Your SlideShare is downloading. ×
Keynote:CTF: All the Cool Kids are doing it    by Chris Eagle
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Keynote:CTF: All the Cool Kids are doing it by Chris Eagle


Published on

The past decade has seen a proliferation of network security games euphemistically known as "Capture the Flag" exercises. The fun of participating in these exercises is well known to those who choose …

The past decade has seen a proliferation of network security games euphemistically known as "Capture the Flag" exercises. The fun of participating in these exercises is well known to those who choose to play. These exercises expose participants to new challenges, offer them the chance to meet new people with similar interests, build "street cred" and increasingly, offer significant prizes. Perhaps most significantly, when done properly, these exercises offer a considerable opportunity to spark interest in the computer security field in the next generation of computing professionals. This talk will take a look at the challenges of using such exercises as training or evaluation opportunities and will consider how to improve our ability to do so.

Chris Eagle

Chris Eagle is a Senior Lecturer of Computer Science at the Naval Postgraduate School (NPS) in Monterey, CA. A computer engineer/scientist for 28+ years, his research interests include computer network operations, forensics and reverse engineering. He has been a speaker at conferences such as Black Hat, Defcon, Infiltrate, and Shmoocon and is the author of "The IDA Pro Book", the definitive guide to IDA Pro. He is a multiple winner of the Defcon Capture the Flag Competition and was the organizer of that competition from 2009-2012. He is currently working with DARPA to build their Cyber Grand Challenge competition.

Published in: Technology

1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Chris Eagle
 Code Blue 18 February 2014
  • 2. !  Everything I say today is my own opinion and not necessarily the opinion of the US Naval Postgraduate School (NPS), US Department of Defense (DoD) or the United States Government
  • 3. !  Senior Lecturer ◦  Naval Postgraduate School, Monterey CA (1997- present) !  Leader ◦  Sk3wl0fRoot Capture the Flag team, winners of Defcon CTF (2004, 2008) !  Co-founder ◦  DDTEK, Organizers of Defcon CTF (2009-2012)
  • 4. !  First and foremost a game !  A chance to excel! !  Meet new people !  Lose some sleep
  • 5. !  Opportunity to (legally!) apply skills associated with all aspects of computer security ◦  System administration ◦  Network traffic analysis ◦  Digital forensics ◦  Vulnerability analysis and exploitation ◦  Cryptography ◦  Web and database security Courtesy of Kenshoto
  • 6. !  Organizer's develop challenges to be solved by participants !  Two main formats ◦  Jeopardy style game board ◦  Full spectrum team vs. team in head to head competition
  • 7. !  Typified by Defcon qualification round
  • 8. !  No head to head interaction between teams !  Solve puzzles to earn points !  Solution to puzzle usually reveals a secret value known as a key or flag ◦  Hence “capture the flag” !  Wider variety of puzzles because each one does not need to be “live”
  • 9. !  Teams directly attack each other while organizers act as judges to award points !  Defcon CTF is longest running !  Others ◦  UC Santa Barbara iCTF ◦  Positive Hack Days CTF ◦  Codegate CTF
  • 10. !  Apply skills in hostile environment !  Exploit development !  Vulnerability mitigation !  All challenges are live “services” ◦  Must be kept running and defended while simultaneously attacking other team’s services ◦  Successful exploitation results in access to a flag
  • 11. !  Generate interest in computer security ◦  Attract new people to the field !  Fresh challenges test and
 develop skills ◦  Interesting challenges motivate
 tools development !  Builds a community of talent
 and shared knowledge about
  • 12. !  Desire to learn ◦  Creative challenges spark interest !  Legal, low risk way to
 exercise offensive skills !  Bragging rights ◦  Winning Defcon carries some
 prestige !  Prizes ☺ ◦  Codegate – 4.3M ¥ ◦  PHDays – 900K ¥ ◦  Defcon – Black badge
  • 13. !  Defcon ◦  Defcon 10, 2002 8 American teams ◦  Defcon 21, 2013 20 teams, ~66% international !  Hundreds of teams attempted to qualify !  UCSB iCTF ◦  2003 – 14 teams ◦  2012 – 90 teams !  Almost weekly
 events today
  • 14. !  Large body of past challenges !  Large body of publicly available solutions ◦  Generally self-study !  Each new CTF provides an assessment opportunity ◦  Only metric is final score ◦  No feedback to assist with improvement
  • 15. !  DON’T DO IT!! ◦  Trust me on this one !  If you must, then 
 consider why ◦  It is totally thankless ◦  Give back to the community ◦  Talent identification ◦  Educational opportunity !  Coach people/teams up prior to event !  Provide feedback after event !  Teach people about challenges after CTF ends
  • 16. !  Japan, like many other countries, faces a shortage of skilled cyber professionals ◦  By one study as many as 80,000 people needed !  Identifying and attracting new talent as well as retaining existing talent is essential !  Competitions such as CTF both spark interest and offer an opportunity to evaluate ◦  Huge growth in participation in past 10 years !  Just get out and play!