Early in his computer science studies Yeongjin Jang picked a side.
“I decided long ago that I want to use my skills for good, not bad results,” said Jang, an assistant professor of electrical engineering and computer science at Oregon State University in Corvallis.
To that end, Jang, a decorated security researcher, helped revitalize OSU’s cybersecurity club and introduced hacking skills into the school’s cyberattack defense program, which already had great cryptography and physical systems security expertise.
“Without knowing how to hack, you can’t know how to defend,” said Jang, who holds a Ph.D. in computer science from Georgia Institute of Technology.
He adds, “cyber security is not like other subjects in computer science. It’s much more interdisciplinary. Because our department spans Electrical Engineering and Computer Science and our school’s Collaborative Robotics and Intelligent Systems Institute, we can equip our students with a much broader and valuable skill-set.”
With Jang’s help the OSU Security club is winning national challenges. Most recently the team won the 2018 National Security Agency’s Codebreaker Challenge which dealt with Ethereum blockchain technology and its application in financial technology.
For two years in a row the team won awards from the U.S. Department of Energy’s Cyber Force Competition, which presents challenges related to energy infrastructures such as oil drilling and nuclear energy facilities.
These accolades are important as the cybersecurity industry grows and needs employees. Students learn attack and defense through these competitions.“Previously, most industries wanted to hire people who can manage infrastructure or do defensive jobs,” said Jang. “Now, industry wants to hire people who can simulate hacks and evaluate the company’s resistance. This presents lots of opportunities for attack-oriented or ‘white hat’ security professionals.”
Using the technology they developed through the federal Defense Advanced Research Project Agency’s Cyber Grand Challenge, Jang and his team are able to automatically audit and report on security vulnerabilities and suggest fixes.
“For companies who can’t hire a security analyst, they can use this kind of program to assess their infrastructure,” Jang said.
Jang and his colleagues would like to apply this technology to other sectors, such as the manufacturing industry and embedded systems, and they are also looking for more industry partners in this research.
This is part of a regular guest column written by the Technology Association of Oregon in the Portland Business Journal.