UW Students Learn To Hack For Your Safety | KUOW News and Information

UW Students Learn To Hack For Your Safety

Nov 14, 2013

What do kids who play capture the flag on summer breaks do when they grow up and go to college? Turns out, the same thing – only the game evolves to computer security and privacy puzzles in a trend that’s being called “ethical hacking.”

Yoshi Kohno is a cyber security professor at the University of Washington. He has a class that is designed for students to understand computer security threats against modern technologies. “We teach students both how to violate the security of a computer system and how to protect the security of a computer system,” he said.

With a group of smart students actively engaged in building and breaking security systems, the natural concern is how to keep the skills from breaching moral standards.

“Ethics is incredibly important for me,” Kohno said. “At the beginning of my course I have all my students sign an ethical form that says they won’t use the knowledge learned through this course without legal authorization.”

But the students don’t just stay in the classroom or lab. CTF – Capture the Flag – tournaments allow students to take their skills into a competitive arena.

The University of Washington has its own team, Batman’s Kitchen, that spars at the National Collegiate Cyber Defense Competition. Batman’s Kitchen has won the regional competition in every year it has competed and taken home national honors in 2010 and 2011.

Community and learning opportunity draw in the students. “If you want to be malicious, sure, there’s all sorts stuff – but we won’t teach you any of that in our class,” said Melody Kedanko, the team’s advisor. “Our number one mission is to have fun. I’m assuming that if people have ulterior motives they are not going to come to our group.”

In one style of competition, teams are given a computer or network and must attack another team system – by either stealing their opponent’s “flag” or planting their own – while defending their own. This can include reverse-engineering, programming and protocol analysis. The purpose is not to create a new breed of super hackers, but rather to teach students how to guard against computer threats.

Produced for the Web by Kara McDermott.