Home

What IS the NECCDC?

Overview

The NECCDC is one of a collecton of cyber security competitions held around the USA each year, in the early spring. 2- or 4-year schools send teams to represent them at the competition, and the winner from each regional competition goes on to a national competition, usually held in April.
 

PLEASE NOTE:
This is primarily an undergraduate student competition. Teams are limited to 8 people. At most 2 of these may be graduate students. Teams not adhering to this rule will be disqualified.

ALSO:
This is a defensive competition. All attacks will be made by a specially chosen RED TEAM, with members from industry. Under no circumstances may team member engage in attack activities. Teams that exhibit attack behavior will be disqualified.

 

How does the competition work?

Each collegiate team is what is called a 'BLUE' team. They are provided with a complete and working enterprise, though the enterprise is not secured. Each enterprise will be identical for all BLUE teams and will consist of a number of computers and network appliances. The computers will run various operating systems and will offer a variety of services. At the start of the competition, the teams are given an amount of time (~1 hour) to secure their enterprises. All teams have access to the Internet during the competition.


After the initial time to secure the enterprise is complete, a RED team of experts from academia and industry begin to attack the BLUE teams, looking for vulnerabilities. If a vulnerability is discovered in one BLUE team site, all other BLUE team sites are checked for the presence of the same vulnerability. Then, it is reported to a WHITE team. The WHITE team are the competition judges and scorers.

In addition to the RED team attacks, the WHITE team is monitoring BLUE team service availability, with the help of a BLACK team. The BLACK team's responsibility is to automatically check whether service level requirements of the BLUE teams are being met and to generate normal (non-attack) traffic to all BLUE team sites. The BA team is also charged with maintenance of the competition network, up to the BLUE team network borders. The BLUE teams are responsible for their own enterprise networks.

The competition runs for an afternoon on a Friday, all day Saturday, and for the morning on Sunday. At a luncheon in the early afternoon on Sunday, a winner is announced and awards are given to the winning team.

During the competition, the WHITE team 'injects' requirements into the workflow of the BLUE teams. All BLUE teams receive the same 'injects' at the same time, to keep the playing field level. 'Injects' can be of any type, from requiring a report to management, to removing one or more team members (simulating illness, for instance) to changing the requirements of the enterprise.

To win the competition, a BLUE team must be able to balance service level responsibilities with external attacks and internal demand.

Team standings, without scores, are posted periodically throughout the event.