of Cybersecurity Education, Research & Practice |
| Online Access: | https://digitalcommons.kennesaw.edu/jcerp/vol2018/iss1/5/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849423271800340480 |
|---|---|
| author | Julia D. Thompson Geoffrey L. Herman Travis Scheponik Linda Oliva Alan Sherman Ennis Golaszewski Dhananjay Phatak Kostantinos Patsourakos |
| author_facet | Julia D. Thompson Geoffrey L. Herman Travis Scheponik Linda Oliva Alan Sherman Ennis Golaszewski Dhananjay Phatak Kostantinos Patsourakos |
| author_sort | Julia D. Thompson |
| collection | DOAJ |
| description | We conducted an observational study to document student misconceptions about cybersecurity using thematic analysis of 25 think-aloud interviews. By understanding patterns in student misconceptions, we provide a basis for developing rigorous evidence-based recommendations for improving teaching and assessment methods in cybersecurity and inform future research. This study is the first to explore student cognition and reasoning about cybersecurity. We interviewed students from three diverse institutions. During these interviews, students grappled with security scenarios designed to probe their understanding of cybersecurity, especially adversarial thinking. We analyzed student statements using a structured qualitative method, novice-led paired thematic analysis, to document patterns in student misconceptions and problematic reasoning that transcend institutions, scenarios, or demographics. Themes generated from this analysis describe a taxonomy of misconceptions but not their causes or remedies. Four themes emerged: overgeneralizations, conflated concepts, biases, and incorrect assumptions. Together, these themes reveal that students generally failed to grasp the complexity and subtlety of possible vulnerabilities, threats, risks, and mitigations, suggesting a need for instructional methods that engage students in reasoning about complex scenarios with an adversarial mindset. These findings can guide teachers’ attention during instruction and inform the development of cybersecurity assessment tools that enable cross-institutional assessments that measure the effectiveness of pedagogies. |
| format | Article |
| id | doaj-art-e3dfc2cb7f3f4aa5908740043c563d21 |
| institution | Kabale University |
| issn | 2472-2707 |
| language | English |
| publishDate | 2018-07-01 |
| publisher | Kennesaw State University |
| record_format | Article |
| series | Journal of Cybersecurity Education, Research & Practice |
| spelling | doaj-art-e3dfc2cb7f3f4aa5908740043c563d212025-08-20T03:30:40ZengKennesaw State UniversityJournal of Cybersecurity Education, Research & Practice2472-27072018-07-0120181Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud InterviewsJulia D. Thompson0Geoffrey L. Herman1Travis Scheponik2Linda Oliva3Alan Sherman4Ennis Golaszewski5Dhananjay Phatak6Kostantinos Patsourakos7San Jose State UniversityUniversity of Illinois, Urbana-ChampaignUniversity of Maryland, Baltimore CountyUniversity of Maryland, Baltimore CountyUniversity of Maryland, Baltimore CountyUniversity of Maryland, Baltimore CountyUniversity of Maryland, Baltimore CountyUniversity of Maryland, Baltimore CountyWe conducted an observational study to document student misconceptions about cybersecurity using thematic analysis of 25 think-aloud interviews. By understanding patterns in student misconceptions, we provide a basis for developing rigorous evidence-based recommendations for improving teaching and assessment methods in cybersecurity and inform future research. This study is the first to explore student cognition and reasoning about cybersecurity. We interviewed students from three diverse institutions. During these interviews, students grappled with security scenarios designed to probe their understanding of cybersecurity, especially adversarial thinking. We analyzed student statements using a structured qualitative method, novice-led paired thematic analysis, to document patterns in student misconceptions and problematic reasoning that transcend institutions, scenarios, or demographics. Themes generated from this analysis describe a taxonomy of misconceptions but not their causes or remedies. Four themes emerged: overgeneralizations, conflated concepts, biases, and incorrect assumptions. Together, these themes reveal that students generally failed to grasp the complexity and subtlety of possible vulnerabilities, threats, risks, and mitigations, suggesting a need for instructional methods that engage students in reasoning about complex scenarios with an adversarial mindset. These findings can guide teachers’ attention during instruction and inform the development of cybersecurity assessment tools that enable cross-institutional assessments that measure the effectiveness of pedagogies.https://digitalcommons.kennesaw.edu/jcerp/vol2018/iss1/5/ |
| spellingShingle | Julia D. Thompson Geoffrey L. Herman Travis Scheponik Linda Oliva Alan Sherman Ennis Golaszewski Dhananjay Phatak Kostantinos Patsourakos Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud Interviews Journal of Cybersecurity Education, Research & Practice |
| title | Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud Interviews |
| title_full | Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud Interviews |
| title_fullStr | Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud Interviews |
| title_full_unstemmed | Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud Interviews |
| title_short | Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud Interviews |
| title_sort | student misconceptions about cybersecurity concepts analysis of think aloud interviews |
| url | https://digitalcommons.kennesaw.edu/jcerp/vol2018/iss1/5/ |
| work_keys_str_mv | AT juliadthompson studentmisconceptionsaboutcybersecurityconceptsanalysisofthinkaloudinterviews AT geoffreylherman studentmisconceptionsaboutcybersecurityconceptsanalysisofthinkaloudinterviews AT travisscheponik studentmisconceptionsaboutcybersecurityconceptsanalysisofthinkaloudinterviews AT lindaoliva studentmisconceptionsaboutcybersecurityconceptsanalysisofthinkaloudinterviews AT alansherman studentmisconceptionsaboutcybersecurityconceptsanalysisofthinkaloudinterviews AT ennisgolaszewski studentmisconceptionsaboutcybersecurityconceptsanalysisofthinkaloudinterviews AT dhananjayphatak studentmisconceptionsaboutcybersecurityconceptsanalysisofthinkaloudinterviews AT kostantinospatsourakos studentmisconceptionsaboutcybersecurityconceptsanalysisofthinkaloudinterviews |