• Total Posts: 28066
  • Total Topics: 8058
  • Online Today: 1132
  • Online Ever: 51419
  • (01. January 2010., 09:27:49)

Author Topic: The Race to Zero  (Read 1755 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7152
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum
The Race to Zero
« on: 26. April 2008., 14:14:49 »
The Race to Zero contest is being held during Defcon 16 at the Riviera Hotel in Las Vegas, 8-10 August 2008.

The event involves contestants being given a sample set of viruses and malcode to modify and upload through the contest portal. The portal passes the modified samples through a number of antivirus engines and determines if the sample is a known threat. The first team or individual to pass their sample past all antivirus engines undetected wins that round. Each round increases in complexity as the contest progresses.

There are a number of key ideas we want to get across by running this event:

1. Reverse engineering and code analysis is fun.

2. Not all antivirus is equal, some products are far easier to circumvent than others. Poorly performing antivirus vendors should be called out.

3. The majority of the signature-based antivirus products can be easily circumvented with a minimal amount of effort.

4. The time taken to modify a piece of known malware to circumvent a good proportion of scanners is disproportionate to the costs of antivirus protection and the losses resulting from the trust placed in it.

5. Signature-based antivirus is dead, people need to look to heuristic, statistical and behaviour based techniques to identify emerging threats

6. Antivirus is just part of the larger picture, you need to look at controlling your endpoint devcies with patching, firewalling and sound security policies to remain virus free.

Above all we want the contestants to have fun!


Rules of Engagement

The following rules apply to all contetants:
1. Contestants can work in teams of up to 4 people

2. Modified virus samples must be functionally the same as the original
You can modify mutexes, filenames, process names, IP addresses, etc as long as the code functions the same

3. Modified malcode samples must still exploit the vulnerability it was intended for
Samples of vulnerable software will be provided to contestants to test their exploits against

4. Modified samples will not be submitted to antivirus vendors unless authorised by contest participants

5. Race to Zero staff may analyse virus submissions to draw conclusions/trends, etc

6. Techniques used to perform mutations will not be submitted to antivirus vendors without contestants approval but may be used during our post-contest round-up presentation

7. Judges decision is final, no correspondence will be entered into unless beer is supplied

( Copyright by )

Samker's Computer Forum -

The Race to Zero
« on: 26. April 2008., 14:14:49 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising