CyberTraP module is a real-time capture the flag (CTF) scoring engine for training exercises that will be implemented in the IRIS Virtual Cyber Range. In the framework of IRIS project, this training environment will be utilized to host cyber-security activities where the trainees can practice their skills, regardless of experience, in both offensive and defensive techniques through realistic challenges. The benefits of using the CyberTraP module include:
- the CTF platform is easy to comprehend and targets at improving the end-user training experience. The users form teams or practice solo, and target challenges with multiple levels of difficulty and sophistication.
- the module can be easily configured and modified for any CTF style game (including offensive and defensive activities). The platform facilitates the engagement of both novice and experienced players.
- the CyberTraP module aims at increasing the productivity of CSIRT/CERT operators and their operational efficiency through competition by tracking their training process in the cybersecurity exercises.
- CyberTraP is based on the Root the Box open-source CTF platform, aiming at effectively reducing the training and support costs of CSIRT/CERT end-users and cybersecurity experts.
CyberTraP is developed in Python, utilizes SQLAlchemy for back-end, while Bootstrap and jQuery are utilized on the front-end. This tool uses Web sockets to communicate with the users in real-time, providing full-duplex communication channels over a single TCP connection. The CyberTraP module has two main sub-components: the Missions and the Scoreboard. The training environment is flexible to accommodate the deployment of additional tools as separate components to support missions.
The Missions component contains CTF challenges named boxes – each belonging to a predefined category and grouped under a game level. Boxes contain difficulty indicators, reward points, and a flag section. In addition, they can also be accompanied by an icon, a system type and a descriptive text. Each box practically represents a host in which the user/team can practice on. Digital evidence, or flags, proving that a user/team has met a specific challenge goal, appear within each box, the nature of which is dependent on the challenge topic.
The Scoreboard component is based on flag submissions, where a team or player must provide the appropriate evidence obtained by completing a target challenge. Each flag corresponds to a specific number of points to be acquired and its completion may be dependent on successful completion of previous challenges. The module allows hints to be provided to the user and, in some cases, penalties may be given.
The capabilities of CyberTraP module also provide built-in team-based file/text sharing and admin game material distribution, allowing for workloads and assessments to be performed in both Team Play or Individual Play, as well as a real-time animated scoreboard, graphs, and status updates.