The objective of this project is to revitalize cyber security education and research by introducing competitive aspects into their current lifecycles. The project will create and deploy light-weight, online and diverse Class Capture-The-Flag (CCTF) exercises on the DeterLab testbed. The competitions will require only modest preparation and students will engage in competitions remotely, at any time convenient for both teams. The competitions will cover a broad range of security topics, such as infrastructure threats and defenses, denial-of-service, botnet detection and infiltration, etc. Competitions will occur multiple times during a semester and will involve students from different institutions, alternating between an attacker and a defender role. To address ethical concerns about teaching students offensive technologies, the project will develop online materials on ethical offense, and will require each participant to view the materials and pass the related quiz before engaging in competitions. The project will also create a Security Challenge portal, where researchers can challenge others to break their research prototypes experimentally or by design analysis. The project team will further develop the Grand Challenge portal, hosting grand challenges in several security sub-fields. The initial grand challenges will be created by experts in selected sub-fields during virtual workshops. The Secure and Trustworthy Cyberspace (SaTC) program funds proposals that address Cybersecurity from a Trustworthy Computing Systems perspective; a Social, Behavioral and Economic Sciences perspective; and proposals focusing entirely on Cybersecurity Education. The education modules developed to accompany the CCTFs will reach student audiences that would not otherwise receive security education. Researchers that engage in security challenges will benefit from having more sound solutions and stronger publications than they would otherwise. Grand challenges will engage multiple teams competing towards the common goal, galvanizing research on that specific class of problems. Further, security challenges and grand challenges will promote better security metrics, experiment methodologies and code and data sharing. This will improve the quality of security research, and the science of security experimentation. The educational modules that cover topics related to each CCTF exercise will enable participation by underprivileged and minority institutions that may not regularly teach a security class.
EDU: Revitalizing Cyber Security Education and Research through Competitions