Internet Archive Scholar

The Fun and Future of CTF

Andy Davis, Tim Leek, Michael Zhivich, Kyle Gwinnup, William Leonard
2014 USENIX Security Symposium  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.3 MB)
https://web.archive.org/web/20220211091736/https://www.usenix.org/system/files/conference/3gse14/3gse14-davis.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

Capture the Flag (CTF) is well-established as a computer security contest of skill in which teams compete in real time for prizes and bragging rights. At the time of this writing, CTFtime.org [4]-a tracking web site devoted to aggregating team standings across various CTF eventslists 76 such contests, and more spring up each year. But what is the point, exactly? In this paper we detail our experiences in a third year of designing, building and running a CTF for Boston-area undergraduate and
more » ... uate students. This will serve two purposes: first, others desiring to stage such an event can benefit from our experience, and second, the details of our CTF will provide a concrete context for a broader discussion and deeper questions on the value and future of this type of activity. 1 Introduction: What is CTF? Several distinct kinds of Capture-the-Flag events have evolved over the years; however, most are a variation on one of three themes: attack-defend, attack-only, and defend-only. In this section, we give a brief summary and examples of each event type.
dblp:conf/uss/DavisLZGL14 fatcat:j3hg5eatyjgszpg2goyuv232tu
Citation

Andy Davis, Tim Leek, Michael Zhivich, Kyle Gwinnup, William Leonard. "The Fun and Future of CTF." USENIX Security Symposium (2014)