News

REU 2019
Austin Priesel (back L), Malique Barksdale; Elliot Kjerstad (L row 3), Aaron Baker, Dr. Yong Wang; Michael Jurkoic (L row 2), Bailey Bellisario, Jonathan Schmitz; Tegan Chin (front L), Destiny Muldro, Kaushik Ragothaman, Soukaina Assou.

Visiting undergraduate researchers work to make IoT devices safer

Academics

As technology has evolved to make life easier, internet-connected devices “are getting really popular,” said Soukaina Assou, a senior computer science major at the University of Central Florida.

On the flip side, these Internet of Things (IoT) devices present security issues. “There are so many surfaces where data can be stored,” said Assou, a Casselberry, Florida native.

“There are always the privacy and security risks” with IoT devices, said Austin Priesel, a senior cyber security major at Montreat College (N.C.) but with devices such as doorbell cameras, the New York City native said, “people don’t care to know about the risks, people would rather have convenience.”

Assou stated “That’s why it’s good to do research.”

These students are among 10 who are spending the summer at Dakota State University conducting IoT research through National Science Foundation-sponsored internships called Research Experiences for Undergraduates, or REUs. They are looking into a variety of IoT issues, such as ethical hacking, malware analysis, device vulnerability, and user privacy. This is the first year of a three-year NSF grant awarded to DSU this spring. The students have been working with faculty members Drs. Yong Wang, Ashley Podhradsky, Josh Stroschein, and Sulabh Bhattarai. DSU graduate student Kaushik Muthusamy Ragothaman has also been helping with the program.

“REU participants have the opportunities to conduct cutting-edge cybersecurity projects and gain valuable insights into cybersecurity through their research experiences in IoT,” said Wang, associate research professor.

These insights can help students like Jonathan Schmitz find a more specific field of interest. He is a senior studying computer science at the University of North Dakota. The research can also help the students understand details in their field.

“This research helps give me a better understanding of where possible vulnerabilities are, so that when I’m developing scripts or apps I know what to look for,” said Tegan Chin, a cybersecurity and app development major from Maryville University (Mo.).

For Michael Jurkoic, a junior computer science major at University of Dallas, the hands-on projects are particularly good learning experiences. This REU “is definitely a résum  builder” but also “could be the beginning of a career path,” he stated.

The summer program also includes professional development activities, close student interactions, and follow-up activities, Wong added. Each teams of REU researchers will also be attending and presenting at the SD EPSCoR Undergraduate Research Symposium, July 30 at Best Western Ramkota Hotel in Sioux Falls.

“Students will be able to gain the desired research experiences in cybersecurity, continue their trainings through follow-up activities, and develop interest in STEM-related careers after the summer program,” he said. Bailey Bellisario, a cyber operations major at Dakota State, plans to continue his research project in the academic year. He also plans to continue his education and get his Master of Science in Cyber Defense at DSU.

The students come from nine states, from California to Florida. “It’s great to work with people from across the nation with all the same interests,” said Chin, who is from St. Louis, Mo. 

RESEARCH PROJECTS

“It’s fascinating how these IoT devices are so different from one another,” said Elliot Kjerstad, a Dakota State University cyber operations major from Rapid City, S.D. Some are more secure, others more vulnerable.

“The more vulnerable ones can be a large threat to yourself, your information, your network,” Kjerstad said.

“The outcomes of these projects include novel approaches and tools to discover vulnerabilities and mitigate security risks in IoT, and thus help keep everyone’s data safe,” said Wang.

Malique Barksdale, a senior at Capitol Technology University (Md.), majoring in management of cyber, has been researching FitBit analysis and the personally identifiable information, or PII. They are using 18 identifiers to see “if encryption did the job” regarding HIPAA compliance. He is from Laurel, Maryland, and hopes to work in the network engineering field.

Kjerstad and his research partner are working on security testing. They have set up a network to capture specific network traffic of certain IoT devices and will investigate ways to tap into the encryption of the devices and then create an IDS (Intrusion Detection System) prototype.

Destiny Muldrow, of Myrtle Beach, S.C., is working on digital forensics with Echo speakers, learning that information which could be used by law enforcement to help in criminal investigations.

“It’s pretty interesting” to be able to monitor patterns after a crime and “see if stories add up,” said the senior at Coastal Carolina University in Columbia S.C., where she is majoring in information technology.

“I believe block chain will be the future,” said Priesel, a self-proclaimed block chain enthusiast. “I think all block chain answers 80% of problems we have.” He wants to be the first one to figure out how to create a block chain for IoT devices to protect user privacy. “That’s my 10-year plan.”

IoT ADVICE FOR CONSUMERS

It is different looking at IoT devices as a researcher instead of a consumer, said Aaron Baker, from Sheridan, Wyoming. The Sheridan Community College sophomore is planning to attend DSU for a bachelor’s degree after completing his computer science associate degree in Wyoming.

Personally, Muldrow has an IoT device in her room, and admits that the amount of information gathered is “a little scary,” but because of the convenience “I’m not likely to get rid of it.”

Jurkoic, a native of San Diego, advises users to “do some research before you buy [because] there is a lot you can do to protect yourself,” such as changing passwords.

Priesel agreed. “I think everybody should have a basic understanding of cyber security.”