1 / 23

picoCTF: A Game-Based Computer Security Competition for High School Students

picoCTF: A Game-Based Computer Security Competition for High School Students. Peter Chapman peter@cmu.edu. Jonathan Burket jburket@cmu.edu. David Brumley dbrumley@cmu.edu. Carnegie Mellon University.

giona
Download Presentation

picoCTF: A Game-Based Computer Security Competition for High School Students

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. picoCTF: A Game-Based Computer Security Competition for High School Students Peter Chapman peter@cmu.edu Jonathan Burket jburket@cmu.edu David Brumley dbrumley@cmu.edu Carnegie Mellon University This material is based upon work supported by the National Science Foundation Graduate Research Fellowship under Grant No. 0946825. 8/18/2014

  2. Plaid Parliament of Pwning PlaidCTF

  3. Who plays in CTFs? University Students Security Professionals Dedicated Hobbyists CTFs currently reach a small audience of very passionate people.

  4. Targeting High Schools • Formative Educational Period • After-School Clubs • Feasible Classroom Integration • Advanced Students • Coding Backgrounds • Tool Knowledge • Security Background

  5. picoCTF 2013 A computer security educational experience targeting high school students Introduce real-world offensive and defensive skills to all backgrounds Build the event around an interactive game to motivate students and teachers

  6. picoCTF Challenges Digital Forensics (16) Cryptography (8) Reverse Engineering (9) Web Exploitation (13) Binary Exploitation (11)

  7. picoCTF Challenges Level 4 Level 2 Level 3 Level 1 Very hard AP Computer Science No programming experience necessary Basic programming experience Each skill level can finish with accomplishment

  8. Challenge-Game Storyboarding Stage 1 Enter Debug Mode Robot Sending Message to Base Sleep in Bed Robot 101 Decrypt Instructions Fix Robot Command-Line Interface FAT Error Code File Structure Fun Facts and Trivia Caesar Cipher • Stage 2 Network Wireshark Secret Competition Rename Toast Space Port Location • Bonus Reveal Robot History

  9. Robot 101 Learn to Fix Robot Robot Sending Message to Base FAT Code Problem Solved Hints Enter Debug Mode Decrypt Instructions

  10. April 26 7:00 AM EDT - May 6 11:59 PM EDT

  11. 1,938 teams from 955 different schools

  12. $21,000 in cash prizes!

  13. Competition Evaluation 172,482 Challenge Submissions 415 Post-Competition Survey Responses

  14. Game Viewer Usage

  15. Game Viewer Usage Hated It

  16. Challenge Preferences – Want More Of:

  17. Challenge Preferences – Want Fewer Of:

  18. picoCTF 2013 Takeaways • The CTF format works! • People liked the game, especially younger and less advanced players. • Unfamiliar and complex tools frustrate. • Individual accounts are a must for evaluation.

  19. Beyond picoCTF 2013

  20. CTF Platform

  21. Questions! A computer security educational experience targeting high school students Introduce real-world offensive and defensive skills to all backgrounds Build the event around an interactive game to motivate students and teachers

More Related