It’s week three at Avirek, and I’m finally settling into my role in both the work Avirtek is doing and into the new world of office life. This will probably be my most technical post so far, so bear with me.
Avirtek is a cyber security company, and I think every day I discover more about what both “cyber security” and “company” actually mean. The first thing I noticed when I started was that I wasn’t in school anymore. That might seem obvious, but the contrast between high school classes and an office existence is pretty sharp. I don’t have the pressure of tests and quizzes nor do I have homework constantly hanging over my head. Rather than being tested on what I am supposed to understand, I’m being asked to figure out how to work on projects that I halfway understand. Google is my new best friend. It took a week or so for both Avirtek and I to figure out what I should do, but Dr. Hariri began nudging me towards static analysis of XML from the very beginning. I sit at the computer and work 9-2 four days a week and work on a list of attributes I need to extract from the XML files. After meeting with Dr. Hariri last Friday and today, I’ve discovered that his plan for my project is for me to complete the first phase (there are three major phases for the completion of a section of the project, and each phase takes about a month) of the XML analysis on my own. He’s helped me read through the previous leading paper on XML, given me a book on software threat testing, and given me a list of common XML attacks. It boggles my mind that he thinks I can do this as a high schooler, but I’ll take my best shot.
Another thing I’ve discovered about cyber security is that it’s about half data analysis, though the data analysis has the end goal of recognizing malicious files. This became apparent because every week, a mathematician named Greg meets with Chintan, Doug, and Dr. Hariri to discuss the algorithms of the project, how to implement them in the code, etc. I sit there quietly and listen to them speak the language of statistics and algorithms that are WAY over my head. From what I gather, these meetings are used to bridge the gap between the data analysis side of cyber security and the programming side of cyber security. Some of the jargon I understand, but most of it I don’t. Sitting at that table for the meetings is always interesting for me. Three of the people at the table have PhD’s and Chintan’s basically done with his undergraduate degree from the University of Arizona. Then there’s me, the student fresh out of (yes basis, but still) high school. It’s as humbling as it is fascinating.
Then there’s office life: Avirtek has a fridge, a coffee machine, and a microwave. Just like Chintan, I eat my lunch at my desk while I work. I don’t have to move from class to class, and I can come and go as I please as long as I fill my required hours. The freedom and the trust, in exchange for a higher level of responsibility, has probably been the biggest shift for me to adjust to. Regardless, it’s one I greatly appreciate.
Next step : complete feature selection and begin database manipulation