At RSA, INI Students Share Their Work on Cloud-Based Malware and Cybersecurity Education

Every year, the Information Networking Institute (INI) selects two students to attend the RSA Conference as Security Scholars. This year, Rohil Chaudhry and Rohan Viswanathan were chosen to represent the INI at the conference. Both will graduate from the M.S. in Information Security (MSIS) program in 2025.

The RSA Conference is a prominent gathering for the global cybersecurity community. Over four days at the end of April, cybersecurity experts gathered to connect and share knowledge. RSA Security Scholars are given unique opportunities to connect at special events hosted at the RSA conference and present a poster of their work.

Rohil Chaudhry: Identification and Analysis of Emerging Propagation Techniques Utilized by Malware Targeting Cloud Environments

Starting as a tool for professionals; Cloud computing has become an ever-present part of most people’s lives. From streaming platforms to saving and accessing family photos, the Cloud has become an constant part of modern technology. That level of proliferation has attracted the attention of attackers, with the rate of attacks growing alongside the increased use of Cloud computing. Now, Attackers are finding simple exploits and relying on Cloud-native resources to gain access. 

Chaudhry has researched how these attackers succeed. Chaudhry chose the Advanced study option, which allows him to pursue a specific subject of interest through a Master’s Thesis. For Chaudhry’s thesis, he chose to analyze emerging techniques used by malware that target Cloud environments. 

His study focused on the two most prevalent malware families used in Cloud environment attacks. "This study investigates how modern malware families continue exploiting cloud-environments," said Chaudhry. "It evaluates the effectiveness of cloud-native threat detection services, like AWS GuardDuty and Malware Protection for S3 in identifying such threats." His work highlights certain areas were current defenses fall short and provides recommendations on how to improve visibility and responses to those threats. 

"The poster session served as a valuable platform to showcase my work, receive feedback and engage in meaningful discussions with leaders, practitioners and scholars," said Chaudhry. "These interactions have not only validated the relevance of my research but also opened doors for future partnerships, joint research initiatives, and deeper engagement with the cybersecurity community."

Rohan Viswanathan: Cybersecurity Education Through Capture the Flag (CTF) Competitions

With a global shortage of cybersecurity professionals, the need has never been greater for an educated cybersecurity workforce. Viswanathan, a former member of the US Cyber Team, decided to share his passion for Capture the Flag (CTF) competitions with his fellow Carnegie Mellon University (CMU) students by teaching a course this semester. CMU gives students the chance to design and teach their own courses on any subject they choose, called Student-Taught Courses or “StuCos.” Through a semester-long course, Viswanathan taught students the techniques and critical thinking skills needed to help them succeed in CTF competitions. CTFs involve competitors solving challenges and either attacking or defending computer systems.  

“Presenting at RSAC is an incredible opportunity,” said Viswanathan. “It’s a great chance to both learn about newer techniques from other individuals and also share some of my successes from this experience, potentially helping other educators reach more students in an effective manner.” 

The course consisted of informative lectures and open-ended, collaborative labs where students were able to experiment and find unique solutions to the challenges he developed. And throughout the course, Viswanathan saw measurable improvement in his class of predominantly unexperienced students, with the class successfully solving multiple challenges. 

“I'm doing it because I saw a gap in getting people into CTF competitions and wanted to try and help out,” said Viswanathan. “I also really wanted to try my hand at teaching a class to see if teaching was a potential career option for me in the future.” Along with the two Security Scholars, the INI supported four other INI students to attend: Jacob Kenny (MSIS), Vaishnavi Rao (M.S. in Information Technology - Information Security), John Samuels (MSIS) and Swetha Pai (M.S. in Information Technology - Information Security).