{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,15]],"date-time":"2026-03-15T04:24:00Z","timestamp":1773548640077,"version":"3.50.1"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031514784","type":"print"},{"value":"9783031514791","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-51479-1_22","type":"book-chapter","created":{"date-parts":[[2024,1,11]],"date-time":"2024-01-11T07:02:33Z","timestamp":1704956553000},"page":"431-451","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["ConGISATA: A Framework for\u00a0Continuous Gamified Information Security Awareness Training and\u00a0Assessment"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-2493-6827","authenticated-orcid":false,"given":"Ofir","family":"Cohen","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8942-9783","authenticated-orcid":false,"given":"Ron","family":"Bitton","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0630-4059","authenticated-orcid":false,"given":"Asaf","family":"Shabtai","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7229-3899","authenticated-orcid":false,"given":"Rami","family":"Puzis","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,1,12]]},"reference":[{"key":"22_CR1","first-page":"15","volume":"2","author":"A Kumar","year":"2015","unstructured":"Kumar, A., Chaudhary, M., Kumar, N.: Social engineering threats and awareness: a survey. Eur. J. Adv. Eng. Technol. 2, 15\u201319 (2015)","journal-title":"Eur. J. Adv. Eng. Technol."},{"key":"22_CR2","unstructured":"Kelly, R.: Almost 90% of cyber attacks are caused by human error or behavior. ChiefExecutive. Net (2017)"},{"key":"22_CR3","unstructured":"Bada, M., Sasse, A., Nurse, J.: Cyber security awareness campaigns: why do they fail to change behaviour? arXiv Preprint arXiv:1901.02672 (2019)"},{"key":"22_CR4","doi-asserted-by":"crossref","unstructured":"Deterding, S., Dixon, D., Khaled, R., Nacke, L.: From game design elements to gamefulness: defining \u201cgamification\u201d. In: Proceedings of the 15th International Academic MindTrek Conference: Envisioning Future Media Environments, pp. 9\u201315 (2011)","DOI":"10.1145\/2181037.2181040"},{"key":"22_CR5","doi-asserted-by":"crossref","unstructured":"Hamari, J., Koivisto, J., Sarsa, H.: Does gamification work?\u2013a literature review of empirical studies on gamification. In: 2014 47th Hawaii International Conference on System Sciences, pp. 3025\u20133034 (2014)","DOI":"10.1109\/HICSS.2014.377"},{"key":"22_CR6","doi-asserted-by":"crossref","unstructured":"Gjertsen, E., Gj\u00e6re, E., Bartnes, M., Flores, W.: Gamification of information security awareness and training. In: ICISSP, pp. 59\u201370 (2017)","DOI":"10.5220\/0006128500590070"},{"key":"22_CR7","doi-asserted-by":"crossref","unstructured":"Kumaraguru, P., et al.: School of phish: a real-world evaluation of anti-phishing training. In: Proceedings of the 5th Symposium on Usable Privacy and Security, pp. 1\u201312 (2009)","DOI":"10.1145\/1572532.1572536"},{"key":"22_CR8","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1016\/j.cose.2017.10.015","volume":"73","author":"R Bitton","year":"2018","unstructured":"Bitton, R., Finkelshtein, A., Sidi, L., Puzis, R., Rokach, L., Shabtai, A.: Taxonomy of mobile users\u2019 security awareness. Comput. Secur. 73, 266\u2013293 (2018)","journal-title":"Comput. Secur."},{"key":"22_CR9","doi-asserted-by":"crossref","unstructured":"Keinan, R., Bereby-Meyer, Y.: \u201cLeaving it to chance\u201d\u2013passive risk taking in everyday life. Judgment Decis. Making 7 (2012)","DOI":"10.1037\/t31189-000"},{"key":"22_CR10","doi-asserted-by":"publisher","first-page":"999","DOI":"10.1177\/0146167217703079","volume":"43","author":"R Keinan","year":"2017","unstructured":"Keinan, R., Bereby-Meyer, Y.: Perceptions of active versus passive risks, and the effect of personal responsibility. Pers. Soc. Psychol. Bull. 43, 999\u20131007 (2017)","journal-title":"Pers. Soc. Psychol. Bull."},{"key":"22_CR11","doi-asserted-by":"crossref","unstructured":"Bitton, R., Boymgold, K., Puzis, R., Shabtai, A.: Evaluating the information security awareness of smartphone users. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, pp. 1\u201313 (2020)","DOI":"10.1145\/3313831.3376385"},{"key":"22_CR12","unstructured":"Newbould, M., Furnell, S.: Playing safe: a prototype game for raising awareness of social engineering. In: Australian Information Security Management Conference, p. 4 (2009)"},{"key":"22_CR13","doi-asserted-by":"crossref","unstructured":"Hart, S., Margheri, A., Paci, F., Sassone, V.: Riskio: a serious game for cyber security awareness and education. Comput. Secur. 101827 (2020)","DOI":"10.1016\/j.cose.2020.101827"},{"key":"22_CR14","unstructured":"Chapman, P., Burket, J., Brumley, D.: PicoCTF: a game-based computer security competition for high school students. In: 2014 USENIX Summit on Gaming, Games, and Gamification in Security Education (3GSE 2014) (2014)"},{"key":"22_CR15","doi-asserted-by":"crossref","unstructured":"Denning, T., Lerner, A., Shostack, A., Kohno, T.: Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education. In: Proceedings of the 2013 ACM SIGSAC Conference On Computer & Communications Security, pp. 915\u2013928 (2013)","DOI":"10.1145\/2508859.2516753"},{"key":"22_CR16","doi-asserted-by":"publisher","first-page":"121","DOI":"10.3390\/info11020121","volume":"11","author":"H Alqahtani","year":"2020","unstructured":"Alqahtani, H., Kavakli-Thorne, M.: Design and evaluation of an augmented reality game for cybersecurity awareness (CybAR). Information 11, 121 (2020)","journal-title":"Information"},{"key":"22_CR17","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/s11416-019-00342-x","volume":"16","author":"R Luh","year":"2020","unstructured":"Luh, R., Temper, M., Tjoa, S., Schrittwieser, S., Janicke, H.: PenQuest: a gamified attacker\/defender meta model for cyber security assessment and education. J. Comput. Virol. Hacking Tech. 16, 19\u201361 (2020)","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"22_CR18","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1049\/iet-sen.2018.5095","volume":"13","author":"A Yasin","year":"2018","unstructured":"Yasin, A., Liu, L., Li, T., Fatima, R., Jianmin, W.: Improving software security awareness using a serious game. IET Softw. 13, 159\u2013169 (2018)","journal-title":"IET Softw."},{"key":"22_CR19","doi-asserted-by":"crossref","unstructured":"Arend, I., Shabtai, A., Idan, T., Keinan, R., Bereby-Meyer, Y.: Passive-and not active-risk tendencies predict cyber security behavior. Comput. Secur. 101929 (2020)","DOI":"10.1016\/j.cose.2020.101929"},{"key":"22_CR20","unstructured":"Selvam, V.: Human error in IT security. arXiv Preprint arXiv:2005.04163 (2020)"},{"key":"22_CR21","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1177\/1529100612453266","volume":"14","author":"J Dunlosky","year":"2013","unstructured":"Dunlosky, J., Rawson, K., Marsh, E., Nathan, M., Willingham, D.: Improving students\u2019 learning with effective learning techniques: promising directions from cognitive and educational psychology. Psychol. Sci. Public Interest 14, 4\u201358 (2013)","journal-title":"Psychol. Sci. Public Interest"},{"key":"22_CR22","doi-asserted-by":"publisher","first-page":"536","DOI":"10.3389\/feduc.2021.807277","volume":"6","author":"M Canham","year":"2022","unstructured":"Canham, M., Posey, C., Constantino, M.: Phish derby: shoring the human shield through gamified phishing attacks. Front. Educ. 6, 536 (2022)","journal-title":"Front. Educ."},{"key":"22_CR23","doi-asserted-by":"crossref","unstructured":"Jaffray, A., Finn, C., Nurse, J.: SherLOCKED: a detective-themed serious game for cyber security education. In: International Symposium on Human Aspects of Information Security and Assurance, pp. 35\u201345 (2021)","DOI":"10.1007\/978-3-030-81111-2_4"},{"key":"22_CR24","unstructured":"Sophos Sophos 2023 Threat Report (2022). https:\/\/assets.sophos.com\/X24WTUEQ\/at\/b5n9ntjqmbkb8fg5rn25g4fc\/sophos-2023-threat-report.pdf"},{"key":"22_CR25","doi-asserted-by":"crossref","unstructured":"Redmiles, E., Zhu, Z., Kross, S., Kuchhal, D., Dumitras, T., Mazurek, M.: Asking for a friend: evaluating response biases in security user studies. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1238\u20131255 (2018)","DOI":"10.1145\/3243734.3243740"},{"key":"22_CR26","doi-asserted-by":"publisher","DOI":"10.1016\/j.knosys.2022.108709","volume":"246","author":"A Solomon","year":"2022","unstructured":"Solomon, A., et al.: Contextual security awareness: a context-based approach for assessing the security awareness of users. Knowl.-Based Syst. 246, 108709 (2022)","journal-title":"Knowl.-Based Syst."},{"key":"22_CR27","unstructured":"B\u00f6ckle, M., Novak, J., Bick, M.: Towards adaptive gamification: a synthesis of current developments (2017)"},{"key":"22_CR28","doi-asserted-by":"crossref","unstructured":"Alahmari, S., Renaud, K., Omoronyia, I.: Moving beyond cyber security awareness and training to engendering security knowledge sharing. Inf. Syst. E-Bus. Manag. 1\u201336 (2022)","DOI":"10.1007\/s10257-022-00575-2"},{"key":"22_CR29","doi-asserted-by":"publisher","first-page":"669","DOI":"10.1080\/0960085X.2020.1797546","volume":"29","author":"E Dincelli","year":"2020","unstructured":"Dincelli, E., Chengalur-Smith, I.: Choose your own training adventure: designing a gamified SETA artefact for improving information security and privacy through interactive storytelling. Eur. J. Inf. Syst. 29, 669\u2013687 (2020)","journal-title":"Eur. J. Inf. Syst."},{"key":"22_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1007\/978-3-030-22351-9_13","volume-title":"HCI for Cybersecurity, Privacy and Trust","author":"S Scholefield","year":"2019","unstructured":"Scholefield, S., Shepherd, L.A.: Gamification techniques for raising cyber security awareness. In: Moallem, A. (ed.) HCII 2019. LNCS, vol. 11594, pp. 191\u2013203. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-22351-9_13"},{"key":"22_CR31","doi-asserted-by":"crossref","unstructured":"Omar, N., Foozy, C., Hamid, I., Hafit, H., Arbain, A., Shamala, P.: Malware awareness tool for internet safety using gamification techniques. In: Journal of Physics: Conference Series, vol. 1874, p. 012023 (2021)","DOI":"10.1088\/1742-6596\/1874\/1\/012023"},{"key":"22_CR32","doi-asserted-by":"publisher","first-page":"9266","DOI":"10.3390\/app11199266","volume":"11","author":"T Wu","year":"2021","unstructured":"Wu, T., Tien, K., Hsu, W., Wen, F.: Assessing the effects of gamification on enhancing information security awareness knowledge. Appl. Sci. 11, 9266 (2021)","journal-title":"Appl. Sci."},{"key":"22_CR33","doi-asserted-by":"crossref","unstructured":"Heid, K., Heider, J., Qasempour, K.: Raising security awareness on mobile systems through gamification. In: Proceedings of the European Interdisciplinary Cybersecurity Conference, pp. 1\u20136 (2020)","DOI":"10.1145\/3424954.3424958"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-51479-1_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,11]],"date-time":"2024-01-11T07:09:58Z","timestamp":1704956998000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-51479-1_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031514784","9783031514791"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-51479-1_22","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"12 January 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Hague","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Netherlands","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 September 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2023.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"478","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"93","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3-4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}