7th IEEE International Conference on Industrial Cyber-Physical Systems
St.Louis, MO, USA


2nd IEEE IES International CTF on Cybersecurity in IoT-based Applications

Contact Us

Introducing the IEEE IES International CTF on Cybersecurity in IoT-based Applications

The countless benefits and technological advances provided by the widespread deployment of IoT-based devices in applications in Industry 4.0, smart homes and cities, agricultural monitoring, and smart health devices, are still subject to immeasurable data security-related problems. Enabling and training students and professionals to understand and develop solutions to mitigate the issues related to cybersecurity in IoT and IT applications has been a significant need in the technology sector.

Thanks to the success of the first event held in Orlando during the 24th IEEE International Conference on Industrial Technology, the IEEE IES Standards Committee and Technical Committee on Industrial Agents organizes the second international CTF on cybersecurity in IoT-based applications, a Capture the Flag (CTF) competition.


Capture the Flag (CTF) competition

CTF competitions are exercises (challenges) in which participants are challenged to find and exploit vulnerabilities in a system to capture a piece of information ("flag").

The CTF competition is a hybrid event to be held during the 7th IEEE International Conference on Industrial Cyber-Physical Systems (ICPS) in May 13, 2024 in St. Louis, MO, USA. There will be challenges exclusively held in person, which require that at least one team member must be physically present to solve these challenges. If that condition is not met, the team will only lose the points related to the in-person challenges.

All registered teams will have the opportunity to participate in the competition that will take place during the ICPS conference event.

If you have questions about the CTF competition, maybe this video can help clear them up.

Problem Domain

The challenges proposed in this Jeopardy-style CTF aim to examine skills in the topics of:

IoT

Challenges related to IoT (Internet of Things) address vulnerabilities and security flaws in Internet-connected devices such as IP cameras, smart thermostats, smart home devices, etc. There is also a focus on the Industrial Internet of Things, where we have devices that collect information from industrial processes.

Cryptography

Involves analyzing and breaking cryptographic codes and algorithms. The challenges usually include classic ciphers, cryptanalysis, public and private key systems, among others.

Web Exploitation

Discovering and exploiting vulnerabilities in web applications, such as SQL injection, XSS (Cross-Site Scripting), CSRF (Cross-Site Request Forgery), among others, to gain unauthorized access or manipulate data.

Forensic Analysis

Analyzing digital artifacts, such as system logs, log files, network traffic or disk images, to extract relevant information, identify malicious activity or reconstruct past events.

Reverse Engineering

Analyzing the workings of a program or system, usually in machine language or low-level code, to discover secrets, keys or vulnerabilities.

Steganography

Finding hidden information within media files, such as images, audio or video, which have been manipulated using steganography techniques.

Binary Exploitation

Exploiting vulnerabilities in executable binaries, such as buffer overflows, code injection, string formatting flaws, among others, to gain control over the system or execute arbitrary code.

Scripting

Automating tasks or writing scripts to solve more complex challenges in other categories, such as cryptography, reverse engineering or binary exploitation.

Who can participate?

Open to all audiences who are passionate about cybersecurity, IoT and IT. Participants can choose to participate individually or in groups of up to 4 members.

Requirements

To participate in the competition, competitors must have a laptop with internet connection, and it is recommended to install an operating system aimed at auditing and computer security in general, such as Kali Linux, Parrot, etc. The OS installation can be done with virtualization software (VirtualBox, VMware, …)

Scoring criteria

There are different types of score in the competition, which will be indicated in each challenge. There are challenges in which the teams that solve them the fastest are rewarded with a few more points than the others. Other challenges have fixed values for all participants who solve them. The difference in score adds dynamism to the competition and makes participants more enthusiastic about solving the challenges.

Registration


  • Register for the 2nd IEEE IES International CTF on Cybersecurity in IoT-based Applications can be done using the following form (only one fee per team). Limited slots available.

    • IES members: USD$50
    • IEEE members: USD$60
    • IEEE non-members: USD$75

  • You can also access the CTF registration form using the QR code.
  • If participants are registered for the conference, CTF fees are included.

Timeline

Scheduled according to the CDT time zone (Central Time Zone, local time in St. Louis, MO, USA).

Registration Period Start Date: March 1, 2024 (12:00 AM CDT)
End Date: April 5, 2024 (12:00 AM CDT)
CTF Contest Start Date: May 13, 2024 (2:00 PM CDT)
End Date: May 14, 2024 (2:00 PM CDT)
Awards Ceremony Date: May 14, 2024 (8:00 PM CDT)

Prizes!

The top 3 teams will win prize money of USD$900, USD$400 and USD$200 for First, Second and Third place respectively.

All participants will receive a certificate of appreciation.

Organized By
IEEE IES Standards TC
TC on Industrial Agents
Co-sponsors are the TC on Resilience and Security for Industrial Applications and the TC on Building Automation, Control and Management.
Contact Us

If You Have Any Query, Please Contact Us

Send an email to ctf-ieee-ies.cybersec@ipb.pt