Analysis of Cyber Security Knowledge and Skills for Capture the Flag Competition
Abstract
CTF (Capture The Flag) competitions have emerged as a pivotal instrument in development of cyber security education over the past six years. It is imperative to ensure that the CTF competitions continue to develop to facilitate growth of cyber security education. To achieve the desired growth, it is necessary to analyze the progress achieved in the last six years the program has been implemented. This research collects and analyzes approximately 500 CTF solutions from the CTFtime platform. From the results of this analysis, we have identified that skills and techniques are needed in each category of CTF questions. We use the results of this analysis as a reference for questions on the CTF Platform that we created during PCT (Polibatam Cyber Team) regeneration. PCT consists of a group of students from the Cyber Security Engineering study program who are prepared to be at the forefront in participating in various activities related to Cyber Security. The method we use is different from other CTFs, in that we use a skill-based and technique-based approach. We found that this approach was able to attract 80% of participants in solving and improving their skills in Cyber Security towards any challenges in a competitive environment.
Downloads
References
M. K., S. S., E. M. and M. O., "Using Technical Cybersecurity Exercises in University Admissions and Skill Evaluation," IFAC-PapersOnLine, 2019.
H. A., R. H., I. A., Z. M. and R. F., "A CTF-Based Approach in Cyber Security Education for Secondary School Students," Journal of Computer Science and Information Technology, 2021.
B. N., L. F. G., H. B., R. P., M. L. and L. L., "Cyber teaming and role specialization in a cyber security defense competition.," Frontiers in Psychology, 2018.
A. Yasin, L. Liu, R. Fatima and W. Jianmin, "Improving Software Security Awareness using A Serious Game," The Institution of Engineering and Technology, vol. 13, no. 2, pp. 159 - 169, 2019.
P. Matias, P. Barbosa, T. C. Cardoso, D. M. Campos and D. F. Aranha, "NIZKCTF: A Noninteractive Zero-Knowledge Capture-the-Flag Platform," IEEE Security & Privacy , vol. 16, no. 6, pp. 42 - 51, 2018.
T. Burns, S. Rios, T. Jordan, Q. Gu and T. Underwood, "Analysis and Exercises for Engaging Beginners in Online CTF Competitions for Security Education," ASE, 2017.
CTF Time, "CTF Time," [Online]. Available: https://ctftime.org/.
S. Karagiannis, E. Maragkos-Belmpas and E. Magkos, "An Analysis and Evaluation of Open Source Capture the Flag Platforms as Cybersecurity e-Learning Tools," in 13th IFIP WG 11.8 World Conference, WISE 13, Slovenia, 2020.
F. Sharevski, A. Trowbridge and J. Westbrook, "Novel Approach for Cybersecurity Workforce Development: A Course in Secure Design," in IEEE Integrated STEM Education Conference (ISEC), 2018.
N. Elliot, D. Kendall and M. Brockway, "A flexible laboratory environment supporting honeypot deployment for teaching real-world cybersecurity skills," IEEE Access, 2018.
B. Caulkins, T. Marlowe and A. Reardon, "Cybersecurity Skills to Address Today’s Threats," in In International Conference on Applied Human Factors and Ergonomics, 2018.
L. Khoo, Education Framework using Capture the Flag (CTF), Malaysia: IGI Global, 2019.
M. Yamin and B. Katt, "Inefficiencies in Cyber-Security Exercises Life-Cycle: A Position Paper," in AAAI Fall Symposium, 2018.
