Engineering faculty member builds new research project aimed at exploring how AI acquires and understands information

Michael Zuzak awarded NSF EAGER grant to apply large-language models to cybersecurity

Assistant professor Michael Zuzak works with students like Sydale John Ayi ’24 (computer engineering) on projects and research.

Chat GPT still has a lot to learn.

Michael Zuzak, a faculty-researcher at Rochester Institute of Technology, is working to improve how the popular, large-language model acquires and understands information.

While large-language models such as Chat GPT are sophisticated, there are still issues with performance because the system does not intuit the way a human can—yet.

“These systems are data hungry, and data is extremely valuable. But the quality of the data determines the quality of your outcomes,” said Zuzak, an assistant professor of computer engineering in RIT’s Kate Gleason College of Engineering. “We are looking to first, consider how we can adapt these models to work in a cybersecurity context and ensure they are constantly updated to the latest cybersecurity vulnerabilities.”

Improvements to the model will come about through Zuzak’s research and participation by students who will become the next generation of cybersecurity workers furthering platforms such as Chat GPT. Zuzak received a grant of nearly $300,000 from the National Science Foundation for “EAGER: Towards crowd-sourced artifact curation for cyberattacks through a leaner-centered AI co-pilot.” The project team will develop an artificial intelligence platform to provide interactive guidance for students in cybersecurity scenarios and will seek to improve overall performance of large-language models in relation to cybersecurity.

Improving the way the language model takes in information can be a means to ensure that the data being used is reliable, current, and relevant. One key area that will be explored is curating high-quality data sets so that researchers can better train systems to detect cyberattacks, at the same time creating a constantly updating tool to train students and professionals.

Data set improvement involves tackling several challenges to the way systems process information. Open-ended questions or tasks can be difficult to quantify. In cybersecurity, terms are ambiguous. For example, the word oracle can mean a seer or, in cybersecurity, it indicates a trusted information source. With new exploits, or hacks, they may not be understood when the models are trained, leading to the model providing poor or even incorrect information.

“People interact with the system and understanding how members of the community do this can be aggregated and used to develop mitigations. That is what we refer to by the term crowd sourced,” said Zuzak, an expert in computer hardware security, design automation, and artificial intelligence. 

The research team will use Chat GPT, because of its familiarity to current students, and Meta’s Llama, an Open Source AI model, which encourages the research community to share knowledge about system and model improvements. Zuzak will work with undergraduate and graduate students to develop interactive education tools to emulate the latest cybersecurity findings.

Access to open-source tools to emulate interactive cybersecurity experiences for students can be a good teaching opportunity—to learn about real-world cybersecurity challenges and to contribute solutions to them, experiences Zuzak believes could be a career asset.

“That is the hope. The last number I saw, it was over three million expected cybersecurity positions open worldwide. There are always new exploits. This is not a field that you can train in once, then work your whole career in it. You must be constantly learning,” he said.