More Web Proxy on the site http://driver.im/

research-article

Open access

Capture The Industrial Flag: Lessons from hosting an ICS cybersecurity exercise

Authors:

Stanislav Abaimov,

Joseph Gardiner,

Emmanouil Samanis,

Jacob Williams,

Marios Samanis,

Awais RashidAuthors Info & Claims

CPSS '24: Proceedings of the 10th ACM Cyber-Physical System Security Workshop

Pages 98 - 106

https://doi.org/10.1145/3626205.3659148

Published: 01 July 2024 Publication History

Abstract

Industrial Control Systems (ICS) are integral to critical infrastructure, necessitating advanced cybersecurity training. Addressing the urgent need for specialized cybersecurity training, this paper details the UK's first Capture-The-Flag (CTF) event tailored to ICS. This event, held in 2023, was designed in a jeopardy-style format, featuring a comprehensive suite of challenges that mirrored real-world industrial vulnerabilities. It targeted a diverse audience, encompassing participants from both industrial and academic spheres, and emphasized the need for practical, hands-on experience in ICS cybersecurity. This paper describes the design considerations, experience, and recommendations to designing similar CTF events. The event highlighted the benefits of incorporating pre-event training to better acquaint participants with terminologies and protocols, specific to Critical National Infrastructure (CNI) and Operational Technology (OT). Providing insights into the event's design, execution, and the unique learning opportunities it presented, this paper contributes valuable perspectives for future cybersecurity education and training initiatives, particularly in enhancing practical skills in ICS security.

References

[1]

2018 ICS Cyber Security Conference. ICS CTF Challenge. https://ics2022.sched.com/event/1Ba28/capture-the-flag-ctf-opens, 2018.

[2]

Sridhar Adepu and Aditya Mathur. Assessing the effectiveness of attack detection at a hackfest on industrial control systems. IEEE Transactions on Sustainable Computing, 6(2):231--244, 2021.

[3]

Daniele Antonioli, Hamid Reza Ghaeini, Sridhar Adepu, Martin Ochoa, and Nils Ole Tippenhauer. Gamifying ics security training and research: Design, implementation, and results of s3. In Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, CPS '17, page 93--102, New York, NY, USA, 2017. Association for Computing Machinery.

Digital Library

[4]

Alexandrine Torrents Arnaud Soullié. Pentesting Industrial Control Systems 101: Capture the Flag! https://infocondb.org/con/def-con/def-con-30/pentesting-industrial-control-systems-101-capture-the-flag, 2022.

[5]

Def Con. Red Alert ICS CTF. http://icssecurity.net/ctf, 2017.

[6]

Israel Barbosa de Brito and Rafael T. de Sousa. Development of an open-source testbed based on the modbus protocol for cybersecurity analysis of nuclear power plants. Applied Sciences, 12(15), 2022.

[7]

Barbara E. Endicott-Popovsky and Viatcheslav M. Popovsky. Application of pedagogical fundamentals for the holistic development of cybersecurity professionals. ACM Inroads, 5(1):57--68, mar 2014.

Digital Library

[8]

Simon N. Foley, Fabien Autrel, Edwin Bourget, Thomas Cledel, Stephane Grunenwald, Jose Rubio Hernan, Alexandre Kabil, Raphael Larsen, Vivien M. Rooney, and Kirsten Vanhulst. Science hackathons for cyberphysical system security research: Putting cps testbed platforms to good use. In Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC '18, page 102--107, New York, NY, USA, 2018. Association for Computing Machinery.

Digital Library

[9]

iTrust. SUTD Security Showdown S317 Reports. https://itrust.sutd.edu.sg/research/reports/, 2017. Accessed: 2023-09-17.

[10]

iTrust. The Critical Infrastructure Security Showdown 2022. https://itrust.sutd.edu.sg/ciss-2022/, 2022.

[11]

iTrust. The Critical Infrastructure Security Showdown 2023. https://itrust.sutd.edu.sg/ciss-2023/, 2022.

[12]

Markus Mueller Jackson Evans-Davies. Building the SANS ICS Summit Capture the Flag (CTF) Competition, 2022.

[13]

William Jardine. Offensive ICS Exploitation: A Description of an ICS CTF. https://labs.withsecure.com/publications/offensive-ics-exploitation-a-technical-description, 2017.

[14]

Ge Jin, Manghui Tu, Tae-Hoon Kim, Justin Heffron, and Jonathan White. Evaluation of game-based learning in cybersecurity education for high school students. Journal of Education and Learning (EduLearn), 12:150, 02 2018.

[15]

Mika Karjalainen, Tero Kokkonen, and Samir Puuska. Pedagogical aspects of cyber security exercises. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 103--108, 2019.

[16]

Kaspersky ICS CERT. Capture the Flag in ICS. https://ics.kaspersky.com/media/KL-CTF-for-ICS.pdf, 2018. Accessed: 2023-10-15.

[17]

Menelaos Katsantonis, Panayotis Fouliras, and Ioannis Mavridis. Conceptual analysis of cyber security education based on live competitions. In 2017 IEEE Global Engineering Education Conference (EDUCON), pages 771--779, 2017.

[18]

Matthew E. Luallen and Jean-Philippe Labruyere. Developing a critical infrastructure and control systems cybersecurity curriculum. In 2013 46th Hawaii International Conference on System Sciences, pages 1782--1791, 2013.

[19]

Fred B. Schneider. Cybersecurity education in universities. IEEE Security & Privacy, 11(4):3--4, 2013.

Digital Library

Cited By

Gardiner JAbaimov SWilliams JShahbi FAnastasakis KChowdhury PEllis WSameen MSamanis ERashid AFawaz KAlmgren M(2024)"If You Build it, They will Come" - A Blueprint for ICS-focused Capture-The-Flag CompetitionsProceedings of the Sixth Workshop on CPS&IoT Security and Privacy10.1145/3690134.3694818(27-40)Online publication date: 19-Nov-2024
https://dl.acm.org/doi/10.1145/3690134.3694818

Index Terms

Capture The Industrial Flag: Lessons from hosting an ICS cybersecurity exercise

Recommendations

"If You Build it, They will Come" - A Blueprint for ICS-focused Capture-The-Flag Competitions
CPSIoTSec'24: Proceedings of the Sixth Workshop on CPS&IoT Security and Privacy

Industrial control systems (ICS) are the specialist systems responsible for operating many aspects of Critical National Infrastructure (CNI), including power generation and distribution, water treatment, and transport systems. With the increasing cyber ...
Impact of Capture The Flag (CTF)-style vs. Traditional Exercises in an Introductory Computer Security Class
ITiCSE '22: Proceedings of the 27th ACM Conference on on Innovation and Technology in Computer Science Education Vol. 1

The importance of possessing hands-on skills in addition to theoretical knowledge for cybersecurity researchers and professionals cannot be overstated. Computer security educators have therefore adopted various types of hands-on exercises in their ...
A Capture The Flag (CTF) Platform and Exercises for an Intro to Computer Security Class
ITiCSE '22: Proceedings of the 27th ACM Conference on on Innovation and Technology in Computer Science Education Vol. 2

Cybersecurity education is becoming increasingly important as demand for cybersecurity professionals increases. Hands-on skills are a critical component of cybersecurity education, and a variety of exercise types have been developed to teach these ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CPSS '24: Proceedings of the 10th ACM Cyber-Physical System Security Workshop

July 2024

116 pages

ISBN:9798400704208

DOI:10.1145/3626205

Program Chairs:
Jianying Zhou
SUTD, Singapore
,
Sudipta Chattopadhyay
SUTD, Singapore

Copyright © 2024 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 July 2024

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

PETRAS National Centre of Excellence on Cyber Security of IoT

Conference

ASIA CCS '24

Sponsor:

SIGSAC

ASIA CCS '24: ACM Asia Conference on Computer and Communications Security

July 2, 2024

Singapore, Singapore

Acceptance Rates

CPSS '24 Paper Acceptance Rate 10 of 22 submissions, 45%;

Overall Acceptance Rate 43 of 135 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
369
Total Downloads

Downloads (Last 12 months)369
Downloads (Last 6 weeks)64

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gardiner JAbaimov SWilliams JShahbi FAnastasakis KChowdhury PEllis WSameen MSamanis ERashid AFawaz KAlmgren M(2024)"If You Build it, They will Come" - A Blueprint for ICS-focused Capture-The-Flag CompetitionsProceedings of the Sixth Workshop on CPS&IoT Security and Privacy10.1145/3690134.3694818(27-40)Online publication date: 19-Nov-2024
https://dl.acm.org/doi/10.1145/3690134.3694818

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents