Welcome to Autonomous Driving CTF Contest

Here, you are up to the challenges to physical adversarial attacks, autonomous driving forensics, sensor spoofing, and autonomous driving software exploitation. Enjoy the game!


Safety is the No.1 priority for autonomous driving. This contest encourages efforts to exploit and defend autonomous driving vehicles by all means, including but not limited to the following: robust physical adversarial attacks and defenses in the form of camouflage stickers, road graffiti; sensor spoofing/hijacking; and multi-sensor fusion manipulations. We can reveal unforeseeable threats to autonomous driving safety through a deep understanding of the attack surfaces and encourage practical solutions to address such threats.



2020: Kang Li, Zhenyu Zhong, Zhisheng Hu

2021: Kang Li, Alfred Qi Chen, Zhenyu Zhong, Zhisheng Hu, Junjie Shen

2022: Kang Li, Alfred Qi Chen, Zhenyu Zhong, Zhisheng Hu, Junjie Shen

Contest summary

The first AutoDriving CTF at DEFCON 29 offically ended at Aug 7, 1 am (UTC). This year, we created a 20-challenge racing game. The individual challenges are released in order. The teams have to solve easy challenges before unlocking difficult ones. All challenges were released to all teams in the last 4 hours.

image 2

More than 100 teams attempted and 93 teams had valid scores. Among them, 4 teams finished all 20 challenges, and 59 teams solved at least one non-trivial challenge.

The final winner for this year’s AutoDriving CTF goes to TEAM Whitzard!!

image 2


This contest does not involve any real system vulnerabilities. All competition questions involving attack and defense are conducted in simulation world. At the same time, the target programs are specially designed for the contest.


Evaluation Environments for Players

Past Event (AutoDriving CTF 2020)

Our Youtube Channel

Please follow us on Twitter @autodrivingctf and join our Discord channel for any Q&A!