Nav: Home

International IT security competition: Saarland University provides best European team

May 31, 2016

Ural Federal University arranged the IT security competition "ruCTF" on April 17. It started at 9am in the Yeltsin center of the industrial city in the Ural federal district. 21 teams from Russia, Italy, Hungary and Germany had only nine hours to check services and devices of a fully networked household for vulnerabilities. They had to close them for their own smart homes, but also exploit them to attack the smart homes of the other teams. For this purpose, they all received their own "smart home" in the form of a laptop on the morning of the competition. It was connected to a network on which everybody had access and could use it to spy and attack.

"Basically, it's like a sport. The challenge is to find a solution faster than others - for an attack and the corresponding defensive measure," explains Oliver Schranz, PhD student at the Center for IT Security, Privacy and Accountability (CISPA).

The fun factor was increased because students could apply their knowledge from the lecture, Schranz says. The team is called "saarsec". The smaller task force for Russia consisted of Schranz, Jonas Bushart, Pascal Berrang, John Krupp, Markus Bauer, Frederik Moller and Jonas Cirotzki. Nevertheless, in the seven-member crew all education levels were represented, from third-semester computer science to four PhD students. "In this way we had specialists from different areas, ranging from home automation to attack programs to the art of encryption and decryption," Schranz says.

During the competition, he and his teammates had to attack and defend devices and services such as a cleaning robot, a networked refrigerator and a smart safe. Often, they could remotely read data sent while the devices were working. Thus, the students were able to infer shortcomings in IT security and verify them as vulnerabilities.

"You always have to think outside the box," explains Pascal Berrang, also a doctoral student at CISPA, "but to try out programs and functions in a new context is an essential requirement for working in IT security."

If the students discovered a security flaw, they fired their attack code against the services of the smart homes of the other groups. If they could hack the other system, they stole digital code snippets - so-called flags - similar to the capture-the-flag game played at camps. The more flags they stole, the higher they climbed in the ranking. Despite the fact that they are new to such tournaments, they made it to second place.

Schranz explains this unexpected success as follows: "Our equipment was very good. The software we developed found many vulnerabilities. That gave us a strong advantage."

Pascal Berrang identifies another success factor: "We are drilled to recognize simple vulnerabilities even in our sleep. And we all have a broad knowledge of IT security. There is no one who, for example, is not familiar with encryption."
Background: IT security at Saarland University

IT security is a core area of the computer science institutes on the campus of Saarland University. In 2011 the Federal Ministry of Education and Research (BMBF) appointed three competence centers for IT security. One of them is the Center for IT Security, Privacy and Accountability (CISPA) at the University of Saarland. After a first phase of funding with a total of around 5.6 million euros, CISPA is supported by the BMBF in the second phase with 16 million euros by 2019. Meanwhile, CISPA has become a research center with international visibility. 33 groups with 210 researchers are working there. Their biggest success so far: Together with the Max Planck Institute for Computer Science and the Max Planck Institute for Software Systems, CISPA won an "ERC Synergy Grant" from the European Research Council (ERC). This gave Michael Backes and three computer science professors about ten million euros to explore new ways to protect users against espionage and fraud on the Internet and expose perpetrators without restricting trade, the freedom of expression or access to information on the Internet.

Press photos:

Further information:

Questions can be directed to:

Oliver Schranz
Information Security and Cryptography
Center for IT Security, Privacy and Accountability
Phone: 681 302 57368 +49

Pascal Berrang
Information Security and Cryptography
Center for IT Security, Privacy and Accountability
Phone: 681 302 57376 +49


Gordon Bolduan
Computer Science Competence Center Saarland
Phone: +49 681302-70741

Saarland University

Related Competition Articles:

Can aromatherapy calm competition horses?
Although studies suggest that inhaling certain scents may reduce stress in humans, aromatherapy is relatively unexplored in veterinary medicine.
When peaceful coexistence suddenly turns into competition
Biologists agree that climate change reduces biological diversity. The specific processes that ultimately cause species to go extinct have, however, been little studied so far.
UT student wins competition at Beltwide Cotton Conference
Shawn Butler, a doctoral candidate at UT CASNR, recently won first place in a student oral paper competition at the 2017 Beltwide Cotton Conference.
Artificial fingertip that 'feels' wins international robotics competition
An open-source 3-D-printed fingertip that can 'feel' in a similar way to the human sense of touch has won an international Soft Robotics competition for its contribution to soft robotics research.
2016 winners of FASEB BioArt competition announced
The Federation of American Societies for Experimental Biology is pleased to announce the winners of the fifth annual BioArt competition.
Want to exercise more? Get yourself some competition
New research from the Annenberg School for Communication at Penn compared different ways that exercise programs motivate people to hit the gym.
Chimpanzees choose cooperation over competition
Tasks that require chimpanzees to work together preferred five-fold, despite opportunities for competition, aggression and freeloading.
Captain T cell succeeds at OneStart competition
Berlin researchers win at the OneStart life sciences & healthcare accelerator with their project 'Captain T Cell'.
Women's preference for smaller competition may account for inequality
When applying for a job or to college, women seek positions with fewer applicants than men, according to a new University of Michigan study.
International technology-based competition associated with more exercise
A competition that used technology to encourage and track physical activity was effective at helping participants lose weight and exercise more in both developed and developing countries, according to a study presented at the American College of Cardiology's 65th Annual Scientific Session.

Related Competition Reading:

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Digital Manipulation
Technology has reshaped our lives in amazing ways. But at what cost? This hour, TED speakers reveal how what we see, read, believe — even how we vote — can be manipulated by the technology we use. Guests include journalist Carole Cadwalladr, consumer advocate Finn Myrstad, writer and marketing professor Scott Galloway, behavioral designer Nir Eyal, and computer graphics researcher Doug Roble.
Now Playing: Science for the People

#530 Why Aren't We Dead Yet?
We only notice our immune systems when they aren't working properly, or when they're under attack. How does our immune system understand what bits of us are us, and what bits are invading germs and viruses? How different are human immune systems from the immune systems of other creatures? And is the immune system so often the target of sketchy medical advice? Those questions and more, this week in our conversation with author Idan Ben-Barak about his book "Why Aren't We Dead Yet?: The Survivor’s Guide to the Immune System".