August 20, 2014
Carnegie Mellon University demonstrated its cyber prowess at DEFCON 22 by winning the “Capture the Flag” and “Crack Me If You Can” contests.
Carnegie Mellon’s computer hacking team, the Plaid Parliament of Pwning (PPP), took first place for the second consecutive year in the Capture the Flag (CTF) contest. Globally, hundreds of teams battle throughout the year for one of 20 slots at DEFCON’s CTF competition, which has been called the “World Series of hacking.”
“Our team competed against universities and also against large defense contractors. This win is a huge accomplishment for our team,” says team advisor David Brumley, an associate professor of Electrical and Computer Engineering and the technical director of Carnegie Mellon CyLab.
The PPP team qualified for DEFCON for the last three years, and won first place in 2013 and again in 2014. The PPP team is part of CyLab’s Undergraduate Computer Security Research group, and it consists of 35 members from the College of Engineering and the School of Computer Science.
At DEFCON 22, the team was limited to eight members: George Hotz, Ryan Goulden, Tyler Nighswander, Brian Pak, Alex Reece, Max Serrano, Andrew Wesie, and Ricky Zhou.
A second team, this one from CyLab Usable Privacy and Security (CUPS) Lab, and simply named “cmu,” won the Street Division category in the “Crack Me If You Can” contest. In this two-day event sponsored by KoreLogic Security, teams exposed or “cracked” encrypted passwords.
"The students leveraged what they had learned from our research studies to develop their winning strategy," CUPS Director Lorrie Cranor says, "It is remarkable for a first-time team to win this competition." Cranor and fellow CyLab faculty members Lujo Bauer, Nicolas Christin, along with their team of students, are responsible for a growing body of work on passwords.
See all CyLab News articles