ictf ec2

By Daniel Ruiz

Background ICTF and EC2» Create AMI» Manage AMI » Cloud Networking » ICTF EC2 Network Layout» Problems» Future Work

ICTF◦ International Capture the Flag (ICTF) is a hacking

competition held yearly in December◦ UCCS has been participating in ICTF since 2006

EC2 ◦ Amazon Elastic Compute Cloud (EC2) is a web

service that provides compute capacity in a cloud.

◦ Allow the creation of an Amazon Machine Image (AMI) which is essentially an OS image that can be uploaded and ran within Amazons EC2.

ICTF EC2◦ Is an attempt to mimic the ICTF network

from within Amazons EC2 Goals

◦ Allow students to have hands on experience in an ICTF environment before the competition

◦ Allow for experimentation on attack and defense

Amazon EC2 account ◦ AWS Access Key Identifiers◦ x.509 certificate

AMI-Tools are needed to create an Linux/Windows AMI

Existing AMI’s can also be used◦ Amazon Web Service (AWS) Management

Console◦ Elasticfox (Firefox plugin)

AMI cannot be shutdown only terminated and rebooted

AMI-Tools can be used to manage AMI

GUI Managers are also available:◦ ElasticFox◦ AWS Management

Console

AWS Management Console

ElasticFox

Cloud Security◦ Cannot run certain attacks (DoS and DDos) from

within the cloud Cost $$$ IP’s can take up to 24 hours to trickle there

way through the internet (Can be solved with Elastic IP)

Can get kicked out of cloud◦ Would require new account and rebuilding of

ICTF images

Automate deployment and shutdown of the ICTF Cloud Network

Create an intelligent network intrusion detection system (NIDS)

Experiment with network security solutions such as:◦ Protocol Intrusion Detection Systems (PIDS )◦ Host-Based Intrusion Detection Systems (HIDS)◦ Honeypots◦ Tarpits