About the Lab
The Cybersecurity Research Lab is currently a lab of 14 employees and is managed by Dr. Albert Tay. It is located in room 75 in the basement of the CrabTree building on BYU campus.
The AI Research team in the CSRL is currently writing a survey of current research on Generative Adversarial Networks (GANs) and how recent developments in Artificial Intelligence practices will affect the future of authentication methods.
GANs are a type of machine learning model that have shown to be proficient at generating data that is nearly indistinguishable from authentic data. Thus, we think that the capability of GANs to produce vast amounts of realistic and high quality passwords could potentially enable hackers to generate more efficient and more realistic wordlists to be used in password attacks, thereby severely weakening the security of password-based authentication. This method could even take personal data as input and produce a wordlist tailored to a specific target, making even highly complex passwords potentially vulnerable.
While our current focus is producing an analysis of current practices, applications, and literature surrounding GANs and forms of authentication, in the near future we plan to begin developing a GAN to produce these wordlists to demonstrate the need for a more secure form of online authentication in a world of quickly evolving computing capabilities.
Capture the Flag (CtF) challenges are a popular form of cybersecurity education where students solve hands-on tasks in a game-like setting. CtFs reinforce and teach problem-solving skills. The Information Search Process (ISP) is a framework developed to understand the process by which an individual goes about studying a topic identifying emotional ties connected to each step an individual takes.As the individual goes through the problem-solving process, there is a clear flow from uncertainty to clarity, the individual's feelings, thoughts, and actions are all interconnected. This study proposes that as we explore the learning of cybersecurity concepts through the lens of the ISP within the contexts of CtF.
Currently, the infrastructure team is rebuilding the server room. As part of this project, we are reconfiguring networking and server hardware to better meet the needs of the research lab.This semester, we will be making several hardware changes.
We have already reinstalled over a dozen servers, and are working on wiring over a dozen additional servers and will be installing a new SAN later this semester. In addition to these hardware changes, we are deploying a new virtualization stack, a new backup solution, and a new network topology. These upgrades will help us segregate the network and allow us to do many different kinds of research without these projects interfering with each other or with other university operations.
Among the workloads we are planning to support are:
- CTF participation including network scanning, reverse engineering, password cracking, etc.
- CTF hosting for internal competitions
- Malware analysis
- Other research topics
We are also planning to be able to support individual student research projects with hardware and software resources.
In addition to our research, we are conducting widespread information collection and organization of resources regarding all areas of cybersecurity. These efforts are culminating in an internal knowledge base to serve current and future Cybersecurity students in their learning. In addition to external resources, Research assistants are also developing proprietary tools, images and environments to be used by the lab and CSA club.
