Designing and Executing the World's First All-Computer Hacking Competition: A panel with the development team

Presented at ShmooCon XIII (2017), Jan. 15, 2017, 1 p.m. (60 minutes).

On August 4th, 2016, in conjunction with the DEF CON hacking convention, seven fully autonomous systems vied against each other for a two million dollar grand prize. These systems were designed to hack and defend previously unseen computer software, ultimately making sense of zero-day attacks - without any human assistance. Answering DARPA's call, international teams from academia and industry designed these systems for more than two years pushing the art and science of program analysis, vulnerability discovery and mitigation. During the final event, the competing autonomous systems demonstrated that machines could discover, prove, and patch zero-day software flaws in just a few minutes, a feat beyond the capabilities of any human network defense team. DARPA's Cyber Grand Challenge employed a custom operating system, a unique executable file format, and novel IDS format resulting the the most reproducible head-to-head capture-the-flag contest ever conducted. This panel is comprised of the Competition Framework Development team, the team responsible for architecting and engineering the contest as well as orchestration of the competition. In this panel, the speakers will convey insight into the design and implementation of the Cyber Grand Challenge, revealing previously secret strategies and tools and answering questions from the audience.

Presenters:

• Tim Vidas / Vulc@n   as Tim Vidas
  Tim (@tvidas), Chris (@sk3wl), Brian (@evilcazz), and Holt are all part of the Sk3wl of r00t hacking team, organized DEF CON CTF for years as DDTEK, and are members of The Shmoo Group. In addition to these four, Jason (@risenrigel) also has a DEF CON CTF Black Badge earned as part of the ACME Pharm hacking team. The relative outsider to the CTF world, Mike brings secure system design experience rooted in GEMSOS. Among the team are a Ph.D, the The IDA Pro Book author, the primary author of the foremost IDS ruleset, an OpenBSD kernel contributor, and two DC3 Forensics Challenge Grand Champions.
• Chris Eagle
  Tim (@tvidas), Chris (@sk3wl), Brian (@evilcazz), and Holt are all part of the Sk3wl of r00t hacking team, organized DEF CON CTF for years as DDTEK, and are members of The Shmoo Group. In addition to these four, Jason (@risenrigel) also has a DEF CON CTF Black Badge earned as part of the ACME Pharm hacking team. The relative outsider to the CTF world, Mike brings secure system design experience rooted in GEMSOS. Among the team are a Ph.D, the The IDA Pro Book author, the primary author of the foremost IDS ruleset, an OpenBSD kernel contributor, and two DC3 Forensics Challenge Grand Champions.
• Jason Wright
  Tim (@tvidas), Chris (@sk3wl), Brian (@evilcazz), and Holt are all part of the Sk3wl of r00t hacking team, organized DEF CON CTF for years as DDTEK, and are members of The Shmoo Group. In addition to these four, Jason (@risenrigel) also has a DEF CON CTF Black Badge earned as part of the ACME Pharm hacking team. The relative outsider to the CTF world, Mike brings secure system design experience rooted in GEMSOS. Among the team are a Ph.D, the The IDA Pro Book author, the primary author of the foremost IDS ruleset, an OpenBSD kernel contributor, and two DC3 Forensics Challenge Grand Champions.
• Brian Caswell
  Tim (@tvidas), Chris (@sk3wl), Brian (@evilcazz), and Holt are all part of the Sk3wl of r00t hacking team, organized DEF CON CTF for years as DDTEK, and are members of The Shmoo Group. In addition to these four, Jason (@risenrigel) also has a DEF CON CTF Black Badge earned as part of the ACME Pharm hacking team. The relative outsider to the CTF world, Mike brings secure system design experience rooted in GEMSOS. Among the team are a Ph.D, the The IDA Pro Book author, the primary author of the foremost IDS ruleset, an OpenBSD kernel contributor, and two DC3 Forensics Challenge Grand Champions.
• Mike Thompson
  Tim (@tvidas), Chris (@sk3wl), Brian (@evilcazz), and Holt are all part of the Sk3wl of r00t hacking team, organized DEF CON CTF for years as DDTEK, and are members of The Shmoo Group. In addition to these four, Jason (@risenrigel) also has a DEF CON CTF Black Badge earned as part of the ACME Pharm hacking team. The relative outsider to the CTF world, Mike brings secure system design experience rooted in GEMSOS. Among the team are a Ph.D, the The IDA Pro Book author, the primary author of the foremost IDS ruleset, an OpenBSD kernel contributor, and two DC3 Forensics Challenge Grand Champions.
• Holt Sorenson
  Tim (@tvidas), Chris (@sk3wl), Brian (@evilcazz), and Holt are all part of the Sk3wl of r00t hacking team, organized DEF CON CTF for years as DDTEK, and are members of The Shmoo Group. In addition to these four, Jason (@risenrigel) also has a DEF CON CTF Black Badge earned as part of the ACME Pharm hacking team. The relative outsider to the CTF world, Mike brings secure system design experience rooted in GEMSOS. Among the team are a Ph.D, the The IDA Pro Book author, the primary author of the foremost IDS ruleset, an OpenBSD kernel contributor, and two DC3 Forensics Challenge Grand Champions.

Links:

• https://infocon.org/cons/ShmooCon/ShmooCon 2017/Designing and Executing The First All-Computer Hacking Competition.mp4

Similar Presentations:

• DEF CON 24 (2016) / DARPA Cyber Grand Challenge Award Ceremony
• DEF CON 23 (2015) / Machine vs. Machine: Inside DARPA's Fully Automated CTF
• DeepSec 2018 „I like to mov &6974,%bx“ / Keynote: Automatic Exploitation - The DARPA Cyber Grand Challenge, what came after, and what is next