News Feed Item

Found: Our Best Future Cyber Protectors in World's Biggest Student-Led Cybersecurity Games

NYU Tandon Wraps Up 14th Cyber Security Awareness Week, Expanded to Universities in Abu Dhabi, France, India, and Israel

BROOKLYN, N.Y., Nov. 14, 2017 /PRNewswire-USNewswire/ -- The 14th annual New York University Cyber Security Awareness Week (CSAW) games – already the world's largest and most comprehensive set of student-led security challenges – closed on Monday, November 13, in the last of five countries, setting records and surprises.

Kevin Shen (left) and Claude Zou from Poolesville High School, Poolesville, Maryland, use their digital skills to solve a murder mystery and capture second prize in the North American High School Forensics Challenge of the world's largest student-led cybersecurity games, NYU CSAW (Cyber Security Awareness Week). Founded at NYU Tandon, the games have expanded to universities on three continents.

For the first time, the CSAW finals expanded to include students from across Europe hosted by Grenoble INP-Esisar, in Valence, France – one of six engineering schools of the Grenoble Institute of Technology – and Israeli students hosted by Ben-Gurion University in the new Advanced Technology Park in the Negev, Israel. CSAW Israel is organized by BGU's Department of Software and Information Systems Engineering and the IBM Cyber Security Center of Excellence, located in Ben-Gurion University.

Universities and schools joined the Center for Cyber Security in  NYU Abu Dhabi (CCSAD),  which hosted finalists from the Middle East, North Africa and selected teams from Asia; the Indian Institute of Technology Kanpur (IIT Kanpur), one of the top universities for computer science education in India; and CSAW founding institution NYU Tandon School of Engineering in Brooklyn.

More than 400 elite students from high school through doctoral programs who had beaten over 12,000 participants from 98 countries in preliminary rounds gathered at four of the regional hubs November 9-11, 2017; in Israel, the CSAW finals ran November 12-13.

"The CSAW games have proved an outstanding tool to engage and educate students, and we are proud that this year we could reach students on three continents through our four university partners. Like us, they recognize that cybersecurity is borderless – and growing in opportunities for our students, with an anticipated shortfall of 1.8 million jobs worldwide by 2022," said NYU Tandon Professor of Electrical and Computer Engineering Ramesh Karri, the faculty lead for NYU CSAW.

He continued: "In North America, CSAW finalists and our students who run the challenges have gone onto some of the most meaningful positions in industry, and others are preparing for a safer future by producing important research and teaching at universities across America. Our snowball is rolling – and growing internationally now. I'm also proud about this year's addition of the CSAW Cyber Journalism Award, which we hope will encourage investigative reporting in the vital realms of privacy and security."

The North American finals comprised six hotly contested competitions among 133 students and 46 teams, supported by over 40 judges from academia and industry. In the High School Forensics competition, the stakes were high – $1 million in NYU Tandon scholarships – as the young cyber sleuths tried to solve a murder mystery using digital clues. Altogether, a record 600 high school teams competed in CSAW preliminaries and 30 teams competed on site at three regional CSAW hubs.

The NYU Center for Cyber Security also offered doctoral scholarships and fellowships to the NYU Tandon School of Engineering to the first-place winners in the Capture The Flag (CTF), Embedded Security Challenge, and Applied Research Challenge at all five regional hubs.

(Watch https://csaw.engineering.nyu.edu for international winners and more details.)

For the first time in CSAW history, a team from Rensselaer Polytechnic Institute – solving a game-changing challenge in the last three minutes of the 36-hour competition — took the North American top prize in the signature CTF hacking competition for undergraduate students.

Another first: a CSAW competition for professionals rather than students. Andy Greenberg, senior writer for WIRED, won the inaugural NYU CSAW Cyber Journalism Award for magazine's July 2017 cover story,  Lights Out: How An Entire Nation Became Russia's Test Lab for Cyberwar. The competition was co-sponsored by NYU Tandon and the NYU Arthur L. Carter Journalism Institute and exposed Russian hacking of the Ukraine power grid.

Besides the competitions, including the six student challenges, NYU Tandon hosted an industry career fair, speeches, and networking events.

Capture The Flag
Players of all levels and ages registered for CTF, the flagship event of CSAW. After 48 hours of around-the-clock software hacking contests in September, a top-notch group of college students bested nearly 2,400 teams from 95 countries to become finalists at the five global CSAW hubs. For 36 straight hours, 10 North American teams competed in the infamously difficult student CTF final competition. CTFs are considered essential training for students and cybersecurity professionals.

First Place – Team RPISEC, Rensselaer Polytechnic, Troy, New York: Jack Dates ('20), Kareem El-Faramawi ('19), Josh Ferrell ('19), and Max Shavrick ('18).

The school has been a regular winner of both the CTF and the Security Quiz Bowl throughout CSAW's history, and in each of the last three years RPISEC finished in the second or third CTF spots. This year, with two returning competitors from last year's team, RPISEC not only took first place – ending an eight-year reign by Carnegie Mellon teams – but went directly from its nail-biting surge in the 36-hour competition to compete in the finals of the fast-paced Security Quiz Bowl alongside another RPI team that had also qualified for the difficult final round. It proved quite the CSAW for RPI: other RPI students successfully hacked a mobile phone and won top prize in the Red Balloon Hardware Hacking Contest.

Second Place – Team 1064CBread: Audrey Dutcher, University of California, Santa Barbara ('18); John Grosen, Massachusetts Institute of Technology ('20); Alex Mieburg, California Institute of Technology ('18); and J.P. Smith, University of Illinois, Urbana-Champaign ('17).

Originally formed as a team of high school students in Dos Pueblos High School in Goleta, California, the team members had been so impressive that CSAW organizers made a one-time exception to its undergraduates-only rule for CTF and allowed them to compete against university students. The team members stayed together and took on new teammates as they went off to their university studies. They have become a regular fixture at the CSAW finals, as has the next-generation team at Dos Pueblos, also called 1064CBread. For 2017, the elder 1064CBread team, apparently still fresh despite 36 hours of CTF, topped off their strong showing by taking third place in the rigorous trivia contest, the CSAW Security Quiz Bowl, that immediately followed the CTF.

Third Place – Team PPP, Carnegie Mellon: Corwin de Boor ('18), Samuel Kim ('20), Matthew Savage ('18), and Zachary Wade ('18). The team has been a CTF force since CSAW opened to schools beyond NYU Tandon, taking first place for eight consecutive years.

High School Forensics
The CSAW HSF challenge introduces high school-age novices to the cybersecurity field, attracting students who enjoy solving puzzles and encouraging newcomers to solve a fictional murder mystery using their digital skills. This year, two teams from Montgomery Blair High School in Rockville, Maryland, finished among the top three. The students were challenged to find clues in physical and digital evidence to unmask the identities of a murdering hacking squad.

First Place – Team b1c, Montgomery Blair High School, Rockville, Maryland: Kevin Higgs, George Klees, and Noah Singer. Both Klees and Singer competed last year, when the school took third place.

Second Place – Team Producing Perfection, Poolesville High School, Poolesville, Maryland:  Ching-Yuan Lin, Kevin Shen, and Claude Zou. Both Shen and Zou were part of Poolesville teams that placed first in 2015 and 2016.

Third Place – Team n0de, Montgomery Blair High School: Ian Rackow, William Wang, and Daniel Zhu. The three students were finalists with Team n0de in 2016.

Embedded Security Challenge
Founded in 2008, the Embedded Security Challenge — the oldest and largest hardware hacking competition in the world and the most difficult event at CSAW — contributes to worldwide scholarship in the emerging field.  The tournament employs a "red team, blue team" format that mimics real-world attacks. This year's challenge, developed in partnership with the U.S. Office of Naval Research, required competitors to make programmable logic controllers more resilient to cybersecurity threats by employing novel fault detection and recovery techniques. Teams demonstrated their solutions on Raspberry Pi microchip platforms. The judging was difficult: only a half-point separated the top four contenders.

The competition is a cornerstone program of NYU's hardware security group. Part of NYU Center for Cyber Security and comprising researchers at NYU Tandon and NYU Abu Dhabi, the group has become a leading force in microchip security. Participants and the student leaders of the competition have spread knowledge of the emerging field to leading universities as faculty members.

First Place – Team UAH, University of Alabama, Huntsville: Thiago Alves and Rishabh Das,  advisor Professor Thomas Morris.

Second Place – Team CARES, University of Delaware: Patrick Cronin, Fateme Hosseini, and advisor Professor Chengmo Yang.

Third Place – Team Wildcats, University of New Hampshire: Timothy Harry, Ethan Stewart, Joshua Kuun, Zhiming Zhang, and advisor Professor Qiaoyan Yu. This is the third consecutive year that Team Wildcats won the third-place CSAW prize.

As a side hardware challenge, sponsor Red Balloon Security challenged students and professionals to hack the hardware of a VoIP phone to win a literal sack of cash and a drone.

Law and Policy
This competition attracts students who are interested in the nexus of law, policy, and emerging security issues. In the United States, teams presented their recommendations related to the disclosure of investigative methods that use computer code. The competition is led by NYU School of Law students with Zachary K. Goldman, Executive Director of the Center on Law and Security and an adjunct professor of law at NYU School of Law, serving in an advisory role.

First Place – United States Naval Academy: Morgan Giraud, Chris Kay, and Lexi Mendolia. Naval Academy teams have been among the top three winners every year since CSAW introduced the Policy Competition in 2014, and took top prize in 2015.

Second Place – Nihar Sheth of the University of Southern California, and Kartik Singh of the University of California, Berkeley.

Third Place – The Bush School of Government & Public Service, Texas A&M: Shannon Abbott and Anne Richmond.

Applied Research
Recognized as the leading competition for young cybersecurity researchers, the Applied Research Competition considers only peer-reviewed security papers that have already been accepted by scholarly journals and conferences. This year, top academics and practitioners in the field reviewed a record 170 papers to arrive at the list of finalists. During the CSAW final round, one of the student authors of each paper presented their research to judges, who reported a particularly difficult selection because of the impact they expect the research will have both immediately and in the future.

First Place – DRAMMER: Deterministic Rowhammer Attacks on Mobile Platforms. Presenter: Victor van der Veen, Vrije Universiteit Amsterdam. Co-authors Yanick Fratantonio, Martina Lindorfer, and Giovanni Vigna, University of California, Santa Barbara; Daniel Gruss and Clementine Maurice, Graz University of Technology; Herbert Bos, Kaveh Razavi and Cristiano Giuffrida, Vrije Universiteit Amsterdam.

Second Place – NEZHA: Efficient Domain-Independent Differential Testing. Presenter: Theofilos Petsios, Columbia University. Co-authors: Adrian Tang, Salvatore Stolfo, Angelos D. Keromytis, and Suman Jana, all of Columbia University.

Third Place – NORAX: Enabling Execute-Only Memory for COTS Binaries on AArch64.
Presenter: Yaohui Chen, Northeastern University. Co-authors: Dongli Zhang and Rui Qiao, Stony Brook University; Ruowen Wang, Ahmed Azab, Hayawardh Vijayakumar, and Wenbo Shen, Samsung Research America; Long Lu, Northeastern University.

Security Quiz Bowl
During the NYU Tandon CSAW finals, 42 teams – comprised of finalists from other CSAW contests as well as students from throughout New York – tested their knowledge of security technology, history, and culture in a fun and fast-paced Security Quiz Bowl, leading up to the final round that followed on the heels of the 36-hour CTF. Undaunted by sleep deprivation, three of the four finalist teams were comprised of CTF participants.

First Place – Team UMBC Cyber Dawgs, University of Maryland, Baltimore County: Seamus Burke ('20), Christopher Gardner ('18), Robert Galvan ('18), Zack Orndorff ('18).

Second Place – Team RPISEC57, Rensselaer Polytechnic: Aidan Noll ('19), Kevin Phoenix ('19), Avi Weinstock (doctoral candidate), and Anthony Delorenzo ('19).

Third Place – Team 1064CBread: Audrey Dutcher, University of California, Santa Barbara ('18); John Grosen, Massachusetts Institute of Technology ('20); Alex Mieburg, California Institute of Technology ('18); and J.P. Smith, University of Illinois, Urbana-Champaign ('17).

A Time to Learn and Network
CSAW was founded in 2003 not simply to engage and educate students but to introduce them to leading professionals and peers who would be able to form important networks when they would become professionals and academics themselves. The 2017 NYU CSAW was no exception.

The keynote presentation was delivered by Andrew H. Tannenbaum, chief cybersecurity counsel for IBM Corporation, whose speech, "How Future Cyber Security Leaders Can Save the World," explored Capture the Flag, both as a rough-and-tumble field game and as a metaphor for cyber security's opportunities and challenges.  And nearly 30 corporate and government employers and universities were on hand to recruit CSAW finalists and other New York-area cybersecurity students for internships and career positions. Dino Dai Zovi, co-founder and CTO of Capsule8, keynoted the Security Expert Luncheon with insight into scaling up security using automation techniques.

CSAW '17 North American Sponsors are: Gold Level — Capsule8, IBM, the United States Navy Office of Naval Research, Palo Alto Networks; Silver Level — BAE Systems, Bridgewater; Bronze Level — Bloomberg, Facebook, Jane Street, Jefferies, JPMorgan Chase & Co., Raytheon, RBC Capital Markets, TD Bank, Uber; Supporting Level — Cubic Corporation, William & Flora Hewlett Foundation, National Security Agency, NCC Group, Rhymetec, The Ruth & Jerome A. Siegel Foundation, Two Sigma, United States Secret Service; Contributing – Applied Computer Security Associates, Carnegie Mellon University, CTFd, Optiv, Red Balloon Security, Sandia National Laboratories, Synack.

About the NYU Tandon School of Engineering
The NYU Tandon School of Engineering dates to 1854, when the NYU School of Civil Engineering and Architecture as well as the Brooklyn Collegiate and Polytechnic Institute (widely known as Brooklyn Poly) were founded. Their successor institutions merged in January 2014 to create a comprehensive school of education and research in engineering and applied sciences, rooted in a tradition of invention, innovation and entrepreneurship. In addition to programs at its main campus in downtown Brooklyn, it is closely connected to engineering programs in NYU Abu Dhabi and NYU Shanghai, and it operates business incubators in downtown Manhattan and Brooklyn. http://engineering.nyu.edu.

About NYU Abu Dhabi
NYU Abu Dhabi consists of a highly selective liberal arts and science college (including engineering), and a world center for advanced research and scholarship — all fully integrated with each other and connected to NYU in New York. Together, NYU New York, NYU Abu Dhabi, and NYU Shanghai form the backbone of a unique global network university, with faculty and students from each campus spending "semesters away" at one or more of the numerous study-abroad sites NYU maintains on six continents. For more information, visit nyuad.nyu.edu/en.

About IIT Kanpur
Indian Institute of Technology, Kanpur, is one of the premier institutions set up by the Government of India. Registered in 1959, the institute was assisted by nine leading institutions of U.S.A in the setting up of its academic programs and laboratories during the period 1962-72. With its record of path-breaking innovations and cutting-edge research, the institute is known the world over as a learning centre of repute in engineering, science and several inter-disciplinary areas. In addition to formal undergraduate and postgraduate courses, the institute has been active in research and development in areas of value to both industry and government. For more information, visit www.iitk.ac.in.

About Grenoble INP - Esisar
Grenoble INP - Esisar is part of the Grenoble Institute of Technology, which brings together six renowned engineering schools, close to the industrial world and open to international exchanges. The Grenoble Institute of Technology is one of Europe's leading technology universities, at the heart of innovation for more than a century. It offers a range of engineering, masters and doctoral courses both in French and in English, driven by world-class research in 37 laboratories, and 6 state-of-the-art technology platforms, developed in partnership with other institutions. Esisar engineers are trained in Embedded Systems and IT technologies, with a cutting-edge curriculum spanning Electronics, Computer Sciences/IT, Control and Networks. Esisar and the associated research laboratory LCI host the industrial chair of Excellence Trust which aims at developing innovative teaching and research programs in cyber security. 

About Ben-Gurion University
Ben-Gurion University of the Negev is the fastest growing research university in Israel, fulfilling the vision of David Ben-Gurion, Israel's first prime minister, who envisaged the future of Israel emerging from the Negev. From medicine to the humanities to the natural sciences, BGU conducts groundbreaking research and offers insightful instruction. The University is at the heart of Beer-Sheva's transformation into the country's cyber capital, where leading multi-national corporations leverage BGU's expertise to generate innovative R&D. A third of Israel's engineers graduate from BGU, with that number destined to rise as the IDF moves south and sends its brightest to swell the ranks of BGU's student body. To accommodate that growth, BGU has launched an ambitious campaign to double the size of its main campus. As it counts up to its fiftieth anniversary, the University's research becomes ever more relevant as its global reach broadens. http://www.bgu.ac.il./
CSAW Israel is organized by BGU's Department of Software and Information Systems Engineering and the
IBM Cyber Security Center of Excellence, located in Ben-Gurion University.




NYU Tandon School of Engineering Logo (PRNewsFoto/NYU Tandon School of Engineering)

View original content with multimedia:http://www.prnewswire.com/news-releases/found-our-best-future-cyber-protectors-in-worlds-biggest-student-led-cybersecurity-games-300555690.html

SOURCE NYU Tandon School of Engineering

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, discussed how they built...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
Mobile device usage has increased exponentially during the past several years, as consumers rely on handhelds for everything from news and weather to banking and purchases. What can we expect in the next few years? The way in which we interact with our devices will fundamentally change, as businesses leverage Artificial Intelligence. We already see this taking shape as businesses leverage AI for cost savings and customer responsiveness. This trend will continue, as AI is used for more sophistica...
The “Digital Era” is forcing us to engage with new methods to build, operate and maintain applications. This transformation also implies an evolution to more and more intelligent applications to better engage with the customers, while creating significant market differentiators. In both cases, the cloud has become a key enabler to embrace this digital revolution. So, moving to the cloud is no longer the question; the new questions are HOW and WHEN. To make this equation even more complex, most ...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and B...
Blockchain is a shared, secure record of exchange that establishes trust, accountability and transparency across business networks. Supported by the Linux Foundation's open source, open-standards based Hyperledger Project, Blockchain has the potential to improve regulatory compliance, reduce cost as well as advance trade. Are you curious about how Blockchain is built for business? In her session at 21st Cloud Expo, René Bostic, Technical VP of the IBM Cloud Unit in North America, discussed the b...
The past few years have brought a sea change in the way applications are architected, developed, and consumed—increasing both the complexity of testing and the business impact of software failures. How can software testing professionals keep pace with modern application delivery, given the trends that impact both architectures (cloud, microservices, and APIs) and processes (DevOps, agile, and continuous delivery)? This is where continuous testing comes in. D
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone in...
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, discussed some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he covered some of the best practices for structured team migration an...
As you move to the cloud, your network should be efficient, secure, and easy to manage. An enterprise adopting a hybrid or public cloud needs systems and tools that provide: Agility: ability to deliver applications and services faster, even in complex hybrid environments Easier manageability: enable reliable connectivity with complete oversight as the data center network evolves Greater efficiency: eliminate wasted effort while reducing errors and optimize asset utilization Security: imple...
The 22nd International Cloud Expo | 1st DXWorld Expo has announced that its Call for Papers is open. Cloud Expo | DXWorld Expo, to be held June 5-7, 2018, at the Javits Center in New York, NY, brings together Cloud Computing, Digital Transformation, Big Data, Internet of Things, DevOps, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
No hype cycles or predictions of a gazillion things here. IoT is here. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, an Associate Partner of Analytics, IoT & Cybersecurity at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He also discussed the evaluation of communication standards and IoT messaging protocols, data...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...