Skip to main content
eScholarship
Open Access Publications from the University of California

Ten Years of iCTF: The Good, The Bad, and The Ugly

  • Author(s): Vigna, Giovanni
  • Borgolte, Kevin
  • Corbetta, Jacopo
  • Doupé, Adam
  • Fratantonio, Yanick
  • Invernizzi, Luca
  • Kirat, Dhilung
  • Shoshitaishvili, Yan
  • et al.
Abstract

Security competitions have become a popular way to foster security education by creating a competitive environment in which participants go beyond the effort usually required in traditional security courses. Live security competitions (also called “Capture The Flag,” or CTF competitions) are particularly well-suited to support hands-on experience, as they usually have both an attack and a defense component. Unfortunately, because these competitions put several (possibly many) teams against one another, they are difficult to design, implement, and run. This paper presents a framework that is based on the lessons learned in running, for more than 10 years, the largest educational CTF in the world, called iCTF. The framework’s goal is to provide educational institutions and other organizations with the ability to run customizable CTF competitions. The framework is open and leverages the security community for the creation of a corpus of educational security challenges.

Many UC-authored scholarly publications are freely available on this site because of the UC Academic Senate's Open Access Policy. Let us know how this access is important for you.

Main Content
Current View