Aviation Privacy Treasure Hunt

Aviation Privacy Treasure Hunt

[CTF] AUGUST 7, 2020  10:00 AM – 4:00 PM PDT

Registration available at https://aviationtreasurehunt.ctfd.io

This OSINT CTF sends the participant on a wild treasure hunt across open aviation data, demonstrating the severe impact of some of the issues surrounding aviation tracking and datalink privacy.

The participants will learn how the lack of security in wireless protocols affects the privacy of passengers and aircraft operators alike and how to exploit them. This treasure hunt will cover privacy leaks on datalinks and ATC communication used by corporate, government, military and commercial aircraft. We will actively engage with countermeasures and mitigations, showing which ones are helpful and which ones are not.

This will include the most current industry attempts, including the FAA’s Privacy ICAO Address programme and ACARS encryption measures. For this CTF, we will use a mixture of OSINT data sources available on the web, exclusive real-world datasets, and mock data based on our research over the past five years.


We are going to use three datasets for the different challenges, two are publicly available and one is provided specifically for this CTF challenge. These datasets are used around the world for many research purposes and show a good breadth of aviation communication data that can be received with software-defined radios.

Hunting Grounds

We have seven different, separate areas for you to hunt in and a further interconnected adventure!

  1. ACARS: A mysterious protocol from long ago.
  2. Adventure: A goose chase through space and time.
  3. Corporate: Tracking big business.
  4. Commercial: Ordinary aircraft you actually fly with yourself.
  5. Military & Government: Clandestine activities.
  6. Privacy ICAO Address System: The FAA trying to thwart aircraft trackers.
  7. Private: Blurring the lines between private and business use.
  8. Very Advanced Aircraft Tracking: You cannot track aircraft without GPS. Or can you?

– All airport entries are expected in four letter ICAO codes.
– All airline entries are expected in three letter ICAO codes.
– All times provided/asked are in UTC.


The top three entries are eligible to receive historical data from OpenSky Network, a privilege otherwise reserved for institutional researchers from universities. This comprises crowdsourced aircraft data from as early as 2014 and is an ever-growing research resource. Please note that access cannot be given anonymously.


This is a fun treasure hunt and as such first and foremost a learning opportunity for anyone interested in aviation privacy and aircraft tracking. Any hickups are totally the organizers fault, which is why they reserve complete discretion with regards to all rules and descisions.
The winner will be determined as the quickest team to solve all challenges. If at the end of the CTF (4pm Las Vegas time on August 7, 2020), no team has solved all challenges, the order will be determined by the number of points achieved. The organisers are not responsible for anything the participants do within the course of this CTF. All challenges can be solved with the provided datasets and searching on legitimate open sources. Stay safe and secure!


This treasure hunt was organised by members of the Swiss Cyber-Defence Campus of armasuisse Science & Technology and the System Security Lab, Department of Computer Science, University of Oxford:


The competition will run competitively from 7th of August, 2020 10:00 AM – 4:00 PM PDT. Signup here!

Join the official DEF CON 28 Discord Server (Aerospace Village Discord server will be closed 8/7-8/10) & follow us on Twitter @SecureAerospace for latest Aerospace Village updates.