A Support Environment and a Trial Practice of Hacking Contest with Attack and Defense Style on a Game Website

Abstract

Practical education about information security is needed for system developers and administrators in Web service suppliers. We propose a hacking contest CTF as attack and defense style with a website for a multiple online game. The contest organizer prepares a game server site as a contest environment which contains several vulnerability. The contest participants are divided into an attacker team as game players and a defender team as game Website operators. While the attackers access the game site with normal actions, they find vulnerabilities and try cheating actions. While the defenders monitor server logs, they detect illegal events and prevent them for maintenance. An action of each side is calculated as a point and makes each score for victory or defeat by the contest rule. The contest organizer reviews the progress situation with all participants. In this paper, we introduce several functions of a trial system and discuss the result of a trial practice.