Cybersecurity Research Group (CRG)

About our outreach work

The York St John University Cyber Security research group, in collaboration with Yorkshire and Humber Institute of Technology (YHIoT), is developing and delivering a series of free Cyber Security workshops for Year 11, 12 and 13 students across Yorkshire and Humber.

The sessions are delivered in schools for a specific cohort at any time during the academic year particularly targeting students who are interested in cyber security as a potential career/educational pathway, and no prior knowledge or experience is required.

If you are interested in hosting a workshop or a series of workshops for an identifier cohort, please contact Dr Ahmed Abubahia (a.abubahia@yorksj.ac.uk) or Dr Yang Lu (y.lu@yorksj.ac.uk).

Summary of the sessions

Cyber Hygiene

This session was designed to educate and engage participants in proactive thinking about cybersecurity, cyber threats, and cybercrime, as well as improve their understanding of online security. Participants discuss social engineering and the best tools and methods for maintaining cyber hygiene, staying safe and secure online, and detecting and reporting cyberbullying. Participants take part in exercises using specialised equipment for various cyber hygiene activities, such as understanding keystroke injection attacks and countermeasures and practicing keystroke logging using AirDrive Forensic Keylogger.

Network Security

This session covers wired and wireless network traffic analysis and exploration, basic pen testing tricks, basic network and computer system cyberattack simulation, and countermeasures. Participants learn how to use ducky scripts to execute payloads for painless packet captures and secure VPN connections using a stealthy pocket-sized man-in-the-middle device. Participants learn about the use and purpose of a network perimeter firewall, separated subnets, the reasons for packet filtering, and the shortcomings of a simple packet filter firewall in a simulated network environment.

Embedded System Security

The session was designed to introduce participants to the principles of Embedded System Security through the completion of the following tasks:

• Build an Xbee network, consisting of sender and receiver nodes.
• Configure security settings on the Xbee network.
• Build a LoRa network, consisting of sender and receiver nodes.
• Convert the LoRa system into LoRaWAN and configure the security settings.
• Attempt to disrupt Xbee/LoRa network traffic using Denial of Service methods.
• Attempt to capture Xbee/LoRa traffic using eavesdropping methods.
• Use the HackRF for the denial of service and eavesdropping.
• Optional: Complete individual tasks at the end of the workshop.