CTF: State-of-the-Art and Building the Next Generation ASE 2017

Similar documents
The State and Needs of IO Performance Tools

Towards High-Interaction Virtual ICS Honeypots-in-a-Box DANIELE ANTONIOLI ANAND AGRAWAL N. O. TIPPENHAUER

Opening up OpenSM with the Subnet Monitoring Tools

ECP Alpine: Algorithms and Infrastructure for In Situ Visualization and Analysis

Whitelisting MSRs with msr-safe

An exceedingly high-level overview of ambient noise processing with Spark and Hadoop

Microsoft Advance Threat Analytics (ATA) at LLNL NLIT Summit 2018

NIF ICCS Test Controller for Automated & Manual Testing

Capture The Flag Challenge Prep Class

Reusable, Generic Compiler Analyses and Transformations

OSIsoft at Lawrence Livermore National Laboratory

Comparison of 3D and 1D Wave Propagation Effects in the San Francisco Bay Area

Panel 4: Accelerating Economic and Local Impacts. Camille Bibeau Lawrence Livermore National Laboratory, DOE

Acceleration of HPC applications on hybrid CPU-GPU systems: When can Multi-Process Service (MPS) help?

TOSS - A RHEL-based Operating System for HPC Clusters

LLNL Tool Components: LaunchMON, P N MPI, GraphLib

High Scalability Resource Management with SLURM Supercomputing 2008 November 2008

Oracle Cloud IaaS: Compute and Storage Fundamentals

School of Computing and Information Sciences. Course Title: Mobile Application Development Date: 8/23/10

Got Burst Buffer. Now What? Early experiences, exciting future possibilities, and what we need from the system to make it work

Data Management and Analysis for Energy Efficient HPC Centers

Power Constrained HPC

GRID MODERNIZATION INITIATIVE PEER REVIEW

EReinit: Scalable and Efficient Fault-Tolerance for Bulk-Synchronous MPI Applications

LA-UR Approved for public release; distribution is unlimited.

Introduction to Information Technology

Total Test Questions: 64 Levels: Grades 9-12 Units of Credit:.50

Introduction to 802.1X Operations for Cisco Security Professionals (802.1X)

Introduction to ns3. October 27, Peter D. Barnes, Jr. Staff Scientist

CSC6290: Data Communication and Computer Networks. Hongwei Zhang

Electronics Single Board Computers

Critical Energy Infrastructure Protection. LLNL CEIP Approach

KYPO Cyber Range Design and Use Cases

COURSE OUTLINE Survey of Operating Systems

LLNL Lustre Centre of Excellence

Software tools for igemers: BioBrick / Past Project Search & Tutorials

The HDF Group Q5 Demo

It also provides data to assist government and providers to monitor progress in relation to qualification-related education policies.

S. Krishnamoorthy Mechatronics, Robotics, and Control Lab

National Ignition Facility

Data Placement Optimization in GPU Memory Hierarchy Using Predictive Modeling

MVAPICH User s Group Meeting August 20, 2015

Improved Versioning, Building, and Distribution of Lustre

LO CompTIA A+ : (Exam ) Course Outline Sep 2018

Marketing COURSE NUMBER: 22:630:679 COURSE TITLE: Web Analytics with Real World Applications

COURSE OUTLINE: Supporting and Troubleshooting Windows 10

Syllabus. CSC 103 Computing Sciences Portal

Cisco Networking Academy CCNA Cybersecurity Operations 1.1 Curriculum Overview Updated July 2018

Leveraging Flash in HPC Systems

Snowpack: Efficient Parameter Choice for GPU Kernels via Static Analysis and Statistical Prediction ScalA 17, Denver, CO, USA, November 13, 2017

HELICS Co-simulation Framework for the Smart Grid

PREDICTING COMMUNICATION PERFORMANCE

Power Bounds and Large Scale Computing

The Quick CASP USER S GUIDE. What is the Quick CASP? Sample Quality Improvement Plan. >>> page 3. >>> page 7

University of Mumbai

Cisco Integration Platform

Gamifying ICS Security Training and Research: Design, Implementation, and Results of S3

System Administration

Getting Insider Information via the New MPI Tools Information Interface

Using Open Source Software to Build a C++ Teaching Aide

Implementing Core Cisco ASA Security (SASAC)

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

CSIBridge: Computer Science for Digital Forensics and Cyber Security

Multi-Channel Attenuator

Exploring Hardware Overprovisioning in Power-Constrained, High Performance Computing

Cisco Prime Home 6.X Minimum System Requirements: Standalone and High Availability

QuickSpecs HP Network Automation 7.60

Global Smartphone Application Market Report A business guide to successfully publishing apps

FUJITSU Cloud Service K5 - API Management Service Description

METADATA REGISTRY, ISO/IEC 11179

Workload Characterization using the TAU Performance System

Multi-vector DDOS Attacks

CSC 4992 Cyber Security Practice

ITSEED: Development of Instructional Laboratories for IT Security Education

IEEE Sec Dev Conference

Secure Mobility. Klaus Lenssen Senior Business Development Manager Security

BigData Express: Toward Predictable, Schedulable, and High-Performance Data Transfer. BigData Express Research Team November 10, 2018

Collaboration and Cash: Web Archiving Incentive Awards

VisIt Overview. VACET: Chief SW Engineer ASC: V&V Shape Char. Lead. Hank Childs. Supercomputing 2006 Tampa, Florida November 13, 2006

Designing And Deploying Wireless Networks: A Practical Guide To Implementing n And ac Wireless Networks For Enterprise-Based

Introduction to Programming Nanodegree Syllabus

Noise Injection Techniques to Expose Subtle and Unintended Message Races

UC Santa Barbara. Organizing Large Scale Hacking Competitions

Oklahoma State University Institute of Technology Face-to-Face Common Syllabus Fall 2017

LA-UR Approved for public release; distribution is unlimited.

NA120 Network Automation 10.x Essentials

ELECTRICAL ENGINEERING & INSTRUMENTATION MECHANICAL ENGINEERING BIOLOGICAL & INDUSTRIAL ENGINEERING NUCLEAR ENGINEERING STRUCTURAL & CIVIL

The opensuse project. Motivation, Goals, and Opportunities. Sonja Krause-Harder Michael Löffler. March 6, 2006

Overcoming Distributed Debugging Challenges in the MPI+OpenMP Programming Model

Call for Papers for Communication QoS, Reliability and Modeling Symposium

Automating Security Practices for the DevOps Revolution

SSC14-V-9 UNCLASSIFIED UNCLASSIFIED LLNL-PRES

Advanced Android Security APIs. KeyStore and Crypto VPN

How to Put Your AF Server into a Container

The CISM Education Plan (updated August 2006)

Oklahoma State University Institute of Technology Online Common Syllabus Fall 2018

FAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center

CSET 4150 Web System Administration (3 semester credit hours) IT Required

OpenZFS Collaboration

Cisco Software Defined Access (SDA)

Transcription:

CTF: State-of-the-Art and Building the Next Generation ASE 2017 August 15, 2017 Clark Taylor Lawrence Livermore National Laboratory University of Arizona 737334 LLNL-PRES-XXXXXX This work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory under contract DE-AC52-07NA27344. Lawrence Livermore National Security, LLC

Motivation Cyber Defenders Program 8 years of Cyber Defenders CTF Different competitions from Sandia and LANL On-site and remote setups 3 years of Cybercraft Summer long for Cyber Defenders Events at library, National Science Bowl Based on PicoCTF framework Results? Surveys indicate generally good results 2

General Competition Goals Ease of use Alternative target audiences Keep costs down Hardware Administration Competition realism Policy Variety of modes Engaging for a range of skill levels Research/evaluation outcomes Framework extensibility 3

General Strategies for Cyber Defenders Hardware costs Raspberry PI and Kali Linux Add storylines and custom content for realism Design content for training (Cybercraft) Collect surveys and summary data 4

Can we do Better? Cyber Defender competitions had shortcomings What other CTFs are out there? Studied 39 different CTFs Found commonalities Framework vs monolithic Open source? Dynamic vs static challenges Challenges refers to individual puzzles or tasks for which points are awarded Policy topics 5

State of the Art 40 Current Competitions 35 30 25 20 15 10 5 0 Static Dynamic Open Source Policy Total 6

Shortcomings Ease of use Realism Challenge types Policy integration Training oriented modes Data collection Content development ease 7

Proposed Framework: Catalyst Introducing the Catalyst Security Challenge (CSC) Aims to solve these problems Currently in progress Building component-by-component 8

Ease of Use Entirely web based Hosted on a LAN, with network management (including VPN) on game server Plaintext-and-buttons configurable Automated provisioning Provision the game server from the internet Provision other components from the game server Includes provisioning for participant terminals Components can be virtual Components can be inexpensive hardware GUI managed Target audience: Lowest common denominator 9

Realism Support for static and dynamic content HTTP-based extensible grading system API Highly configurable Plaintext configuration includes challenge text and parameter configuration Policy challenges Built-in support for policy-oriented types of challenges Additional realism and configurability better enables policy challenges 10

Training Modes Administrators can choose desired mode of competition Training modes disable features such as public scoreboards Support for challenge hints Challenge components may behave differently Content developers can access the current mode for their components via the grading API 11

Data Collection Keylogger-on-steroids approach Monitors endpoints Installed automatically via provisioning Data curated on game server Visualization and filtering Goals: Find novel approaches to solving challenges Determine best practices and strategies Evaluate efficacy of CTF for training/education Evaluate participants 12

Data Collection: Current Visualization 13

Content Development No particular design patterns Just has to be compatible with host OS and support HTTP Game server provisioning launches software via OS All communication done via grading API 14

Architecture 15

Questions?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback