Background of Capture the Flag Competition

Capture the Flag (CTF) is one of these events aimed at selecting skilled students or professionals in different areas in cyber security. It has attracted a lot of young participants and professionals all over the world to take part in since it is first held all around the world in 1990s. (Harmon, 2016) CTF has evolved into various forms and keeps embracing popular topics in the industry during its history. The narrow meaning of CTF refers to either attack and defense or jeopardy style competitions, while it is more often to be used to refer to all the competitive events including games and other before-competition training materials nowadays. As one of the traditional styles of CTF competition, attack and defense contest requires teams to patch their own vulnerable server as well as seeking for ways to hack other servers, while jeopardy style allows teams to get marks by solving a set of challenges provided within limited time.

As one of the oldest CTF, Defcon adapts the traditional form of CTF competition, including both attack and defense style and jeopardy style contests. In Defcon CTF teams are first required to solve a set of challenges online and then the selected ones are invited to take the onsite attack and defense contest. (Vulcan) Attack and defense style competitions are much more difficult to hold as building available vulnerable virtual machine for participants is highly time consuming. In addition, it is often arranged as the onsite competition considering the coherency of the whole contest system which consists of multiple virtual machines and other components.

Furthermore, based on the education purpose, some CTFs are accompanied with related lectures and tutorials for being a qualified teaching tool for cybersecurity knowledge. (Werther, Zhivich, Leek and Zeldovich, 2011) However, most of the cybersecurity trainings are held temporarily or even consists of only a few workshops in weeks. Other training programmes, like picoCTF, are in the form of electronic games, facing only high school students or even lower age.

Our project aims to develop a CTF platform which holds both of the competitions of two traditional styles and cooperates with online and offline training materials to assist the students in self-taught learning process. The training materials will be presented both in the form of online knowledge sheets and in offline workshop by tutors. Such workshop may hold several times per year depending on the actual situation to help students get familiar with the CTF platform and get a quick start for online self-taught learning. Additionally, in order to provide students with hand-on exercises about what theories they have learnt, the competitive contests provided by CTF platform will be highly matched with the training materials and thus encourage students to apply theories to practical problems.