On July 19 through 20 UTSA’s Cyber Security Association (CSA) competed in Cyber Challenge 2011, a national cyber security competition, where they tied for second place.
The MITRE-sponsored event was a chance for interested organizations and individuals to qualify for a chance to compete at DEFCON, one of the world’s largest annual hacker conventions, in the Open Capture The Flag (CTF) competition as well as get hands-on experience in high-level hacking.
The CTF style competition requires teams “to find a ‘flag,’ a special hidden sentence that can only be found by correctly solving the challenge,” said Dane Stuckey, a senior double majoring in information assurance and information security and the vice president of CSA.
Brock Haun, a sophomore majoring in computer science, said that the team was “fairly excited” about the chance to compete for a spot in DEFCON, but said that “the team wasn’t terribly upset when they found out they missed out on attending.” He added that, their team, unlike the others, only had two members who were able to dedicate all 20 hours of the competition to the challenges. Other teams had all five team members for the entire competition.
The MITRE qualifier had no physical completion space. To compete, teams logged into a virtual network where they could access the various challenges during the 20-hour competition.
Questions were split into five categories including cryptography, networking and web exploitation. In each category there were six different tiers of question with each question worth progressively more than the last. More valuable questions were only made available to the teams once at least one team completed the prior challenge.
Stuckey said that their team chose to approach the challenges by assigning each of the team’s five members to one of the five categories based on their individual abilities and “if help was needed then team members would dynamically reallocate themselves to help.”
Once the team solved one of the challenges, “the team would take a few minutes to review the challenge, identify what was required to solve it and cover techniques for speeding up the process,” Stuckey said. He added that “the skills required to tackle one challenge would often be required to tackle another.”
Although the team was cobbled together only hours before the application deadline, Stuckey felt that that the competition was both a huge benefit to the organization and to the competitors personally. “Competitions are a fantastic way for students to gauge their skill set, lean new concepts and build a sense of pride in the organization,” Stuckey said.
Stuckey credits CSA’s national success to the organization’s faculty advisor, Dr. Nicole Beebe. “Without her help, guidance and involvement in our UTSA careers we would not have been as prepared or done nearly as well in this competition.”
“We should have won the event this year,” Haun said, “but we weren’t able to give the competition 100 percent focus. I expect a win for next year’s team, which I plan on participating with.”
The competition “was a fantastic experience that really challenged the team’s technical skill set. We absolutely would do this challenge again,” Stuckey said.
CSA is a student organization that makes a point of tailoring its meeting discussions and lectures to content that interests its members. Stuckey encourages any students interested in technological security to visit one of their meetings to see what they are about.