In the 2012 National Cyber League (NCL) competition — a technology security contest combining a “capture the flag” game with digital forensics exercises — DePaul’s Security Deamons went head-to-head against 26 college teams to place #1 in the Midwest and #2 in the nation.
The club’s co-captains, Ryan Haley (BS ’15) and Christopher Alexander (MS ’13), credit competitions like this with keeping them sharp and motivating them to get even sharper:
“Competing shows us what we know and what we don’t know,” says Haley. “Website security differs from desktop security, which differs from wireless security or enterprise-level security. Competitions give us a taste of the whole field, and they push us to dig deeper and learn more.”
Alexander agrees: “This NCL was a great learning experience. We can study security all day, but when we’re put in a situation where the battle is “real” — where hackers are attacking and we’re defending, or vice versa —all our skills are put to the test.”
Last year, the NCL was piloted as a way to extend a once-a-year, national competition — the College Cyber Defense Competition (CCDC) — and give students more opportunities to apply what they’ve learned in the classroom to “real world” situations by defending different technologies against experienced hackers. The competition was structured like a sports league: for 10 weeks, the Security Deamons met on Saturdays and competed virtually against other student teams in Illinois and the Midwest. Finally, as they continued to rise in the rankings — eventually placing #1 in the Midwest — they went to Orlando for the finals. During the finals, the students played as both defenders and attackers.
Alexander explains the contest: “Each team had eight people; each player had different skills sets. In the games, we had to protect the systems of a fictitious company, while fulfilling requests from ‘management’ for upgrades to the network. The network itself included all kinds of computing systems and servers — Windows, Linux, Cisco — doing all kinds of functions, such as web or e-mail. To beat the professional hackers or ‘penetration testers’ who were trying to breach the system, teamwork was really important.”
“Our students have competed well in the CCDC for the past 10 years, winning the title for Illinois eight times,” says Jean-Philippe Labruyère, team coach and instructor, College of Computing and Digital Media. “All these competitions are very challenging, as the students take on the tasks of security professionals, from configuring the technology to defining policies. The Security Deamons are dedicated and self-sufficient — they don’t get grades or extra credit for competing, just the satisfaction of pushing themselves.”
“We’re hardcore enthusiasts,” says Alexander.
For Haley, the games sharpen everything he loves about the field. “Security gives me a sense of purpose; as companies and people become dependent on technology, they need to be protected. I favor the defending side because I like being the good guy, and — in my opinion – it’s harder than attacking. A hacker has to find only one hole to get into a system — sure, that requires thinking out of the box — but a defender has to imagine every hole that has to be patched. That’s even tougher.”
“Our graduates tend to have really great careers,” says Labruyère. “DePaul’s performance in contests like the NCL affirms their preparedness and puts them at the forefront of job seekers in the field.”