Cyber-Defense Competition @ CANSec
CANSec Invitational Final Scores and Ranks
1st Place: JayHackers 74.96%;
2nd Place: UALR CSC 64.01%;
3rd Place: WildHat Hakkers
4th Place: Bearcats and Razorbacks
The CANSec Invitational Cyber-Defense Competition will be hosted at the 6th Central Area Networking and Security Workshop on October 26, 2014.
The goal of the competition is to provide students with a platform to apply theoretical knowledge into practice, and to obtain hands-on cyber security experiences. It is a one-day competition, in which student teams will be asked to oversee a small corporate network, to manage all critical services, and to defend against external attacks. Scoring will be primarily based on the availability of the services, and how the attacks and injects are handled.
The Cyber Defense Competition is only open to student teams and faculty coaches. A $30 registration fee for each team member will be collected at the competition. The registration fee will be used to cover lunch/drink/snacks and other expenses. We strongly recommend that each team pay the registration fee in one check.
We also welcome faculty members who are interested in coaching in future competitions to join the white team as observers. Please send an email to firstname.lastname@example.org so that we can prepare a badge for you.
- Bearcats and Razorbacks
- Northwest Missouri State University & University of Arkansas
- Go Royals
- University of Missouri - Kansas City
- The University of Kansas
- WildHat Hakkers
- Kansas State University
- UALR CSC
- University of Arkansas at Little Rock
- Miaoqing Huang, U of Arkansas
- Keyu Jiang, Regis Univeristy
- Fengjun Li, KU
- Na Li, Northwest Missouri State University
- Bo Luo, KU
- Simon Ou, KSU
- Ethan Schwaiger, James Howse, Ian Unruh, Alexandru Bardas, Daniel Wang, Gilnei Pelligrin, Jacob Case, KSU
Each team will be responsible for a variety of tasks before, during, and after the competition. The following is a noninclusive list of key tasks that each team must perform:
- Blue Team
- Manage services (provided as a set of virtual machines)
- Report intrusions
- Complete challenges that are issued throughout the competition, called injects
- Maintain physical security in their designated areas
- White Team
- Enforce rules
- Setup and maintain competition infrastructure (virtual machines, networking, etc.)
- Support blue and red teams with connectivity and usability issues
- Issue and score injects
- Red Team
- Enumerate and exploit vulnerabilities in Blue Team services for the purpose of disrupting normal operation
- Perform social engineering attacks against Blue Teams to gain credentials or access
- Each team may have no more than 8 student members and at least one faculty coach
- Team members must be currently enrolled in a university that is attending CANSEC
- Once the competition has begun, no more members may be added to the team
- Each team will designate a team captain
- The captain will be the point of contact for the competition staff before and after the competition
- In the event of the team captain’s absence, teams must designate an alternate captain
- White team
- White team members will remain neutral
- White team will only assist with the following (this list is noninclusive):
- Competition Infrastructure
- Access to competition infrastructure from client machines
- Blue teams
- Blue teams must allow the White Team access to competition resources upon request
- Blue teams must compete without "outside assistance" from nonteam members
- Members may conduct penetration tests (such as port or vulnerability scans) against only their own resources. No such activity is permitted against other Blue Teams, the Red Team or competition infrastructure
- The team’s captain will be responsible for contesting any potential rule violations
- Red teams may not perform the following attacks:
- Volumetric denial of service attacks (flooding, etc.)
- Attacks against competition infrastructure (scoring engine, OpenStack, networking resources, etc.)
- Port scans, exploits, etc. against personal machines (unattended machines are fair game for access by the red team)
- Blue Team members can user their own computers in the competition. However, Blue Team members may not leverage any paid resources. All resources must be accessible and free to all blue teams. Examples include paid commercial software, hired assistance, paid rulesets, etc. Evaluation versions of commercial software are allowed.
- Blue Team members may not leverage outside assistance. Shared storage (such as FTP or Google Drive) and instant messaging (IRC, HipChat, Skype, etc.) are permitted, but only with fellow team members.
- All network activity that takes place on the competition network may be logged and subject to release. Competition officials and the Competition Hosts are not responsible for the security of any information, including but not limited to:
- login credentials
- emails or other communications
- personal data (SSN, credit card information, etc)
- All participants, including competitors, coaches, White Team, and Red Team members are expected to behave professionally at all times during the entire event.
- Participants are expected to follow the rules set forth by the facility that is hosting the competition.
- Competitors behaving in an unprofessional manner may receive a warning from the White Team for their first offense. For egregious actions or for subsequent violations following a warning, competitors may have a penalty assessed against their team, be disqualified, and/or expelled from the competition site. White Team may also consider a ban from future competitions on a casebycase basis.
- Spectators must also obey professional conduct rules. Individuals that violate these rules may be asked to leave by the White Team if violations continue.
Team score is based on the following factors: service uptime and Injects.
- Service Uptime (60%)
- Uptime is tracked by a scoring engine that performs checks every minute during the attack phase of the competition.
- For each minutes a service is up it earns 1 point.
- Injects (40%)
- Injects are challenges given to the team throughout the competition.
- Each inject will have a time limit for completion. Upon completion, injects will be submitted to the White Team for scoring. Each inject is completely optional.
Score posting: A preliminary score will be posted at the end of the day of the competition. Final scores will be posted one week after the end of the competition to allow for teams to file any discrepancies.
Grievances: Grievances during the competition will be posted through the ticketing system and will be dealt with in the order they are received. Scoring grievances should be filed within 3 days from the end of the competition, and will be resolved within the next 4 days.
- Do I need to assemble my own team?
Yes, you are expected to form the team of up to 8 students and at least 1 faculty coach. If you want to attend the competition but have difficulty in finding enough members, please contact the organizing committee at email@example.com for help.
- Is there a fee to attend the competition?
Yes, a registration fee of $30 is required for each team member.
- Do I need to register for the main workshop to attend the competition?
- Can student participants apply for the travel grant?
Yes, student competition participants are eligible to apply for the NSF student travel grant.
- Infrastructure: Kansas State University
- Local Arrangement: University of Kansas
- Red Team Engagement: Regis University & University of Missouri - Kansas City
- Scenario/Rule Design: Regis and University of Arkansas