So I joined the AI Security CTF hosted by SINCON 2021 organisers.

It was a great learning experience, especially for me who has no “real” experience in ML. Overall the learning curve was alright (at some point, copy and pasting from examples were sufficient).

The CTF grouped the challenges by “Easy”, “Intermediate” and “Kind of Difficult”. The “Easy” questions were generally pattern spotting (and somewhat ambigious) questions that were relatively easy.

Easy Challenges

Overall, these “Easy” challenges can be solved by general AI knowledge, sorting Binary by alphabetical order, ROT13, and Binary decoding.

Adversarial Pet Photos

This “intermediate” challenge started to be interesting. 2 group of pictures were given, and one pair is basically “poisoned”.

In the above example, the left was the original, and the right was the pair. I went with the approach of doing a sub-image detection of an area which corresponded to the centre of the image and detected if there’s differences.

Basically, the key logic is shown above, where if there’s difference detected, the original and the pair image will be shown to the user.

Needle in Haystack

By doing a distribution analysis, I got a weird distribution graph. The distribution looked too “perfect”. Therefore, I grouped the characters by count, and got AICTF all having 20 counts.

Use AI to Detect SQL injection

This was interested as it was the first ML question raised.

From SQL Injection perspective, I thought it should be handled by characters, as certain charaters would be obvious clues. Therefore, I used a few Convulution 1D to group the characters together, and used Dense to let ML do its magical learning thing as part of the model, and got 92% accuracy.

Detecting Defaced Webpages (Computer Vision)

This was a straight forward image recognition ML problem. I did the stupid thing by manually coming up with my own Convulution network and only managed to get 70% accuracy on my highest.

Instead, what I should be doing (after asking the organisers) was to do a transfer learning by establised trained models. This could increase the effectiveness tremendously.

Overally, the CTF was a good push for me to solve “actual” problems on ML, and push myself to learn (by copy and pasting from examples online lol). I would say this CTF was well hosted, despites some of its ambigious phrasing.