2014 NCL Fall Season Rules - The National Cyber League

Transcription

2014 NCL Fall Season Rules - The National Cyber League
The National Cyber League – Where Cybersecurity is a Passion
2014 NCL Fall Season
Rules
Table of Contents
The NCL Season .................................................................................................................... 2
2014 NCL Fall Season ................................................................................................................... 2
Eligibility ......................................................................................................................................... 3
Competencies .................................................................................................................................4
Games: Capture-the-Flag (CTF) .................................................................................................5
Scoring.............................................................................................................................................. 5
Schedule of Events ........................................................................................................................ 5
Seasons .................................................................................................................................... 5
Mandatory Pre-Season Game/Assessment ............................................................................ 5
Regular Season: Optimized for Individuals ........................................................................... 6
Post Season: Optimized for Teams ........................................................................................... 8
NCL Rules of Conduct and Ethical Behavior ................................................................. 9
Professional Conduct ................................................................................................................... 9
Questions, Disputes, and Disclosures ................................................................................... 10
Game Conduct ............................................................................................................................. 11
Team Representatives .............................................................................................................. 11
Internet Usage ............................................................................................................................. 12
Scorebot Attacks......................................................................................................................... 12
Disabling Challenges/Puzzles ................................................................................................. 12
Collusion/Flag Sharing ............................................................................................................. 12
Laws ............................................................................................................................................... 13
Target Altering............................................................................................................................ 13
Solution Artifacts........................................................................................................................ 13
Scoring........................................................................................................................................... 14
1
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion
The NCL Season
The NCL provides an ongoing virtual training ground for students to develop and
validate cybersecurity skills using content aligned with individual/team games and
professional certifications.
For example:
 Games are conducted using 100% cloud-based services – AKA the NCL Stadium
 Hosted lab exercises and games are based on widely adopted CompTIA
Security+TM and EC-Council Certified Ethical Hacker (CEH) TM performance-based
exam objectives
 The season includes a set of 20 Security+TM and 19 CEHTM virtual lab exercises
based on these certifications' performance-based exam objectives, which
students (AKA players) and faculty (AKA coaches) can access remotely from
anywhere to develop knowledge and skills
 Preparatory lab exercises and games help prepare students for the Security+TM
and CEHTM certification exams
 Games measure skills being developed in the NCL Gymnasiums
 3 geographic NCL Conferences to facilitate regional and national games among
players
 3 brackets support novice players (Bronze bracket), intermediate (Silver bracket)
and experienced players (Gold bracket)
 Games support individual and team play to develop cybersecurity skills as well as
soft skills (communication, collaboration, problem solving, critical thinking,
decision making, and time management)
 Developed, maintained and operated by dedicated faculty volunteers from
leading cybersecurity academic institutions with a passion for promoting
learning-based cyber games
2014 NCL Fall Season
The NCL will host preparatory exercises in its virtual Cyber Gymnasiums (powered by
NDG’s NETLAB) and games in a virtual Cyber Stadium (powered by iSIGHT Partners’
ThreatSPACE®), with challenges aligned to the CompTIA Security+TM and EC-Council
CEHTM performance-based exam objectives.
2
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion
The 2014 NCL Fall season includes:
 39 virtual preparatory lab exercises, enabling players to develop knowledge and
hands-on skills any place, any time
 Mandatory Pre-Season game to identify players with similar knowledge and skill
levels; players will be placed in one of 3 brackets as follows:
o Bronze: novice players. Players will have limited existing knowledge and
skills and should be able to complete some or most of the preparatory
lab exercises
o Silver: intermediate players. Players will have an intermediate level of
knowledge and skills and should be able to complete all of the
preparatory lab exercises
o Gold: experienced players. Players will have the highest level of
knowledge and skills (e.g., have already completed relevant certifications
and/or completed more advanced study)
 Regular Season with 2 games optimized for individuals
 Post Season with a National Championship game optimized for teams
 Provide students with diverse skill levels, fun, and engaging learning and playing
environments available anywhere, any time
 Deliver lab exercises and challenging game scenarios tied to widely adopted
Security+TM and CEHTM performance-based exam objectives
 Prepare students for the Security+TM and CEHTM exams
 Measure how players perform in the games
 Give faculty opportunities to enrich classes by integrating lab exercises and
competitions into existing security-related curricula
 Stimulate individual cybersecurity skills development
 Create opportunities for soft skills improvements through team-based,
collaborative problem-solving
 Create school pride for players and coaches
Eligibility




Currently enrolled, full- or part-time undergraduate and graduate students at an
U.S. accredited 2- or 4-year college/university
All players must have a faculty/coach
The registration fee is $20 per individual participant for the Pre/Regular Seasons
and $25 per participating team for the Post Season
Players are expected to commit to the entire season
3
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion


There are no prerequisite skills for participation, but players should have a crosssection of beginner/intermediate knowledge and skills in computer science,
networking, systems administration, IT, and/or information security
For more information, visit
http://www.nationalcyberleague.org/eligibility.shtml.
Competencies
One of the distinguishing factors of the NCL is the integration of learning objectives in all
its activities. One of the main ways this is accomplished is by aligning the preparatory
lab exercises available in the NCL Cyber Gymnasiums with the games themselves. This
allows players to use the Gym environment to develop knowledge and skills and then
demonstrate these newly acquired skills in competitive individual and team play. It also
allows the NCL to measure player’s game performance and produce individualized
reports (AKA the NCL Scouting Report) on strengths and weakness amongst various
learning objectives.
The NCL lab exercises and games are designed to develop and validate the following
competencies:
1. Open Source Intelligence: Regular Season Game #1 and NCL National
Championship
2. Network Traffic Analysis: Regular Season Game #1 and NCL National
Championship
3. Log Analysis: Regular Season Game #2 and NCL National Championship
4. Scanning & Reconnaissance: Regular Season Game #1 and NCL National
Championship
5. Wireless Access Exploitation: Regular Season Game #2 and NCL National
Championship
6. Cryptography: Regular Season Game #2 and NCL National Championship
7. Password Cracking: Regular Season Game #1 and NCL National Championship
8. Web Application Exploitation: Regular Season Game #1 and NCL National
Championship
9. Enumeration & Exploitation: Regular Season Game #2 and NCL National
Championship
4
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion
Games: Capture-the-Flag (CTF)
Players will participate in a type of computer security game called a Capture-the- Flag
(CTF). In CTF games, player’s race against each other and a clock to answer securityrelated challenges, often searching for digital “flags" hidden on servers, in encrypted
text, or in applications. Challenges within the CTF are open-ended and require expertise
and skills in a wide range of security-related topics: computer forensics, cryptography,
network penetration testing, web security, and system/network administration. When a
player submits a flag, they receive points for solving the challenge. The player or team
with the highest cumulative score at the end of the game wins.
For more information, visit http://www.nationalcyberleague.org/games.shtml.
Scoring
Players will be scored on their ability to successfully complete the challenges and obtain
the flags therein. Most challenges in the games contain more than one flag. To
accumulate points, players receive a pre-assigned point value for successfully submitting
a flag. The point value for some flags is determined by the NCL-defined difficulty rating
system. The total game score for a player is the sum of points for all successfully
submitted flags during gameplay. The scores for all players are ordered highest to
lowest within each bracket to determine Conference and national rankings for each
bracket for each.
For more information, visit http://www.nationalcyberleague.org/scoring.shtml.
Schedule of Events
The 2014 NCL Fall season will begin August 23 (when the Pre/Regular Season
registration opens) and end December 19. For an updated Schedule of Events, see
http://www.nationalcyberleague.org/schedule.shtml.
Seasons
Mandatory Pre-Season Game/Assessment
A goal of the NCL is to provide beginners with an entry point into cybersecurity games
through preparatory lab exercises, while also challenging and engaging players who
have already mastered similar content. As part of the Pre-Season, student knowledge
and skills will be assessed through a mandatory Pre-Season game. Based on the results
5
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion
of the Pre-Season game challenges, players will be placed in one of three brackets. It is
anticipated that the players will have the following knowledge and skills:
 Gold Bracket: Players will have the highest level of knowledge and skills (e.g.,
have already completed relevant certifications and/or completed more
advanced study)
 Silver Bracket: Players will have an intermediate level of knowledge and skills
and should be able to complete all of the preparatory lab exercises
 Bronze Bracket: Players will have limited existing knowledge and skills and
should be able to complete some or most of the preparatory exercises
 Players will compete within their own bracket for the maximum number of
points. While game challenges are available to all players, there are increasingly
difficult challenges included to test players in higher brackets.
The following governs the Pre-Season game/assessment and bracketing process:
 All registered players will be provided login credentials to the NCL game
environment (powered by iSIGHT Partners’ ThreatSPACE®) prior to the PreSeason game
 Participant knowledge and skills will be assessed at the beginning of the season
through a mandatory Pre-Season game during the week of September 27October 4 (this is the Pre-Season)
 It is not necessary for players to prepare for this assessment, other than going
through the Public Tutorial in the ThreatSPACE® game environment
 At the end of the Pre-Season, all players’ scores will be totaled and used to place
players in the appropriate bracket in their Conference
 Ties between players will be broken first by using the total number of flags
captured, and then by the players’ accuracy. The player with the higher number
of flags captured will win the tiebreaker; or in the case of an equal number of
flags captured, the player with the higher accuracy percentage
 NOTE: a higher accuracy percentage is calculated using the following formula:
o Number of total successful flag captures/total number of flag submissions
Regular Season: Optimized for Individuals
These rules govern the Regular Season games:
 The 2 Regular Season games are optimized for individuals – meaning, players
compete as individuals in both games
 All players will have access to the same puzzles, but will be scored within their
6
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion







respective brackets
Games will be based on the Security+TM and CEHTM performance-based exam
objectives, and preparatory lab exercise content:
o Bronze challenges will be limited to material covered in the preparatory
labs
o Silver challenges will include advanced concepts from the whole portfolio
of performance-based exam objectives and labs
o Gold challenges will include other advanced topics, not strictly limited to
Security+TM and CEHTM
Each individual must pay a $20 fee to play
The cumulative score of the 2 Regular Season games will be used to rank players
in their respective Conferences and nationally in each of the three brackets
Players will have access to a public scoreboard and game clock during each game
(available in the ThreatSPACE® game environment)
Scoring for Regular Season games works as follows:
o Each flag will be classified as Gold, Silver, and Bronze based on the
difficulty of the puzzle
o The point value for each flag will also increase as the difficulty increases
(e.g., Gold flags will be worth more than Silver, and Silver will be worth
more than Bronze flags)
o The individual player with the highest point value wins that game
o In the event a tiebreaker is needed, the following will break the tie:
 First, the player with the most captured flags (regardless of point
value) will win the tiebreaker
 Second, the player who was most accurate (fewest attempts per
flag capture) will win the tiebreaker
Competencies being measured in Game #1:
o Open Source Intelligence
o Scanning and Reconnaissance
o Web Application Exploitation
o Network Traffic Analysis
o Password Cracking
Competencies being measured in Game #2:
o Log Analysis
o Cryptography
o Wireless Access Exploitation
7
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion

o Enumeration and Exploitation
Award certificates will be presented to all players that competed in both Regular
Season games
Post Season: Optimized for Teams
Real-world cybersecurity work is often done in teams; therefore, the NCL has designed a
Post Season game to provide a safe and challenging environment for individual players
to apply their knowledge and validate their skills in a team setting.
The following rules govern Post Season play:
 There will be 1 team game, the NCL National Championship
 School teams may be created with 5 to 10 players. Schools with fewer than 5
players may negotiate a collaborative team with another school. The NCL can
help facilitate the formation of these collaborative teams
 Schools can have any number of teams play
 Each team must pay a $25 team fee to play
 In order to participate in the NCL National Championship game, all players must
have played in the Pre-Season game and both of the Regular Season games
 A team’s bracket will be determined relative to all the teams registered to play:
o A raw team score will be calculated by adding the Regular Season flag
scores for all the players on the team and dividing by the number of
players on the team
o If 2 teams tie for inclusion in a bracket, the team average for the number
of flag captures and accuracy will be used to break the tie
 All teams from all schools will compete within their bracket
 At the conclusion of the NCL National Championship game, the top teams in
each bracket nationally will be named the NCL National Champions
 Scoring for the Post Season games will work as follows:
o Teams will have access to a public scoreboard and game clock during
each game (available in the ThreatSPACE® game environment)
o Scoring for the flags is the same as in the Regular Season:
 Each flag will be classified as Gold, Silver, and Bronze based on the
difficulty of the puzzle
 The point value for each flag will also increase as the difficulty
increases (e.g., Gold flags will be worth more than Silver; Silver
worth more than Bronze flags)
8
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion



The team with the highest combined point value wins
In the event of a tie, the following will happen:
 First, the team with the most flags (regardless of point
value) breaks the tie
 Second, the team with the most accurate play (fewest
attempts per flag capture) will win the tiebreaker
Competencies being measured in NCL National Championship game:
1. Open Source Intelligence
2. Network Traffic Analysis
3. Log Analysis
4. Scanning & Reconnaissance
5. Wireless Access Exploitation
6. Cryptography
7. Password Cracking
8. Web Application Exploitation
9. Enumeration & Exploitation
NCL Rules of Conduct and Ethical Behavior
Professional Conduct






All participants, including players and coaches, are expected to behave
professionally at all times during all NCL games, including preparation meetings,
game events, etc.
In addition to these published NCL rules, host site policies and rules apply
throughout the games and must be respected by all NCL participants
All NCL events are alcohol free events. No drinking is permitted at any time
during game hours
Activities such as swearing, consumption of alcohol or illegal drugs, disrespectful
or unruly behavior, sexual harassment, improper physical contact, violence, or
willful physical damage have no place at NCL events and will not be tolerated
Violations of the rules can be deemed unprofessional conduct if determined to
be intentional or malicious by NCL officials
Players behaving in an unprofessional manner may receive a warning from the
NCL officials for their first offense. For egregious actions or for subsequent
violations following a warning, players may have a penalty assessed against their
individual/team score, be disqualified, and/or expelled from the NCL
9
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion

game/season. Players expelled for unprofessional conduct will be banned from
future NCL games for no less than 12 months from the date of expulsion
Individual(s), other than players, behaving in an unprofessional manner may be
warned against such behavior by the NCL officials or asked to leave the game
entirely by the NCL officials
Questions, Disputes, and Disclosures
Prior to the games: Team captains and/or coaches are encouraged to work with the NCL
officials to resolve any questions before the game begins. Questions can be sent using
the following address: [email protected].
During or after a game:
 During a game: protests by any individual(s)/team(s) must be presented in email
form to the NCL Support Team ([email protected]), during
game hours
 After a game: Protests by any individual(s)/team(s) must be presented in email
form to the NCL Commissioner ([email protected]), no later
than two days (2 days) after the competition end date
 The NCL officials will be the final arbitrators for any protests or questions arising
before, during, or after the game
 Rulings by the NCL officials are final
 All game results are official and final once posted to the NCL website by the NCL
 In the event of an individual(s)/team(s) disqualification, the player(s)/team(s)
must leave the room where the game is taking place immediately upon
notification of disqualification and must not re-enter the game or game area at
any time
 Disqualified individuals/teams are also ineligible for individual/team awards,
certificates of participation, Scouting Reports, scholarships, etc., as defined by
the NCL
 It is the responsibility of the disqualified individual(s)/team(s) to request a
meeting in email form to the NCL Commissioner
([email protected]), from the Team Captain and/or coach, no
later than seven days (7 days) from the date the NCL Commissioner notified
individual(s)/team(s) of their Disqualification status
10
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion
Game Conduct




Players are forbidden from entering or attempting to enter another player’s
machine, or account
Players must play NCL games without outside assistance from non-player
members, including team representatives, from the start of the game to the end
of the game. All private communications (calls, emails, chat, texting, directed
emails, forum postings, conversations, requests for assistance, etc.) with nonplayer members including team representatives that would help the player gain
an unfair advantage are not allowed and are grounds for disqualification and/or
a penalty assigned to the appropriate player/team
Any active mechanisms that interfere with the functionality of the scoring engine
or manual scoring checks are exclusively the responsibility of the players. Any
firewall rule, IDS/IPS, or defensive action that interferes with the functionality of
the scoring engine or manual scoring checks are exclusively the responsibility of
the players
Players are free to examine any target systems; no offensive activity against
other player’s systems or the NCL systems will be tolerated. Any player
performing offensive activity against other player’s or the NCL’s systems will be
immediately disqualified from the game. If there are any questions or concerns
during the game about whether or not specific actions can be considered
offensive in nature, contact the NCL officials before performing those actions
Team Representatives





Each team must have at least one school representative present at the NCL
National Championship game. The representative must be a faculty or staff
member of the institution the team is representing
Once the NCL game has started, representatives may not coach, assist, or advise
an individual or their team until the completion of that game
Representatives must not interfere with any other individual or team
The representative, or any non-team member, must not discuss any aspect of
the NCL game, specifically game tasks, configurations, operations, or
individual/team performance and must not attempt to influence an individual or
their team’s performance in any way
Team representatives, sponsors, and observers who are not players are
prohibited from directly assisting any player through direct advice, suggestions,
or hands-on assistance. Any team representatives, sponsors, or observers found
assisting an individual or team will be asked to leave the player area for the
11
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion
duration of the game and/or a penalty will be assigned to the appropriate
individual/team
Internet Usage




Internet resources such as FAQs, how-to's, existing forums and responses, and
company websites, are completely valid for game use provided there is no fee
required to access those resources and access to those resources has not been
granted based on a previous membership, purchase, or fee
All Internet resources used during the game must be freely available to all
players
Internet activity, where allowed, will be monitored and any player caught
viewing inappropriate or unauthorized content will be subject to disqualification
and/or a penalty assigned to the appropriate individual/team. For the purposes
of the NCL games, inappropriate content includes pornography or explicit
materials, pirated media files, sites containing key generators and pirated
software, etc. If there are any questions or concerns during the game about
whether or not specific materials are unauthorized, contact the NCL officials
NCL officials are not responsible for the security of any information, including
login credentials, which players place on the game network
Scorebot Attacks

DO NOT, under any circumstance, attack the ThreatSPACE® scoring system. This
includes, but is not limited to, launching automated scans or tools targeted
towards the scoring system, attempting injections, or attempting to manipulate
data stored within the scoring system. Players found manipulating the scoring
system will be disqualified from playing in NCL events
Disabling Challenges/Puzzles



DO NOT under any circumstance purposely disable, alter, or damage a
challenge/puzzle and target
Puzzles and targets break, but please do not purposefully attempt to limit or
disable another player's ability to complete a challenge
Players found manipulating the puzzles and targets will be disqualified from
playing in NCL events
Collusion/Flag Sharing

During NCL Preseason and Regular Season games, DO NOT share answers or
12
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion



solutions directly or indirectly with another player or team
Once a player is identified as sharing flags, post-game adjustments will be made,
accepting only the first flag capture for that competitor/team and invalidating all
subsequent flag captures for that flag from players at that school
This allows the player who first captured the flag to keep his or her points, while
their cohorts receive no points for the flags they simply copied
During NCL Postseason game(s), the NCL encourages players from the same
team to work together to solve challenges
Laws




DO follow the laws in your area and the United States
DO NOT under any circumstance violate any laws or the terms you've agreed to
in this rules document
You DO hereby have express permission to attack any asset designated as an NCL
game "target," so long as you abide by the game rules and terms of this rules
document
Violators will be turned over to law enforcement
Target Altering



DO NOT alter an NCL target in a manner that will disrupt the solution or
structure of the puzzle or gameplay. This includes, but is not limited to, changing
core system configurations (passwords, firewall rules, services, etc.),
manipulating any network settings, and/or altering, introducing, or removing
vulnerabilities on the system
Some challenges require you to make changes to a system (adding files,
executing commands, exploiting vulnerabilities, etc.). Players should limit their
interaction to the scope of the puzzle - don't change the way the challenge works
Violators will be subject to a reduction in score or disqualification, or expulsion
from the NCL events
Solution Artifacts
Many challenge solutions require the persistent storage of code (be it on a web
application or in a file on a system). Please be sure to remove your artifacts after you've
solved a puzzle. This will allow the next player to have a more pristine experience with
the target. In the event that you are unable to remove an artifact, please contact
support during the NCL game.
13
2014 NCL Fall Season Rules | Updated 11/21/2014
The National Cyber League – Where Cybersecurity is a Passion
Scoring
Scores will be maintained by the NCL officials and will be shared as soon as possible
after the game. The NCL will do its best to periodically update a leaderboard with
running totals provided during the game. Any individual or team action that interrupts
the scoring system is exclusively the responsibility of that individual/team and will result
in point penalties/disqualification. Should any question arise about scoring, the scoring
engine, or how they function, the Team Captain and/or coach should contact the NCL
officials.
Questions, Disputes, and Disclosures
14
2014 NCL Fall Season Rules | Updated 11/21/2014