What is INSuRE?
The Information Security Research and Education (INSuRE) program is a collaboration between government agencies, national labs, FFRDCs, and CAE institutions to provide students with an opportunity to work on real-world applied research problems. INSuRE aims to improve the workforce readiness of participating students by building skills in applied cybersecurity research, teamwork, communication, problem solving, and project management.
INSuRE provides CAE institutions with a means to offer opportunities to their students on research methods working on real-world problems in a way that otherwise may not exist at their institutions. In turn, the government agencies, national labs, and FFRDCs can work with students who are excited and eager to make progress on their projects. Through this engagement the agencies, national Labs and FFRDCs gain access to some of the most promising cybersecurity talents and INSuRE serves as an effective means for recruitment. The central activity of the INSuRE program is a research course that is offered at each participating institution, linking student teams with Problem Mentors (PMs) from government agencies and laboratories to work on problems of national interest proposed by the PMs.
INSuRE at CSUSB
The INSuRE project is available to students at California State University, San Bernardino (CSUSB), as an elective course. Since 2018, CSUSB student-led teams have worked with national laboratories and federal agencies such as Argonne National Laboratory (ANL), National Security Agency (NSA), MITRE, and MIT Lincoln Laboratory on topics ranging from but not limited to, vehicle security and policy to Bluetooth behavior analysis.
Students who participate in the program first attend a virtual open house to see what projects are offered by a multitude of agencies. Students then bid on projects as teams, and once the projects have been assigned, begin the semester-long venture of researching the desired project.
INSuRE Application
Students interested in taking this course must first fill out the interest form before being able to enroll in the course as it is selective and has limited slots available and is only available in the Fall semester. If you have any questions, please reach out to the Center for Cyber and AI.
Past Projects
Zero Trust for Non-Terrestrial Networks
Exploration of how Non-Terrestrial Systems (satellites, cubesats, etc.) can integrate critical zero trust concepts into their communications with terrestrial platforms. This was done through the creation of a conceptual Space Identity, Credentialing, and Access Management framework where students applied methodologies such as port-knocking and the use of X.509 hybrid bound certificates to track authentication. Additionally, students applied research techniques to structure a gap analysis to find the differences between current space communication infrastructure and critical government guidelines. Students in this project got the opportunity to present their findings in front of a group of academics at the 2025 Cybersecurity Accross Disciplines conference.
Container Escape
This research, guided by subject experts in the National Security Agency, took a look into the inner functions of Docker containers to explore methods of securing against Container Escape exploits. The students involved learned how to perform exploits where they were able to break out of a containerized computer environment and then applied those same techniques in different system configurations, attempting to decipher ways to secure against the exploit.
Automotive Security
Students studied the policy gaps in vehicle security using data from the National Highway and Traffic Safety Administration (NHTSA). Once students became familiar with vehicle policy, the course evolved into more hands-on projects focused on potential vulnerabilities and attack vectors. Hands-on projects include learning CANBUS protocols, stripping all electrical components from a vehicle, and creating a test bench. This has recently expanded into Man-In-The-Middle threat analysis simulations of connected vehicles.
Security of Random Number Generation
Students under the guidance of the National Institute of Standards and technology investigated the importance of random number generation and how it's used within differing platforms. This was completed through collecting and analyzing random numbers that were generated on a bare metal Linux machine, and one that was instead hosted on a virtual machine.
DNS and ICMP Research
Students studied the collection and analysis of DNS traffic to identify a baseline approach to DNS data interpretation. This analysis required students to create a method to capture, unpack, and interpret the DNS data received from DNS servers. Additionally, the creation of a test DNS server was required for testing purposes. The interpreted data was then utilized to identify abnormal or malformed DNS behavior to subsequently identify the integrity of a DNS server. This analysis produced evidence further enforcing the action of DNS poisoning taking place.
