Cyber Defenders: Interns Take on National Security Challenges

A Valuable Opportunity for Students
Some of the events that Colette Bristol, the coordinator for the Center for Cyber Defenders, arranges for the interns include tours of notable Sandia facilities such as the National Solar Thermal Test Facility, the Ion Beam Lab and the virtual reality lab at Sandia’s Cyber Engineering Research Laboratory.

Colette also arranges short technical talks by Sandia experts. One talk by Sandia cybersecurity researchers Shelley Leger and Doug Ghormley is about how trust is abused in cybersecurity and a way to “gamify” trust, said Shelley, who has mentored interns from the program since 2009.

“All in all, I think I’ve scheduled about 30 tours and tech talks for this summer,” Colette said. “My goal is to make everybody feel welcome.”

The interns are also exposed to short courses such as a two-day course on how to break down a reverse-engineering problem and use an open-source software package called Ghidra, taught by Chris Leger and Bryan Kennedy, Shelley said.

But don’t think that the interns only work and study. Colette also arranges social events such as picnic lunches, and the interns get to explore Albuquerque and the surrounding area over the summer.

To encourage networking and learning from one another, the interns are all co-located in the same office space, Tiawna said.

“I think it’s really invigorating for them,” she said. “They’re able to bounce ideas off of one another; they’re able to get help. They get to see the variety of problems all the other interns are working on as well. Cybersecurity is a very broad topic; there are tons and tons of things that go into that. They get to see a broad spectrum of what is available.”

Shelley agreed about the value of the interns’ office space and culture.

“In the Center for Cyber Defenders, they’re in this open room with cubicles,” she said. “When somebody has a problem, they’ll ask for help, and gradually the people around the area will hear the problem and start congregating, shouting out ways to make a solution better.”

The program organizers said that because of these opportunities and the environment, it’s great that they’ve been able to host interns on-site again after only having remote interns during the summers of 2020 and 2021.

National Security Results, Too
The Center for Cyber Defenders interns also make an impact on Sandia’s vital national security missions, Tiawna said.

“A lot of really great work comes out of interns,” Tiawna said. “They have different perspectives, the diversity of thought is really great. Someone told me one time, ‘the best thing about grad students is they don’t know what’s impossible yet,’ and I think that’s totally true.”

Shelley agreed about the value of interns; she has mentored up to seven interns at once.

“From the interns, I get energy, knowledge, sometimes excellent execution, even research direction — I’ve had some interns that actually change the direction of my Laboratory Directed Research and Development research by being on the project — and an ability to engage my desire to create and enable connections between people,” she said. “In general, the interns are super excited to be here and love finding out what we do. They love understanding the nuances of our mission and the breadth of our mission space. And they are in school, which means they are up to date on the technologies and the research that I need to understand to be able to execute my mission properly.”

About six years ago, a summer intern spent a quarter of his time working on one of Shelley’s LDRD projects. He knew the right questions to ask and how to approach systems-level problems, and his influence can still be felt on later research, Shelley said.

Over the school year and this summer, Akul has been working on Tracer FIRE, a Sandia-developed cybersecurity training scenario that provides university students, not just Sandia interns, with a realistic cybersecurity incident response scenario. Each year the details of the scenario change, but the students spend three days trying to identify the bad guys and figure out how they got into the network. Akul has been working on data parsers and labeling various events in the Tracer FIRE dataset so that the data is more useful for cybersecurity researchers.

“There’s a lot of great things about the Center for Cyber Defenders program,” Akul said. “It’s the closest you’ll get to academia without being in academia. I think working at a major tech company, research is a lot more boxed in. At Sandia, there does seem to be more of a need for a downstream application than in academia, which was interesting.

Mollie Rappe is Senior Corporate Communications Specialist at Sandia. The article was originally posted to the website of Sandia National Laboratories.