Anti-cheating v for network security CTF competition

Abstract

The invention discloses an anti-cheating system and method for network security CTF competition. The system mainly comprises a CTF test paper module, a competition question management module, an operator management module, a Flag session module and a Flag security module. The CTF test paper module is used for synthesizing competition test paper and generating Flag for all competition questions; the competition question management module is used for generating a competition question environment and writing the competition question environment into Flag; the operation machine management module is used for generating a competition participation operation machine connected with a competition question environment for competition participation team members; the Flag session module is used for storing session records in a session validity period; the Flag security module is used for performing security Flag information replacement on the intercepted message; and the CTF test paper module judges whether cheating or abnormality exists according to the Flag session record. According to the invention, the security of the competition platform and the resistance and detection capability of theplatform to cheating behaviors can be improved, and the method can be suitable for application scenarios of various protocol access competition questions.

Description

technical field [0001] The invention relates to an anti-cheating system and method for a network security CTF competition, belonging to the field of network technology. Background technique [0002] CTF is generally translated as capture the flag in Chinese, and in the field of network security, it refers to a form of technical competition among network security technicians. CTF originated from the DEFCON Global Hacking Conference in 1996 to replace the way hackers conducted technical competitions by launching real attacks against each other. It has become a popular form of competition in the global network security circle. In the CTF competition, participating teams participate in the on-site network and rank by the score and time for solving network security technical challenges. The participating teams get a string of Flags with a certain format from the competition environment given by the organizer, and It is submitted to the sponsor to earn points. [0003] The depl...

AI Technical Summary

Problems solved by technology

Since the flags of the fixed competition questions are not easy to keep secret, there is no space isolation between the participating teams at the competition site, the competition flags obtained by the participating teams are easy to leak and be submitted by other teams for scoring, and there is no effective monitoring method to detect cheating behavior and collect evidence for cheating behavior , so there is a problem that cheating is easy to happen in the existing process, and it is difficult to find cheating

[0004] In order to overcome the problem that the fixed competition flag is not easy to keep secret, the Chinese invention patent application CN201810412456.7 discloses a method for generating CTF dynamic Flag based on transparent proxy. By planting the user's unique Token in the user's browser, the online competition platform will allow the user to access the competition topic The address is directed to the proxy server, and the proxy server forwards the request to the competition server. After receiving the content of the competition returned by the competition server, the Flag in the content of the competition is replaced by the new Flag generated by reversible encryption of the original Flag and the user Token. ; After the online competition platform receives the Flag submitted by the user, it performs a reversible encrypted inverse operation on the Flag submitted by the user and the Flag of the original competition question, and obtains the user's answer result according to the inverse operation result

This solution can realize anti-cheating and log records without the user's perception of the whole process, but it also has the following shortcomings: 1. All processes are strongly dependent on the Token of the browser. As a client means, it is unreliable and easy to be tampered with. Proxy The server cannot perform effective authentication and verification, and the log associated with the Token is not sufficient evidence for cheating; 2. Relying on the Flag encryption algorithm of the Token, it is easy for the team members to continuously modify the Token access to brute force the key information; 3. The proxy server Proxy the requests of all participating team members, and concentrate the scattered user access traffic to the proxy server; 4. Relying on the browser to access the competition, limited by the browser as the client of the competition, there are non-HTTP protocol accesses in practical applications Application Scenarios of Competition Questions

Images