University of Arizona engineering students have for the last five years collaborated nationally to answer the most pressing cybersecurity questions of our time and prepare for careers in this critical field.
Students who take SIE 472/572 INSuRE, a mixed undergraduate and graduate class, participate each spring in the Information Security Research and Education Collaborative. Universities that the National Security Agency has designated National Centers of Academic Excellence in Cybersecurity are connected with government agencies, national labs and federally funded research and development centers. Program goals include improving cybersecurity workforce skills, meeting the need for more workers, and engaging the students in problems of national interest.
Publishing Big Data Insights
A team of University of Arizona graduate students – Youssef Elsakkary, Arminda Estrada and Ivan Kawaminami – was matched in spring 2022 with technical directors Jeremy Kepner and Hayden Jananthan from the MIT Lincoln Laboratory. To help organizations defend against cyberattacks, the trio took on the challenge of better identifying the cyber characteristics of large-scale network data, using snapshots of darkspace internet data that was present when the information was collected.
“We were able to get very close to real-world data analysis. This experience and research gave us the tools and knowledge to analyze enormous amounts of data and simultaneously helped us understand what the data meant,” said Estrada, who is pursuing a doctoral degree in electrical and computer engineering.
She and Kawaminami, also an electrical engineering doctoral student, work in the UA’s Cloud and Autonomic Computing Center. Elsakkary completed a master’s degree in industrial engineering last semester.
Said Kepner, who founded the Lincoln Laboratory Supercomputing Center, “Defending networks is a global community effort, and making results available in multiple languages can be a big help.”
The cost of adversarial network activity is $1 trillion a year, and 90% of Americans are concerned about cyberattacks, Kepner added. At the same time, defenders are limited in their ability to prioritize how they will confront the many types of adversarial traffic hitting their networks.
To provide network operators with actionable information about the most common hostile activities and prevent attacks before they reach systems, Elsakkary, Estrada and Kawaminami analyzed and cross-correlated anonymized records from two databases. One contained billions of data samples; the other held millions.
The team’s findings include the most typical operating systems sending adversarial network traffic and the amount of data being transmitted.
A number of factors deemed the research worthy of publication, said Kepner, including the use of advanced technologies, scale of data examined, unique combination of sources, and anonymization to keep the traffic private.
Working with Kepner and Jananthan and seeing how a national laboratory conducted research was particularly valuable for the students.
“They were always supportive, and even when we were unsure, they would go out of their way to help us get back on track,” said Estrada. “We gained a different perspective and experience beyond the standard classroom.”
INSuRE-ing Cyber Opportunities
The SIE 472/572 INSuRE class is geared toward engineering students and also open to students studying varying fields, including computer science, management information systems, and information technology.
"Through INSuRE, students can be introduced to an area of research that opens up possibilities for future study or career focus,” said systems and industrial engineering adjunct lecturer Bill Hayes, the primary instructor.
Estrada agreed, saying: “Working on this project helps propel our educational and career goals in cybersecurity.”
Even for students who don’t publish the work they do through INSuRE, these projects engage them in problems of national interest and provide relevant experience for careers in the fast-changing and complicated field of cybersecurity, said Hayes.
SIE offers two additional cybersecurity courses, one of which is also for both undergraduates and graduates, and one for graduate students only. The UA is one of only 10 universities in the nation with designations in all three categories of National Center of Academic Excellence in Cybersecurity: CAE-R (research), CAE-CO (operations) and CAE-CD (defense).