Note: The last date for registration is over! However, you can still register. If you register after 27th October, please mandatorily inform us by sending an email at cybersec.iitb@gmail.com justifying why you are keen to participate. We will review and inform if you are accepted to participate. Note that the deadline to submit the solution remains unchanged at 31st December even if you register late. Also, we may stop accepting late registrations anytime, depending on the number of participants we can support.

Why this Program

The rapid growth of remote access to corporate resources and cloud-based applications via laptops, tablets, and mobile phones have increased the possible ways of penetrating a network. These end-points can be attacked by email-based phishing, ransomware, malware, and drive-by-downloads from web surfing. Thus, it is crucial to bring robust endpoint protection mechanisms to prevent any impending cybersecurity attack.

Endpoint Detection and Response (EDR) capabilities are rapidly evolving as a method of identifying threats by analyzing system logs to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore affected systems. Osquery, an open-source platform from Facebook, allows users to systematically collect data from endpoints. Analyzing the voluminous data manually is challenging and hence it is important to develop algorithms that can automatically detect the attacks by analyzing the logs. The rights for the resultant IPR that is created/developed as part of the competition will remain with the participants/winners.

Webinar and Q&A session

A webinar with Q&A session was organized on 7th October at 4.30 pm to discuss the Challenge in detail. 

Link for the video recording:https://tinyurl.com/ncetiswebinarcybersec

Link to the presentation: https://tinyurl.com/ProbleDescription

Problem Statement

In this challenge, we would address the following cybersecurity issues in EDR using Osquery.

o        Detection of privilege escalation in endpoints using Osquery:

Using the data logs collected front the Osquery, detect any user is getting higher-level permissions/privileges than s/he is currently assigned.

o        Lateral movement detection using Osquery

Attackers move through a network progressively by escalating their privileges (lateral movement). Often the movement occurs within the local network making them look legitimate. Such movements need to be detected by monitoring logs across the endpoints in the networks.

o        Algorithms for automated threat detection and response.

Develop algorithms for automated detection of lateral movements and privilege escalations from the Osquery logs. The algorithms should help in detection as well as preempt the attacks.

Link for a description of the problem: https://tinyurl.com/ProbleDescription

Duration and Expected Timelines

This is the short-duration challenge of 90 days (once the problem statement is relesed) consisting of the following timelines

Implementing Agencies

MeitY Startup Hub will be the executing agency for running the challenge. NCETIS will work closely with MeitY Startup Hub and provide the problem statement and institute awards to the winners. NCETIS will also provide the necessary support, infrastructure, technological integration, and resources needed by startups for demonstrating the efficacy of the solution envisaged to be developed under the Challenge.  

Resultant IPR

The rights for the resultant IPR that is created or developed as part of the competition will remain with the participants/winners. 

Incentives

A total of Rs. 15 lakhs is proposed for the Cyber Security Innovation Challenge.

⮚                 1^st Prize: 8 lacs in cash

⮚                 2^nd Prize: 5 lacs in cash

⮚                 3^rd Prize: 2 lacs in cash

In addition to cash prizes, the winners will get an opportunity to work with NCETIS Faculty at IIT Bombay. There is a possibility for incubation at the IIT Bombay incubation center too.