CTF as a Service: A reproducible and scalable infrastructure for cybersecurity training
This addresses the infrastructure challenges limiting CTF adoption in academic settings, though it is incremental as it builds on existing virtualization and orchestration tools.
The paper tackles the problem of organizing Capture The Flag (CTF) competitions in cybersecurity education by developing a CTF as a Service (CaaS) platform using Proxmox, Terraform, Ansible, Docker Swarm, and HAProxy, resulting in a reproducible and scalable infrastructure that supports automated deployment and ad-hoc provisioning.
Capture The Flag (CTF) competitions have established themselves as a highly effective pedagogical tool in cybersecurity education, offering students hands-on experience in realistic attack and defense scenarios. However, organizing and hosting these events requires considerable infrastructure effort, which frequently limits their adoption in academic settings. This paper presents the design, iterative development, and evaluation of a CTF as a Service (CaaS) platform built on Proxmox virtualization, leveraging Infrastructure as Code (IaC) tools such as Terraform and Ansible, container orchestration via Docker Swarm, and load balancing with HAProxy. The system supports both a development-centered workflow, in which challenges are automatically deployed from a Git repository through a CI/CD pipeline, and a deployment-oriented workflow for ad-hoc infrastructure provisioning. The paper describes the design decisions made, the challenges encountered during development, and the solutions implemented to achieve session persistence, external routing, and challenge replicability. The platform is designed to evolve into a CTF hosting service with commercial potential, and future lines of work are outlined regarding automatic scaling, monitoring integration, and frontend standardization.