AutoCTF: Creating diverse pwnables via automated bug injection

Patrick Hulin, Andy Davis, Rahul Sridhar, Andrew Fasano, Cody Gallagher, Aaron Sedlacek, Tim Leek, Brendan Dolan-Gavitt

    Research output: Contribution to conferencePaper

    Abstract

    Capture the Flag (CTF) is a popular computer security exercise in which teams competitively attack and/or defend programs in real time. CTFs are currently expensive to build and run; each is a bespoke affair, with challenges and vulnerabilities crafted by experts. This not only limits the educational value for players but also restricts what researchers can learn about human activities during the competition. In this work, we take steps towards making CTFs cheap and reusable by extending our LAVA bug injection system to add exploitable vulnerabilities, enabling rapid generation of new CTF challenges. New LAVA bug types, including memory corruption and address disclosure, form a sufficient set of primitives for program exploitation. We used these techniques to create AutoCTF, a week-long event involving teams from four universities. In order to assess how AutoCTF differed from a handmade CTF we conducted surveys and semi-structured interviews after the event. We evaluated both challenge realism and relative effort expended on bug finding and exploit development. Our preliminary results indicate that AutoCTF can form the basis for cost-effective and reusable CTFs, allowing them to be run often and easily. These CTFs can be used to train new generations of security researchers and provide empirical data on human vulnerability discovery and exploit development.

    Original languageEnglish (US)
    StatePublished - Jan 1 2017
    Event11th USENIX Workshop on Offensive Technologies, WOOT 2017, co-located with USENIX Security 2017 - Vancouver, Canada
    Duration: Aug 14 2017Aug 15 2017

    Conference

    Conference11th USENIX Workshop on Offensive Technologies, WOOT 2017, co-located with USENIX Security 2017
    CountryCanada
    CityVancouver
    Period8/14/178/15/17

      Fingerprint

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Hardware and Architecture
    • Information Systems
    • Software

    Cite this

    Hulin, P., Davis, A., Sridhar, R., Fasano, A., Gallagher, C., Sedlacek, A., Leek, T., & Dolan-Gavitt, B. (2017). AutoCTF: Creating diverse pwnables via automated bug injection. Paper presented at 11th USENIX Workshop on Offensive Technologies, WOOT 2017, co-located with USENIX Security 2017, Vancouver, Canada.