Friend or Foe – The Impact of ChatGPT on Capture the Flag Competitions




ChatGPT, Artificial Intelligence, Education, Cyber Security, Capture the Flag, CTF


ChatGPT, an artificial intelligence (AI)-based chatbot, has taken the world by storm since the technology’s release to the public in November 2022. The first reactions were awe and amazement as ChatGPT presented the capability to instantly respond to various text-based questions following a conversational approach. However, it is ChatGPT’s ability to complete more advanced tasks, such as supplying source code to programming-related questions or generating complete articles focusing on a specific topic, which has caused eyebrows to be raised. The capabilities offered by ChatGPT, fuelled by popularity and easy accessibility, have introduced several new challenges for the academic sector. One such challenge is the concept of AI-assisted cheating, where students utilise chatbots, such as ChatGPT, to answer specific questions or complete assignments. Although various research studies have explored the impact of ChatGPT on university education, few studies have discussed the influence of ChatGPT on Capture the Flag (CTF) competitions. CTF competitions offer a popular platform to promote cybersecurity education, allowing students to gain hands-on experience solving cybersecurity challenges in a fun but controlled environment. The typical style of CTF challenges usually follows a question-answer format, which offers students the ideal opportunity to enlist the assistance of ChatGPT. This paper investigates the ability of ChatGPT to assist and aid students in solving CTF challenges. The exploratory study involves past CTF challenges across various categories and the questioning of ChatGPT in an attempt to solve the challenges. The outcome of the study reveals that although ChatGPT can assist students with challenges during CTF competitions, the assistance that can be offered is minimal. Instead of producing answers to CTF challenges, ChatGPT can merely offer insight or guidance regarding the questions asked.

Author Biography

Heloise Pieterse, CSIR

Dr Heloise Pieterse is currently employed as a senior member of the CSIRT within the SANReN group that forms part of the NICIS centre at the CSIR. She completed her PhD Computer Science degree in 2019, with a focus on identifying the authenticity of smartphone data. Her interests include digital forensics, mobile security and cyber security.