Missouri S&T ACM SIG Security


PickHacks' event! You can view it here!

Pickhack Information for March

ACM SigData

This is a new ACM student group on data science.  Dr. Patrick Taylor advises them.

* We participated most recently in DataFest at Mizzou. American Statistical Association (ASA) DataFest is a celebration of data in which teams of undergraduates work "around the clock" to discover and share meaning in a large, rich, and complex data set. It is a nationally coordinated weekend-long data analysis competition and challenges students to find their own story to tell with the data that is meaningful to the data donor.  https://www.stat.missouri.edu/event/datafest-mizzou-2018

* Our other primary activity is developing a data-stories website, where we host student analysis and interpretation of UM, MST, and MO data as a whole.

ACM SigSec

In addition to CyberSpark, which your already have summarized, there are a number more. Dr. Patrick is the coach for some of these competition teams.

* We participate in CCDC every year. The Collegiate Cyber Defense Competition provides institutions with an information assurance or computer security curriculum a controlled, competitive environment to assess their student's depth of understanding and operational competency in managing the challenges inherent in protecting a corporate network infrastructure and business information systems. CCDC competitions ask student teams to assume administrative and protective duties for an existing “commercial” network  typically a small company with 50+ users, 7 to 10 servers, and common Internet services such as a web server, mail server, and e-commerce site. Each team begins the competition with an identical set of hardware and software and is scored on their ability to detect and respond to outside threats,   maintain availability of existing services such as mail servers and web servers, respond to business requests such as the addition or removal of additional services, and balance security needs against business needs. Throughout the competition an automated scoring engine is used to verify the functionality and availability of each team’s services on a periodic basis and traffic generators continuously feed simulated user traffic into the competition network.  A volunteer red team provides the “external threat” all Internet-based services face and allows the teams to match their defensive skills against live opponents. http://www.nationalccdc.org/

* Central Area Networking and Security workshop cyber defense competition for students was hosted here, and we fielded a team as well: https://web.mst.edu/%7Ensfreu/CanSec17/CanSec17.htm.

 * Capture the Flag (CTF) competitions are another one we participate in. There are tens of thousands of participants internationally, and our team was ranked as high as US-academic 17th. A quote from the main CTF hub aggregator site: https://ctftime.org/ctf-wtf/ "Capture the Flag (CTF) is a special kind of information security competitions.  There are three common types of CTFs: Jeopardy, Attack-Defence and mixed. Jeopardy-style CTFs has a couple of questions (tasks) in range of categories. For example, Web, Forensic, Crypto, Binary or something else. Team can gain some points for every solved task. More points for more complicated tasks usually. The next task in chain can be opened only after some team solve previous task. Then the game time is over sum of points shows you a CTF winer. Famous example of such CTF is Defcon CTF quals. Well, attack-defence is another interesting kind of competitions. Here every team has own network(or only one host) with vulnarable services. Your team has time for patching your services and developing exploits usually. So, then organizers connects participants of competition and the wargame starts! You should protect own services for defence points and hack opponents for attack points. Historically this is a first type of CTFs, everybody knows about DEF CON CTF - something like a World Cup of all other competitions. Mixed competitions may vary possible formats. It may be something like wargame with special time for task-based elements (e.g. UCSB iCTF). CTF games often touch on many other aspects of information security: cryptography, stego, binary analysis, reverse engeneering, mobile security and others. Good teams generally have strong skills and experience in all these issues."

* Lockpicking competition. Student-hosted locking picking competition with prizes, etc. Flier attached. This was a great success this year.

* Cantenna build and wardriving competition. Build a directional, external antenna for your computer out of a tin can!  Participants will create cantennas in groups. Then bring it to the Wireless Security Audit on April 4th to drive around Rolla searching for wireless networks in a war-driving competition!

* TracerFire is a competition-like training program developed by Sandia (http://www.sandia.gov) and Los Alamos National Laboratories (http://lanl.gov) to educate and train cyber-security incident responders, analysts, and university students, in critical skill areas including incident response, forensic investigation, and analysis, file systems, memory layout, and malware analysis. This event is held on the off-semester of Cyber-Spark, and is a slightly more advanced competition.


PickHacks is a celebration of technology that brings together you and hundreds of the brightest minds from around the nation for 36 hours of building, collaboration, and fun. Our mission is to empower students to explore, learn, and create within a supportive and welcoming environment.