Students to Participate in Northeast Collegiate Cyber Defense Competition

Nine Alfred State College information technology students, accompanied by James Boardman, assistant professor and chair, Information Technology: Applications Software Development.

The NECCDC is primarily an undergraduate student competition. Teams are comprised of six-eight people; at most, two of these may be graduate students.

Winner of this competition will move on to the 2010 National Collegiate Cyber Defense Competition in San Antonio, TX, April 16-18, 2010.

The three-day event will commence on Friday, March 5, where the competition occurs from 1:30-7 p.m.; the following day, competition begins at 9 a.m. until 7 p.m.; and on Sunday, competition lasts from 9 a.m.-12 noon. An awards ceremony will follow at 3 p.m.

This prestigious competition hosts up to 10 schools; this year, in addition to Alfred State College, competitors include the University of Maine, Rochester Institute of Technology, Harvard University, Northeastern University, Champlain College, Polytechnic Institute of NYU, and Stevens Institute of Technology.

The competition requires each of the student teams, known as BLUE teams, to secure the various unsecured enterprises assigned to them. Each enterprise is identical for all teams and consists of a number of computers and network appliances. At the start of the competition, the teams are given about an hour to secure their enterprises. When this is complete, a RED team of experts from academia and industry begin to attack the BLUE teams, looking for vulnerabilities. If a vulnerability is discovered in one BLUE team site, all other BLUE team sites are checked for the presence of the same vulnerability. Then, it is reported to a WHITE team. The WHITE team consists of the competition judges and scorers. A BLACK team is responsible for checking whether service level requirements of the BLUE teams are being met and to generate normal (non-attack) traffic to all BLUE team sites.

During the competition, the WHITE team 'injects' requirements into the workflow of the BLUE teams. All BLUE teams receive the same 'injects' at the same time. 'Injects' can be of any type, from requiring a report to management, to removing one or more team members to changing the requirements of the enterprise. To win the competition, a BLUE team must be able to balance service level responsibilities with external attacks and internal demand.

The Collegiate Cyber Defense Competition (CCDC) provides institutions that offer an information assurance or computer security curriculum a controlled, competitive environment to assess their students’ depth of understanding and operational competency in managing the challenges inherent in protecting a corporate network infrastructure and business information systems.

The competition tests each student team’s ability to secure networked computer systems while maintaining standard business functionality. The scenario involves team members simulating a group of new employees that have been brought in to manage and protect the IT infrastructure at a small to medium sized IT services company/reseller. The teams are expected to manage the computer network, keep it operational, and control/prevent any unauthorized access. Each team will be expected to maintain and provide public services: a Web site, an e-mail server, a database server, an application server, and workstations used by simulated sales, marketing, and research staff.

In addition to the competition, participating students will also attend a keynote address titled “Analysis of Cybersecurity Incidents in 2009,” presented by Nicholas J. Percoco, senior vice president of SpiderLabs Trustwave.

From Jan. 1-Dec. 31, 2009, Percoco’s organization performed approximately 2,000 penetration tests (network, application, wireless, and physical) for organizations ranging from the largest companies on the planet to nimble start-ups. In addition, SpiderLabs also performed around 200 security incident and compromise investigations for organizations located in nearly 20 different countries around the world. The data gathered from these engagements is substantial and comprehensive. This presentation will be the first viewing of the results of the analysis of the data gathered during 2009. The results will be presented both technical and business impact analysis.

Percoco acts as the lead security adviser to many of Trustwave's premier clients by assisting them in making strategic decisions around various security compliance regimes. As a speaker, he has provided unique insight around security breaches and trends to public (Black Hat, YSTS, DEFCON, SecTor, etc.) and private audiences throughout North America, South America, Europe, and Asia. Prior to Trustwave, Percoco ran security consulting practices at both VeriSign and Internet Security Systems. Nicholas holds a bachelor of science in computer science from Illinois State University.