Submitted by Rachel Gardner on Tue, 15/12/2020 - 10:50
Congratulations to the undergraduate and MPhil students of this Department who took the crown in an international cyber security competition last week.
They featured in the three top teams (out of 51) at last week's Country-to-Country Capture The Flag (C2C CTF) competition hosted by Royal Holloway University of London.
The event – run to encourage more young people to consider careers in cyber security – drew more than 150 competitors selected from top universities in America, Europe, Asia and Australia.
The participants came from a range of backgrounds, nationalities, languages, genders, experiences and cyber security skills. They were chosen for their motivation and resourcefulness and deliberately placed in mixed teams with fellow competitors they didn’t know, and had to work online together to solve a series of cyber security challenges.
"It was a fantastic experience: I learnt countless new tools, met some great people, and had a lot of fun!"
Oliver Wales
"The fact that my team secured first place feels great and very validating," says Birk Tjelmeland, who is currently studying for the MPhil here in Advanced Computer Science. "My team was really great and even though we didn't know each other, I think we managed some very good teamwork."
Oliver Wales, a third-year Computer Science undergraduate who was also in the winning team, says: "It was a fantastic experience: I learnt countless new tools, met some great people, and had a lot of fun!"
Oliver was a relative newcomer to this kind of competition, having only completed one previous cyber security Capture the Flag (CTF) competition. "So I applied for this one with the intention of broadening my experience," he says. He worked through cybersecurity wargames and problems to prepare himself in the weeks beforehand.
"Most of my team were vastly more qualified than myself," he says, "but they were all very friendly and keen to teach me the tools and help me when I got stuck."
MPhil student Simon Schwarz, who was in the second-placed team 0x45, is a more experienced competitor, having competed in CTF contests over the past three years with the national team in his native Germany. "Having experience was very beneficial in the competition," he says, "as cyber security is definitely a skill that improves with learning."
When he met his team online, he was able to introduce them to the different kinds of challenges, and give them useful tools and tricks that he would use to solve them. And he too enjoyed the event. "The competition was awesome," he says. "Even though I had some experience, I learned many new things during it and met really interesting people from around the world."
Euan Ong (pictured right), a member of the third-placed team Anonymouse, also had the benefit of experience. A Computer Science undergraduate here, he has formerly taken part in the government's cyber discovery schools' programme. But he still found this competition very stimulating.
"The event organisers created a competition that was both accessible to beginners and had challenging problems for those with more experience," he says. "The range of problems was also very diverse — this is one of the few times I've seen an open-source intelligence category on a 'capture the flag' competition, with problems involving looking up MAC addresses of WiFi access points to locate a hacker who leaked information about their home WiFi router through a desktop screenshot, and trawling through Australian public data websites to find information about pedestrian footfall in key areas."
Frank Stajano, Professor of Privacy and Security here in the Department is one of the organisers of the event. He says: "As C2C co-founder and someone who promoted cyber security education for years I am especially proud that, in this new incarnation of the competition, each of the three winning teams (out of 51 teams competing) included members from Cambridge."
Back in 2015, Professor Stajano co-founded – with Dr Howie Shrobe of MIT – the original C2C competition (when C2C meant 'Cambridge to Cambridge') to try and encourage more students to develop an interest in computer security.
Now, the C2C in the competition title means 'Country to Country' and the contest is indeed enjoying a new – and even more international – lease of life.
Event goes global
It is being run as a five-year programme under the auspices of the International Cyber Security Centre of Excellence (INCS-CoE), founded by Keio University in Japan, and of which Cambridge is a member.
The event, which was formerly hosted here in the Department, is this year being hosted by Royal Holloway University of London. Next year it moves to Technion – Israel Institute of Technology, then to MIT in 2022, followed by Keio University in Japan in 2023 and finally Edith Cowan University in Australia in 2024.
As with the original C2C cyber security competition, the organisers believe that longer-term, some of the talented students who competed in their events "will be Chief Security Officers, Heads of Homeland Security and other positions of responsibility in their respective countries."
Winning teams:
- BONTS: Tarun Patel, Edith Cowan University, Australia; Birk Tjelmeland, University of Cambridge, UK; Oliver Wales, University of Cambridge, UK; Daniel Getter, George Mason University, USA; Marcel Armour, Royal Holloway University of London, UK
- 0x45: Simon Fabian Schwarz, University of Cambridge, UK; Ksenia Budykho, University of Surrey, UK; Ian Palmer, Massachusetts Institute of Technology, USA; James Whaley, Royal Holloway University of London, UK; Michael Shafir, Ben-Gurion University, Israel
- Anonymouse: Jorge Sanz, University of Edinburgh, UK; Asaf Rubinfeld, Technion, Israel; Euan Ong, University of Cambridge, UK; Tibor Sárvári, University of Cambridge, UK; Jose Mejia - Arevalo, George Mason University, USA