In IU's IoT research house, PH.D. students and researchers gather to put theory into practice in the name of fun and learning. This group is CSI's Capture The Flag (CTF) team and in less than a month they are heading to Argonne National Laboratory to compete in the 2017 Cyber Defense Competition.
While the content of the competition changes every year, this year's competitors are asked to defend a network against cyber attack. As a "blue team", their job will be to keep a business class system up and providing services, all while it is under concerted and expert attack. The rules specify very clearly what has to be done and not done, beyond them creativity and knowledge rule the game.
While at one level the game play is very much about fun and mental exercise, at a very real level it is about building the exact tools, strategies and mindset that are very hard to replicate in a classroom exercise. As the Argonne team said of their previous competitions:
"We intentionally didn't make it easy for them," said Nate Evans, group lead for Argonne's Cyber Operations Analysis and Research (COAR) team, which developed the competition. "We wanted to make this as challenging and realistic as we possibly could."
As a learning tool, Cyber Defense Competitions present an active learning experience that teaches practical skills both technical and managerial as explained by The University of Texas at San Antonio's Art Conklin in Cyber Defense Competitions and Information Security Education: An Active Learning Solution for a Capstone Course:
Using a Cyber Defense Competition to provide a hands-on opportunity for students to test their skills and develop team based management skills in an operational business environment impacts many constituencies. Participating students learn in a true active learning environment. Instructors are able to evaluate the thoroughness of their curriculum in its intended setting. Other students learn as teams prepare for the competition. In the end, everyone feels they had learned important lessons.
CSI's team is comprised of a variety of PH.D. students and researchers who specialize in a wide variety of subject matters from network security and structures to software and device penetration and exploitation. Their advisor, George Osterholt, is a support manager with a penchant for lock picking, both physical and virtual.
Team members include Gianpaolo Russo, Andrew Dingman, Behnood Momenzadeh, Omkar Bhide, Kaushik Srinivasan, and Matt Remmel. Together they will give a great showing on IU's behalf.