At this year’s DEF CON security conference scheduled to be held in Las Vegas at the start of August, the Defense Advanced Research Projects Agency (DARPA) will be giving away a total of $4 million to seven teams participating in the Cyber Grand Challenge (CGC).
Started in 2014, theis a classic CTF (Capture The Flag) competition, but with a kink.
Instead of pinning two teams of security researchers against each other in an attempt to hack and/or protect a network or device, the CGC will have the seven teams battle using automated computer programs that are built to hack other systems and to automatically detect and fix weaknesses on their own.
CGC competition started two years ago
The qualification rounds for this event started in 2014, with 28 teams signing up for the challenge. While DARPA funded a few top-notch teams to encourage them to participate in the challenge, most groups that signed up were self-funded.
Three DARPA-funded teams qualified for the final round and four self-funded teams.
These seven will be battling for the top $2 million prize on August 4, 2016, at DEF CON in the Paris Las Vegas Hotel’s 5,000-person-capacity auditorium.
Teams have only 24 hours to win the game
Unlike classic CTF competitions where teams have 48 hours to break and/or secure ten software packages to win the game, the CGC has cut the time in half.
In the CGC qualifying event, teams had to work with 131 different software versions, and the final is likely to have even more. The qualifying event also resulted in the teams fixing all of the 590 flaws in the competition software the contest developers were aware of.
Each team that reached the final will receive $750,000, and the winner will receive $2 million.
Teams had 13 months to prepare for the final, since the last qualifying round, enough time to fine-tune their automated hacking software with new exploits. DARPA’s requirements are that this same software must also include mitigation techniques to avoid adversaries from exploiting known attack vectors against its own system.
The seven teams that are going to try to impress DARPA and win the competition are as follows.
|CSDS||A professor and post-doctoral researcher from the University of Idaho||Moscow, Idaho||Yes|
|DeepRed||A team of engineers from the Raytheon Company||Arlington, Va.||Yes|
|disekt||Four people, working out of a technology incubator, who participate in CTF competitions around the world||Athens, Ga.||Yes|
|Shellphish||A group of computer science graduate students at the University of California, Santa Barbara||Santa Barbara, Calif.||Yes|
|CodeJitsu||A team affiliated with the University of California, Berkeley||Berkeley, Calif.||No|
|ForAllSecure||A startup founded by a team of computer security researchers from Carnegie Mellon University||Pittsburgh, Pa.||No|
|TECHx||Software analysis experts from GrammaTech, Inc., a developer of software assurance tools and advanced cybersecurity solutions, and the University of Virginia||Charlottesville, Va.||No|