Development of a Data Pipeline for Real-Time Network Analytics; Ethical Issues Stemming from the Stockpiling of Zero-Day Vulnerabilities

Johnson, Derek, School of Engineering and Applied Science, University of Virginia
Heo, Seongkook, EN-Comp Science Dept, University of Virginia

I first learned about the zero-day vulnerability market in the Spring of 2021. Darknet Diaries, a podcast I frequently listen to, ran an episode about the topic and it instantly fascinated me. During this period I was still trying to determine what I would write about for my STS research paper. However, after hearing this podcast episode I was convinced that the zero-day vulnerability market contained more than enough ethical ambiguity to be the center of my research. Best of all, it is a topic with real stakes. This made the process of researching feel like an exploration and has kept me fascinated for nearly a year. My technical topic consists of a reflection on my most recent internship and a set of suggested improvements to the UVA undergraduate computer science (CS) curriculum. The technical portion of my capstone has little to do with the STS portion as it was chosen much later.
The technical portion of my capstone is focused on documenting the work done during my internship with Leidos. In this role I developed a pipeline that would consume data from a variety of sources, analyze said data using models created by data scientists, and send the results to a final data sink. In the technical report I outline how this task was accomplished as well as what tools were used. I describe the process of designing for modularity and the lessons I learned about working on large software projects. Additionally, I share some changes that could be made to the UVA undergraduate CS curriculum to create a better experience for students. Once such change is the introduction of pair and group programming in the low level CS classes. Finally, I identify the classes that were the most helpful to my experience as an intern.
Software vulnerabilities that are unknown to the creator of the software are referred to as zero-days. There is a vibrant market for these software vulnerabilities as they can be used to gain access to sensitive information and shut down critical infrastructure. Individuals, corporations,
and nations are all participating in this market. It is known that our own government purchases zero-days on the market and stockpiles them for future use. The US government hoarding vulnerabilities to software products allows them to have a tactical edge in cyber warfare but also puts citizens at risk. There has already been one high profile example of a cyber exploit created by the national security agency being leaked and used in a ransomware attack. By continuing to stockpile zero-days, the United States government escalates a cyber arms race.
By reflecting on my experience this past summer, I was able to identify the lessons I learned and habits I formed as a CS undergraduate that allowed me to be successful in my role as an intern. This process helped me to be a more effective and motivated student. In researching zero-day stockpiling I gained an appreciation for the complexity of the global cybersecurity landscape. The US government is trying to maintain control over cyberspace. However, in doing so, they are choosing to keep vulnerabilities open. Vulnerabilities that could be exploited by bad actors to cause massive global disruption. As the world becomes more digitized the threat posed by zero-day stockpiling will only grow.

BS (Bachelor of Science)
Zero Day, Kafka, Machine Learning, Vulnerability Ethics

School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisor: Rosanne Vrugtman
STS Advisor: Richard Jacques
Technical Team Members: N/A

Issued Date: