Cyber Defense Exercise (CDX)

The Cyber Defense Exercise (CDX), an annual competition designed to sharpen the skills of our nation's next generation of cyber warriors. The prestigious event, held each spring, tests the ability of students representing U.S. and Canadian military service academies to build, secure, and defend networks from cyber attacks mounted by IA experts.

CDX Logo: Large X and the words Cyber Defense Exercise

Every spring, select cadets and midshipmen from U.S. and Canadian military service academies take a break from classroom instruction to participate in the Cyber Defense Exercise (CDX), a competition that tests skills in building, securing, and defending networks from hostile attacks mounted by NSA information assurance experts. The Information Assurance Directorate (IAD) sponsors and collaborates with organizations across NSA to conduct the competition, held annually since 2001.

The "active phase" of the competition occurs over a four-day period in April, headquartered at a facility near Ft. Meade, Maryland. During this time student participants, operating out of their respective academies, defend the networks they have built from attacks mounted by IAD aggressors. A team of IA organizers spends months planning and preparing for the exercise.

On the surface, bragging rights and the chance to take home the Information Assurance Director's Trophy may appear to be the end goals of the competition. A closer look, however, reveals that the goals are much more enduring. Through CDX, IAD seeks to:

  • raise awareness among future military leaders and cyber specialists about information assurance challenges
  • reinforce classroom instruction
  • build experience needed to secure and defend real-world networks, and
  • expose participants to advanced technologies and cyber attack techniques.

In light of the evolving threat posed by malicious actors of every ilk to our nation's most critical networks, CDX and similar events are critical to enhancing cybersecurity skills within the military and to building a talent pipeline to fill the ranks of DoD agencies and organizations.

Anatomy of the CDX

The high-pressure competition plays out with four components. IA specialists and military experts form the aggressor team, or "Red Cell," which attacks secure "Blue Cell" computer networks that each military academy team has spent several months building. The immediate objectives are to determine the vulnerability of the home-grown networks to simulated attacks and then, how well the teams recover from the attacks. Compounding the challenge to the student teams in defending their networks is the stealthy nature of the attacks, the result of customized planning on the part of the Red Cell. The Red Cell looks at each team's networks individually to determine strengths and weaknesses, and from there, works on exploiting the system. One of the first tasks of the Blue Cell team is determining if its network has, in fact, been attacked, or conversely, if the suspicious activity represents normal traffic behavior.

Rounding out the competition's players are those assigned to the "White Cell" and "Gray Cell," both operated by IA. As referee for the exercise, the "White Cell" fulfills multiple functions. The White Cell interprets and enforces ground rules, adjudicates the competition, assigns scores, levies penalties, and determines relative standings for all Blue Cell teams. "Gray Cell" members represent the common user working on the exercise network, generating emails and other message traffic and mimicking actions of untrained or careless users. Actions of Gray Cell members may help facilitate Red Cell attacks.

Anatomy of the CDX: Description of image is provided in the text of this article.

CDX players are Red Cell, Blue Cell, Gray Cell, and White Cell

An Evolving Competition

CDX organizers routinely review and modify the CDX format to increase the difficulty and intensity of the competition and to reflect the threats present in the real-world cyber environment. The Gray Cell, for instance, is a relative newcomer to the exercise, making its first appearance in 2009 to simulate the role that careless or uneducated users play in putting a network at risk. Elective modules, which present participants with scripted scenarios and associated tasks to be completed in a set number of hours, were introduced in 2014 as a complement to the core exercise.

Since CDX debuted in 2001, West Point cadets have secured the most wins, lifting the trophy seven times. Air Force cadets have claimed victory four times; Navy, three times, and the Merchant Marines, once.

See previous Cyber Defense Exercise (CDX) winners.

Last Reviewed: 04 February 2016