Arming the Defenders

Yan Chen is arming future defenders with the skills to stop hackers attempting to breach important information technology (IT) systems.

Since 2007, Chen has taught Information Security and Assurance in Northwestern Engineering's Master of Science in Information Technology (MSIT) program. Over that time, he’s adapted the content to empower students to be adept and agile guardians on a rapidly changing battlefield.

“All the courses in MSIT are continuously evolving based on technology changes and student needs,” Chen said. “In my security course, I adjust the curriculum every year to reflect emerging technology and security challenges.”

Artificial intelligence (AI) is the latest emerging technology to present a massive security challenge. AI-driven tools can autonomously scan networks to find the tiniest vulnerabilities hackers can exploit to launch large-scale automated attacks.

AI can also be used to simulate attacks to reveal tiny weaknesses and then be tasked to help human counterparts plug the holes. This isn’t just what Chen teaches. It also is a focus of his ongoing research.

“From my end, I'm using large language models to automatically construct sophisticated attacks, which is very hard to simulate manually,” he said. “At the same time, we also use a large language model for defense, to build a security system that can automatically help operators or administrators.”

Change has, indeed, been a constant for Chen during his 17 years with the MSIT program. He first became interested in IT security while pursuing his PhD in computer science.

He forecasted the rise of bad actors threatening to use online vulnerabilities to disrupt everything from government to commerce. When he arrived at Northwestern in 2007, his goal was preparing students to get ahead of the problem.

“In retrospect, my prediction was good and I started the right journey before security became the hotspot,” he said. “Things have gotten only more and more serious.”

More serious and also more costly.

According to a report from Cybersecurity Ventures, the global annual cost of cybercrime is predicted to reach $9.5 trillion this year. The most common and costly type of attack today is ransomware attacks; that's when malicious software encrypts files on a victim’s computer or network, rendering them inaccessible. The attackers then demand a ransom payment, typically in cryptocurrency, in exchange for decrypting the files and restoring access.

AI could make those attacks more effective without better defense. Despite all the advancements in technology, the weakest link in any information technology system remains humans, Chen said.

“Attackers just need to find some weak link in the whole system and then gradually they can get access to those critical information systems,” he said. “Maybe you don't have a very important role, but they start from you to get into enterprise.”

That makes educating MSIT students to be top-notch defenders a priority in the war against hackers. Chen’s goal aligns with the MSIT program’s overall purpose – to train students to be leaders in IT.  

“The focus is not just teaching them the fundamental principles for their software operating system and network security techniques,” he said. “We provide them with real-world examples and hands-on practice. Our unique program comprises technical courses and business courses and is well positioned to cultivate students to reach that goal.”