Two Carnegie Mellon University student-run teams will host the first picoCTF, a computer security competition running April 26 to May 6 that challenges high school students to learn the basics of hacking in the context of a story-driven adventure game, the University said Thursday.
“The story of the Internet competition begins when a robot from outerspace crash lands in your backyard, it’s up to the game competitors to use their hacking skills to fix the robot and uncover its secrets,” said David Brumley, the Gerard G. Elia Career Development Professor in the Department of Electrical and Computer Engineering.
Using a series of challenges centered around the storyline, participants need to reverse engineer, break, hack, decrypt, or do whatever it takes to solve the challenge. The challenges are set up with the intent of being hacked, making it an excellent, legal way to get hands-on experience, the University explained.
The competition is designed by the Plaid Parliament of Pwning, a CyLab computer security research team made up of CMU students and staff, and Team Osiris from CMU’s Entertainment Technology Center (ETC). ETC offers a master’s program canvassing several disciplines, including artists, game designers and programmers.
While most computer security competitions focus on security experts, Brumley said that picoCTF is different in that it is designed to pique student interest even if they are novices, while still providing challenges to experts. Students participating get hands-on experience in security topics such as cryptography and codes, computer bugs, exploits, and defenses.
“The typical defensive competitions end up with competitors merely running through checklists but CMU’s challenge is heavily focused on exploration and improvisation with elements of play,” said Brumley, faculty adviser for the CMU’s Plaid Parliament of Pwning, which participates in Capture the Flag (CTF) competitions — CTFs are a type of computer security war game in which teams compete to find digital “flags” by solving a litany of hacking challenges. CTF teams from CMU have won hacking honors at competitions in South Korea and New York.
The picoCTF organizers recommend that prior to the competition, at least one member of each competing team be familiar with at least one language including JavaScript, HTML, Python or C, and be familiar with using the UNIX command line.
The competition is open nationwide to students in grades 6-12. Interested participants can register for free at http://www.picoctf.com/.