When the Model Outsmarts the Challenge: Building and Breaking AI Security CTFs
SoYeon Kim, Hea-Eun Moon, Sang-tae Woo
Nullcon Goa 2026 · Day 1
This talk, presented by SoYeon Kim, Hea-Eun Moon, and Sang-tae Woo from NSHC in Korea, delves into the intricate process of designing, organizing, and learning from an Artificial Intelligence (AI) security Capture The Flag (CTF) competition. Titled "When the Model Outsmarts the Challenge: Building and Breaking AI Security CTFs," the presentation highlights the challenges and unexpected outcomes encountered when integrating rapidly evolving AI technologies, particularly large language models (LLMs), into a competitive security environment. The speakers share their experiences from the AI Cyber Defense Contest (ACDC), a pioneering AI CTF held in Korea.
AI review
Honest retrospective from people who actually ran the thing — the 'LLM trivialized our carefully designed challenge mid-competition' admission alone is worth something. But this is a conference talk about organizing a CTF, not a research paper on AI security, and it stays squarely in practitioner war-story territory without pushing into anything technically generative.