Embry-Riddle Students Shine in Tracer FIRE Cyber Competition

Embry-Riddle students showed they have what it takes to defend against cyber intruders, with Prescott Campus teams placing first, second and third in a recent statewide Tracer FIRE (Forensic and Incident Response Exercise) competition.

Tracer FIRE, a cyber incident response exercise developed by Sandia National Laboratories, teaches students how to detect and recover from malicious intrusions using forensic tools and techniques.Students learn the importance of working as a team to solve real-time challenges and how to communicate the crisis and solutions outward through reports and executive debriefs.

“These outreach opportunities increase the breadth and depth of student knowledge, skills and abilities in cyber defense and national security,” said Dr. Krishna Sampigethaya, Chair of Cyber Intelligence and Security. He added, “Our hands-on curriculum teaches several cyber tools used in Tracer FIRE, but there were some newer ones that students learned in the event and, more importantly, experienced a practical competitive opportunity to apply them.”

“As an alumnus of the Embry-Riddle Prescott Cyber Program, it was a great experience being able to share my knowledge and the Tracer FIRE program with the next set of cyber professionals. I’m excited to see what this great group of students achieve as they further their academic and professional careers. Embry-Riddle Prescott has an outstanding cyber program,” said Tyler Morris (’18).

Embry-Riddle Tracer FIRE participants. (Photo: Embry-Riddle/Dr. Krishna Sampigethaya).

Morris, who helped lead the Tracer FIRE competition, is now a security researcher at Sandia, developing future cybersecurity technologies in areas of forensics, software and security scenarios. He said, “As the Tracer FIRE team continues to expand its outreach programs, the team was very excited to conduct our first event at ERAU. The students had wide technical breadth and came ready to learn.”

Teams had to work through a security scenario involving multiple cyber-attacks on a fictional state government. Attackers had infiltrated the government network, causing power outages and tampering with an election. Participants had to investigate these attacks using open-source hunting tools to determine exactly what occurred and make recommendations on how to remediate the situation.

"With experience competing in other Capture the Flag (CTF) competitions, I was not expecting how complex and realistic the Tracer FIRE CTF was. Instead of being given a code and having to decipher it, we were given system monitor logs and network traffic logs and were tasked with extracting key moments where cyberattacks took place. The challenges were so varied and dense that, without a team, completing all the challenges would be extremely difficult in the time given, “ said Carson Tucker, a member of the winning AFROTC Detachment 028 Cyber Team.

“While teamwork relating to the challenges was critical, I also saw our team shine during the presentation, where we were tasked with showcasing our findings and processes. The opportunity to learn from the professionals at Sandia National Laboratories about not only how to use specific tools but also how to think through the process of determining malicious frames, packets and log entries was invaluable," said Tucker.

Teams from the University of Arizona and Arizona State University also competed remotely in the competition. Many thanks to the Tracer FIRE team from Sandia for making this three-day learning event possible: Kevin Nauer, Kinsleigh Wong, Shad Gudmunson, Tyler Morris and the entire Tracer FIRE team.

Morris said, “The Tracer FIRE team hopes to bring the competition back to Embry-Riddle and other Arizona schools next year.”

Posted In: Computers and Technology | Security Intelligence and Safety