By Brecken Mumford | April 22, 2016
Ported from an Echo article by Brecken Mumford
Last Saturday, four Taylor teams competed remotely against other universities in a cybersecurity capture the flag competition hosted by Buena Vista University (BVU) in Storm Lake, Iowa.
The four Taylor teams met in Euler 218⁄219 from 10:45 p.m. to 9 p.m. to commence the competition. They joined the other eight teams from across the United States via Google Hangouts to chat.
At the start of the competition, all teams received access to the same five servers in Iowa. Each server represents a different purpose, utilizes different coding and has a concealed “flag” within it. Sophomores Amy Lundquist and Jonathan Ruggiero explained that the flag is a unique string of code hidden within the coding of the server itself.
The teams spent the morning scanning the servers for weaknesses in their own servers in order to both attack their opponents’ servers as well as learn how to better protect their own-key tools for cybersecurity.
Sophomore Noah Hamilton said that they had to find the weaknesses within the opposing team’s servers, and once they found those, they were able to patch their own weaknesses in their own servers.
“We’re hacking,” Theien added. “I guess that’s the best way to put it.”
The competition hosted two brackets with six teams per bracket. All four of Taylor’s teams placed within their respective brackets. Taylor Purple took home the first-place spot in the championship bracket and Taylor Gold took home third. In the lower bracket, Taylor Maroon placed second and Taylor Blue took home the third-place finish. These results were the same as last year’s placings.
Last year, Taylor’s first year in the competition, Taylor teams placed first and third among the competing teams.
Dannie Stanley, assistant professor of computer science and engineering, was first introduced to the competition last year after meeting Nathan Backman, a professor at BVU, and Stanley accepted his invitation to join.
“Students don’t often get an opportunity to compete against others using programming skills,” Stanley said. “Capture the flag is a game that requires unconventional, creative and strategic thinking. It is this kind of battle of wits that draws many to the field of cybersecurity.”
Stanley’s goal for this event is to give students the opportunity to practice offensive hacking skills as well as defensive hacking maneuvers. (The term “hacker” is used here in the non-pejorative sense of the word- “A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary”) This competition, while good fun, presents students with real life experience.
“If students don’t patch their own vulnerable software, they lose. This is how it is in real life. Students can’t patch a vulnerability until they understand it well enough to exploit (attack) it,” Stanley said. “Cybersecurity is a high-stakes game. This simulation helps students approximate the risks associated with developing non-secure software.”
The computer science department has already made efforts toward increasing the incorporation of security-related topics into their core computer science courses with the addition of the class information and security. Stanley is also planning a second security-related course for spring 2017 and is working to add this concentration into the program.
In addition to the other programs and concentrations being added, there is a new student club called TrojanSec, created with help from junior Caleb Dinsmore. The club, created only weeks ago, already has 28 members-which is about 25 percent of the CSE students. The club seeks to meet regularly and practice security-related skills.
Stanley hopes the club, new classes and other events like the BVU cybersecurity capture-the-flag will pique students’ interests in pursuing cybersecurity jobs.