Digital defenders

“A day in the lab looks like talking with teammates about current tasks, making plans for assignments, brainstorming solutions and ideas, and getting feedback from Dr. Devine about our ideas and progress,” Youngblood said. 

Mentored by cybersecurity faculty member Tom Devine, the team is building a new feature for the INDRA platform: a reauthentication system that allows a drone to regain control after it has been disconnected from its operator. The work builds on previous research exploring how drones can be forced to lose connection through a technique known as deauthentication.

While the concept may sound technical, for Youngblood, the most exciting part is seeing the project come to life.

“I am most excited about seeing what our finished product will look like and seeing it in action,” he said. “I think it will be pretty interesting to see a drone get its controls completely hijacked.”

The work also demonstrates a larger lesson in cybersecurity: even small vulnerabilities can have major consequences when wireless devices aren’t properly protected.

“Our project is a showcase of drone and WiFi security,” Youngblood said. “These ideas can be expanded to help the military understand how to secure and attack RF drones. It also demonstrates the importance of WiFi security for any device. It really shows what can happen if systems aren’t properly protected.”

Youngblood’s interest in cybersecurity began long before the capstone project, sparked by a course that introduced the field in depth.

“My interest began when I took CYBE 266 with Devine in Fall 2024,” he said. “The class dives deep into cybersecurity fundamentals and includes tons of hands-on labs. I really enjoyed being able to see how things work in practice and the in-depth discussions we had about each topic.”

The class led him to join the INDRA project, where the learning became more self-directed.

“I’ve learned a lot about WiFi security through the INDRA capstone,” Youngblood said. “We did research on our project and previous teams’ work, which meant I had to teach myself how deauthentication works with WiFi access points and beacons so we could expand upon it for our project.”

Working in the lab also taught him collaboration — something that didn’t happen overnight.

“I think the biggest thing I’ve learned is how to balance ideas and tasks as a group,” he said. “When we started, I only knew one of my team members. Through working with the team, I’ve learned how to use others’ strengths to benefit the group as a whole. The more we work together, the better we get.”

One of the most rewarding moments came when the team presented their idea publicly for the first time.

“I’d say the thing I’m most proud of so far is our presentation last semester for our project idea,” Youngblood said. “It was the first time as a group that we talked to a bunch of people about our project and how it would actually work. It made the brainstorming and collaboration feel real.”

The process hasn’t been without its challenges. Early on, the team struggled to set up the lab environment due to missing documentation from previous groups.

“We made it our goal to improve that aspect for future groups,” Youngblood said. “We created a guide that walks new users through how to set up the INDRA platform and download all the needed packages.”

Outside the lab, Youngblood maintains balance through skiing, lifting weights, golfing, spending time with family and friends, and occasionally playing video games.

“I’ve learned that discipline is key,” he said. “You have to get work done when you can so you can enjoy other things. College has been a nonstop race for me ever since I got here, but planning and prioritizing have been huge.”

Behind that determination is inspiration from his father.

“My biggest inspiration is definitely my father,” Youngblood said. “He put himself through engineering school while helping raise me. If he could do that, there’s no reason I can’t achieve my goals.”

Looking ahead, Youngblood hopes to continue building on the skills gained through research and coursework, with internships and professional certifications like Security+ and PenTest+ guiding his path toward a career in cybersecurity.

“It’s been another outlet to learn and experience cyber-related work,” he said. “I honestly don’t know what the future holds, but I’m excited to see all I can do after graduating.”

For Youngblood, the INDRA lab represents something bigger than a capstone project. It’s where curiosity meets experimentation — and where the next steps in a cybersecurity career are beginning to take shape.

“Usually I work in longer sessions — four to six hours,” he said. “Generally, a session consists of working on the experiment itself, writing about the experiment, or reading other people's work. I tend to prefer sticking to one thing for an entire session.”

Harris’s research examines programs generated by large language models, or LLMs, evaluating whether automatically generated code is secure.

“The cybersecurity project I'm working on is evaluating the security of programs generated by LLMs,” he said. “I'm most excited about learning how other factors influence this.”

His project explores how elements like code complexity or structure may affect whether vulnerabilities appear — questions growing in importance as AI coding tools become widespread.

“My research on LLM code security is relevant because LLM code is rapidly replacing human code,” Harris said.

Next semester, he will work in the Cyberrange, a specialized software and hardware facility for education, training, and research, overseen by Katerina Goseva-Popstojanova, a professor in the Lane Department of Computer Science and Electrical Engineering, and department chair Anurag Srivastava. The Cyberrange allows students to interact with real computer viruses or simulate massive cyberattacks safely, running numerous virtual machines and testing IoT and industrial control systems like those used in power grids.

“The Cyberrange environment transforms theoretical knowledge into high-level technical expertise required by modern employers,” Harris said.

Along the way, he’s picked up unexpected skills, such as using LaTeX for producing scientific and technical documentation.

“I've become a lot better at using LaTeX,” he said. “I didn’t expect to learn this because I never knew that LaTeX was a standard tool for creating papers.”

Writing research papers has been a challenge, requiring careful time management and breaking months-long projects into smaller tasks. Completing his first paper was a milestone moment.

“The completion of my first paper is what I’m most proud of so far,” Harris said. “It’s helped me understand which sub-domains I’m more interested in.”

Balancing research with coursework demands structure and planning.

“Aggressive time management,” he said. “I meticulously track the time I'm spending on tasks to get the most out of every day.”

Looking to the future, Harris hopes to continue publishing research and eventually become an instructor.

“I want to publish multiple papers and become an instructor,” he said. “I’ve had a lot of success in teaching and believe I can influence a lot of lives by continuing to do so.”

He encourages students entering the field to embrace challenges as opportunities.

“Don’t be discouraged if you run into a lot of issues at first,” he said. “Every mistake presents an opportunity to learn and improve.”

“My days usually blend multiple things: building and testing models, running experiments on cyber-physical testbeds and documenting the work,” Rafy said. “Sometimes that also includes collaborating with others to troubleshoot complex system integrations or mentoring junior researchers.”

Much of the work involves hardware-in-the-loop platforms and edge controllers, such as Raspberry Pi-based systems, to test how power systems behave when communication networks fail or cyberattacks manipulate data.

“We often test grid control actions, communication behavior, and cybersecurity scenarios,” he said. “Then we analyze the results to understand how systems respond under normal and disrupted conditions.”

Rafy’s research explores how distributed power systems can remain resilient even when communication networks are compromised.

“My project is developing a framework that combines distributed and holonic coordination with cyber-aware resilience strategies for distribution systems rich in distributed energy resources,” he said.

“Instead of assuming perfect measurements and perfect communication, we evaluate how control and resilience behave when there are delays, missing data or cyber manipulations under conditions that resemble real systems,” he said.

The research has required skills beyond algorithms, including system integration, experiment design, and understanding how small technical issues can cascade into major impacts.

“I did not expect to spend as much time on system integration debugging and designing experiments that produce trustworthy evidence,” Rafy said. “Cybersecurity in cyber-physical systems involves timing, communication reliability, device behavior, and how small issues can cascade into major system impacts.”

The work is highly collaborative, partnering with universities, national labs, and industry — including Burns & McDonnell, Typhoon HIL, RTDS, and SEL.

“These collaborations helped me understand how future-oriented research can be shaped with a focus on realism and long-term impact,” Rafy said.

Rafy’s proudest accomplishments are research outcomes that combine technical rigor with realistic validation.

“I am most proud of producing research outcomes that combine strong technical ideas with realistic validation,” he said.

He views cybersecurity as inseparable from real-world operations, learning that protecting infrastructure requires understanding both digital and physical consequences.

“The key question becomes not only whether something is compromised but also how that compromise changes physical behavior and decision-making in real time,” Rafy said.

Looking forward, Rafy hopes to help make energy infrastructure more resilient, intelligent, and secure, using cybersecure power systems and applied artificial intelligence.

“I see my biggest impact in developing practical AI-enabled approaches for resilient distribution grid operation where control, monitoring, and cybersecurity are tightly connected,” he said.

For students just starting out, his advice is simple: stay curious and consistent.

“Start even if you do not feel fully ready,” he said. “Curiosity, consistency, and willingness to learn matter more than having perfect preparation.”

“When we come in, we want to have a plan of what we’re doing,” Sleptzoff said. “We have a Gantt chart that shows us all the things that we want to do.”

The project began with research, mapping out the system and identifying areas for improvement. This semester, the team moves into implementation, testing changes, and improving cybersecurity practices.

“At the beginning, there was a pretty spotty connection between the backend and the PLCs themselves,” he said. “We’ve been setting up a lot of good cybersecurity practices — getting logging set up, getting an intrusion detection/intrusion prevention system put in place.”

Challenges have included replacing a database and reconnecting communication between systems, a process requiring careful troubleshooting and testing.

“Previously we had it using one database, but we didn’t like the database and it wasn’t working right. So we made another database, and when we did that, we had to basically reconnect all of the communication between the backend and the PLCs,” he said.

“I would say reverse engineering,” he said. “A lot of the software is designed by previous capstones and different students. So going through that and learning about what everything does and how it interacts with everything — that’s definitely been a challenge.”

Much of the work relies on ladder logic, a programming language used in industrial systems but rarely taught in traditional courses.

“Trying to go in and figure out exactly what that logic does has definitely been a challenge,” he said.

For Sleptzoff, the lab work mirrors real-world infrastructure, offering hands-on experience with the systems that industries rely on.

“Working with PLCs, working with firewalls and IDS, all that stuff. It’s very relatable to a job,” he said.

His path to cybersecurity started with a single class and a fascination with how digital vulnerabilities could have physical consequences.

“They were able to hack into it and get the car to stop or turn or drive around,” Sleptzoff said. “I was like, that’s not good. We should probably be focusing on making sure that doesn’t happen.”

Encouraged by his father, who worked for the NSA, Sleptzoff has always been drawn to coding and problem-solving.

“I’ve always liked solving puzzles,” he said. “Trying to hack into a system or defend a system is kind of like solving a puzzle.”

Now, he aims to become a penetration tester — an ethical hacker who identifies weaknesses before attackers can exploit them. The lab has also shown him that cybersecurity can include hands-on work with hardware, not just sitting behind a computer.

“I like working with my hands a lot,” he said. “Doing a lot of things on the computer all day every day is not exactly my cup of tea.”

Balancing coursework and capstone responsibilities requires careful scheduling.

“One of the biggest impacts was just writing down everything I need to do and putting it in my calendar,” he said.

For Sleptzoff, what sets lab work apart is its lasting impact.

“In class, you may get to do some labs, but those labs kind of don’t mean anything besides what you learn from them,” he said. “Here, if I implement something in the lab, I get to see it carry on through other capstones. You get to see what you do actually matters.”

For students considering research, his advice is straightforward:

“Do it,” he said. “It’s a lot of fun.”

The investment into Statler College cybersecurity facilities empower our students to tackle tomorrow's digital challenges, including the IDEMIA Biometrics Lab, the Grid Security Operations Center, the LEIDOS Classroom and Collaborative Space, the Intelligent Cyber Physical Systems Lab, the Machine Intelligence Group, the Secure Software and Systems Lab, the Cyberseer Lab, the AWS Outpost Cyber Range, and the Karl G. Morey Energy Systems Lab. 

Explore cybersecurity at WVU