Several research findings indicate that basic cyber hygiene can potentially deter the majority of cyber threats. One of the ways cybersecurity professionals can prepare users to ensure proper hygiene is to help them develop their ability to spot the difference between normal and abnormal behavior in a computer system. Malware disrupts the normal behavior of a computer system. The lack of appropriate user training has been one of the main reasons behind the exposure of computer systems to threats, from social engineering to viruses, trojans, and ransomware. Basic knowledge about common behavioral characteristics of malware could help users identify potentially abnormal behavior in the systems they use on a daily basis.
Games with a purpose beyond entertainment are becoming an integral part of educational training. This is even more relevant to the field of cybersecurity, where there are many threat agents targeting individuals and organizations. The purpose of this paper is to describe a game, MalAware Defensive, developed to increase users’ awareness of common malware behaviors and their impact on a system, as well as to explain ways to combat various major types of malware. The game’s design is based on research showing that content disseminated in an interactive game provides a lasting impact on the retention of concepts. The game provides relevant knowledge about various types of malware, the behavior and impact of malware on a computer system, and several ways to avoid infection and compromise. The game, through its interactive gameplay environment, with rewards for answering questions correctly, could potentially help players improve their understanding of malware, how to detect its presence, and how to defend against it.