This past week Microsoft awarded creative hackers with more than $250,000 in prizes in its first annual BlueHat Prize competition. The contest was held by Microsoft’s Trustworthy Computing Group, a division of the company that aims to make its software and the world wide web safer for everyone.
“The BlueHat prize competition was designed to challenge the security community to look beyond the norm of problems, such as vulnerabilities, and instead focus on developing innovative solutions to pressing security challenges,” the company said.
First prize went to Columbia University Ph.D. student Vasilis Pappas, who won for kBouncer, a program that detects a malicious form of code repurposing called return oriented programming. This specific form of system tampering was the focus of the first-ever competition, with each of the three finalists taking aim at mitigating return oriented programming attacks. Pappas won the bulk of the prize money for his innovative tampering solution, securing $200,000 for kBouncer alone.
The swanky celebration was held at a club in Las Vegas, where the competition’s other winners, Ivana Fratric and Jared DeMott, were awarded with $50,000 and $10,000, respectively. In addition to cash prizes, each winner received a subscription to the Microsoft Developer Network.
The announcement was made in conjunction with Black Hat USA, an annual conference on information security held at Caesar’s Palace casino. Check out the video below to see the live announcement of the BlueHat winners (prepare yourself for a lot of intensely awkward, hanging handshakes).
“The BlueHat prize is more than a competition,” said Matt Thomlinson, general manager of Microsoft’s Trustworthy Computing Group. “It’s the future of security defense, where the community comes together to collectively take on some of the toughest problems we face and make the computing ecosystem safer.”
According to Microsoft, twenty submissions were made to the competition since it was posted online last July. All entries for the inaugural competition were required to address vulnerabilities in computer memory.
Earlier this month, Microsoft’s Digital Crimes Unit turned two suspects in a global botnet cyber attack over to the FBI. The investigation followed the successful takedown of the Zbot network, which is estimated to have infected more than 13 million computers worldwide.
