Title: Reinforcing Cybersecurity Hands-on Training With Adaptive Learning

Abstract: This paper presents how learning experience influences students' capability to learn and their motivation for learning. Although each student is different, standard instruction methods do not adapt to individuals. Adaptive learning reverses this practice and attempts to improve the student experience. While adaptive learning is well-established in programming, it is rarely used in cybersecurity education. This paper is one of the first works investigating adaptive learning in security training. First, we analyze the performance of 95 students in 12 training sessions to understand the limitations of the current training practice. Less than half of the students completed the training without displaying a solution, and only in two sessions, all students completed all phases. Then, we simulate how students would proceed in one of the past training sessions if it would offer more paths of various difficulty. Based on this simulation, we propose a novel tutor model for adaptive training, which considers students' proficiency before and during an ongoing training session. The proficiency is assessed using a pre-training questionnaire and various in-training metrics. Finally, we conduct a study with 24 students and new training using the proposed tutor model and adaptive training format. The results show that the adaptive training does not overwhelm students as the original static training. Adaptive training enables students to enter several alternative training phases with lower difficulty than the original training. The proposed format is not restricted to a particular training. Therefore, it can be applied to practicing any security topic or even in related fields, such as networking or operating systems. Our study indicates that adaptive learning is a promising approach for improving the student experience in security education. We also highlight implications for educational practice.