CIAS logo

National cyber defense competition is April 17-19

By Christi Fish
Public Affairs Specialist

(April 14, 2009)--Baker College in Flint, Mich., will defend its Alamo Cup title this weekend when it joins seven other teams in San Antonio at the National Collegiate Cyber Defense Competition (link to video) (NCCDC) April 17-19 at the Hilton San Antonio Airport hotel. The event is the fourth iteration of the nation's largest collegiate cyber security competition, which was created by and hosted by the Center for Infrastructure Assurance and Security (CIAS), a nationally recognized leader in cyber security education and training at UTSA.

CIAS's NCCDC has grown from five participating schools in 2005 to more than 60 schools in 2009 with eight regional competitions nationwide, two more than in 2008.

The 2009 NCCDC competitors are:

NCCDC is the first practical cyber security competition designed to test how students operate and manage a network infrastructure, similar to that found in the commercial sector. While similar to other cyber defense competitions, NCCDC is unique because it focuses on business operations and incorporates the operational aspect of managing and protecting an existing network infrastructure.

"The National Collegiate Cyber Defense Competition continues to grow from the single regional competition five years ago to the eight regional events and several state qualifiers this year," said Gregory White, director of CIAS and UTSA associate professor of computer science. "The feedback we get from both the faculty and students is phenomenal. Both are enthusiastic about the real-world training that the competition provides -- something that the students don't see in the normal academic lab. Sponsors have provided similar comments stating that traditionally they have been disappointed with the college graduates they get because they lack real experience. The graduates they pick up who have been involved in the competition, however, are better able to immediately make a difference for their company."

The event provides institutions with information assurance and computer security curricula an opportunity to assess their students' depth of understanding and competency in managing challenges in protecting a corporate network infrastructure and business information systems. CCDC events at the state, regional and national levels are designed to (1) build a meaningful mechanism by which institutions of higher education can evaluate their programs, (2) provide an educational venue in which students are able to apply theory and practical skills learned in class, (3) foster a spirit of teamwork, ethical behavior and effective communication within and across teams and (4) create interest and awareness among participating institutions and students.

The competition calls for student competitors to imagine themselves as new network and security administrators at a small company. At the start of the competition, each team inherits an "operational" network from a fictional business complete with e-mail, Web sites, data files and users. The competitors are given very little information about the company's network, its security levels and the software it uses before the competition.

However, they are given a few minutes to familiarize themselves with the new networks and systems, so they can begin installing security updates and patches before the red team starts actively scanning and probing their companies. In the midst of the commotion, competitors are required to keep up with the needs of their business and user demands while maintaining service level agreements for all critical Internet services.

Scoring is based on keeping required services up, controlling and preventing un-authorized access, and completing business tasks that are provided throughout the competition in the form of "injects." Teams accumulate points by successfully completing injects and maintaining services. Teams lose points by violating service level agreements, usage of recovery and restoration services, and successful penetrations by the Red Team.

At the end of the competition, the team with the highest score will be named the National Collegiate Cyber Defense Competition Champion and holder of the Alamo Cup title. After the competition, teams can talk with members of the Red Team to learn how the opponents carried out their attacks and how students could have defended their networks more effectively.

NCCDC is sponsored by a variety of San Antonio and national businesses in the information security, information technology, broadband and publishing industries. This year's major sponsors include Cisco Systems, Core Security Technologies, Microsoft, G-C Partners and Northrop Grumman. Donated hardware and software from leaders in the IT industry are used in the competition to provide students with opportunities to work with technologies they would never see in a typical classroom.

UTSA's CIAS is one of three components of the Institute for Cyber Security (ICS). The institute's other subunits include a research arm (ICS labs) and an incubation and commercialization arm (ICS Incubator). For more information on the cyber security competition, visit the National CCDC Web site or contact Greg White at (210) 458-2166 or Dwayne Williams at (210) 458-2173 at the UTSA Center for Infrastructure Assurance and Security.

------------------------------

Background: UTSA Center for Infrastructure Assurance and Security