The Cyber Grand Challenge final event was the first head-to-head competition among developers of some of the most sophisticated automated bug-hunting systems ever developed.

For almost 10 hours, competitors played the classic cyber security exercise of Capture the Flag in a specially created computer testbed laden with an array of bugs hidden inside custom, never-before-analyzed software. The machines were challenged to find and patch within seconds—not the usual months—flawed code that was vulnerable to being hacked, and find their opponents’ weaknesses before the defending systems did. The entire event was visualized for attendees on giant monitors and livestreamed for remote viewers, with expert “sportscasters” documenting the historic competition.

Results

The top-scoring machine was Mayhem, developed by team ForAllSecure of Pittsburgh. Second place was formally awarded to Xandra, a cyber reasoning system developed by TECHx of Ithaca, N.Y., and Charlottesville, Va. Third place was awarded to Mechanical Phish, developed by Shellphish of Santa Barbara, Calif.

At a ceremony held in the ballroom of the Paris Las Vegas Conference Center, DARPA Director Arati Prabhakar and CGC program manager Mike Walker congratulated the winners and thanked all of the seven competing finalist teams for helping DARPA achieve its goal of accelerating the development of advanced, autonomous systems that can detect, evaluate, and patch software vulnerabilities before adversaries have a chance to exploit them.

All teams received trophies for their efforts and the top three teams were awarded $2 million, $1 million, and $750,000, respectively. The other four contestants were:

  • Rubeus, a system developed by Deep Red of Arlington, Va.
  • Galactica, a system developed by CodeJitsu of Berkeley, Ca., Syracuse, N.Y., and Lausanne, Switzerland
  • Jima, a system developed by CSDS of Moscow, Id.
  • Crspy, a system developed by disekt of Athens, Ga.
Cyber Grand Challenge Final Results
On August 4, 2016, seven high-performance computers successfully played a game of Capture the Flag during the Final Event of DARPA's Cyber Grand Challenge. In doing so, they made history, proving that it is possible to automate cybersecurity.

 

More about the Cyber Grand Challenge

Cyber Grand Challenge

Overview

The ultimate test of wits in computer security occurs through open competition on the global Capture the Flag (CTF) tournament circuit.
Cyber Grand Challenge Stage

Qualifying Event

Out of 104 teams that had originally registered in 2014, 28 teams made it through two DARPA-sponsored dry runs and into the CGC Qualifying Event.
Mayhem, the winning computer system, was designed by the ForAllSecure team. Initially founded by Professor David Brumley, Thanassis Avgerinos and Alex Rebert, ForAllSecure has grown to nine employees in Pittsburgh and the San Francisco Bay Area.

World's First All-Machine Hacking Tournament

Mayhem, the winning computer system, was designed by the ForAllSecure team. Initially founded by Professor David Brumley, Thanassis Avgerinos and Alex Rebert, ForAllSecure has grown to
nine employees in Pittsburgh and the San Francisco Bay Area. ForAllSecure's technology is the result of more than a decade of program analysis research at Carnegie Mellon University.

Interactive CGC Archive

[Content and images courtesy of DARPA]