Team Events
Service-Specific Team Attack/Defense CTF
Real cyber battles require both offense and defense. The CyberStakes CTF was a team-based full-spectrum, attack/defense Capture the Flag (CTF) competition. Each team was given identical software to defend while simultaneously attacking other teams. Points were awarded for successfully attacking other competitors while simultaneously defending their own infrastructure. This event was in the spirit of the annual DEF CON CTF competition, where most attacks revolve around exploitation and defense of traditional software binaries.
Skills measured: Real-time binary exploitation, binary patching and workarounds, intrusion detection and prevention, group communication, strategy, persistence, system administration
- Gold: \XEF\XBE\XAD\XDE (Naval Academy)
- Silver: Riders of Brohan (Military Academy)
- Bronze: C00p’s ReJ3kts (Air Force Academy)
Joint Team Attack/Defense CTF
This event was a second attack/defense CTF, but with a twist: Instead of playing on their original teams, participants played on new teams with students from the other academies. The event created an environment encouraging joint-force collaboration, in which teams had to dynamically balance offense, reverse engineering and defense to win.
Skills measured: Real-time Web exploitation, Web patching and workarounds, intrusion detection and prevention, group communication, strategy, persistence, system administration
- Gold: Flying MUD (Demetrius Brown (Naval Academy), Kevin Cooper (Air Force Academy), Jessie Lass (Military Academy), Zane Markel (Naval Academy), Everett Montano (Air Force Academy))
- Silver: Red Team (Devon Budzitowski (Naval Academy), Josh Hayden (Air Force Academy), William Maxam (Coast Guard Academy), Tim Nosco (Military Academy), Edward Woodruff (Military Academy))
- Bronze: Merchant Marines (Dennis Devey (Naval Academy), Alexander Fulton (Air Force Academy), Benjamin Greene (Coast Guard Academy), Blair Mason (Naval Academy), Matt Shockley (Military Academy))
Breaking Binaries
In this challenge, participants had to audit more than 1,300 Linux binaries compiled from open source projects, with the goal of finding and exploiting as many security-critical bugs as possible in a fixed amount of time. Points were awarded for the number of new bugs discovered, and whether they could be exploited.
Skills measured: Binary exploitation, reverse engineering at speed, infrastructure fuzzing
- Gold: Sp00ky Squirrels (Air Force Academy)
- Silver: \XEF\XBE\XAD\XDE (Naval Academy)
- Bronze: C00p’s Rej3kts (Air Force Academy)
Cold Boot Attack
Cyber defenders’ toolkits include not just digital approaches, but physical ones as well. Cold boot attacks involve freezing memory modules with compressed air—which lowers their temperature, preserving the data within—and then physically removing those modules to analyze their contents on another system. Success in this event depended on how quickly teams could freeze, remove and analyze a memory module.
Skills measured: Speed, precision, teamwork, understanding hardware and tools, memory analysis
- Gold: \XEF\XBE\XAD\XDE (Naval Academy)
- Silver: aLotToLikeAtIke (Military Academy)
- Bronze: objEEdump (Coast Guard Academy)
Forensics
Defenders often need to analyze deleted disks, memory core dumps and other digital remnants to reconstruct and analyze attacks and compromises. In this timed challenge, participants used the memory images they obtained during the Cold Boot Attack event and analyzed them for forensic evidence to find a hidden encryption key.
Skills measured: Analytic reasoning skills, understanding network protocols and file system internals
- Gold: Loading… (Air Force Academy)
- Silver: Sp00ky Squirrels (Air Force Academy)
- Bronze: \XEF\XBE\XAD\XDE (Naval Academy)
Reverse Engineering
Malware authors hide program behavior by obfuscating the code, software protection schemes hide passwords inside the code, and finding vulnerabilities in binary code requires understanding the application logic. Reverse engineering is the common skill required in all these scenarios, and reversing problems exercise the participants’ ability to understand binary code. Teams had to uncover hidden flags by reverse engineering a set of binaries. The point value of each flag was based on the program in which it was hidden.
Skills measured: Reconstructing source code from binary, code analysis, bypassing software protection, anti-obfuscation techniques
- Gold: Sp00ky Squirrels (Air Force Academy)
- Silver: \XEF\XBE\XAD\XDE (Naval Academy)
- Bronze: Loading… (Air Force Academy)
Individual Events
CyberStakes Online
The CyberStakes Online offered dozens of increasingly difficult challenges designed to help competitors develop core skills valuable to cyber operators and CTF competitors. Available through a Web interface, each multidisciplinary problem set hinted at or linked to content that players used to educate themselves on how to arrive at the correct answer. Points were based on each problem’s respective difficulty.
Skills measured: Binary exploitation, Web exploitation, reverse engineering, forensics, cryptography
- Gold: Blair Mason (Naval Academy)
- Silver: Kevin Cooper (Air Force Academy)
- Bronze: Bill Parks (Air Force Academy)
Lockpicking
Physical security provides important insights into cybersecurity, so this event tested lockpicking and physical security penetration skills. Locks were commonly available models to provide realism. Individuals raced to pick mounted locks in a series of qualifying heats culminating in a final lockpicking challenge. In the final event, competitors picked three out of five off-the-shelf 5-pin deadbolt locks. The winner was the first individual to pick all three locks.
Skills measured: Bypassing physical security, persistence, problem-solving
- Gold: William Maxam (Coast Guard Academy)
- Silver: Aaron Fleming (Naval Academy)
- Bronze: Christopher Maixner (Military Academy)
Rapid-Fire Hacking
Who is the fastest hacker? In this event, participants had to complete the same elementary binary exploitation challenge. Each single-elimination heat was timed, with the fastest overall times advancing to the next round. The final round was a head-to-head competition among the fastest competitors.
Skills measured: Optimal tool usage, fast understanding of disassembled code, exploitation
- Gold: Bill Parks (Air Force Academy)
- Silver: Blair Mason (Naval Academy)
- Bronze: Kevin Cooper (Air Force Academy)