King of the Hill: A Novel Cybersecurity Competition for Teaching Penetration Testing

Authors: 

Kevin Bock, George Hughey, and Dave Levin, University of Maryland

Abstract: 

Cybersecurity competitions are an effective and engaging way of providing students with hands-on experience of real-world security practices. Unfortunately, existing competitions are ill-suited in giving students experience in penetration testing, because they tend to lack three key aspects: (1) pivoting across multiple machines, (2) developing or implanting custom software, and (3) giving students enough time to prepare for a lively in-class competition. In this paper, we present the design, implementation, and initial run of King of the Hill (KotH), an active learning cybersecurity competition designed to give students experience performing and defending against penetration testing. KotH competitions involve a sophisticated network topology that students must pivot through in order to reach high-value targets. When teams take control of a machine, they also take on the responsibility of running its critical services and defending it against other teams. Our preliminary results indicate that KotH gives students valuable and effective first-hand experience with problems that professional penetration testers and network administrators face in real environments.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {219742,
author = {Kevin Bock and George Hughey and Dave Levin},
title = {King of the Hill: A Novel Cybersecurity Competition for Teaching Penetration Testing},
booktitle = {2018 {USENIX} Workshop on Advances in Security Education ({ASE} 18)},
year = {2018},
address = {Baltimore, MD},
url = {https://www.usenix.org/conference/ase18/presentation/bock},
publisher = {{USENIX} Association},
}