Class capture-the-flag exercises

Jelena Mirkovic, Peter A.H. Peterson

Research output: Contribution to conferencePaperpeer-review

Abstract

The field of cybersecurity is adversarial - the real challenge lies in outsmarting motivated and knowledgeable human attackers. Sadly, this aspect is missing from current cybersecurity classes, which are often taught through lectures and occasionally through “get your feet wet” practical exercises. We propose Class Capture-the-Flag exercises (CCTFs) to revitalize cybersecurity education. These are small-scoped competitions that pit teams of students against each other in realistic attack-defense scenarios. We describe how to design these exercises to be easy for teachers to conduct and grade, easy for students to prepare for and a lot of fun for everyone involved. We also provide descriptions of CCTFs we have developed and recount our experiences of using them in class.

Original languageEnglish (US)
StatePublished - 2014
Externally publishedYes
Event2014 USENIX Summit on Gaming, Games, and Gamification in Security Education, 3GSE 2014 - San Diego, United States
Duration: Aug 18 2014 → …

Conference

Conference2014 USENIX Summit on Gaming, Games, and Gamification in Security Education, 3GSE 2014
Country/TerritoryUnited States
CitySan Diego
Period8/18/14 → …

Bibliographical note

Funding Information:
The DeterLab testbed [9] is the deployment platform for our exercises. DeterLab is an open and free-for-use research and education testbed funded by the Department of Homeland Security and the National Science Foundation. Co-hosted by USC/ISI and UC Berkeley, it currently includes approximately 500 physical machines and is used by more than 3,700 users in 30 countries. About 75% of these are educational users.

Funding Information:
∗This work is in part supported by the DHS grant N66001-10-C-2018. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Department of Homeland Security.

Publisher Copyright:
© 2014 USENIX Summit on Gaming, Games, and Gamification in Security Education, 3GSE 2014. All rights reserved.

Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.

Fingerprint

Dive into the research topics of 'Class capture-the-flag exercises'. Together they form a unique fingerprint.

Cite this