The 2015 Invitational CANSec Cyber Defense Competition will be hosted at the 8th Central Area Networking and Security Workshop on October 24, 2015.
The goal of the competition is to provide students with a platform to apply theoretical knowledge into practice, and to obtain hands-on cyber security experiences. It is a one-day competition, in which student teams will be asked to oversee a small corporate network, to manage all critical services, and to defend against external attacks. Scoring will be primarily based on the availability of the services, and how the attacks and injects are handled.
The 2015 CANSec Cyber Defense Competition is only open to student teams and faculty coaches. A $30 registration fee for each team member will be collected at the competition. The registration fee will be used to cover lunch/drink/snacks and other expenses. We strongly recommend that each team pay the registration fee in one check.
We also welcome faculty members who are interested in coaching in future competitions to join the white team as observers. Please send email to cansecworkshopfall2015@gmail.com so that we can prepare a badge for you.
1st place: Kansas State University
2nd place: University of Memphis
3rd place: Fontbonne University and University of Arkansas at Little Rock
4th place: University of Kansas
5th place: Arkansas State University
6th place: University of Missouri – Kansas City
Please download the registration form and submit to cansecworkshopfall2015@gmail.com by Oct 17, 2015
Each team will be responsible for a variety of tasks before, during, and after the competition. The following is a noninclusive list of key tasks that each team must perform:
Blue Team
Manage services (provided as a set of virtual machines)
Report intrusions
Complete challenges that are issued throughout the competition, called injects
Maintain physical security in their designated areas
White Team
Enforce rules
Setup and maintain competition infrastructure (virtual machines, networking, etc.)
Support blue and red teams with connectivity and usability issues
Issue and score injects
Red Team
Enumerate and exploit vulnerabilities in Blue Team services for the purpose of disrupting normal operation
Perform social engineering attacks against Blue Teams to gain credentials or access
Each team may have no more than 8 student members and at least one faculty coach
Team members must be currently enrolled in a university that is attending CANSec
Once the competition has begun, no more members may be added to the team
Each team will designate a team captain
The captain will be the point of contact for the competition staff before and after the competition
In the event of the team captain’s absence, teams must designate an alternate captain
8:00 AM – 8:30 AM Check-in
8:30 AM – 9:00 AM White team briefing and setup
9:00 AM – 10:10 AM Keynote session
10:10 AM – 4:00 PM Competition
4:30 PM Closing remarks (result announcement)
White team
White team members will remain neutral
White team will only assist with the following (this list is noninclusive):
Competition Infrastructure
Access to competition infrastructure from client machines
Blue teams
Blue teams must allow the White Team access to competition resources upon request
Blue teams must compete without “outside assistance” from nonteam members
Members may conduct penetration tests (such as port or vulnerability scans) against onlytheir own resources. No such activity is permitted against other Blue Teams, the Red Team or competition infrastructure
The team’s captain will be responsible for contesting any potential rule violations
Red teams may not perform the following attacks:
Volumetric denial of service attacks (flooding, etc.)
Attacks against competition infrastructure (scoring engine, OpenStack, networking resources, etc.)
Port scans, exploits, etc. against personal machines (unattended machines are fair game for access by the red team)
Blue Team members can user their own computers in the competition. However, Blue Team members may not leverage any paid resources. All resources must be accessible and free to all blue teams. Examples include paid commercial software, hired assistance, paid rulesets, etc. Evaluation versions of commercial software are allowed.
Blue Team members may not leverage outside assistance. Shared storage (such as FTP or Google Drive) and instant messaging (IRC, HipChat, Skype, etc.) are permitted, but only with fellow team members.
All network activity that takes place on the competition network may be logged and subject to release. Competition officials and the Competition Hosts are not responsible for the security of any information, including but not limited to:
login credentials
emails or other communications
personal data (SSN, credit card information, etc)
which competitors place on the competition network.
All participants, including competitors, coaches, White Team, and Red Team members are expected to behave professionally at all times during the entire event.
Participants are expected to follow the rules set forth by the facility that is hosting the competition.
Competitors behaving in an unprofessional manner may receive a warning from the White Team for their first offense. For egregious actions or for subsequent violations following a warning, competitors may have a penalty assessed against their team, be disqualified, and/or expelled from the competition site. White Team may also consider a ban from future competitions on a casebycase basis.
Spectators must also obey professional conduct rules. Individuals that violate these rules may be asked to leave by the White Team if violations continue.
Team score is based on the following factors: service uptime and Injects.
Service Uptime
Uptime is tracked by a scoring engine that performs checks every minute during the attack phase of the competition.
For each minutes a service is up it earns 1 point.
Injects
Injects are challenges given to the team throughout the competition.
Each inject will have a time limit for completion. Upon completion, injects will be submitted to the White Team for scoring. Each inject is completely optional.
Score posting: A preliminary score will be posted at the end of the day of the competition. Final scores will be posted one week after the end of the competition to allow for teams to file any discrepancies.
Grievances: Grievances during the competition will be posted through the ticketing system and will be dealt with in the order they are received. Scoring grievances should be filed within 3 days from the end of the competition, and will be resolved within the next 4 days.
Do I need to assemble my own team?Yes, you are expected to form the team of up to 8 students and at least 1 faculty coach. If you want to attend the competition but have difficulty in finding enough members, please contact the organizing committee at cansecworkshopfall2015@gmail.com for help.
Is there a fee to attend the competition?Yes, a registration fee of $30 ($60 if attending the welcome dinner on 10/23) is required for each team member.
Do I need to register for the main workshop to attend the competition?No.
Infrastructure: University of Arkansas at Little Rock
Local Arrangement: University of Arkansas at Little Rock
Red Team Engagement: University of Arkansas at Little Rock
Scenario/Rule Design: University of Arkansas at Little Rock