Play to secure: gamified platform for secure web development
| bracu.degree.level | Undergraduate | |
| bracu.type.group | Student Works | |
| datacite.rights | Open Access | |
| dc.contributor.advisor | Chowdhury, Farida | |
| dc.contributor.author | Chowdhury, Inan Karim | |
| dc.contributor.author | Mimu, Mimia Mozammel | |
| dc.contributor.author | Sal-Sabil | |
| dc.contributor.author | Mullick, Ayaz Elahi | |
| dc.contributor.author | Chowdhury, Faiyaz Ahmed | |
| dc.contributor.department | Department of Computer Science and Engineering | |
| dc.date.accessioned | 2026-04-22T05:08:40Z | |
| dc.date.available | 2026-04-22T05:08:40Z | |
| dc.date.copyright | 2026 | |
| dc.date.issued | 2026-01 | |
| dc.description | Cataloged from PDF version of thesis. | |
| dc.description | Includes bibliographical references (pages 132-138). | |
| dc.description | This thesis is submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science and Engineering, 2026. | en_US |
| dc.description.abstract | Novice developers often focus on quick progress and fast learning at the intermediary stage of web development, commonly disregarding the security aspects that need to be considered. Many are not aware of key concepts such as input validation, parameterized queries, and access control, which have adverse consequences such as leakage of confidential information and loss of reputation. To explore this further, we conducted 32 semi-structured interviews of Bangladeshi developers at novice, mid, and senior levels working across both large and small enterprises. The interviews were then transcribed, coded, and analysed using thematic analysis. Our interview findings include several themes: developers frequently make tradeoffs between functionality and security, code reviews are vital in ensuring safe coding practices, and, while in the learning process, security concepts need to be taught in an effective and motivating manner. We have developed and designed a narrative-based gamified learning platform using the Octalysis framework to improve learning motivation. The platform promotes security awareness and embeds security as a fundamental competency alongside development skills. The learning content is structured around seven common web security attacks, presented as progressive challenges within the game narrative. The gamified solution was evaluated through the application of the MEEGA+ model with a sample size of 30 participants. The IRT analysis classified the gamified platform as GOOD QUALITY with a mean θ score of 60.11 (42.5 ≤ θ < 65). This shows that the gamified solution successfully meets the requirement for an effective and motivating security education for novice developers. | en_US |
| dc.description.degree | Bachelor of Science in Computer Science and Engineering | |
| dc.description.statementofresponsibility | Inan Karim Chowdhury | |
| dc.description.statementofresponsibility | Mimia Mozammel Mimu | |
| dc.description.statementofresponsibility | Sal-Sabil | |
| dc.description.statementofresponsibility | Ayaz Elahi Mullick | |
| dc.description.statementofresponsibility | Faiyaz Ahmed Chowdhury | |
| dc.format.extent | 142 pages | |
| dc.identifier.other | ID 22101377 | |
| dc.identifier.other | ID 22101088 | |
| dc.identifier.other | ID 22101376 | |
| dc.identifier.other | ID 22101069 | |
| dc.identifier.other | ID 22101848 | |
| dc.identifier.uri | http://hdl.handle.net/10361/28015 | |
| dc.language.iso | en | en_US |
| dc.publisher | BRAC University | en_US |
| dc.rights | BRAC University theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. | |
| dc.subject | Dom clobbering | en_US |
| dc.subject | Clickjacking | en_US |
| dc.subject | Gamification | en_US |
| dc.subject | Octalysis | en_US |
| dc.subject | MEEGA+ | en_US |
| dc.subject.lcsh | Web site development--Security measures. | |
| dc.subject.lcsh | Computer security--Computer-assisted instruction. | |
| dc.subject.lcsh | Gamification. | |
| dc.title | Play to secure: gamified platform for secure web development | en_US |
| dc.type | Thesis | en_US |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- 22101377, 22101088, 22101376, 22101069, 22101848_CSE.pdf
- Size:
- 21.95 MB
- Format:
- Adobe Portable Document Format
- Description:
License bundle
1 - 1 of 1
Loading...
- Name:
- license.txt
- Size:
- 1.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: