Arxenix, Nashua High School South, Nashua, New Hampshire
Team members: Sahil Shah, Ankur Sundara, Aashish Welling  

 
ASMASA, Arkansas School for Mathematics, Sciences and the Arts,       Hot Springs National Park
Team members: Hayden Aud, Martin Boerwinkle, William Yang

Bletchley Park, GEMS American Academy, Abu Dhabi
Team members: Joseph Baxter, Magnus Christensen, Alec Karlsen      

chicken nugger, Poolesville (Maryland) High School
Team members: Seunkyoon Bong, Karan Chawla, Matthew Feng  

      
#freethegeese, Illinois Mathematics and Science Academy, Aurora, Illinois
Team members: Matthew Dyas, Arianna Osar, Anna Shabayev

LIGHT, Delhi Private School, Dubai
Team members: Vinamr Madan, Shobhit Narayanan, Shubham Sharma

PHS Absol, Poolesville (Maryland) High School
Team members: Parth Oza, Kevin Shen, Claude Zou

The Deductive Failures, Adlai E. Stevenson High School, Bronx, NY
Team members: Alex Shi, Liyang Zhang, Austin Zhou

The Deductive Fuzzyhashers, Thomas Jefferson High School for Science and Technology, Alexandria, Virginia
Team members: Samuel Damashek, Hyo Won Kim, Fox Wilson          

The Entire PHP.net Security Team, Pocono Mountain East High School, Swiftwater, Pennsylvania
Team members: Anna Kelly, Gus Naughton

The Flying Penguins, Thomas Jefferson High School for Science and Technology, Alexandria, Virginia
Team members: Samuel Kim, Eric Wang           

"It's extraordinary to see the level of interest and talent from so many young students in this first round of the High School Forensics challenge," said Emily Wicki, a junior at the NYU Tandon School of Engineering and one of the two student leads for the HSF challenge. "This year, we launched a suite of free online resources to help students build their security skills. We can't wait to see how they perform in the finals in November."

Wicki and her student co-lead for HSF, Christopher Thompson, both competed in NYU CSAW while they were still in high school—Wicki's team from Red Bank, New Jersey, won in 2011 and placed among the finalists in 2012, and Thompson was part of the Poolesville (Maryland) High School finalist team in 2013. They subsequently enrolled in the NYU School of Engineering, where they became two of the most active leaders in its student-driven cybersecurity events. When he isn't organizing the HSF challenge during finals, Thompson will be competing in the signature 36-hour-long Capture the Flag hacking contest for undergraduates.

The CSAW judges also announced the winners of the Applied Research Competition, a contest for graduate and doctoral-level security researchers who have published papers in the past year. An esteemed pool of judges from academia and companies including Google, Facebook, AT&T, IBM, and others reviewed a record 82 submissions, selecting the 10 leading papers for presentation at CSAW.

The ten finalist papers are:

Bohatei: Flexible and Elastic DDoS Defense
Authors: Seyed K. Fayaz, Yoshiaki Tobioka, and Vyas Sekar, Carnegie Mellon University; Michael Bailey, University of Illinois at Urbana-Champaign

A Generic Approach to Automatic Deobfuscation of Executable Code
Authors: Babak Yadegari, Brian Johannesmeyer, Benjamin Whitely, Saumya Debray, The University of Arizona

ObliVM: A Programming Framework for Secure Computation
Authors: Chang Liu, Xiao Wang, Kartik Nayak, Elaine Shi, University of Maryland; Yan Huang, Indiana University

Nomad: Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration
Authors: Soo-Jin Moon, Vyas Sekar, Carnegie Mellon University; 

Michael K. Reiter, University of North Carolina
Type Casting Verification: Stopping an Emerging Attack Vector
Authors: Byoungyoung Lee, Chengyu Song, Taesoo Kim, Wenke Lee, Georgia Institute of Technology

Preventing Use-after-free with Dangling Pointers Nullification
Authors: Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Wenke Lee, Georgia Institute of Technology; Long Lu, Stony Brook University

AUTOPROBE: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis
Authors: Zhaoyan Xu, Robert Baykov, Guangliang Yang, Guofei Gu, Texas A&M University; Antonio Nappa, Juan Caballero, IMDEA Software Institute, Madrid, Spain

Morpheus: Automatically Generating Heuristics to Detect Android Emulators
Authors: Yiming Jing, Ziming Zhao, Gail-Joon Ahn, Arizona State University; Hongxin Hu, Clemson University

Cracking App Isolation on Apple: Unauthorized Cross-App Resource Access on MAC OS X and iOS
Authors: Luyi Xing, Xiaolong Bai, XiaoFeng Wang, Kai Chen, Indiana University Bloomington; Shi-Min Hu, Tsinghua University; Tongxin Li, Xinhui Han, Peking University; Xiaojing Liao, Georgia Institute of Technology

SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps
Authors: Jianjun Huang, Xiangyu Zhang, Purdue University; Zhichun Li, Xusheng Xiao, Zhenyu Wu, Guofei Jiang, NEC Labs America; Kangjie Lu, Georgia Institute of Technology

One of the newest events at CSAW is the Policy Competition. Launched in 2014, this event invites participating teams to propose public policy solutions to a real-world computer security challenges. The 2015 challenge centers on the controversial question of whether or not the United States should implement a "bug bounty" program—a system of rewards for security researchers who find vulnerabilities in major software programs and networks.

The top five teams will present their policy ideas to an expert panel of judges at the CSAW finals, who will choose one winner based on feasibility, depth of knowledge and the creativity of their approach.

The five finalist teams are:

    Carnegie Mellon University: Casey Canfield, Frankie Catota, Nirajan Rajkarnikar
    NYU School of Law: Kevin Kirby & Clay Venetis
    United States Naval Academy: MIDNs Zachary Dannelly, Max Goldwasser, William Young
    University of Connecticut: Anthony Barletta, Waldemar Cruz, Eugene Kovalev
    University of Illinois: Jonathan Roemer, Jeffrey Bigg, Magdala Boyer, Michael Burdi, Matt Loar

NYU CSAW runs from November 12-14 at the NYU Tandon School of Engineering in Downtown Brooklyn. The event is home to one of the world's largest round-the-clock student hackathons, the CSAW Capture the Flag competition, the Embedded Security Contest that tests hardware hacking and protection skills, a fast-paced Homeland Security Trivia Quiz, speeches, seminars, networking, and an unusual Career Fair in which the employers court the attendees instead of the other way around.

Sponsors for CSAW 2015 are Gold Level—U.S. Department of Homeland Security; Silver Level—Goldman Sachs, GitHub, IBM (which will also host the welcome reception and a networking event for CTF and High School Forensics finalists), and MWR Info Security; Bronze—Facebook, FireEye, LifeLock, National Security Agency, Navy Civilian Careers-U.S. Navy, NCC Group USA, Oceans Edge Inc., Palentir, Palo Alto Networks, Qualcomm Inc., Raytheon, Two Sigma, and Yelp; Supporting Level—Accuvant, Cubic, Cypher Tech Solutions, Intel Corporation, LIFARS, MIT Lincoln Laboratory, PWC, Rakuten Loyalty, Sandia National Laboratories, and the U.S. Secret Service.  The Center for Advanced Technology in Communications at NYU Tandon is a CSAW partner.

For more information or to register, visit https://csaw.engineering.nyu.edu.

The NYU Tandon School of Engineering dates to 1854, when the NYU School of Civil Engineering and Architecture as well as the Brooklyn Collegiate and Polytechnic Institute (widely known as Brooklyn Poly) were founded. Their successor institutions merged in January 2014 to create a comprehensive school of education and research in engineering and applied sciences, rooted in a tradition of invention, innovation and entrepreneurship. In addition to programs at its main campus in downtown Brooklyn, it is closely connected to engineering programs in NYU Abu Dhabi and NYU Shanghai, and it operates business incubators in downtown Manhattan and Brooklyn. For more information, visit http://engineering.nyu.edu.