• brenucsb twitter avatar
    Too hot to fly? #Climate change may take a toll on air travel https://t.co/EU2g3ujxfy @nytclimate
    17 hours 24 min ago
  • brenucsb twitter avatar
    Conference at #UCSB gathered academics & activists to discuss the future of environmental activism https://t.co/s3ifq2Zvgu @hahriehan
    21 hours 24 min ago
  • ucsantabarbara twitter avatar
    Here's a #360video featuring some of our favorite moments from #UCSB2017 Commencement weekend. Give it a whirl. https://t.co/ZqvYImcrFa
    22 hours 29 min ago
  • ucsantabarbara twitter avatar
    Congrats to Terence Keel, assistant professor of history & Black studies, for receiving the Harold J. Plous Award! https://t.co/XVsF0XbHRz
    22 hours 53 min ago
  • brenucsb twitter avatar
    This weekend: Come to the 'Zero Waste' used clothing sale in Isla Vista to support local orgs & the environment https://t.co/2Szngvv040
    1 day 15 hours ago
  • UCSB_GradPost twitter avatar
    Learn more about experiential education on July 6 https://t.co/wjxYx0R2Cz #UCSB #ucsbgradpost
    1 day 16 hours ago
  • UCSB_GradPost twitter avatar
    The GRIT series is back and kicks off Monday, June 26 https://t.co/dncJAETj2N #UCSB #ucsbgradpost
    1 day 16 hours ago
  • UCSBengineering twitter avatar
    RT @PhotonicsMedia: Efficient, cost-effective approach to building #OLEDs https://t.co/HisRzZNkxQ @DowChemical @reddit_ucsb @UCSBengineerin
    1 day 19 hours ago

The Ultimate Capture the Flag Game

UCSB’s Team Shellphish Advances to the finals of the DARPA Cyber Grand Challenge
Wednesday, July 29, 2015 - 09:30
Santa Barbara, CA


Shellphish advance to Cyber Grand Challenge Finals

UCSB’s Team Shellfish (including high-school student John Grosen, far right)

Photo Credit: 

Courtesy photo

Team Shellphish, a group of computer science graduate students at UC Santa Barbara, is one of seven teams to compete in the finals of the Cyber Grand Challenge, the first cybersecurity competition of its kind designed to advance and revolutionize the defense of automated security systems.

The competition is sponsored by the Defense Advanced Research Projects Agency (DARPA), an area of the U.S. Department of Defense responsible for the development of emerging technologies for use by the military.

The contest began more than a year ago with a total of 104 participating teams. The finalist teams, whose members hail from industry and academia, receive $750,000 to prepare for the ultimate competition — the world’s first live, all-computer Capture the Flag (CTF) tournament to be held at the renowned hacking conference Defcon in Las Vegas in August 2016. The winning team will take home the grand prize of $2 million.

“For the students on the Shellphish team, qualifying in the Cyber Grand Challenge is a great achievement,” said Giovanni Vigna, a professor of computer science at UCSB. “We are proud to share this achievement with six other amazing teams from top universities and companies whose sole focus is on vulnerability analysis.”

Born in the UCSB’s Computer Security Lab (SecLab) Team Shellphish is the longest-running hacking team in CTF competitions around the world. Shellphish members hail from UCSB’s computer science department as well as from other institutions, such as Northeastern University in Boston and Eurecom in France.

“We have a strong academic background,” said Vigna. “Our focus is on developing novel algorithms and techniques to automate vulnerability analysis, rather than just becoming proficient in hacking.”

But the Cyber Grand Challenge is no ordinary CTF hacking event. In CTF contests, experts reverse engineer software, seek out weaknesses and deeply hidden flaws and create securely patched replacements.

Contrary to an average CTF contest, however, the Cyber Grand Challenge qualifying rounds advanced only those teams that demonstrated advanced capability in automatically analyzing and securing vulnerable software. To explain complexity of the Cyber Grand Challenge, Vigna used the analogy of an autonomous robot battle in which strength in programming determines how the robots will fare in attack, defense and recovery.

“Imagine a combat zone, with robots set to destroy other robots while they self-repair, all without human intervention,” said Vigna. “The difference here is that instead of robots, there are programs. To prepare for this final battle, we have to improve our algorithms so that sophisticated flaws can be identified and patched in an efficient, automated way.”

For the final competition, the Shellphish team will need to sharpen its algorithms to catch — and then automatically patch — sophisticated flaws in network security. The final competition at Defcon will involve dozens of rounds of attacks in real time on a live network.

According to Vigna, the gamification of the Cyber Grand Challenge is a clever way to foster innovation from top academic and corporate computer scientists across the nation. “Developing systems that can autonomously identify flaws and fix them will ultimately save money and make the Internet more secure,” he said. “Finding flaws and vulnerabilities in programs has become a key component of organizations of all kinds, including nation states.”

In addition to cash prizes and bragging rights, advancing to the Cyber Grand Challenge finals gives Shellphish access to a specialized, cloud-based information technology infrastructure — a “digital arena” DARPA calls it — in which they can practice and refine their attack and defense. Each team will be allocated the equivalent of 16 terabytes of random access memory and 1,000 Xeon cores. For spectators who want to follow along with the action in real time during the finals, DARPA is developing custom data visualization technology

Contact Info: 

Andrea Estrada
(805) 893-4620


Editor's Picks