Randomised Capture the Flag (CTF) Hacking Challenges VMs for Computer Security Education (RCTF)
Leeds Beckett University working together with University of Birmingham have won funding from the Higher Education Academy (HEA). The funding provides research resources, student engagement beyond coursework, and feeds directly into our computer security modules and teaching.Capture The Flag (CTFs) ethical hacking competitions are a popular means of engaging students learning cyber security. This project will make it possible for the fun and excitement of CTFs to be integrated into cyber security courses. A novel system will be developed which will achieve this by automatically generating unique virtual machines for each student, containing a range of vulnerable services and challenge-based exercises. This work builds upon previous work from Leeds Beckett University on the automatic generation of VMs and work from the University of Birmingham on CFT-style educational VMs. The cross-institutional team (Leeds Beckett and Birmingham) will work together with other universities, cyber security educators, and industry partners (including Imperial College London, Liverpool John Moores University, University of Abertay Dundee, and MWR InfoSecurity) to ensure that the framework will suit the needs of a diverse range of security courses. The project also benefits from input from our hacking societies: Leeds Ethical Hacking Society (Leeds Beckett Students' Union society) and OWASP Leeds Beckett Student Chapter and AFiniteNumberOfMonkeys (University of Birmingham Hacking Club).
The project involves hiring student intern developers to work (a total of over 3,800 hours) on software development and developing hacking challenges. In 2017 a CTF event will be organised to introduce UK students and security lecturers to CTF events and to our new framework.