Nav: Home

International IT security competition: Saarland University provides best European team

May 31, 2016

Ural Federal University arranged the IT security competition "ruCTF" on April 17. It started at 9am in the Yeltsin center of the industrial city in the Ural federal district. 21 teams from Russia, Italy, Hungary and Germany had only nine hours to check services and devices of a fully networked household for vulnerabilities. They had to close them for their own smart homes, but also exploit them to attack the smart homes of the other teams. For this purpose, they all received their own "smart home" in the form of a laptop on the morning of the competition. It was connected to a network on which everybody had access and could use it to spy and attack.

"Basically, it's like a sport. The challenge is to find a solution faster than others - for an attack and the corresponding defensive measure," explains Oliver Schranz, PhD student at the Center for IT Security, Privacy and Accountability (CISPA).

The fun factor was increased because students could apply their knowledge from the lecture, Schranz says. The team is called "saarsec". The smaller task force for Russia consisted of Schranz, Jonas Bushart, Pascal Berrang, John Krupp, Markus Bauer, Frederik Moller and Jonas Cirotzki. Nevertheless, in the seven-member crew all education levels were represented, from third-semester computer science to four PhD students. "In this way we had specialists from different areas, ranging from home automation to attack programs to the art of encryption and decryption," Schranz says.

During the competition, he and his teammates had to attack and defend devices and services such as a cleaning robot, a networked refrigerator and a smart safe. Often, they could remotely read data sent while the devices were working. Thus, the students were able to infer shortcomings in IT security and verify them as vulnerabilities.

"You always have to think outside the box," explains Pascal Berrang, also a doctoral student at CISPA, "but to try out programs and functions in a new context is an essential requirement for working in IT security."

If the students discovered a security flaw, they fired their attack code against the services of the smart homes of the other groups. If they could hack the other system, they stole digital code snippets - so-called flags - similar to the capture-the-flag game played at camps. The more flags they stole, the higher they climbed in the ranking. Despite the fact that they are new to such tournaments, they made it to second place.

Schranz explains this unexpected success as follows: "Our equipment was very good. The software we developed found many vulnerabilities. That gave us a strong advantage."

Pascal Berrang identifies another success factor: "We are drilled to recognize simple vulnerabilities even in our sleep. And we all have a broad knowledge of IT security. There is no one who, for example, is not familiar with encryption."
-end-
Background: IT security at Saarland University

IT security is a core area of the computer science institutes on the campus of Saarland University. In 2011 the Federal Ministry of Education and Research (BMBF) appointed three competence centers for IT security. One of them is the Center for IT Security, Privacy and Accountability (CISPA) at the University of Saarland. After a first phase of funding with a total of around 5.6 million euros, CISPA is supported by the BMBF in the second phase with 16 million euros by 2019. Meanwhile, CISPA has become a research center with international visibility. 33 groups with 210 researchers are working there. Their biggest success so far: Together with the Max Planck Institute for Computer Science and the Max Planck Institute for Software Systems, CISPA won an "ERC Synergy Grant" from the European Research Council (ERC). This gave Michael Backes and three computer science professors about ten million euros to explore new ways to protect users against espionage and fraud on the Internet and expose perpetrators without restricting trade, the freedom of expression or access to information on the Internet.

Press photos: http://www.uni-saarland.de/pressefotos

Further information:

https://saarsec.rocks/

Questions can be directed to:

Oliver Schranz
Information Security and Cryptography
Center for IT Security, Privacy and Accountability
Phone: 681 302 57368 +49
Email: schranz@cs.uni-saarland.de

Pascal Berrang
Information Security and Cryptography
Center for IT Security, Privacy and Accountability
Phone: 681 302 57376 +49
Email: berrang@cs.uni-saarland.de

Editor:

Gordon Bolduan
Computer Science Competence Center Saarland
Phone: +49 681302-70741
Email: bolduan@mmci.uni-saarland.de

Saarland University

Related Competition Articles:

Location and competition
Those of us who drive regularly are keenly aware of gas prices and their daily fluctuations.
Political competition is hurting our charitable giving
As the midterm election heats up and the fallout of the Supreme Court nomination rings across the political divide, a new study presents a unique angle of American politics: how party affiliation affects charitable donations.
For wineries, competition boosts profits from sustainability
An international study of small- to medium-sized wineries and vineyards finds that the more sustainability practices a winery has in place, the better its financial performance -- and the effect is enhanced when a winery perceives significant pressure from competitors.
Outside competition breeds more trust among coworkers: Study
Working in a competitive industry fosters a greater level of trust amongst workers, finds a new study from the University of British Columbia, Princeton University and Aix-Marseille University, published today in Science: Advances.
Step aside Superman, steel is no competition for this new material
When it comes to materials, there is no question as to who wins the strongman competition.
Competition between males improves resilience against climate change
Animal species with males who compete intensively for mates might be more resilient to the effects of climate change, according to research by Queen Mary University of London.
International competition benchmarks metagenomics software
Communities of bacteria live everywhere: inside our bodies, on our bodies and all around us.
Competition for survival signals maintains immune balance
Although scarce, the recently discovered innate lymphoid cells vie with T cells for a shared source of interleukin-7, which helps them to survive.
Can aromatherapy calm competition horses?
Although studies suggest that inhaling certain scents may reduce stress in humans, aromatherapy is relatively unexplored in veterinary medicine.
When peaceful coexistence suddenly turns into competition
Biologists agree that climate change reduces biological diversity. The specific processes that ultimately cause species to go extinct have, however, been little studied so far.
More Competition News and Competition Current Events

Top Science Podcasts

We have hand picked the top science podcasts of 2019.
Now Playing: TED Radio Hour

Risk
Why do we revere risk-takers, even when their actions terrify us? Why are some better at taking risks than others? This hour, TED speakers explore the alluring, dangerous, and calculated sides of risk. Guests include professional rock climber Alex Honnold, economist Mariana Mazzucato, psychology researcher Kashfia Rahman, structural engineer and bridge designer Ian Firth, and risk intelligence expert Dylan Evans.
Now Playing: Science for the People

#540 Specialize? Or Generalize?
Ever been called a "jack of all trades, master of none"? The world loves to elevate specialists, people who drill deep into a single topic. Those people are great. But there's a place for generalists too, argues David Epstein. Jacks of all trades are often more successful than specialists. And he's got science to back it up. We talk with Epstein about his latest book, "Range: Why Generalists Triumph in a Specialized World".
Now Playing: Radiolab

Dolly Parton's America: Neon Moss
Today on Radiolab, we're bringing you the fourth episode of Jad's special series, Dolly Parton's America. In this episode, Jad goes back up the mountain to visit Dolly's actual Tennessee mountain home, where she tells stories about her first trips out of the holler. Back on the mountaintop, standing under the rain by the Little Pigeon River, the trip triggers memories of Jad's first visit to his father's childhood home, and opens the gateway to dizzying stories of music and migration. Support Radiolab today at Radiolab.org/donate.