Cybersecurity competitions are amazing learning opportunities for students and provide an added hands-on experience beyond the labs used in our courses to enhance the knowledge and skills of our graduates. Students who compete in cybersecurity competitions are known to be more desired by industry and government agencies as they are team-players and know how to work under time constraints. The College of Computing and Engineering (CCE) at Nova Southeastern University (NSU) is very proud of all of our NSU_eHACKERs, cybersecurity student club, who are participating in the various competitions.
Competition Name: US Cyber Challenge: Cyber Quests
Description: Cyber Quests are a series of fun but challenging on-line competitions allowing participants to demonstrate their knowledge in a variety of information security realms. Each quest features an artifact for analysis, along with a series of quiz questions. Some quests focus on a potentially vulnerable sample web server as the artifact, challenging participants to identify its flaws using vulnerability analysis skills. Other quests are focused around forensic analysis, packet capture analysis, and more. The quests have varying levels of difficulty and complexity, with some quests geared toward beginners, while others include more intermediate and ultimately advanced material.
Organizer(s): Counter Hack Challenges LLC.
Frequency: Every Spring
Website/contact information: https://uscc.cyberquests.org/
Next event date/location: Spring 2022
Competition Name: DEF CON
Description: DEF CON (also written as DEFCON, Defcon or DC) is one of the world's largest and most notable hacker conventions, held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied, and can range from creating the longest Wi-Fi connection (aircrack-ng) to finding the most effective way to cool a beer in the Nevada heat.
Other contests, past and present, include lockpicking, robotics-related contests, art, slogan, coffee wars, scavenger hunt and Capture the Flag. Capture the Flag (CTF) is perhaps the best known of these contests and is a hacking competition where teams of hackers attempt to attack and defend computers and networks using software and network structures. CTF has been emulated at other hacking conferences as well as in academic and military contexts (as red team exercises).
Federal law enforcement agents from the FBI, DoD, United States Postal Inspection Service, DHS, us-cert.gov, and other agencies regularly attend DEF CON.
Organizer(s): DEF CON Communications, Inc.
Website/contact information: https://www.defcon.org/
Next event date/location: Def Con - August, 2022, Las Vegas
Competition Name: NYU-CSAW (Cyber Security Awareness Week)
Description: Designed as an entry-level CTF, this competition requires players to integrate concepts, develop skills, and learn to hack as they go. Challenges mimic real-world scenarios modeling various computer security problems. To succeed, teams must demonstrate a profound understanding of the roles and ramifications of cyber security in these situations. Topics include Pwnable, RE, Web, Crypto, and Forensics.
The top teams to emerge from Quals will compete on-site at one of CSAW's global regions, vying for the coveted top three places.
Organizer(s): NYU Tandon School of Engineering OSIRIS Lab (https://www.osiris.cyber.nyu.edu/)
Frequency: Annual (April – November)
Website/contact information: https://csaw.engineering.nyu.edu/ctf
Next event date/location: Spring 2022, location varies
Competition Name: Southeast CPTC
Description: The Collegiate Penetration Testing Competition (CPTC), has grown from one region (ten teams) to five regions (fifty teams) including an international region as well. The CPTC provides a vehicle for up and coming cybersecurity student teams to build and hone the skills required to effectively discover, triage and mitigate critical security vulnerabilities. This competition is unique in offering a simulated environment that mimics real world networks. The competition focuses on improving the security posture of a fictitious organization and reporting on risks in a manner that is similar to a real professional environment.
Organizer(s): Rochester Institute of Technology
Frequency: Every Fall
Website/contact information: https://nationalcptc.org/
Next event date/location: October - TBD
Competition Name: National Cyber League
Description: The National Cyber League (NCL) is a biannual cybersecurity competition for high school and college students. The competition consists of a series of challenges that allows students to demonstrate their ability to identify hackers from forensic data, break into vulnerable websites, recover from ransomware attacks, and more. Students compete in the NCL to build their skills, obtain scouting reports of their performance for hiring purposes, and to represent their school.
The NCL challenges are based on the CompTIA Security+™ and EC-Council Certified Ethical Hacker (CEH)™ performance-based exam objectives and include the following content: Open Source Intelligence, Scanning, Enumeration and Exploitation, Password Cracking, Traffic Analysis, Log Analysis, Wireless Security, Cryptography, and Web Application Security.
Organizer(s): National Cyber League
Frequency: Biannual Website/contact information: https://www.nationalcyberleague.org/
Next event date/location: Winter 2022 Season Registration - check the site
Competition Name: Facebook Capture the Flag Competition
Description: A Capture the Flag (CTF) event is a computer security competition that encourages players to solve security puzzles in a safe and controlled environment. The goal of these events is to further the education of security professionals and to promote Facebook's security culture. CTFs typically consist of challenge "levels" that represent real security issues found in networks and systems. The players will compete with each other, often in teams, to see who can solve these levels first and thereby win valuable points to progress up a leader-board. At the end of the game the team with the most points is declared the winner.
The Facebook CTF builds on years of experience and combines classic attack techniques of penetration testing with defensive levels that require teams to patch the security flaws that they find to prevent other teams from exploiting them. In doing this they learn both offensive and defensive security skills while gaining points in a fast-paced real-time game. It provides levels that include challenges in reverse-engineering, web application security, network sniffing and basic system administration. The goal is to expose players to the most common methods hackers use to break into systems, and then to think about how they would defend against these attacks.
Facebook CTFs are played in an isolated network that ensures that all of the players are on a level playing field. Facebook builds the game and the levels and welcomes players from all backgrounds and abilities to play!
Next event date/location: Check the site for upcoming dates
Competition Name: Department of Energy CyberForce Competition
Description: The Department of Energy (DOE), capitalizing on the expertise of current national laboratory staff that previously hosted four successful cyber defense competitions to exercise interactive, scenario-based events, where teams engage in cybersecurity activities includes methods, practices, strategy, policy, and ethics. Through the CyberForce Competition™, DOE has worked to increase 1) hands-on cyber education to college students and professionals, 2) awareness into the critical infrastructure and cyber security nexus, and 3) basic understanding of cyber security within a real world scenario.
Organizer(s): US Department of Energy (DOE)
Frequency: At least once a year
Website/contact information: https://cyberforcecompetition.com
Next event date/location: November at one of the DOE national laboratories
For more information about Cybersecurity Competitions, please contact:
Dr. Wei Li, Professor
College of Computing and Engineering
Nova Southeastern University
Email: lwei [at] nova.edu
Updated: Oct 31, 2023