INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5376
www.rsisinternational.org
Impact of Gamification and Outdoor Learning Approach on Higher
Education in Understanding and Awareness; A Case Study on
Universiti Malaysia Pahang Al-Sultan Abdullah Students in
Information Security Subject
Shakirah Saidin
1
, Syifak Izhar Hisham*
2
, Zahian Ismail
3
, Nasrul Hadi Johari
4
, Abdullah Mat Safri
5
1
Faculty of Computing and Information Technology, Tunku Abdul Rahman University of Management
and Technology, Kuantan, MALAYSIA
1,2,5
Faculty of Computing, Universiti Malaysia Pahang Al-Sultan Abdullah, Pekan, MALAYSIA
3
School of Computing, Universiti Utara Malaysia, Sintok, MALAYSIA
4
Faculty of Mechanical Technology Engineering and Automotive, Universiti Malaysia Pahang Al-Sultan
Abdullah, Pekan, MALAYSIA
*Corresponding Author
DOI: https://doi.org/10.47772/IJRISS.2025.91100424
Received: 12 November 2025; Accepted: 18 November 2025; Published: 15 December 2025
ABSTRACT
There are many campaigns of cyber security awareness being done to the public by many parties, educational
institutions, cyber security industries, government agencies, financial institutions, and many more. Among the
popular campaign methods is a talk or a forum. An ‘Explorace’ game has been introduced as an alternative way
for students of the Information Security subject from the Faculty of Computing, Universiti Malaysia Pahang Al-
Sultan Abdullah with the aim to convey the knowledge of cyber-attacks to spread awareness to the public while
practicing the skills they have learned in the class and practicing how to campaign confidently. The
encouragement to the students to spread awareness is the challenge of getting the top place in the game, and the
pressure of having been asked by the public about the attacks they are conveying. The ‘Explorace’ game as a
learning activity in the class will be more challenging, and the knowledge acquired by the students will be faster
and longer-lasting with them. As a result, the students from this subject scored 61.2% as the average results in
the mid-term test, while another batch of students who did not use this approach scored 58.94% in the previous
semester. While in the final exam, 61.46% is the average result for this semester, compared to only 41.09% as
the average result from the previous batch, which did not use this approach in learning. These results show that
outdoor activities have a significant impact on enriching the understanding of cyber-attacks and the encryption
concept among students. In another aspect of awareness, as many as 110 people had been approached to listen to
the awareness campaign during the two-hour session of ‘Explorace’. 98% of the students are also satisfied with
spreading the knowledge using this way.
Keywords: Cyber Attacks, Explorace, Outdoor Learning, Awareness Campaign, Encryption, Gamification
INTRODUCTION
Having knowledge of Internet security matters is advantageous for everyone, regardless of their level of
experience with technology. It applies to seasoned systems administrators, as well as to home users who carry
out tasks such as paying bills or streaming movies online. Even users who are just beginning to learn about
computers and the Internet can benefit from this knowledge. Protecting our personal information and preserving
our ownership of the goods and services we buy are challenges that affect us all. Cybersecurity awareness is a
INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5377
www.rsisinternational.org
foundational element in building a resilient digital environment, making it a top priority for both individuals and
organizations (Bélanger et al., 2022).
Because of this, an awareness campaign is kind of compulsory for all security professionals to ensure as many
people as possible know about the cyber-attacks and the trends. Many parties are doing campaigns through the
talk, seminar, or forum approach, which is quite conventional. The effectiveness can be high and can be low,
depending on the speakers as well as the readiness of the audience to listen to it.
(Chaudhary et al., 2022) suggested posters as a method to spread cybersecurity awareness that need to be read. It
was not easy to ensure the public reads about the contents inside these materials, as it depends on the attractiveness
of the material as well as the readiness of the viewers to digest the content.
There is also an issue among students of Information Security where they must learn many facts and concepts
about cyber-attacks and encryption which makes it hard to master the knowledge. According to (Ali et al., 2023),
passive approach to learning where students are expected to absorb information rather than actively engage with
it hinder long term retention and the ability to apply knowledge in a practical context.
Thus, an ‘Explorace’ game is introduced as an outdoor physical activity in learning to let the student compete
without them realizing they are learning and enhancing their knowledge. At the same time, the students can spread
the awareness of the subject to other people in a fun way.
LITERATURE REVIEW
Learning using Explorace Game
Explorace is a portmanteau of "explore" and "race," and it refers to a type of outdoor adventure or scavenger hunt
game that involves exploration, teamwork, and problem-solving. Typically, participants are divided into teams
and given a series of tasks or challenges to complete within a set timeframe. These challenges might include
solving puzzles, finding hidden objects, or completing physical activities. The goal of the game is to be the first
team to complete all of the tasks and reach the finish line. Explorace games can be organized as a recreational
activity or as a team-building exercise for groups in various settings, such as schools, companies, or community
events.
(Francisco et al., 2022) stated that an engaging activity such as ‘Explorace’ can be utilized to leverage the content
of the syllabus and captivate students, encouraging them to actively engage with the learning process. Recent
surveys have demonstrated that these methods can expand students' learning horizons, ultimately boosting their
motivation as they explore new knowledge while remaining physically active. Despite the potential benefits,
these approaches are seldom adopted by schools and teachers, resulting in a challenge for their widespread
implementation.
So, the first aim is to analyse the readiness and the interest of students to learn in a specific course, namely
Information Security, that uses an outdoor learning approach. This is our first research question:
• RQ1: Are the degree and diploma students ready and have an interest to learn in an outdoor learning approach,
such as ‘Explorace’?
Outdoor Learning and Gamification Approach of Understanding the Encryption and Cyber-attacks
Concepts in Students
There is no denying that games can be an effective means of motivating and facilitating learning. To this end,
educators are increasingly integrating game design features into the learning process. According to (Khaldi et al.,
2023), gamification in education involves incorporating elements of game design into an educational context to
make learning more captivating and stimulating.
A study conducted by (Md Rashid et al., 2023) found that game-based learning activities provide a fun and
effective means for students to review topics taught in class. Compared to the conventional teaching method, this
INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5378
www.rsisinternational.org
approach was shown to enhance student engagement during classroom instruction. The students of the study
sample showed an increase in marks in the exploration activity as well as the marks of continuous assessments.
The respondents agree with the statements that the Explorace programme helps them review topics taught in class
and prepares them for the upcoming continuous assessment, which was held in Weeks 8 and 13 of the current
semesters.
(Essam et al., 2020) also studied the impact of gamification among students at Lim Kok Wing University and
found a strong result to support the hypothesis of their research, ‘There is a positive relationship between students
learning behavior and their intrinsic motivation in learning’. By adopting this approach, the learning process can
be made more engaging and captivating, thereby enhancing its effectiveness.
Thus, our second research question will focus on the result after implementing the proposed outdoor and
gamification approach of learning, which is ‘Explorace’. We intend to find the answer to this research question:
RQ2: Can the proposed approach help the understanding of the selected topics among Information Security
students?
The Impacts of Awareness among the People Approached by the Students in the ‘Explorace
According to the National Institute of Standards and Technology (NIST) (Hansche et al., 2024), the definition of
awareness is:
“Awareness is not training. The purpose of awareness presentations is simply to focus attention on security.
Awareness presentations are intended to allow individuals to recognize IT security concerns and respond
accordingly. In awareness activities, the learner is the recipient of information. Awareness relies on reaching
broad audiences with attractive packaging techniques.”
Accordingly, adopting an interesting method in spreading the awareness, with not just using talks and webinars,
or written form such as posters and guides, this approach is seen to be a fresh idea where students who have the
knowledge of cyber security should share with public to nurture the awareness and in the same time, recognize
the importance of data security, maintaining data integrity, and confidentiality.
In order to develop awareness campaigns that are effective, it is crucial to comprehend how people perceive risks.
Simply providing information about risks and reactive behaviors is not enough to modify people's behavior. Two
additional factors are essential for this purpose: 1) People need to comprehend and implement the guidance
provided to them, 2) They must have the incentive and willingness to do so, which necessitates a change in
attitudes and intentions.
Therefore, we try to measure the impact on awareness among people that had been approached by the students
during the ‘Explorace’ game. Finally, we aim to address the following research questions:
• RQ3: What is the impact of spreading awareness using an ‘Explorace’ game among the public?
METHODOLOGY
Context and Study Design
This study utilizes a quasi-experimental design to evaluate the effectiveness of a gamified outdoor learning
approach compared to traditional teaching methods. The study was conducted at Universiti Malaysia Pahang
Al-Sultan Abdullah within the "Information Security" course. This course is a core requirement for Computer
Science degree students and an elective for diploma students.
The course learning outcomes focus on three domains: cognitive knowledge, practical skills, and ethical
values. Historically, students have demonstrated difficulty retaining complex concepts regarding cyber-
attack symptoms and encryption algorithms, as evidenced by low performance in previous mid-term and
final examinations. To address these challenges, a gamified intervention known as "Explorace" was
developed.
INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5379
www.rsisinternational.org
Participants
The study involved two distinct cohorts of students across two academic sessions. A total of 103 students
participated. Group 1 (n=33) served as the control group during the 2021/2022 session, while Group 2 (n=70)
participated in the 2022/2023 session. Table 1 details the demographic distribution of the target groups.
Table 1. Demographic Characteristics of Study Participants
Variable
Group 1 (Control)
Group 2 (Experimental)
Semester
Semester 2
Semester 1
Academic Session
2021/2022
2022/2023
Sample Size (N)
33
70
Intervention Type
Traditional
Gamified
The Educational Intervention: "Explorace"
The "Explorace" activity was designed to reinforce theoretical concepts through active outdoor learning. The
activity structure is visualized in Figure 1. The game consists of a starting point, four distinct checkpoints,
and a finishing point. Figure 2 shows the examples of tasks for each checkpoint.
Standardization of Test Items: To ensure the validity and reliability of the learning tasks, the game
content was standardized through a series of workshops involving subject matter experts and
lecturers. These discussions focused on aligning game tasks with course learning outcomes and
ensuring the difficulty level was appropriate for the students' readiness.
Game Mechanics: Students were required to complete tasks at each checkpoint to advance.
Checkpoints 3 and 4 introduced practical cryptography skills, where instructions were encrypted.
Students were required to decrypt these messages using specific algorithms (e.g., Vigenère Cipher)
to reveal the task instructions.
Knowledge Dissemination Tasks: A core component of the game involves social learning. Students
were required to verbally explain specific security concepts (e.g., Trojan Horse, Social Engineering,
Identity Theft) to bystanders, including other students and staff. By the end of the game, each
participant had disseminated knowledge to approximately 14 individuals.
Figure 1. The Proposed Explorace Flow as the Outdoor Learning
INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5380
www.rsisinternational.org
Figure 2. (a) The example of Checkpoint 1 task (copyrighted)
Figure 2. (b) The example of Checkpoint 2 task (copyrighted)
Figure 2. (c) The example of Checkpoint 3 task (copyrighted)
Figure 2. (d) The example of Checkpoint 4 task (copyrighted)
Data Collection and Analysis
Data were collected using a mixed-method approach comprising three instruments:
1. Academic Performance Records: To measure cognitive retention, scores from the Mid-term Test and Final
Examination were collected for both the Control Group (Group 1) and the Experimental Group (Group
2).
2. Post-Activity Survey: A survey measuring "Readiness and Acceptance" was administered to Group 2
immediately following the intervention.
3. Public Feedback Logbooks: To assess the "Awareness" component, the students maintained a logbook
recording qualitative feedback and signatures from the public audience they approached during the game.
The data was then analyzed using Microsoft Excel. Descriptive statistics (mean and percentages) were calculated
for survey responses. To evaluate the intervention's impact on performance, an Independent Samples t-test was
performed to compare the mean examination scores between the Control and Experimental groups, with a
significance level set at p < 0.05.
INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5381
www.rsisinternational.org
RESULTS AND DISCUSSION
Result 1: Student Readiness and Acceptance (Survey Results)
The first phase of analysis focused on student acceptance of the "Explorace" gamified learning approach. Post-
intervention survey data (Figure 3) indicate a high level of readiness among participants.
97% of students expressed that they were "ready and liked the approach," citing that the active nature of
the module helped improve their understanding of encryption and decryption processes.
1% of respondents remained neutral.
1% expressed a lack of readiness or interest in the approach.
Qualitative feedback supports these findings; students reported that the module allowed them to "practice what
they have learned in a fun way". This suggests that the outdoor setting reduced the anxiety often associated with
complex topics like Cryptography.
Figure 3. Readiness and interest level of having ‘Exploraceas a learning approach
Result 2: Impact on Academic Performance
To address the primary research objective, the academic performance of the Experimental Group (Group 2,
n=70) was compared to the Control Group (Group 1, n=33). Table 2 presents the comparison of Mid-term
and Final Examination scores.
Table 2. Comparison of Academic Performance between Control and Experimental Groups
Assessment Item
N
Mean Score (%)
Mid-term Test
33
58.94
70
61.20
Final Exam
33
41.09
70
61.46
Note: Maximum score is 100. Significance tested at p < 0.05.
As shown in Table 2, the Experimental Group outperformed the Control Group in both assessments. While
the Mid-term improvement was marginal (2.26% difference), the impact on the Final Examination was
substantial. The Experimental Group achieved a mean score of 61.46% compared to 41.09% in the Control
Group. This significant increase demonstrates that the "Explorace" module effectively aided retention of
complex topics such as Cryptography.
Readiness and Interest Level
Yes No Neutral
INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5382
www.rsisinternational.org
Figure 4 illustrates samples of student answers, showing that students in Group 2 were able to apply
encryption algorithms (e.g., Vigenère Cipher) more accurately in exam settings compared to previous
cohorts.
While raw data for significance testing was not available for this retrospective analysis, the difference in mean
scores (20.37%) suggests a substantial practical impact. It is particularly noteworthy that these results were
achieved despite a significantly larger class size in the Experimental Group (n=70) compared to the Control
Group (n=33). Typically, larger cohorts present greater pedagogical challenges regarding student attention and
comprehension. The fact that the larger group performed better suggests that the gamified approach effectively
mitigated the challenges of large-group instruction.
Furthermore, qualitative observations revealed that the game mechanics lowered the cognitive barrier for
Cryptography, a subject historically perceived as abstract and difficult. By physically interacting with encryption
algorithms (e.g., Vigenère Cipher) at checkpoints, students transitioned from passive theoretical learning to active
application, resulting in the higher accuracy observed in the final examination."
Figure 4. (a) Samples of Mid-term Test Answers from Group 2 students
Figure 4. (b) Samples of Final Exam Answers from Group 2 students
INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5383
www.rsisinternational.org
Result 3: Public Awareness and Social Impact
The final component of the study evaluated the students' ability to disseminate information to the public.
During the sessions, 15 student groups approached a total of 210 individuals (staff and students) to explain
cyber-security threats.
As evidenced in the feedback logbooks (Figure 5), 80% of the audience provided positive or meaningful
feedback. Figure 5 displays samples of these interactions, where audience members signed off to indicate
their understanding of concepts such as "Social Engineering" and "Identity Theft". This process not only
spread awareness but also reinforced the students' own understanding through the "learning by teaching"
mechanism.
Figure 5. Feedback from students and staff
This initiative provides some sequences for good practices in teaching and learning strategies. This initiative
covers the attributes of ethical value in the affective domain of this subject too by nurturing the ethics among
students to explain properly and correctly. They need to be responsible for what they are spreading as it will be
used as a guide by the audience later. Some of the students also commented that this activity pushes them to be
brave to communicate with others, to greet people, to ask for their time, and to convince others that the input they
want to convey is very important and useful.
However, there are challenges to implement this approach in the universities. The obvious challenge is to
encourage lecturers to spend more time in preparation as this kind of activity should be designed and customized
based on the students of the particular semester.
INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS)
ISSN No. 2454-6186 | DOI: 10.47772/IJRISS | Volume IX Issue XI November 2025
Page 5384
www.rsisinternational.org
CONCLUSION
Educators in the cybersecurity field can use this approach to have an active session of awareness sharing as well
as to encourage students to enhance their input of knowledge by sharing to others. Research Question 1 is
answered positively as students are comfortable with the proposed learning style. Research Question 2 is
answered by the big increment of average marks in the test and exam. Research Question 3 is answered with the
proof of audience feedback, as demonstrated by Figure 5. Hence, this initiative is useful and applicable to this
subject and possibly other subjects with the same nature like Information Security.
ACKNOWLEDGMENT
The authors would like to express our gratitude to Tunku Abdul Rahman University of Management and
Technology, and Universiti Malaysia Pahang Al-Sultan Abdullah (UMPSA).
REFERENCES
1. Ali, A., Deuter, A., & Wehmeier, L. (2023). Personalized Learning in Automation: A 3D AI-Based
Approach. Proceedings - Frontiers in Education Conference, FIE.
https://doi.org/10.1109/FIE58773.2023.10343228
2. Bélanger, F., Maier, J., & Maier, M. (2022). A longitudinal study on improving employee information
protective knowledge and behaviors. Comput. Secur., 116. https://doi.org/10.1016/J.COSE.2022.102641
3. Chaudhary, S., Kompara, M., Pape, S., & Gkioulos, V. (2022). Properties for Cybersecurity Awareness
Posters’ Design and Quality Assessment. ACM International Conference Proceeding Series, 2022.
https://doi.org/10.1145/3538969.3543794;WGROUP:STRING:ACM
4. Essam, M., Jennifer, E., & Poh Phung, S. (2020). Impact of Gamification on Higher Education; A Case
Study on Limkokwing University of Creative Technology Campus in Cyberjaya, Malaysia.
5. Francisco, V., Moreno-Ger, P., & Hervas, R. (2022). Application of Competitive Activities to Improve
Students’ Participation. IEEE Transactions on Learning Technologies, 15(1), 214.
https://doi.org/10.1109/TLT.2022.3153174
6. Hansche, S., Ellis, B., Sanchez-Cherry, K., Snyder, J. N., & Walden, D. (2024). Building a cybersecurity
and privacy learning program. https://doi.org/10.6028/NIST.SP.800-50r1
7. Khaldi, A., Bouzidi, R., & Nader, F. (2023). Gamification of e-learning in higher education: a systematic
literature review. Smart Learning Environments, 10(1), 131. https://doi.org/10.1186/S40561-023-
00227-Z/FIGURES/2
8. Md Rashid, S. N., Abdullah, S. Z., Makhtar, N., Jaafar, N. F., & Zuraimi, N. A. (2023). Effectiveness of
Virtual Explorace Game Towards Students’ Performance in Physics Subject During Pre-Diploma
Programme. International Journal of Academic Research in Progressive Education and Development,
12(1). https://doi.org/10.6007/IJARPED/V12-I1/16108