AI is helping students learn how to stop hackers

Artificial intelligence (AI) has been called everything from a “threat to our very humanity” to “the next industrial revolution”. University of the Sunshine Coast cybersecurity lecturer Dr Dennis Desmond sees it as an opportunity — one he has seized with both hands.

“A few years ago, I started building an interactive exercise for my Introduction to Cybersecurity students to face the real-world challenges of cyber defence and I started utilising AI to help flesh it out,” he said. “It starts off simply enough: the students are asked to consult a company with a number of highly-sensitive defence and technology contracts on their cybersecurity risk.

“Now it’s evolved into this very complex, intricate and detailed virtual ecosystem where they’ll cross paths with Bulgarian hackers, police and rival companies — all while scrutinising the practices and policies of their own company and its hundreds of employees.”

To create this world, Desmond has employed the use of AI to create everything from company logos and hundreds of detailed employee profiles, through to a working domain for a Bulgarian hacking group — in four different languages.

He’s even trialled AI chatbots — that have been fed relevant information — to respond to students’ attempts to coerce, probe and socially engineer information out of the virtual employees.

“Eventually I’d like to develop the profiles of the employees and law enforcement officials into fully interactive avatars, with realistic responses from chatbots that have been trained on data specific to the exercise. A lot of that correspondence is currently being done manually,” he said. “One day I’d love to convert this all into a ‘cyber range’. That would be a completely integrated, functioning network that they could physically operate in: fixing things, scanning networks, finding vulnerabilities, replacing equipment, building capabilities and more. That would open up a world of opportunities.”

While the companies, hackers and scenario in the exercise are virtual, Desmond said the constraints and complications of the real world are a vital piece of the educational puzzle.

“One of the challenges in an academic environment is trying to replicate the real-world environment,” he said. “In this assessment, students have to work in teams under an organisational structure with financial constraints and labour resource constraints. In the second half of the exercise, they actually split up into a hacking group trying to exploit the company and a cybersecurity group trying to protect it — with different operational budgets.

“Most students hate working in groups, but we’ve received overwhelmingly positive feedback on this exercise.”

Desmond said the buy-in from his students has not only been heartening from an educator’s point of view, it’s also manifested in some remarkable displays of ingenuity.

“Without giving too much away, we’ve seen some incredibly creative and sophisticated efforts to break down this company’s cybersecurity measures,” he said. “Past students have operated under false identities, employed phishing scams and scoped out building specifications.

“Meanwhile, the students tasked with protecting the company have displayed an impressive understanding of these hacker methodologies and coordinated some fantastic efforts to protect against them.

“It’s exciting to think what approaches future students might take, as the exercise continues to develop with greater AI-assisted capabilities,” he concluded.