Year: 2017

SANReN Cyber Security Challenge 2017: Winners

SANReN hosted its inaugural Cyber Security Challenge at the CHPC National conference 2017.

The competition was split into two rounds:

  • During round one, students competed for positions to compete in the final round. Over one hundred students from seven universities competed in the first round that was hosted during October 2017.
  • During the final round, only 32 students comprising eight teams were placed to compete over a span of fours days from the 3rd to 6th December 2017. Much fun was had by the students during the competition.

The final scoreboard at the end of the competition was as follows:

Overall placement Prizes:

  • First Place: Team BitPhase, University of Stellenbosch
  • Second place: Team Awesome Source, University of Pretoria
  • Third Place: Team H5-N1, University of Pretoria

Specific Challenges:

  • Social Engineering Challenge: Team H5-N1, University of Pretoria
  • Hash Challenge: Team H5-N1, University of Pretoria
  • Hack the Server Challenge: Team Insecure, University of the Western Cape

SA NREN parallel event at CHPC National Conference 2017

The South African NREN hosted a parallel event at the CHPC National Conference 2017 on the 5 December 2017.

The following presentations were made:

Session 1:

Session 2:

 

SANReN Cyber Security Challenge 2017: Round one completed

During 2017 the South African National Research Network (SANReN) initiated the Cyber Security Games project which was aimed at establishing the hosting of an information security student competition with an emphasis on network security.

The project was conceptualised to create a platform for students to compete in real-time during the Centre for High Performance Computing (CHPC) National Conference 2017. The real-time competition will consist of the following:

  • The challenge will test the problem-solving skills of participating teams by requiring them to complete tasks in penetration testing, incident response, digital forensics and cryptography;
  • An attack/defence system for team vs team battles. The systems used consists of dedicated pre-configured hardware and software. In the attack/defence competition, the teams have to hack each other, but also fix vulnerabilities in their own applications (by means of source code changes); and
  • Independently manned scoring system.

Due to the high interest received from students, the competition has been split into two rounds.

During the first round, students competed for positions to compete in the final round to be hosted at the CHPC National Conference 2017. Over one hundred students from seven universities competed in the first round that was hosted during October 2017.

For the first round, the students had to solve network security problems and identify security issues such as:

  • Decrypting Passwords;
  • Geo-locating pictures;
  • Solving password hashes;
  • Securing Web sites;
  • Finding information from TCP traffic; and
  • Extracting weak security keys.

From the first round only 32 students comprising eight teams have been placed to compete in the second and final round that will span four days from the 3rd to 6th December 2017.

Dr Renier van Heerden, project manager for the Cyber Security Games project had the following to say ”The Cyber Security Games expose students to an environment where they are confronted by real-time cyber adversaries. They have to adapt their theoretical information security knowledge to keep systems secure in real time. Additionally, they can also learn how bad guys attack networks in order to better defend cyber infrastructure in the future.”

Overall the Cybersecurity Challenge aims to stimulate interest in information and cyber security with computer networks by presenting students with challenges that replicate real-world scenarios.

This challenge was initiated by the SANReN Computer Security Incident Response Team (CSIRT) as part of its mission to reduce information security incidents in South Africa particularly through awareness and training activities. For more information on other CSIRT initiatives please visit https://csirt.sanren.ac.za.

The eventual aim is to be able to sponsor the winning student team to compete at an appropriate international competition, such as the European Cyber Security Challenge.

For more information about the Cyber Security Challenge 2017 please contact: csc@sanren.ac.za

SANReN plans to enhance the transfer of big data in South African research facilities

Researchers in fields such as bioinformatics; meteorology; astronomy; particle physics and Earth observation share very large datasets between local and international campuses. The quicker this data is transferred and received, the sooner it will be analysed and utilised in the creation of new knowledge.

As it stands however, most South African campus networks are not designed for large data transfer. The result is that researchers, desperate to send their data to where it is required, resort to physically shipping hard drives of information.

Testing. One, two, three…

To help address this challenge, SANReN – which together with the Tertiary Education and Research Network of South Africa are responsible for the South African National Education and Research Network, is setting up proof-of-concept Data Transfer Nodes (DTNs) at specific sites. SANReN will be using a Science Demilitarised Zone architecture better known as the Science DMZ.

The Science DMZ is a network architecture that has been enhanced for the transfer of large-scale research data. It was developed by engineers at the Energy Sciences Network and National Energy Research Scientific Computing Centre. The architecture allows for a ‘scientific data enclave’ on a campus network, separate from everyday/commodity traffic. This means that big datasets can now be allocated their own pathway on the network for optimised delivery, allowing researchers and scientists to move data more efficiently.

Getting to grip with the technicalities

“The technicalities behind the current limitations are that most campus networks in South Africa make no distinction between general-purpose traffic and specialised large research data sets moving through the network to and from other research institutions,” explains SANReN network engineer Kasandra Pillay. “The result is that big-data traffic takes a long time to arrive at its destination as it is slowed down by various devices on the network which are designed for general-purpose traffic,” she adds.

To tackle the issue of operating large data optimised networks, SANReN recently hosted two pivotal workshops on data transfer and operating innovative networks with their beneficiaries – representatives from South African universities, science councils and research institutions. The workshops were held in Pretoria and in Cape Town, where approximately 50 delegates deliberated on how the Science DMZ can improve network performance when moving large datasets in and out of campus networks.

Based on the international series (http://oinworkshop.com/), the workshops equipped network engineers, managers and researchers with the hands-on knowledge needed to build next-generation campus networks optimised for data-intensive research. SANReN also invited two international experts, Jason Zurawski (Lawrence Berkeley National Laboratory/Energy Sciences Network) and Scott Chevalier (Indiana University International Networks) who presented the workshop with support from SANReN engineers and financial assistance provided through NSF grant 1638863 (IRNC: Backbone: NEAAR: Networks for European, American, and African Research).