Meet Ananya Balaji. A Rutgers University-New Brunswick senior majoring in Computer Science and minoring in Cognitive Science, she recently attended the 2024 WISE Conference (The International Web Information Systems Engineering) in Doha, Qatar, where she presented a paper, “Generating Effective Answers to People’s Everyday Cybersecurity Questions: An Initial Study.” We recently sat down with Ananya, who shared her path, which led to her attending the 2024 WISE Conference.
Please tell us about how your passion for research began.
I’ve been passionate about research for a long time. In high school, I worked on projects and peer-reviewed papers on topics ranging from spatio-temporal quantum entanglement to a comparative bioinformatics study of COVID-19. I also had the opportunity to participate in the New Jersey State Governor’s STEM Scholars program, among other enriching experiences. Building on this passion, I applied to several Research Experience for Undergraduates (REU) programs and was accepted into Carnegie Mellon’s REUSE (Research Experience in Software Engineering) program. This opportunity allowed me to explore my interests in both language and security, ultimately leading me to CMU Professor Norman Sadeh’s lab. I wanted to work on something that blended technology with these areas, and that curiosity shaped the direction of my research. That led to my work, which focused on enhancing how Large Language Models (LLMs)—advanced AI systems trained to understand and generate human-like language, such as ChatGPT and LLAMA 2—respond to users' security-related inquiries.
Users struggle daily to identify potential security threats and protect themselves online. While educating people on cybersecurity is crucial, it remains challenging because security is often treated as a "secondary task"—something users address while juggling other responsibilities. As a result, many turn to AI-powered chatbots for quick and accessible guidance. With the rise of AI-driven tools like ChatGPT and LLAMA 2, these models are becoming go-to sources for advice. However, despite their convenience, concerns persist about the reliability of their responses. To address this, I employed prompt engineering—a strategic technique that involves carefully structuring input prompts to guide the model’s responses. This technique extracts the components needed for a desired response from the LLMs. By refining the way security-related questions were framed, I aimed to extract the desired response.
My professor provided invaluable mentorship throughout the research process, helping me refine my approach and align my work with real-world privacy and security challenges. I designed a series of experiments to evaluate how different prompt structures influenced various metrics of LLM responses (like accuracy, relevance, motivating power, etc). Additionally, I worked with fellow researchers in our lab to develop a human-based evaluation framework, analyze the results, and contextualize them within broader cybersecurity concerns. We compiled our findings into a research paper, where all details are thoroughly documented.After multiple rounds of revisions and feedback, the paper was submitted to WISE 2024.
Please tell us about the WISE conference and how you covered the costs of attending.
The 2024 WISE Conference (The International Web Information Systems Engineering) in Doha, Qatar, is an annual symposium for scholars, graduate researchers, professors, and industry professionals to share their expertise and insights into Web technologies and their applications. This year, the primary focus was on artificial intelligence (AI). The conference features a mix of keynote speakers, technical sessions, panel discussions, and networking opportunities designed to foster a sense of community among participants. It was an incredible opportunity to learn from leaders in the field, connect with like-minded peers, and gain insights into emerging trends I had not previously explored, such as Recommendation Systems and Graph Data Management. It also provided a space to discuss the unique challenges faced by underrepresented groups in the industry and explore strategies for overcoming them through the technology we create.
I applied for various funding opportunities through online platforms and university resources to cover the costs of attending. These include the National Science Foundation’s Directorate for Computer and Information Science (NSF CISE) Grant, the Association for Computing Machinery-Women’s (ACM-W) Scholarship Award, Rutgers ARESTY Conference Funding, sponsorship from my professor’s lab, and additional sources through Pivot-RP. I additionally leveraged networking opportunities with Rutgers CS Professor Konstantinos Michmizos and Engineering Honors Academy Dean Antoine for advice and recommendations to secure sponsorships. Through these efforts, I successfully obtained the financial support needed to attend the conference and fully benefit from the experience.
What are the next steps in your research or the project's development?
Ultimately, this work contributes to the broader field of cybersecurity by informing future developments in LLM training, enhancing user engagement, and promoting a culture of security awareness. Looking ahead, I aim to expand the range of cybersecurity queries for the models to assess how well models handle a broad spectrum of security concerns. On a personal level, I aim to explore the balance between enhancing model performance through domain knowledge, such as an individual’s age and educational background, while simultaneously protecting users' privacy and mitigating potential misuse. Following this work, my research group has initiated an Institutional Review Board (IRB)-approved human study, where users interact with the customized chatbot on Chrome to evaluate its effectiveness and utility in real-world contexts.
What advice would you give your peers on how they should seek internships and research opportunities?
My advice is to seize every opportunity that comes your way, no matter how small it may seem—whether it's a research position at a Rutgers lab, an English class on ‘Scientific and Technical Writing,’ internships with local companies, or online hackathons. These experiences were crucial in helping me secure my current position and many other opportunities along the way. The goal is not to limit yourself to just the most well-known companies. Instead, cast a wide net. Explore a wide range of interests and fields. Dive into a new summer experience by checking out NSF ETAP or contact Rutgers' Office of Distinguished Fellowships for unique scholarship opportunities.
Networking is key— reaching out to alumni, attending conferences, or connecting with professors outside of class time. Take the time to chat with a professor in person, even if it’s just two minutes after every class. It can make a significant difference. Don’t ever be afraid to ask for help; people enjoy offering guidance and mentorship.
For my fellow CS students, I highly encourage exploring research. Research in our field goes far beyond the process of writing long papers; it’s a valuable opportunity to experiment with emerging technologies and new programming languages, tackle real-world problems, and find your niche. Many of these labs work on high-impact projects, directly connecting with some top industry leaders and academic institutions worldwide. These experiences can enhance your chances of discovering future internships or, more broadly, a career path that you genuinely enjoy.
