Network security competition, also known as information security and confrontation competition (ISCC), is held once a year. Until August 2007, the competition was further affirmed by the Personnel Department of People's Republic of China (PRC) Ministry of Education and the Ministry of Industry and Information Technology. It is agreed to add a special invitational competition on information security technology to the National Electronic Design Competition for College Students, that is, the National Electronic Design Competition for Information Security Technology, which will be held every two years from 2008, providing more opportunities for college students nationwide and playing a very important role in popularizing and popularizing information security technology nationwide.
develop
So far, ISCC has been successfully held for 9 sessions. In 2004, after five months of preparation, the first competition was successfully held. The first competition was welcomed by all teachers and students with novel competition forms and open and transparent competition rules, and achieved good results.
In the next few years, ISCC has made great progress with the support of the academic affairs office, the Youth League Committee and the school network center. ISCC 2005 adopts multi-branch hierarchical design on the basis of summarizing previous experience. ISCC 2008 changed the hierarchical structure from the original serial topology to the parallel structure, and the homepage was visited more than 30,000 times. ISCC 20 10 extended the contest to foreign schools for the first time with the assistance of Tsinghua Association for Science and Technology. By 20 10 of the eighth session, the competition group began to cooperate with well-known enterprises? Lumeng technology? Cooperation. On the basis of the accumulated experience in the previous seven years, Lumeng Technology gave full play to the advantages of enterprises in resources and practical skills, and together with Beijing Institute of Technology, promoted the level and scope of the competition to a new height, attracting the extensive participation and attention of students, graduates and professionals engaged in safety work. It has become one of the most anticipated and concerned traditional subject competitions in Beijing Institute of Technology.
This indicates that after years of development and reform, the Beijing Institute of Technology Information Security and Countermeasure Technology Competition has gradually stepped out of the school gate and achieved in-depth cooperation between schools and enterprises in technology and resources. While improving the technical level and influence of the competition, it is an important goal of colleges and universities to expand the social practice of college students and fulfill the social responsibility of enterprises in talent training in colleges and universities. Through the joint efforts of colleges and enterprises, it is an important goal of colleges and universities to discover and cultivate more outstanding talents in network security.
Competition mode
The competition is divided into two parts: online individual challenge and offline team competition.
Personal challenge
Personal challenges focus on typical information systems and computer information networks, and are divided into six levels: basic, WEB, reverse, PWN, MISC and reality. The content of checkpoint inspection involves WEB knowledge, ASP/PHP script, buffer overflow, software shelling, system vulnerability utilization, social engineering and other information security knowledge. (1) Fundamentals: It mainly examines the basic knowledge of computer and network security, involving information mining, search, sniffing, wireless security, regular expression, SQL, scripting language, assembly, C language, simple cracking and overflow. It aims to popularize information security knowledge and lead information security enthusiasts to get started.
(2) WEB: Investigate script attack techniques such as script injection, deception and cross-site;
(3) Reverse: Investigating the related technologies of reverse cracking requires high reading and writing ability of assembly language and understanding of operating system principles.
(4) PWN: Investigate the technology of software vulnerability mining, analysis and utilization, and explore the binary code The Secret Behind, which requires a certain understanding of vulnerabilities and knowledge of operating system principles.
(5) MISC: Investigate all kinds of computer systems and network security knowledge, involving information security fields such as steganography, traffic analysis and kernel security.
(6) Authenticity: The real website environment is used to investigate the invasion and penetration ability. In the team competition, outstanding students and individuals are selected and invited to participate in the offline team competition of Beijing Institute of Technology. The offline competition is divided into several groups for confrontation, and the offensive and defensive competition is carried out in a closed real confrontation environment (including DMZ area, data area, development and testing area, intranet service area and terminal area), which fully demonstrates the individual level of each player and the team's cooperation ability. Mainly take the position to capture the flag, occupy the highlands and other modes for offensive and defensive competition. During the competition, each team scored points by invading the designated server to obtain the flag, and defended against other teams' attacks after attacking the highland.