HIKARI – Real Challenges, Hidden Threats: A Gamified Threat Hunting Platform
Abstract
HIKARI is a training platform for Blue Teams operating in realistic environments, integrating progressive Capture The Flag (CTF) challenges with the ingestion and analysis of real security events through an ELK stack (Elasticsearch, Logstash e Kibana). The platform employs a Kafka bus for controlled event injection, CTFd for gamified challenge management, and Kibana as an investigation interface. This paper describes the system architecture, analyzes its differentiators compared to existing solutions, and presents experimental results from three educational deployments involving over 40 participants. The results suggest that HIKARI advances the state of the art and fosters practical skill development in cybersecurity defense operations.References
Badva, P., Ramokapane, K. M., Pantano, E., and Rashid, A. (2024). Unveiling the HunterGatherers: Exploring threat hunting practices and challenges in cyber defense. In 33rd USENIX Security Symposium (USENIX Security 24), pages 3313–3330, Philadelphia, PA. USENIX Association.
Chetwyn, R. A., Eian, M., and Jøsang, A. (2024). Modelling indicators of behaviour for cyber threat hunting via sysmon. In Proceedings of the 2024 European Interdisciplinary Cybersecurity Conference, EICC ’24, page 95–104, New York, NY, USA. Association for Computing Machinery.
DeCusatis, C., Alvarico, E., and Dirahoui, O. (2022). Gamification of cybersecurity training. In Proceedings of the 1st International Workshop on Gamification of Software Development, Verification, and Validation, Gamify 2022, page 10–13, New York, NY, USA. Association for Computing Machinery.
Diakoumakos, J., Chaskos, E., Kolokotronis, N., and Lepouras, G. (2021). Cyber-range federation and cyber-security games: A gamification scoring model. In 2021 IEEE International Conference on Cyber Security and Resilience (CSR), pages 186–191.
Fortinet (2024). 2024 cybersecurity skills gap global research report. Available at: [link] (Acceso em: Abril 2025).
Gough, C., Mann, C., Ficke, C., Namukasa, M., Carroll, M., and OConnor, T. (2024). Remote controlled cyber: Toward engaging and educating a diverse cybersecurity workforce. In Proceedings of the 55th ACM Technical Symposium on Computer Science Education V. 1, SIGCSE 2024, page 394–400, New York, NY, USA. Association for Computing Machinery.
Karagiannis, S., Ntantogian, C., Magkos, E., Ribeiro, L. L., and Campos, L. (2021). Pocketctf: A fully featured approach for hosting portable attack and defense cybersecurity exercises. Information, 12(8).
Kianpour, M., Kowalski, S., Zoto, E., Frantz, C., and Øverby, H. (2019). Designing serious games for cyber ranges: A socio-technical approach. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 85–93.
Kuchar, K., Blazek, P., and Fujdiak, R. (2024). From playground to battleground: Cyber range training for industrial cybersecurity education. In Proceedings of the 2023 13th International Conference on Communication and Network Security, ICCNS ’23, page 209–214, New York, NY, USA. Association for Computing Machinery.
Leune, K. and Petrilli, S. J. (2017). Using capture-the-flag to enhance the effectiveness of cybersecurity education. In Proceedings of the 18th Annual Conference on Information Technology Education, SIGITE ’17, page 47–52, New York, NY, USA. Association for Computing Machinery.
Lu, C., Lu, C., Lange, R. T., Foerster, J., Clune, J., and Ha, D. (2024). The ai scientist: Towards fully automated open-ended scientific discovery. arXiv preprint arXiv:2408.06292.
Russo, E., Ribaudo, M., Orlich, A., Longo, G., and Armando, A. (2023). Cyber range and cyber defense exercises: Gamification meets university students. In Proceedings of the 2nd International Workshop on Gamification in Software Development, Verification, and Validation, Gamify 2023, page 29–37, New York, NY, USA. Association for Computing Machinery.
Savin, G. M., Asseri, A., Dykstra, J., Goohs, J., Melaragno, A., and Casey, W. (2023). Battle ground: Data collection and labeling of ctf games to understand human cyber operators. In Proceedings of the 16th Cyber Security Experimentation and Test Workshop, CSET ’23, page 32–40, New York, NY, USA. Association for Computing Machinery.
Švábenskỳ, V., Čeleda, P., Vykopal, J., and Brišáková, S. (2021). Cybersecurity knowledge and skills taught in capture the flag challenges. Computers & Security, 102:102154.
Vasilakis, M., Karampidis, K., Tampouratzis, M., Malamos, A., Panagiotakis, S., and Papadourakis, G. (2024). Enhancing industry 4.0 cybersecurity training through cyber range platform. In 2024 5th International Conference in Electronic Engineering, Information Technology & Education (EEITE), pages 1–6.
Zhong, C., Kim, J. B. J. B., and Liu, H. (2024). The art of inclusive gamification in cybersecurity training. IEEE Security & Privacy, 22(5):40–51.
Chetwyn, R. A., Eian, M., and Jøsang, A. (2024). Modelling indicators of behaviour for cyber threat hunting via sysmon. In Proceedings of the 2024 European Interdisciplinary Cybersecurity Conference, EICC ’24, page 95–104, New York, NY, USA. Association for Computing Machinery.
DeCusatis, C., Alvarico, E., and Dirahoui, O. (2022). Gamification of cybersecurity training. In Proceedings of the 1st International Workshop on Gamification of Software Development, Verification, and Validation, Gamify 2022, page 10–13, New York, NY, USA. Association for Computing Machinery.
Diakoumakos, J., Chaskos, E., Kolokotronis, N., and Lepouras, G. (2021). Cyber-range federation and cyber-security games: A gamification scoring model. In 2021 IEEE International Conference on Cyber Security and Resilience (CSR), pages 186–191.
Fortinet (2024). 2024 cybersecurity skills gap global research report. Available at: [link] (Acceso em: Abril 2025).
Gough, C., Mann, C., Ficke, C., Namukasa, M., Carroll, M., and OConnor, T. (2024). Remote controlled cyber: Toward engaging and educating a diverse cybersecurity workforce. In Proceedings of the 55th ACM Technical Symposium on Computer Science Education V. 1, SIGCSE 2024, page 394–400, New York, NY, USA. Association for Computing Machinery.
Karagiannis, S., Ntantogian, C., Magkos, E., Ribeiro, L. L., and Campos, L. (2021). Pocketctf: A fully featured approach for hosting portable attack and defense cybersecurity exercises. Information, 12(8).
Kianpour, M., Kowalski, S., Zoto, E., Frantz, C., and Øverby, H. (2019). Designing serious games for cyber ranges: A socio-technical approach. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 85–93.
Kuchar, K., Blazek, P., and Fujdiak, R. (2024). From playground to battleground: Cyber range training for industrial cybersecurity education. In Proceedings of the 2023 13th International Conference on Communication and Network Security, ICCNS ’23, page 209–214, New York, NY, USA. Association for Computing Machinery.
Leune, K. and Petrilli, S. J. (2017). Using capture-the-flag to enhance the effectiveness of cybersecurity education. In Proceedings of the 18th Annual Conference on Information Technology Education, SIGITE ’17, page 47–52, New York, NY, USA. Association for Computing Machinery.
Lu, C., Lu, C., Lange, R. T., Foerster, J., Clune, J., and Ha, D. (2024). The ai scientist: Towards fully automated open-ended scientific discovery. arXiv preprint arXiv:2408.06292.
Russo, E., Ribaudo, M., Orlich, A., Longo, G., and Armando, A. (2023). Cyber range and cyber defense exercises: Gamification meets university students. In Proceedings of the 2nd International Workshop on Gamification in Software Development, Verification, and Validation, Gamify 2023, page 29–37, New York, NY, USA. Association for Computing Machinery.
Savin, G. M., Asseri, A., Dykstra, J., Goohs, J., Melaragno, A., and Casey, W. (2023). Battle ground: Data collection and labeling of ctf games to understand human cyber operators. In Proceedings of the 16th Cyber Security Experimentation and Test Workshop, CSET ’23, page 32–40, New York, NY, USA. Association for Computing Machinery.
Švábenskỳ, V., Čeleda, P., Vykopal, J., and Brišáková, S. (2021). Cybersecurity knowledge and skills taught in capture the flag challenges. Computers & Security, 102:102154.
Vasilakis, M., Karampidis, K., Tampouratzis, M., Malamos, A., Panagiotakis, S., and Papadourakis, G. (2024). Enhancing industry 4.0 cybersecurity training through cyber range platform. In 2024 5th International Conference in Electronic Engineering, Information Technology & Education (EEITE), pages 1–6.
Zhong, C., Kim, J. B. J. B., and Liu, H. (2024). The art of inclusive gamification in cybersecurity training. IEEE Security & Privacy, 22(5):40–51.
Published
2025-09-01
How to Cite
BARBIERI, Sidnei; BELO, Bruno Moreira Camargos; CHAHUD, Leonardo; MENESES, Leonardo Vaz de; MARCONDES, Cesar; PEREIRA JÚNIOR, Lourenço Alves.
HIKARI – Real Challenges, Hidden Threats: A Gamified Threat Hunting Platform. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 25. , 2025, Foz do Iguaçu/PR.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 448-464.
DOI: https://doi.org/10.5753/sbseg.2025.11500.
