Machine-Only Hacking Competition Produces 7 Finalists

The lucky few emerged after a full day's worth of a rapid-fire game of capture the flag.

After 24 hours of hacking, seven teams were dubbed finalists in the Defense Advanced Research Projects Agency’s multiyear Cyber Grand Challenge

Each team competed in a rapid-fire, machine-only game of “capture the flag,” which involved reverse engineering software to uncover and repair security issues hidden in code. Teams were evaluated based on their program’s ability to find and fix 131 pieces of software, according to the event press release. 

"We want an automation revolution in computer security so machines can discover, confirm and fix software flaws within seconds, instead of waiting up to a year under the current human-centric system,” said Mike Walker, DARPA program manager, in an agency statement.

The seven finalists came from across the country, and included a group of computer science graduate students from the University of California, Santa Barbara, and a professor and post-doctoral researcher pair from the University of Idaho.

The teams were awarded $750,000 to assist them in preparing for the final competition. They will also be given the opportunity to test and refine their system using a “digital arena” provided by DARPA.

Capture the flag is frequently used to evaluate cyber defense skills, but it was the first time the game was played only by machines.

The teams selected will now move onto the final stage of the competition, which will take place in Las Vegas in August 2016. There will be almost $4 million worth of prizes on the line.

The competition is “a first-of-its-kind tournament designed to speed the development of automated security systems able to defend against cyberattacks as fast as they are launched,” according to the release.

Over 100 teams registered for the competition in 2014. They were narrowed down to only 28 teams for the preliminary competition and qualifying events.