http://informationweek.com/story/showArticle.jhtml?articleID=173603268 By Tony Kontzer InformationWeek Nov. 16, 2005 Iowa State University will be victimized by hackers this weekend, and school officials are just fine with that. That's because the hackers will be applying their demonic talents to help educate a new generation of network security professionals during the Big 12 School's 2005 Cyber Defense Competition. The contest, one of a handful of such events across the country, will pit 11 teams of four to six Iowa State students against each other in a battle to see who's best at fending off a variety of network intrusions. The idea is to simulate the conditions young networking geeks will encounter as future IT professionals. "Hopefully, the network teams keep the network up and running, and stay one step ahead of the hackers, just like in the real world," says Nate Evans, a senior computer science and German major who's student director of the competition. The security matchup is different from other similar events in a number of ways. Students will focus on protecting business information rather than the warfare intelligence that students guard during competitions at the military academies. And whereas participants in competitions at the University of Texas at Austin are asked to secure an already assembled network a day earlier, Iowa State's students were given all the hardware they need weeks in advance, and they set up their own network with security in mind. Additionally, the whole competition unfolds in Iowa State's Internet Scale Event and Attack Generation Environment, a state-of-the-art security testing facility funded by the U.S. Department of Justice to the tune of $500,000, with another $700,000 on the way. (A team from the University of Illinois at Urbana-Champaign is planning to visit Iowa State to get a glimpse of the facility and to learn more about ISU's event.) The competition works like this: The student teams set up their networks to support a range of business-related tasks, such as checking E-mail or browsing the Web, and a neutral team of students act as users, using a dedicated workstation to perform those computing tasks. Then, the team of hackers--about a dozen volunteers from the IT security community, most of whom represent private companies that are members of the FBI's local InfraGard chapter--start launching the attacks they've been working on independently for weeks. "They're given a connection to the network, and we tell them 'do your worst,'" says Evans. The winning team--on which each member is given a $100 gift certificate for the school book store--is determined by a team of judges based on the team's effectiveness in fending off the stream of attacks over an 18-hour period starting Friday night. The competition could soon become part of a more coordinated national program. The Iowa State event was born from a National Science Foundation workshop two years ago at which attendees from academia and private industry discussed plans for a national competition that would function like a March Madness for students interested in IT security. That ambitious goal is still a ways off, but Iowa State is taking steps in that direction. It plans to open the competition to students from other schools in its region beginning with an event next spring. Plus, the school wants to expand its reach with tentative plans to host a competition that would pit teams of industry, government, and academic IT pros against each other. _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Wed Nov 16 2005 - 23:44:18 PST