The High School Internship Program will not be offered in Summer 2026 while we focus on refining the experience, improving our processes, and building long-term support for the program. We recognize this may be disappointing, but this pause will allow us to thoughtfully review the program, enhance its structure, and ensure its sustainability so that it returns as an even stronger opportunity for future students.

After five successful years, it’s clear that student interest and talent are strong. During this hiatus, we’ll be exploring ways to strengthen the program’s structure, deepen students’ long-term engagement with research, and enhance the opportunities available when the program returns in 2027.

Our goal will stay the same: to offer a meaningful and distinctive experience for Phoenix high school students interested in cybersecurity research.

The information listed on this webpage and FAQ will update once the revamped opportunity is open.

A research internship serves several purposes:

1. It exposes you to the environment of a world-class cybersecurity research lab and conveys what it means to conduct impactful research.
2. Because you’ll be carrying out academic research, the internship can act as a “preview” to our computer science programs for those of you considering studying at ASU in the future.
3. The internship introduces you to prominent researchers in the field, giving you valuable interpersonal connections for future pursuits within and outside of academia.
4. Because your work will be on the cutting edge, you’ll be exposed to emerging concepts and technologies (for example, binary analysis using angr at a more fundamental level than just by cloning them on github).

Our PhD student mentors curated a list of their recommended resources, which can be explored here.

Students will be paired with a PhD student who will act as a research mentor. They will have a variety of project options that may include research taking place in the lab, or new ideas to explore.

Some examples of past internship projects include:

• Comparing linting tools and ChatGPT for reviewing code errors and syntax
• Creating a bot simulation of a secure finance setting that highlights vulnerabilities in Python
• Exploring social media ad scams based on consumer demographics and algorithm variations
• Analyzing hosting provider responses to phishing reports

Click here to see research posters from past interns!

The internship is an 8-week experience that takes place in the summer, mostly in June and July. Specific dates vary year-by-year.

We recognize that high school districts are not on the same summer break schedule, so there’s some flexibility to customize the plan based on the interns’ needs. To adequately accommodate the students’ needs, we ask that all summer schedules, i.e. vacations and other scheduled priorities, are disclosed on the application.

Internships are carried out under the guidance of PhD students in our research lab, and are overseen by Center leadership/professors: Yan Shoshitaishvili (known in the CTF scene as Zardus), Adam Doupé (adamd), Ruoyu (Fish) Wang (fish), and Tiffany Bao (__tiffanyb__).

Yan, Adam, Fish, and Tiffany are well-known researchers and avid CTF players (having played and hosted CTFs with Shellphish, the ASU Hacking Club,  Order of the Overflow, and Nautilus Institute).

We expect interns to dedicate 15-20 hours per week. Interns are expected to be in-person every Tuesday of the program unless instructed otherwise. Not meeting the weekly hours or in-person commitment may lead to an early conclusion of the internship if deemed necessary. Likewise, the intern is able to decide to opt out of the program at any time if they decide it’s not a good fit for them.

The internship is hybrid with mandatory in-person components on Tuesdays. The in-person commitments are held in the CTF lab at Arizona State University in Tempe, AZ. The address of our building is Brickyard Engineering, 699 S Mill Ave, Tempe, AZ 85281. Interns are responsible for their transportation to and from the campus, along with any associated costs (including parking).

It is important to note that, in the end, this internship is more for you than it is for us. A good outcome (and we will strive to help you get there) is awesome for everyone. A bad outcome (and these, unfortunately, do happen) is not the end of the world. Bad outcomes here means that no progress is made and nothing is produced. This is not to make the internship seem insignificant, but to relieve the pressure: our lives do not “hang” on your performance—don’t panic! Of course, if you’re looking for a letter of recommendation from us, shoot for a good outcome.

We have weekly meetings of the whole lab where everyone presents their progress, along with as-needed one-on-one sessions. You should be present at these meetings (or let us know of your absence in advance) even when you have not made progress. Research sometimes progresses in bursts, and you sometimes need to sit back and think on things for a while. This is fine, and we are absolutely accepting of it, but we like to know what’s going on so that we can help if you’re blocked.

Yes! We all strongly believe in open access to research, and barring weird unforeseen circumstances, you will be encouraged to open source your projects with collaboration of your mentor.

We love to CTF! We are home of the ASU Hacking Club that meets weekly and plays CTFs on the weekends, and some members of Shellphish. If you like to CTF, then CTF will be a fundamental part of your internship. Come hack with us, develop ideas inspired by CTF, and help push the community forward!

When the program relaunches for summer 2027, high school Juniors and Seniors in the Phoenix area will be eligible to apply.

Applicants must be enrolled in a high school that is located within the Phoenix-metro area, and able to commit to the weekly in-person sessions held at the ASU Tempe campus.

There are no age restrictions, though there will be a few extra steps if you’re under the age of 18. For example, your parent or guardian will need to sign off on your participation. More information for parents/guardians can be found in this FAQ.

ASU takes safety very seriously, and this internship complies with the university’s Youth Protection Program. Some of these precautions include, and are not limited to:

• Dedicated process, practice, and policy training for PhD students, staff, and faculty who are part of the Internship
• Background checks and fingerprinting for Phd students, staff, and faculty who are part of the Internship
• No 1:1 interactions permitted, including online
• Maintaining activity and location logs when interns are in-person

Any intern, regardless of age, is not permitted to be in the cybersecurity lab space on campus without approved accompaniment.

If you have questions or concerns, please email [email protected].