Out of 104 teams that had originally registered in 2014, 28 teams made it through two DARPA-sponsored dry runs and into the CGC Qualifying Event.

In that contest, teams tested the high-performance computers they had built and programmed to play a round of Capture the Flag (CTF)—a game that experts use to test their cyber defense skills. CTF games require competitors to reverse engineer software created by contest organizers and locate and heal its hidden weaknesses in networked competition.

DARPA Cyber Grand Challenge: What Is Capture the Flag?
"Capture the Flag" is a game played by both children and hackers. But whereas children look for flags hidden in their opponents' forts, hackers look for software flaws hidden in previously unexplored code.

Each team designed an innovative system that achieves, to varying degrees, the difficult task of finding and fixing software safety problems in the kind of code used everywhere every day.

The CGC Qualifying Event from which the seven winning teams emerged:

  • Was the first CTF played solely by machines.
  • Operated at a speed and scale at which only machines can compete. For example, most CTF events challenge experts to analyze and secure about 10 pieces of software over 48 hours. The CGC Qualifying Event demanded that teams’ machines work on 131 pieces of software—more than any previous CTF event—over just 24 hours. Some teams’ systems secured single pieces of software in less than an hour.
  • Resulted in participating teams together fixing all of the 590 flaws in the competition software of which the contest developers were aware.

Most CGC competitors entered on an open track available to self-funded teams, while seven teams participated on a funded track with DARPA support.

The three funded-track teams heading to the CGC finals were:

  • CodeJitsu (Berkeley, Calif.): A team affiliated with the University of California, Berkeley
  • ForAllSecure (Pittsburgh, Pa.): A startup founded by a team of computer security researchers from Carnegie Mellon University
  • TECHx (Charlottesville, Va.): Software analysis experts from GrammaTech, Inc., a developer of software assurance tools and advanced cybersecurity solutions, and the University of Virginia

The four winning open-track teams were:

  • CSDS (Moscow, Idaho): A professor and post-doctoral researcher from the University of Idaho
  • DeepRed (Arlington, Va.): A team of engineers from the Raytheon Company
  • disekt (Athens, Ga.): Four people, working out of a technology incubator, who participate in CTF competitions around the world
  • Shellphish (Santa Barbara, Calif.): A group of computer science graduate students at the University of California, Santa Barbara

Each qualifying team received $750,000 to help them prepare over the next 13 months for the CGC final competition. They were given the opportunity to access a specialized IT infrastructure, a “digital arena” in which they could practice and refine their systems against dummy opponents that DARPA provided.

More about the Cyber Grand Challenge

Cyber Grand Challenge

Overview

The ultimate test of wits in computer security occurs through open competition on the global Capture the Flag (CTF) tournament circuit.
An impressive array of seven team-designed supercomputers vie for the grand prize of two million dollars at the Cyber Grand Challenge competition at the Paris Las Vegas Conference Center on August 4th, 2016.

Final Event

The Cyber Grand Challenge final event was the first head-to-head competition among developers of some of the most sophisticated automated bug-hunting systems ever developed.

Interactive CGC Archive

[Content and images courtesy of DARPA]