Strategies used in capture-the-flag events contributing to team performance
Download
Author
Yam, Wye Kede Jerel
Date
2016-03Advisor
Eagle, Christopher
Beverly, Robert
Metadata
Show full item recordAbstract
Capture-the-flag (CTF) exercises are useful pedagogical tools and have been employed, both formally and informally, by academic institutions. Much like their physical counterparts, cyber CTF exercises hold pedagogical value and are gaining wide popularity. Existing studies on CTF exercises examined either how they benefit learning, or are best conducted. To our knowledge, no formal study has yet looked at the relationship between the strategies and tactics that the CTF participants employ (as defined by their offensive and defensive tactics), and the performance of participants in these events. In this thesis, we studied network traffic and game state data from the DEFCON 22 CTF event. We developed tools to ex-tract features from large volumes of network data; we then correlated these features with game state data to piece together strategies that the participating teams seemingly employ. We learned that several teams employed effective tactics such as capturing their opponents' exploits from the network to reuse them, employing automation to help with launching their exploits, obfuscating their attacks and attack responses, and attacking the client hosts of other teams.
Rights
Copyright is reserved by the copyright owner.Related items
Showing items related by title, author, creator and subject.
-
Cyber System Assurance through Improved Network Anomaly Modeling and Detection
Bollmann, Chad A. (Monterey, California: Naval Postgraduate SchoolMonterey, California. Naval Postgraduate School, 2019-12); NPS-19-N039-AThe objectives of this work were to investigate the source of the dual natures of network traffic (i.e., Gaussian and alpha-stable) in order prove the merit of further development, improvement, and application of non-parametric ... -
Cyber System Assurance through Improved Network Anomaly Modeling and Detection
Bollmann, Chad A. (Monterey, California: Naval Postgraduate SchoolMonterey, California. Naval Postgraduate School, 2019-12); NPS-19-N039-AThe objectives of this work were to investigate the source of the dual natures of network traffic (i.e., Gaussian and alpha-stable) in order prove the merit of further development, improvement, and application of non-parametric ... -
An implementation of traffic monitoring for UNIX network performance management.
Fu Chen-Hua (Monterey, California: Naval Postgraduate School, 1993-03);Efficient performance and high throughput are the major goals of the network performance management. How can we achieve these goal? First, it is necessary to know the network traffic situations. This thesis research ...