The UCSB International Capture The Flag (also known as the iCTF) is a distributed, wide-area security exercise, whose goal is to test the security skills of the participants. The iCTF contest is organized by Prof. Giovanni Vigna of the Department of Computer Science at UCSB, and is held once a year (usually at the beginning of December).
The upcoming iCTF will be held on December 4th, 2009, from 8am to 5pm, PST.
In order to register, please use this registration form.
Note that the logo of your team should be a square PNG file, 128x128.
The faculty Point Of Contact (POC) will lead the team and be responsible for its ethical behavior.
The deployment POC will be responsible for all technical questions.
The form also requires the IP address of the machine to be used as an endpoint of the VPN. If you don't know right away, please simply put "0.0.0.0".
Every team should subscribe to the ctf-participants mailing list. The instructions on how to connect to the network and participate to the competition will be posted on this list.
More details to come soon!
Overview
The Capture The Flag contest is multi-site, multi-team hacking contest in which a number of teams compete independently against each other.
The goal of each team is to maintain a set of services such that they remain available and uncompromised throughout the contest phase. Each team also has to attempt to compromise other teams' services. Since all the teams received an identical copy of the virtual host, each team has to find vulnerabilities in their copy of the hosts and possibly fix the vulnerabilities without disrupting the services. At the same time, the teams have to leverage their knowledge about the vulnerabilities they found to compromise the servers run by other teams. Compromising a service allows a team to bypass the service's security mechanisms and to "capture the flag" associated with the service.
History and Background
The UCSB CTF evolved from a number of previous security "live exercises" that were carried out locally at UCSB. The first wide-area edition of the UCSB CTF was carried out in December 2003. In that CTF, fourteen teams from around the United States competed in a contest to compromise other teams' network services while trying to protect their own services from attacks. The contest included teams from UCSB, North Carolina State University, the Naval Postgraduate School in Monterey, the West Point Academy, Georgia Tech, University of Texas at Austin, and University of Illinois, Urbana-Champaign.
In 2004, the UCSB CTF evolved into an international exercise (hence, the name "iCTF"), which included teams from the United States and Austria, Germany, Italy, and Norway.
In 2005, the UCSB iCTF evolved into an intercontinental exercise, which included 22 teams from North America, South America, Europe and Australia. This was never be attempted before on such a large scale.
In the following years the size of the iCTF kept increasing. In 2008, the UCSB iCTF involved 40 teams and several hundred students, making it the largest live security exercise ever performed on the Internet.
The exercises up to 2007 were loosely based on the DEFCON Capture the Flag contest. Acknowledgments go to the Ghetto Hackers that did such a wonderful (and inspiring) job in organizing the CTF contest at DEFCON and to Kenshoto, who picked up the task of running the CTF and found ways to improve it. Many of the ideas of our iCTF are derived from the DEFCON CTF and the lessons learned by participating to the DEFCON contest.
Those exercises were different from the DEFCON contest because it involves several educational institutions spread across the different continents. The DEFCON contest includes locally connected teams only.
In addition, the DEFCON contest has always involved a limited number of teams. We developed a new network solution that allows a large number of teams to participate. The UCSB CTF is the largest existing live security exercise.
Finally, we used a novel technique, called "blending", to route traffic among the teams that allows for a more realistic experience.
Point of contact
The Capture The Flag (CTF) is organized by Giovanni Vigna, at UCSB.
This is the contact information:
- Phone:+1 (805) 893-7565
- Fax:+1 (805) 893-8553
- E-Mail: vigna@cs.ucsb.edu
- Web: http://www.cs.ucsb.edu/~vigna
- Office: Engineering I, Room 2159
- Address: University of California
Department of Computer Science CS-66
Santa Barbara, CA 93106-5110, USA -
PGP key:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.2.1 (GNU/Linux) mQGiBD7mK/MRBAC0LMdSYMw/V1yBa2uPYl6gmTt1ydk35CFM+LaiymvYJ9tcVNX5 +id4YkKeQzRigg7RCTbfgUjw23zXapUpIZgIK3RvXbMVsxdq1otQkZyRf/7VZSMl EVnlflNaqy7O3tjVbNCbEEl0GAGp5UwzYfTcix44mYYNdgHcvkbgq5GXFwCgzpsq CuNqq0+CyFGhI9S1R+aIya8D/0iNMYyU3M5YDhNyRs5Gtjebhc2eGExCR71QjRww qNyWTlr43nsP1A8ckPdeqjd1vrSp/F9eFAIcDUlZmyDYlmFUSYO2X17xZBNqgDAu jnrduuuuu4l3owqVILFIhgs8EwNNA0bVSxwgwFCQsGWuJr5cNXTggZVKdsqfRyR5 reh4A/9wJcXXOulUNpEbUmrDEMVeNvEdEdIh4nQdyxi1pcggAhc2WxiFu1NOSYsL daKLDB4kiP3xfdK7Cq+scvvx6NdKsSDWYibQ0uMfvYDzX3LMKpBBvKxDyD0pfJjg DLSe9cn7Tp03b7kTKFxRC0FhydT7ECr7cqw6vsNF3cBjaN1YSbQiR2lvdmFubmkg VmlnbmEgPHZpZ25hQGNzLnVjc2IuZWR1PohZBBMRAgAZBQI+5ivzBAsHAwIDFQID AxYCAQIeAQIXgAAKCRCrju5XfPpVYjO2AKDDsYft/N00g+v2511Laxpzv9Dp0ACd FTTMe4I3mCI6zW38v62OECHPR6i4zQQ+5iv0EAMAn8y7knVSp1raHNdGzwUC+i4h 4TBl5DBxzcBS591K28ef6+o1rBnSJBdP5370vGxvUNczRJwFXnRctoj9et3enraM mF0SxD+qadyFdukeFJr5cqdfMWTwwjh9efRsS3JnAAMFAv9KTUYTSUjTFrqjw8+H 4npDq6VVy7cXo/3hHLGXhO2DGu9x1RbglFyeSoMbq2ALjLhJJs1I1NemhySN8ZfO DdC9WITYKDasCcIj4b5dcgkxMg0XSwi7FRToVdyww2jIWKuIRgQYEQIABgUCPuYr 9AAKCRCrju5XfPpVYt3tAJ9LT1PibtwUEyZPNyrDFWsyvSwkDgCgqOOGkfYzZgQE JOLKi4o/eFOM5cs= =/UFb -----END PGP PUBLIC KEY BLOCK-----