A Case Study for Combating Student Overuse of Generative Artificial Intelligence in Cybersecurity Educational Activities Using Augmented Reality Capture-the-Flag Development

Abstract

Cybersecurity Capture-the-Flag (CTF) tournaments are well-understood to teach skills necessary for success in today’s cybersecurity field. However, that does not mean CTFs are without critique. In the age of Generative Artificial Intelligence (AI), particularly for large-scale CTF tournaments, the use of Generative AI may be permitted or even encouraged to match the reality of today’s practitioners, who are using AI systems to protect data, systems, and people. In such a situation, CTF participants must themselves balance the use of Generative AI with its overuse—effectively self-police the draw to offload one’s thinking to the machine in pursuit of correct answers and prizes. In this paper, we introduce a case study for combating the overuse of Generative AI in cybersecurity educational activities through the building of our own CTF using Augmented Reality (AR) technologies. Written by the nineteen undergraduate students who developed the CTF along with our professor who supervised our work, we argue that using the pedagogic lenses of the “see one, do one, teach one” model and peer learning allowed us to reinterpret our efforts on our CTF into a vision of shared labor and shared responsibility. This reframing of our own understanding of our work effectively acted as a counterbalance, keeping us focused on using Generative AI as a tool and not a crutch, leading to improved educational outcomes for us as individuals and the group as a whole. We hope that documenting our experiences inspires others to adopt similar counterbalance techniques where and when appropriate.