Merken

Hosting CTFs with Berlyne

Zitierlink des Filmsegments
Embed Code

Automatisierte Medienanalyse

Beta
Erkannte Entitäten
Sprachtranskript
things are showing up to my talk on CDs with per were relying as a tool I've written for exactly this purpose on 1st of all about me my name is strong and sort of I am currently in info sec master students here at this university uh and a written apology on really not fit to the so it runs it's law from that of the MRF to take a sip of my tea please excuse me no on the most students here and I currently live and bond so what is this talk about it the the last 3 semesters I was tutor for software security at the University of and there was spiced up our lecture with CTS and I want to pass on some of the experience with made and talk about the to life written to the closer to the other arm so talk has 3 segments 1st of all we will talk about 1 of the key of actually used and I'm gonna talk about the principles of problem-based learning the which is so important in my opinion and it's metals show the actual
tool the stock is mainly about market precision given a razor and who knows what commercial flight means OK a lot of everyone tell k minus on summary of priest Introduction and this is the capture the flag competition
I as you can see of
the Red team here is trying to steal flat and the creating this trying to prevent the red team to steal the slack the point of field that looks somewhat like this it's time as a base the base contains a flag and the
other team's goal is to you get the flak and bring to the only the there would be a single point so both teams have to defend their own flag while trying to steal the flight from the other team or other teams so this talk is about software security or IT security in general because those that have to do with the key security all they're playing basically the
same thing these are are 2 teams 1 in the back and front planes the CTF and what goes on basically each gene
also vulnerable services the the services are usually provided by the organizers of the CDF but also by the teams participating and the role of this the minister still flat all of the other team by using the vulnerability in the service while at the same time defending their own flight by patching the answers once they got a flat they submitted
to the system model score water and received the points in the version of the game the reflective consist of cotton and usually just character strings the weighted because it's not exploited service to get more points than for market so on must link there mainly 2 types of city play plates from the first one is that detected defense of its this exactly which just show you
where the goal is to still the
flag the posted in the service of the other team these are the the difficult almost especially for large set up so for these they're usually played at conferences or locally at universities or something like that and the
2nd type is the Jeopardy suggest men that after the game show the where the organizer roles services and the role for every is just to exploit the service hosted by the organizers to like their but Jeopardy has some big advantages for some of that the as time critical as a real-time isn't that defense 11 attack difference for 8 hours and the
2 pay full attention for these for this time whereas in jeopardy there's a really a real-time elements of it can the last for us they or even longer and teams can just work in their own pace which is good for educational purposes and here toward so since a lot of
you know what city of are this is a typical score worked as you imagine a ranking with points know a bit more interesting
this as an example task that picked up because I like that and from the echo Japanese-style city that is organized by the flux fingers to the city of the most the only visited often which is nearby and this is a typical task is and this case a website and 1 field where you can interact with the website where you can to some so this this your starting point you have done of background information
just at this website in an example for
more complex task it from the same city of actually there was used the the
model that he owes Wild Wild West and this dating site hot coals and and has a lot of in direction there's a chat that actually works because replied on begin at premium accounted can yeah user management you can even write the administrator and e-mail and player form and that's also a problem you don't know where to start but you need to get a flight In this case here to contact the administrator use cross its scripting only here had some form of it just doesn't
always have to be useful for service or website on here there are 2 only cares about are the keys and of course in your lecture you learn OK short he's a bad but once you dizygotic communication here once you
actually wrote a script that the crew the are saying cryptic messages the neural understood how the system works and why it is bad and the short keys yeah the
last thing you need to know a lot of teams after this solved a particular challenge the writer right up how they
solve this challenge and publish it often which is good form of documentation for them but also for others who weren't able to solve the task no difficult categories
knowledge and coat almost everything difficulties reversing Norway crypto but you see everything city knowledge from simple websites to all operating systems but it exploits
so if you know the mobility I hope this was brief introduction there's so what's called city of 10 or that led a lot of the year so if you're interested check it out there is currently a CDF posted online almost every week just recall so secondly this target of all
postings CDF with Purloined notable the participating not a lot of
institutions especially interesting he was capture the flag competitions which is really cool but also in there'd intermarriage not that also helps students which clear to segment of problem-based learning which are very basic principles that you should follow if you also the states here the
European DVL there's that the starting point should be a possible a reliquary and of course you can argue that this type of learning has been around forever but the problem learning how I I'm going to talk about it is formal find 1 so there's been a lot of research about that it works very well in combination with lectures not as a replacement of together with the lecture and works really well too a similar fragmented knowledge into applicable skills so if you have a lecture or training a company or
university the teachers furious promise learning is great to MIT students understand the and connect the dots and it applicable skills of theory the gold star to promote problem solving independent learning also to evaluate independent learning and last not
only not least also the motivation parts so the desire of the 4 basic
points if you'll see the official take into consideration very basic very and if you follow them you have good outcome so first one is often the problem something of violated and but has Mr. problem should be as close to real world problems possible and also that there should be no all the detailed background information on the problem itself secondly you work in small groups 3rd the teacher steps back is the tutor he doesn't help with any problems he might moderate the learning process but the demolition help and the individual knowledge gained it comes naturally that just means if you work in a group you can
discuss with people but everybody should the research on their own and then discuss with the others but I said if you positive and smaller groups that usually comes naturally so we also suggest
uh that conference which is the university in constant database rolls into consideration the to spice up here the software secure to lecture afterward 3 the feedback from the participants got it all
over 30 students I think 31 mainly IT students but also with some from electrical engineering and of course really the service for the feedback what the question was did you
have fun and the city of was obligatory so people to participate of but still most of them said that they had found worthless the little too much but even more interesting was
this question that you learn something new on these graphs look added to it but these are from the actual that I they you learn something new and everybody said yes which is interesting because the tasks of the were matched to the topics starts in the so more security lecture in the city of course at the end of the lecture however there was really cool to see distant best a lot of time what they what usually do with a worksheet and so that infants learn something on why included this PBL as set a lot of
institutions are because up on this idea of capture the flag competitions which is called the sometimes they don't take
problem-based learning or other learning methods into consideration I include an example for this here um but even the ranking that which is used by some universities and it's company that polls capture the flag competitions how can
over there she sold does give to ride write up and submit it and then it right up this in this case you get the image of Ferrara and
his boss run at the software service running with the vulnerability and how I solved it was just Dunlap image converted to 0 format you can use of it Mount the match Grant for flak and I received a letter which this the norms you get this would be a valid solution because I got the but in this case the right up actually get exist assessed so I can't exploit the service is I I have to specifically exploit the power the creators 1 of the to exploit and that of course is not authentic it's an hour problems and
moderate it's frustrating so those really frustrating task on so there was an introduction to suggest and prone I'll talk about the tool I've written to host capture reflects the IBM University it is also used by you the company in Cologne which is also sponsor at this conference have destroying I've run us free software and it's a tool to work with it's not your enterprise tool to just use you're supposed to work with its so 1st of all I would use between all suggest what you all the peer there are so many online but the city of online the right heavily in difficulty and quality and if you have a lecture or costs you might not want to depend on a city if you don't know what is what is going to be about that might not match the content and also on time as often during the weekend so I leave Berlato's your insidious whenever you want with the topics you the so because of line basically
brings it gives to the classroom make it easier to spice up your lecture your course in software IT security with a city of and make it very easy to set up of with the 2nd it's written in general which is a python framework just because I'm the very lazy and Jameson extremely cool framework that allows you to right applications in time OK so I'm
going to show tool which is why most people temporal the
thank you thank you can solve its have the I have to browse open
it's a web application the I just from them this where work petition on the krone 1 is a teacher teachers None
Firefox 1 here is students so of students you just have to different cost of and a course is essentially of the city of I mean In this dream multi threshold a certain amount of points the past a kind of like Texan and the beginning in the deadline for flight submission and the short description the and the rest is just your usual circuit of problems here you have reflects submission and you have a all spent hear somebody already and there's some points there right because them reached a threshold can so the few in this 1st in just normal suggest Martin to the to just
perfect perspective and here you have an additional 10 about problems on so often look into them these are 2 different problems of primitive installed all of this and local installation you can see where all the items that the more later consider the deployment options are different have Jonas that only downloadable but also Dr. some run in virtual box down all yeah I'll show that to you in a 2nd the future create a problem and of course I sure all to create problems and the 2nd I choose another 1 score or maybe something to wandering I can save the since have to submit right up with the solution the start deadline I can set a password and threshold and then I can assign problems to the course so non this case and they have passed on names and the categories so on the 1 to what challenge medicine through remote file inclusion all that the maybe some preference but you know 1 of which the I was on now I can assign points these are the points that problem creator 1 for the task alright and for the course no across the street and so FIL vector that problems pages system now starts to problems that that newly assigned so this can be seen as like high-level significant the problems that are in the course running the Province they're not using a causation down OK so a got to those tunes perspective
the operational costs and enjoyment it was found a password and Mr. my costs of and was in the meantime now because local insolation there only
there's only 1 worker that's lots of students he was 1 worker per CPU and a real deployment and so this is not the
Commission here this of or problems so city of I can watch a a brief description and and the status quo
have you and that's a problem that None of the crown information just need to the not
and the object so the
time so the other 1 was historically
sources started I have here can the lot of binary and it's this is
not a web page it's and it doesn't have to trust this case just
sneak and again that's without background information it's just a problem but you have to solve market
so the teacher can just assign problems problems create courses and for students reference together it's just a help for teachers for institutions to set up really fast from so these problems
I was talking about obviously there great portraits if you want to write your own problems that consist of only 3 parts a config file format information the set up for provisioning script and the convent director with the actual content all of the problem so can
exchange numbers all use physical dip repositories for whatever the before and you
can this deploy them I to talking they which reported this lotion where's the which recommends using darker only for testing because it doesn't offer isolationist really and and distortion is the top provider which is handy because then the probability that deployed locally but it spins up droplet and in the cloud and for your doesn't make a difference in the and then and other problem difficult is a measurement points for me I do for and between 1 and 5 and points I can this talk you like to solve problems I
Ch
don't from you just copy it to the problem fold problems folder osha per line and since In this case these are 2 problems
I was the problem lecture number although I just copy it there and use that and so on and stole the
truth annotations here consists of 4 elements to read is just a bonus and so you know what respond the conflict Jason is the mid identifier we're not if the points obviously the ports the VM users because the DMS not just put out in the while you while you have to specify the port services using and then the purloined system the that's support forward and in this case the service supports at 6 6 6 and that will get the sender and the port later on this category text forward search option because that's right downloads from the content directory that should be it should be able to download and name and the description which uses this these placeholders so here for example that the men will be replaced by Donald link for the standard yeah the of the host part no space or there will be replaced but also so the words considered to plot parents the port the support I spend specified earlier you can use that because as I said there will be random porn support assigned it as a port forwarding to the the term sport in states except except OK so I can number in this case let's say I
want to to my course the on science of put it in the problems fall there I can just while the web interface and solid for 2 different deployment options no and the system world stalwart the can take a 2nd Nelson's it creates the gamut provisions to be an through the
stomach and show you the the problem I
showed you the conflict of metadata the
constant is just a normal direct In this case with the program and configuration for except that the and the 3rd part was set up which is just a script that and insults needed services for the problem here it's just a vested with you and your especially nauseous profits were theories installed the
problem I will at the problem not to a cost to the host of the q number but
yeah and it just makes it very easy for teachers to these kinds of stuff no idea starts of the end the so you see
the tasks not starting and as the task strictly running to stop the again yeah
that's I can show you at
which the rule there are I submit flak I mean it's also interesting that task
this is a teacher at page 4 a problem with his teacher which a port forwarding that was used the description and the flag flexed created automatically they're not always the same the on the created 1st order
scenario of the task consider reflect and and cost and they can rest party to treat and I received points so this Cynthia just maybe forward
in so it was it don't I obviously in developed the tool I up you think it's useful if you have any questions or a few have trouble setting up there is actually a wiki page describing everything but stonechat write i'm glad to to help the mn and the
the on customs you get it and the this on there there's not really a marketplace for problems but so far the wiki page listing problems available 1 and that's also 1 of the reasons why I want to put this to all out because if somebody creates problems or and you can also just use open source software that as normal a abilities include for example then it through fear as you tell me so I can add to the list so far is marketplace because they're not there's not that hidden huge amount of problems but there's a wikipage uh also undertook of them and that's related to food and you just most aftermarket repositories just from the repository got it and then you have to get but if it grows and if there are more problems there will be marked Morris catalog of of hi and digital M. are where of for and of other people organizations using it already and how many my university where my the 173 semesters of what they do they have worksheets during the semester and the and this is kind of like a final alone so you a certain threshold which is not too high and a lot of tasks so you need to know solve 3 tasks that the the and where from the category that was thought in the lecture and also come this the 1st time I speak publicly about the tool but the company in the loan is set for training of the penetration testers the company called that it's an internship there and not only 1 and and the so far everybody we use that like that but the only my university and this company works the just but they like to call in any more questions a rather uh generic question in regards to this capture the flag is I think the idea is very very good and and you see appliances well this is very soft or something I believe I where I was taken out into the 1 existing services so that people had to sit there and solve problems like getting a so up and running in the real world and would do this and that stuff and it's 1 of the main critics of the methods that and especially if you jeopardy style where you don't even have to fix the problems you've exploited just have to prove that you interested in and it's interesting problem and we have experimented with it at universities but note that I haven't seen large setups where you have to patches system or I get a system running just think what bureaucratic but it's difficult to organize so so maybe the yeah maybe someone can come up with my solution for that especially that scales to get here at the university it's easy but if you that's a online with hundreds of participants it's not easy to organize so I haven't seen a large said that this that unfortunately although I have things and the question of how long does it take you to sort of a challenge maybe I missed that in a speech but what's the main the marks will you've experienced to creating challenge because that I think that's the essence of the so that's what this is the 1 of the reasons why i in that had to stop now because I think it's a bit of a crowdsourcing tasks but there are a lot of existing CDF because a lot of organizing their elements you give afterwards but the tasks in on the job or something like that so we can use them you can also use existing software that as vulnerabilities for example but making you need to ask is not that difficult so you can set up a website that has a as can injection vulnerability or something uh usually doesn't take so much effort so current events and the standards of it's not much of an effort to write tasks but to write really really good just to I take it to perfection this is almost or art uh as I said the city of tasks that were somebody and actually wrote operating system of as but the basic task as a shortened here I it took me maybe a couple of hours if you make it through a small and less once you've done 1 the kind of the end of it so if you write your own problems you per problems may a couple of hours or if you use an existing problem just alignment 4 per line that's very using this adjustment history files them so it's not a lot but if you want to perfection in its they slow and the and and so thank you and maybe another round of applause
Open Source
Videospiel
Freeware
Motion Capturing
Fahne <Mathematik>
Software
Computersicherheit
t-Test
Gesetz <Physik>
Grundraum
SISP
Schlüsselverwaltung
Quick-Sort
Computeranimation
Motion Capturing
Spezialrechner
Motion Capturing
Fahne <Mathematik>
Fahne <Mathematik>
Computeranimation
Zeitrichtung
Spezialrechner
Punkt
Datenfeld
Fahne <Mathematik>
Software
Computersicherheit
Fahne <Mathematik>
Computeranimation
Zeitrichtung
Ebene
Spezialrechner
Dienst <Informatik>
Fahne <Mathematik>
Softwareschwachstelle
Selbst organisierendes System
Dienst <Informatik>
Computeranimation
Motion Capturing
Punkt
Wasserdampftafel
Versionsverwaltung
Physikalisches System
Dienst <Informatik>
Zeichenkette
Informationsmodellierung
Dienst <Informatik>
Fahne <Mathematik>
Spieltheorie
Typentheorie
Datentyp
Trigonometrie
Zeichenkette
Subtraktion
Dienst <Informatik>
Motion Capturing
Fahne <Mathematik>
Spieltheorie
Selbst organisierendes System
Typentheorie
Fahne <Mathematik>
Datentyp
Grundraum
Computeranimation
Bit
Motion Capturing
Punkt
Elektronischer Programmführer
Fahne <Mathematik>
Typentheorie
Topologischer Vektorraum
Element <Mathematik>
Computeranimation
Task
Web Site
Punkt
Datenfeld
Web Site
Fluss <Mathematik>
Passwort
Information
Task
Bildschirmmaske
Web Site
Informationsmodellierung
Datenmanagement
Chatten <Kommunikation>
Pay-TV
Systemverwaltung
Pay-TV
Störungstheorie
E-Mail
Richtung
Telekommunikation
Web Site
Dienst <Informatik>
Skript <Programm>
Physikalisches System
Schlüsselverwaltung
Message-Passing
Computeranimation
Task
Web Site
Bildschirmmaske
Task
Computerforensik
Kryptologie
Kategorie <Mathematik>
Rechter Winkel
Güte der Anpassung
Kategorie <Mathematik>
Gebäude <Mathematik>
Physikalisches System
Computeranimation
Mobiles Internet
Computeranimation
Retrievalsprache
Wellenpaket
Punkt
Fahne <Mathematik>
Datentyp
Schaltnetz
t-Test
Kartesische Koordinaten
Ähnlichkeitsgeometrie
Computeranimation
Aggregatzustand
Retrievalsprache
Skalarprodukt
Mereologie
t-Test
Kartesische Koordinaten
Grundraum
Stochastische Abhängigkeit
Physikalische Theorie
Computeranimation
Prozess <Physik>
Gruppentheorie
Reelle Zahl
Element <Gruppentheorie>
Gruppenkeim
Information
Hilfesystem
Computeranimation
Konstante
Rückkopplung
Dienst <Informatik>
Software
Datenhaltung
t-Test
Gleitendes Mittel
Grundraum
Computeranimation
Task
Computersicherheit
Smith-Diagramm
Ungerichteter Graph
Computeranimation
Motion Capturing
Fahne <Mathematik>
Smith-Diagramm
Ranking
Grundraum
Hacker
Computeranimation
Router
Matching <Graphentheorie>
Umsetzung <Informatik>
Computeranimation
Spezialrechner
Dienst <Informatik>
Fahne <Mathematik>
Software
Benutzerschnittstellenverwaltungssystem
Softwareschwachstelle
Rechter Winkel
Dateiformat
Normalvektor
Bildgebendes Verfahren
Hacker
Leistung <Physik>
Task
Motion Capturing
Auswahlaxiom
Rechter Winkel
Software
Computersicherheit
Kartesische Koordinaten
Inhalt <Mathematik>
Unternehmensarchitektur
Framework <Informatik>
Gerade
Computeranimation
Systemprogrammierung
Synchronisierung
Web-Applikation
Besprechung/Interview
Spieltheorie
Systemplattform
Dienst <Informatik>
Bildschirmsymbol
Computeranimation
Datensichtgerät
Demo <Programm>
Punkt
Virtualisierung
t-Test
Aggregatzustand
Computeranimation
Deskriptive Statistik
TUNIS <Programm>
RPC
Fahne <Mathematik>
Code
Punkt
Hacker
Roboter
Schwellwertverfahren
Datentyp
Kategorie <Mathematik>
Installation <Informatik>
First WORD
Snake <Bildverarbeitung>
Spieltheorie
Dateiformat
Gruppenoperation
Konfiguration <Informatik>
Web log
Exploit
Wurzel <Mathematik>
Firefox <Programm>
Hash-Algorithmus
Jensen-Maß
Quader
Content Management
Dienst <Informatik>
Wiederherstellung <Informatik>
Task
Multiplikation
Mailing-Liste
Task
Perspektive
Virtuelle Realität
Passwort
Schwellwertverfahren
Passwort
Inklusion <Mathematik>
Programm
Lipschitz-Bedingung
Computerforensik
Systemplattform
Vektorraum
Elektronische Publikation
Digitaltechnik
Ruhmasse
Verbandstheorie
Nichtlinearer Operator
Firefox <Programm>
Stellenring
Hash-Algorithmus
Content Management
Snake <Bildverarbeitung>
t-Test
Spieltheorie
Zentraleinheit
Computeranimation
Gruppenoperation
Exploit
Passwort
Verbandstheorie
Punkt
Passwort
Inklusion <Mathematik>
Firefox <Programm>
Unterring
Snake <Bildverarbeitung>
Spieltheorie
Computeranimation
Objekt <Kategorie>
Videokonferenz
Exploit
Fahne <Mathematik>
Verschlingung
Punkt
Information
Ereignishorizont
Simulation
Firefox <Programm>
Hash-Algorithmus
Exploit
Content Management
Snake <Bildverarbeitung>
Ruhmasse
Spieltheorie
Punkt
Quellcode
Web-Seite
Binärcode
Computeranimation
Firefox <Programm>
Exploit
t-Test
Spieltheorie
Punkt
Information
Hilfesystem
Computeranimation
Elektronische Publikation
Dokumentenserver
Physikalismus
Content <Internet>
Zahlenbereich
Sichtenkonzept
Dateiformat
Computeranimation
Verzeichnisdienst
Mereologie
Rechenschieber
Dateiformat
Skript <Programm>
Skript <Programm>
Information
Inhalt <Mathematik>
Konfigurationsraum
Softwaretest
Streuungsdiagramm
Subtraktion
Punkt
Elektronische Publikation
Content <Internet>
Service provider
Computeranimation
Softwaretest
Verzeichnisdienst
Virtuelle Realität
Punkt
Skript <Programm>
Verzerrungstensor
Einflussgröße
Demo <Programm>
Punkt
Versionsverwaltung
Content <Internet>
Zahlenbereich
Element <Mathematik>
Term
Raum-Zeit
Computeranimation
Deskriptive Statistik
Dokumentenverwaltungssystem
Vererbungshierarchie
Punkt
Gerade
Freier Parameter
Kategorie <Mathematik>
sinc-Funktion
Ausnahmebehandlung
Physikalisches System
Binder <Informatik>
Konfiguration <Informatik>
Dienst <Informatik>
Rechter Winkel
Mereologie
Wort <Informatik>
Identifizierbarkeit
Hill-Differentialgleichung
Faltung <Mathematik>
Verzeichnisdienst
Aggregatzustand
Programm
Stereometrie
Subtraktion
Benutzeroberfläche
Hash-Algorithmus
Installation <Informatik>
First WORD
Content Management
Snake <Bildverarbeitung>
Spieltheorie
Physikalisches System
Farbverwaltungssystem
Computeranimation
Web log
Konfiguration <Informatik>
Mailing-Liste
Task
Einheit <Mathematik>
Zahlenbereich
Ruhmasse
Euler-Diagramm
Metadaten
Dienst <Informatik>
Schreib-Lese-Kopf
Mereologie
Versionsverwaltung
Content <Internet>
Skript <Programm>
Ausnahmebehandlung
Optimierung
Konfigurationsraum
Physikalische Theorie
Computeranimation
Firefox <Programm>
Hash-Algorithmus
Content Management
Aggregatzustand
Computeranimation
Task
Mailing-Liste
Task
Fahne <Mathematik>
Virtuelle Realität
Punkt
Programm
Roboter
Computerforensik
Datentyp
Konvexe Hülle
Installation <Informatik>
First WORD
Snake <Bildverarbeitung>
Spieltheorie
Dateiformat
Web log
Gruppenoperation
Exploit
Zahlenbereich
Ruhmasse
Verbandstheorie
SCI <Informatik>
Firefox <Programm>
Hash-Algorithmus
Content Management
Aggregatzustand
Computeranimation
Homepage
Task
Service provider
Deskriptive Statistik
Mailing-Liste
Task
Fahne <Mathematik>
Fahne <Mathematik>
Adressraum
Virtuelle Realität
Punkt
Roboter
Datentyp
First WORD
Snake <Bildverarbeitung>
Abelsche Kategorie
Spieltheorie
Web Site
Schlussregel
Web log
Exploit
Zahlenbereich
Ordnung <Mathematik>
Schreiben <Datenverarbeitung>
Firefox <Programm>
Punkt
Spiegelung <Mathematik>
Snake <Bildverarbeitung>
Spieltheorie
Dienst <Informatik>
E-Mail
Wiki
Gerade
Computeranimation
Task
Rückkopplung
Exploit
Fahne <Mathematik>
Zahlenbereich
Softwareschwachstelle
Punkt
Demo <Programm>
Bit
Web Site
Wellenpaket
Selbst organisierendes System
Dokumentenserver
Unrundheit
Sprachsynthese
Online-Katalog
Element <Mathematik>
E-Mail
Computeranimation
Task
Perfekte Gruppe
Software
Prozess <Informatik>
Fahne <Mathematik>
Grundraum
Gerade
Softwaretest
Zentrische Streckung
Schwellwertverfahren
Dokumentenserver
Kategorie <Mathematik>
Open Source
Mailing-Liste
Physikalisches System
Wiki
Ereignishorizont
Quick-Sort
Codec
Motion Capturing
Patch <Software>
Dienst <Informatik>
Softwareschwachstelle
Digitalisierer
Injektivität
Standardabweichung

Metadaten

Formale Metadaten

Titel Hosting CTFs with Berlyne
Untertitel Problem based learning in IT security
Serientitel FrOSCon 2017
Autor Gonzalez, Ruben
Lizenz CC-Namensnennung 4.0 International:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
DOI 10.5446/32300
Herausgeber Free and Open Source software Conference (FrOSCon) e.V.
Erscheinungsjahr 2017
Sprache Englisch

Inhaltliche Metadaten

Fachgebiet Informatik
Abstract Berlyne is free software and lets you create problems, following the principles of problem based learning. Berlyne can be used to host authentic Capture The Flag competitions in your own infrastructure. This talk explains what problem based learning is (and why it works well in IT security education), how to use Berlyne and how to extend it with own problems.
Schlagwörter Security

Zugehöriges Material

Folgende Ressource ist Begleitmaterial zum Video
Video wird in der folgenden Ressource zitiert

Ähnliche Filme

Loading...