Seeking to motivate the development of novel solutions to serious computer security threats, Microsoft Corp. has launched an inaugural BlueHat Prize contest, offering a grand prize of $200,000 to the most innovative submission. In particular, Microsoft aims “to challenge security researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities.”

According to the contest website, submissions must:

solve an open problem in exploit mitigation or significantly improve the effectiveness of existing mitigation solutions. Two examples of open problems that are suitable for consideration in this challenge are address space information disclosures and return-oriented programming (ROP). Note that you are not required to address these and you are not limited to these examples.

Submissions — comprising a code prototype demonstrating one’s idea in action, as well as a technical description noting the problem being solved and the algorithms used to address it — are due by e-mail by midnight Pacific Time on April 1, 2012. They will be judged on the basis of their practicality and functionality (30%), robustness (30%), and anticipated impact (40%).

In addition to the $200,000 grand prize, second and third place prizes of $50,000 and a MSDN Universal subscription valued at $10,000, respectively, are also expected to be awarded. All three winners will receive all-expenses-paid trips to the Black Hat Briefings on Aug. 1, 2012, where the winners will officially be announced.

To learn more — including detailed instructions about entering — check out the BlueHat Prize contest website.

(Contributed by Erwin Gianchandani, CCC Director)