Cyberhunt Capture the Flag

From das_wiki
Revision as of 04:14, 4 December 2019 by This is ace (Talk | contribs)

Jump to: navigation, search

Welcome to Cyberhunt, the privacy capture the flag competition! (Ace to complete rest here)


    In a generation where technology is essential to our daily living, do we really think about how secure our assets are? Our project provides a unique approach to cyber security and privacy. Instead of a typical approach of feeding mass amounts of information to users, our project allows users to be more immersed in the world of cyber security and privacy. Our simulations will give the user an offensive/ hacker-like approach which in-turn will educate them on effective defensive cyber security techniques. In order to beat the hacker, you have to think like a hacker.

    Our goal is to educate and raise awareness on the importance of Cyber Security. Technology in the information age is a double edged sword. The more we immerse ourselves in technology, the more people will exploit technology for their own personal agenda. We aim to mitigate this exploitation of technology by educating people on how to defend their information against cyber-attacks

Challenge 1: Link-shim Attack

Challenge 2: Linkage Attack

What is a Linkage Attack?

  • A linkage attack is a method cyber criminals use to identify individuals using a data set by combining information from one data set with another. These cyber criminals use pieces of information named Quasi-identifiers. Quasi-identifiers are pieces of information that are not meaningful alone. However, when they are combined with other Quasi-identifiers they can create a picture that can identify an individual.Examples of Quasi-identifiers are, postal code, date of birth, salary, transaction history, etc.
  • Alone each of these Quasi-identifiers is not specific enough to identify an individual. However, when combined the likelihood of identifying an individual is much higher. Linkage attacks are one of the most commonly used cyber-attacks because seemingly non harmful data is often enough to identify an individual.

In our demonstration we want the user to experience what it’s like to conduct a linkage attack.

  • In our challenge the user will be simulating a linkage attack by collecting information on individuals based off of data provided on social media platforms (Instagram, Snapchat)


  • The Boyfriend, ((Will), which is who you are in this simulation), believes his Girlfriend has been acting weird lately. His suspicions lead him to believe his girlfriend has been cheating on him. So he decides to conduct a linkage attack using snapchat and Instagram as sources. You are the boyfriend. Use the information provided in snapchat and Instagram to find out who your girlfriend is cheating on you with (Stacey is your GF). You will use snapchat to narrow down your suspects. Then you will use Instagram to find a relationship between Stacy (the girlfriend), suspect friends, and a suspect finsta profile. With this information you will be able to decipher the owner of the finsta profile. Which will link you to the person your girlfriend is cheating on you with.