MS by Research student, Ihita Gangavarapu’s evolution from college student to stakeholder in tech policy issues and now researcher in cybersecurity has been nothing short of meteoric. Fresh from representing India at a United Nations agency (ITU-D) meet in Geneva and a subsequent presentation at the international conference on Communication Systems and Networks (COMSNETS) in Bangalore, she has a lot to crow about.
Technology regulation, internet governance, inclusion, environmental sustainability and more roll off Ihita Gangavarapu’s tongue effortlessly and with passion. “I’ve always had an inclination towards technology policy and how young people should be getting a seat at the table along with policy and decision makers,” she offers as explanation. When Ihita contributed to the question on ‘Best practices for developing a culture of cybersecurity’ at the United Nations agency International Telecommunication Union (ITU)-D Study Group-2 meeting held in Geneva in early December 2022, she created history. As a representative of the Indian delegation and the Generation Connect Initiative, she was the first ever youth to participate in an ITU-D study meeting.
It was in college that stoked by her peers’ constant online presence, Ihita got intrigued by the complexities and the dynamic nature of cyberspace. Her foray into the world of digital governance began with a NextGen@ICANN program in 2016 that she was selected to participate in. For someone interested in and looking to actively engage in regional communities to shape the future of global Internet policy, ICANN (Internet Corporation for Assigned Names and Numbers) public meetings are a good place to start with. Despite being overwhelmed at that first meeting, Ihita says, “I realised that there is this entire black box that people keep talking about called Internet governance and wanted to know more.” For this, the young Electronics and Communications (ECE) student not only opted for a bunch of courses around Economics and Policy but also actively participated in schools of internet governance on fully funded fellowships. It was at the India School of Internet Governance (InSIG) Trivandrum, that she was exposed to Indian technology policy and the internet governance ecosystem. It was also where the idea to start an initiative for the youth of India on capacity building and empowerment took shape.
Genesis Of A Movement
In 2018, a 21-year-old Ihita formally kickstarted the Youth Internet Governance Forum India (Youth IGF) as co-founder alongwith Shahul Hameed. Youth IGF India received recognition from the United Nations Internet Governance Forum and support from InSIG to organise its first annual event in New Delhi. The goal of Youth IGF India is to raise awareness of youth on internet governance issues and encourage them to participate in informed technological developments as well as public policy discussion. “It’s a multi stakeholder body with lawyers, civil society members, members from the government like MEiTy and a lot of students who are very interested in contributing in this area as well as looking for career opportunities. So we help them with that. We deal with everything from the last mile connectivity like optical fibre to issues faced on the internet such as hate speech, cyberbullying, child pornography, all of these and more,” elaborates Ihita. By simultaneously inviting domain experts who can talk on current policy regulations and soliciting youth perspectives on the same, suggestions from the youth are then shared with policymakers. A recent case in point being several recommendations made by the youth body on the Draft Telecom Bill that was put up for public consultation in 2022.
Sensing Vulnerabilities In IoT Networks
Despite Ihita’s immersion into the creation of a sustainable digital future especially for the youth, she never lost sight of her academic trajectory. “The other line of work that I pursued in parallel was to get a concrete understanding of technology with respect to the Internet of Things and machine learning,” she says. With widespread adoption of AI and a corresponding rise in the number of cyber attacks, Ihita also developed a growing interest in cybersecurity. A serendipitous meeting with Prof. Sachin Chaudhari, coordinator of the Centre for Excellence on IoT, at an internet standardisation conference proved to be invaluable. She reached out to him and applied formally for a research internship that later transitioned into an MS by Research admission at the Signal Processing and Communications Research Centre (SPCRC) at IIITH. The smart city deployment on campus was an opportune starting point and she began looking into the security configurations of the air pollution monitoring vertical.
From A Hacker’s Perspective
According to Ihita, IoT networks typically prioritise functional, operational and cost-related requirements over security. “When we deploy IoT devices at scale for smart cities across many locations, the attack area is pretty huge. It could be something as simple as someone physically tampering with your sensor, either breaking it or vulnerabilities that exist in your communication protocol, whether it is a WiFi network, mobile data, hotspot and so on,” she explains adding, ““I started analysing the complete security from the hardware perspective as well as the application layer. We were able to spoof the entire identity of a particular node, and just sit in our lab and send data to the server. There was no form of proof of origin of the source of the data.” This research-led hacking resulted in a paper titled,”Security Analysis of Large Scale IoT Network for Pollution Monitoring in Urban India”, that was accepted at the 7th IEEE World Forum on IoT (WFIoT), New Orleans. Her research got a fillip when data from individual sensor nodes across campus was interfaced with the OneM2M server. This time, she began looking at the other smart city verticals such as energy, water, and weather. It led to another research publication titled,”Security for oneM2M based Smart City Network: An OM2M implementation,” that was accepted at the Standards Driven Research (SDR) track of the 15th International Conference on COMmunication Systems & NETworkS (COMSNETS) 2023, in Bengaluru.
Proactive And Unconventional
At a time when most engineering graduates focus on campus placements with the sole aim of bagging a job offer, Ihita stands out from the crowd with what her advisor, Prof. Chaudhari terms an “unconventional” approach. Lauding the clarity with which she is charting her next steps, he says, “Ihita missed out on placements due to her commitments at the UN. She is anyway looking for a niche area where she can apply her knowledge of tech policy along with cybersecurity expertise. Even when she completed her BTech, unlike her peers, she didn’t seek employment right away; she was more focused in gaining an in-depth knowledge of areas that fascinated her”. With a lot of current cybersecurity research focused on theory, Ihita’s work stands out for the real time insights gained by actually hacking through the security network. Infact, plans are afoot to collate the ideas that have come about from scrutinising security-related issues of the OneM2M platform in order to contribute them to the Telecommunications Standards Development Society, India (TSDSI) for adoption as a standard.
The Future Is Us
For someone who is formally trained in Carnatic music, it comes as no surprise to hear Ihita call singing, “a stress buster”. As one of the vocalists of a student-led band on campus ‘Ashwathama’, she has performed not only at the popular annual Felicity fest in 2022 but also at other college events. If it weren’t for some serious ligament tears, one could even spot her on the basketball court shooting hoops. But right now, her priority lies in ensuring that the current leadership listens to her and her peers. “It is also important that they hold the internet and the telecom regulation around what is most sustainable, and what is most relevant for young people. Because after all, we are the future of the internet”.