Computer science graduate students and researchers on Team Shellphish have advanced to the final round of DARPA's Cyber Grand Challenge, which culminates in a final competition held at DefCon 2016 in Las Vegas. One of only seven teams from across the nation to compete, Shellphish is aiming for the $2 Million grand prize, among $4 Million in total prizes. Watch the Cyber Grand Challenge live webcast on August 4, starting at 5pm PT, at cybergrandchallenge.com.
The goal set forth by DARPA's Cyber Grand Challenge is to reverse engineer an autonomous system to detect cyber intrusions, such as smart home technology security invasions, rather than rely on human detection. The Shellphish cyber reasoning system, Mechanical Phish, is powered by angr, a framework for analyzing binary software at the deepest level. The challenge for Mechanical Phish is to detect and then automatically patch these sophisticated security flaws.
Team Shellphish has a long history of participating in "capture the flag" hacking competitions and have competed in more than any other finalist team at the CGC right now, while also boasting some of the youngest architects in the challenge. Led by Professor Giovanni Vigna, Shellphish is a team of hackers from the UCSB Computer Security Group, or SecLab, that include Team Captain Yan Shoshitaishvili, Antonio Bianchi, Kevin Borgolte, Jacopo Corbetta, Francesco Disperati, Andrew Dutcher, John Grosen, Aravind Machiry, Chris Salls, Nick Stephens, and Ruoyu "Fish" Wang.
The Cyber Grand Challenge began in 2014 with 104 team participating for a place at the top. In 2015, Shellphish took home a $750,000 semifinals prize to help prepare them for the finals.
"For the students on the Shellphish team, qualifying in the Cyber Grand Challenge is a great achievement," said Vigna. "We are proud to share this acheivement with six other amazing teams from top universities and companies whose sole focus is on vulnerability anaysis."