INSuRE 3.0: INSuRing the Effectiveness of Tomorrow’s Cybersecurity Workforce Today
Principal Investigator: John Springer
The Information Security Research and Education (INSuRE) research collaborative is a network of National Centers of Academic Excellence in Cyber Defense Research (CAE-Rs) universities and mission/research organizations that cooperate to engage students in solving applied Cybersecurity research problems.
The central activity of the INSuRE Project is its Cybersecurity research course, in which students form small groups that work on research problems of interest to the nation. The NSA and other organizations  support the project by contributing suggested problems and by providing technical directors to mentor the student groups. The geographically-diverse participants connect and collaborate using a variety of conferencing and data-sharing technologies. Students benefit from an exciting opportunity to work collaboratively on real-world problems and to interact with experienced technical directors. They learn how to carry out research including producing fast, incremental, and actionable results in team projects. Benefits to participating government organizations include collaborative work on important problems and access to university faculty and to highly motivated and capable students for possible employment. In addition, faculty benefit from building connections with other researchers, schools, and government organizations.
The first INSuRE course took place in fall 2012 at Purdue, involving five students who formed two groups supported by three technical directors (TDs). With funding from the National Science Foundation, the project added three more schools: University of California, Davis; Mississippi State; and University of Maryland, Baltimore County (UMBC). Many of the INSuRE students are CyberCorps®: Scholarship for Service (SFS) scholars. With support from the National Security Agency, in the following years, the course expanded to include a total of twelve universities, six national labs, and two state organizations.
The partner organizations provide lists of suggested problems covering a wide range of topics. For example, the following are projects that partner organizations have provided for students to work on: policy-based stored information management, protection, and access control; machine-assisted semantic understanding of code; cleaning up data spillage in Hadoop clouds; cloud forensics; mobility forensics in the Internet of Things; deriving intelligence from an encrypted VPN stream; protocol analysis and verification; attacking botnets; machine learning for malware classification; vehicular data bus security; and incident response capabilities assessment.
Problem areas often stay on the list from semester to semester with the specific deliverable for the semester to be the next increment, based on the results and output from work done in the prior semester(s). This allows the research to travel across time and space. For example, in three separate terms, teams from UMBC, Purdue, and Stevens Institute of Technology analyzed the Fast Identity Online (FIDO) authentication protocol under development by the FIDO Alliance. After the third term, the NSA removed the problem from the INSuRE problem set because the three student teams had answered all the pertinent questions. This and other examples of student work can be found in our article describing INSuRE published in the July/August 2017 issue of the IEEE Security & Privacy journal (http://doi.ieeecomputersociety.org/10.1109/MSP.2017.3151327); see https://arxiv.org/pdf/1703.08859 for a preliminary open access version of the article. Below we highlight one of our recent projects that involved the discovery of vulnerabilities in the QUIC and AES-GCM protocols.
From fall 2012 through fall 2016, the INSuRE class produced in total 140 project reports on 110 separate problems, and taught 356 students (many of whom have been hired by government organizations). In addition, INSuRE projects resulted in refereed conference publications, refereed posters, and published datasets.
 JHU Applied Physics Lab, Argonne National Labs, Crane Naval Base, Indiana Office of Technology, New Jersey Office of Homeland Security and Preparedness, NIST, Oakridge National Labs, Pacific Northwest National Labs, Sandia National Labs.
Other PIs: Melissa Dark