CYSE 368

Cybersecurity Internship

Nathaniel Bradley

2/7/2026

CYSE368

Spring 2026

Professor Teresa Duvall

TA Joshua Russell

Ampersand accounting

Reflection #1

 

During the first 50 hours of my internship at Ampersand Accounting, I have had the opportunity to work directly under the CEO while working on artificial intelligence development and research. This experience has already provided me with valuable insight into how AI can be applied in real-world business and cybersecurity environments. My primary responsibility so far has been researching how artificial intelligence systems work and developing an outline for creating my own AI large language model (LLM) that will function as a phishing email detector. This project aligns closely with my academic focus in cybersecurity and has allowed me to begin connecting classroom knowledge with practical application.

One of the main tasks I have been working on is studying how AI models, particularly large language models, are designed and trained. I have spent time learning about machine learning fundamentals, natural language processing, and how AI can identify patterns within text. Through this research, I have started outlining the steps required to build an AI system capable of detecting phishing emails. My proposed model will analyze email content, identify suspicious language patterns, and flag potential phishing attempts before they reach users. Since phishing is one of the most common cyber threats today, I believe this tool could be extremely useful for improving cybersecurity awareness and protection in a business setting.

Although this internship has been exciting, it has also presented some challenges. One of the biggest challenges I have faced is understanding the complexity of artificial intelligence. AI systems involve many difficult concepts, including algorithms, training data, and model evaluation, which can be difficult to fully grasp at first. At times, the amount of information I need to learn feels overwhelming. However, this challenge has motivated me to improve my research skills and ask more questions when I encounter topics I do not fully understand. I have learned that it is normal to feel confused when working with advanced technologies and that persistence and continuous learning are essential for growth in the cybersecurity field.

This internship directly supports my academic and career goals in cybersecurity. As someone interested in the intersection of AI and cybersecurity, working on a phishing detection LLM allows me to explore how AI can enhance digital security. It has helped me see how AI can be used as both a defensive and preventative tool against cyber threats. The knowledge and experience I am gaining will help prepare me for future roles in cybersecurity, particularly in areas related to threat detection, AI security, and cyber defense.

In conclusion, my first 50 hours at Ampersand Accounting have been both challenging and rewarding. I have begun researching artificial intelligence, developing a plan to build a phishing email detection model, and gaining valuable insight into how AI can be applied in a professional setting. Although learning about AI can be confusing at times, this experience has encouraged me to expand my knowledge and develop new technical and professional skills. I look forward to continuing my internship, refining my AI project, and gaining even more experience that will help me grow as a cybersecurity professional.

Nathaniel Bradley

3/6/2026

CYSE368

Spring 2026

Professor Teresa Duvall

TA Joshua Russell

Ampersand accounting

Reflection #2

 

Over the course of the second fifty hours of my internship, I have continued working under the CEO of Ampersand Accounting while focusing on learning more about artificial intelligence and how it can be applied to cybersecurity problems. During this part of the internship, my main focus has been researching how AI systems work and continuing development on the phishing email detection tool I began outlining earlier in the internship. These additional hours have allowed me to move from mostly research into actually building and testing parts of the system.

At the beginning of this phase of the internship, I spent time deepening my understanding of how AI applications are structured. One concept that has become clearer to me is the way most AI systems are built around three major components: the frontend, the backend, and data management. The frontend is the part of the application that users interact with, such as a webpage or interface where someone could submit an email for analysis. The backend handles the processing and logic of the application, including sending information to an AI model and receiving the analysis results. Finally, data management involves storing information such as user inputs, results from the AI analysis, and other relevant data so the system can keep records and potentially improve over time. Understanding how these pieces work together helped me better understand what it actually takes to turn an AI idea into a functional tool.

One of the biggest areas of progress I have made during the second half of my internship has been working toward building the phishing detection tool itself. Initially, the project started as a concept and outline, but over time I have begun developing a working version of the application. The tool is designed to analyze email content and determine whether it may be a phishing attempt. The idea is that a user could paste an email into the system, and the AI model would analyze the text and provide a risk assessment explaining whether the message appears legitimate or potentially malicious.

Developing this system has helped me better understand how large language models can be used in practical cybersecurity applications. By connecting the AI model to a simple web interface, I have been able to test how the system analyzes different types of emails and how it responds to suspicious language patterns. For example, phishing emails often include urgent requests, unusual links, or attempts to impersonate trusted organizations. Seeing how the AI evaluates these patterns has been interesting and has helped me understand both the strengths and limitations of current AI technology.

Another improvement I have worked on during this time is making the application easier to use and more realistic as a potential cybersecurity tool. Instead of only analyzing raw text, I began thinking about how the system could also consider other pieces of information such as the sender’s email address and common email patterns that users typically receive. This led to ideas for future improvements, such as allowing the application to keep a list of trusted email senders and compare suspicious messages against those known contacts. Thinking through these kinds of features has helped me understand how cybersecurity tools are designed with both security and usability in mind.

One challenge I faced during this stage of the internship was learning how to work with AI APIs and integrate them into a working application. While the concept of using AI sounds straightforward, the process of actually connecting the system, handling requests, and interpreting the model’s responses can be more complicated than expected. There were times where errors occurred or things did not work the way I initially planned. However, working through these issues helped me develop better troubleshooting skills and gave me a more realistic understanding of the development process.

Another valuable lesson from this portion of the internship has been learning how important experimentation and iteration are when building technology. Instead of expecting everything to work perfectly the first time, I have learned to gradually test features, adjust the system, and improve it step by step. This process has helped me gain confidence in working with new technologies and approaching technical problems more logically.

Overall, the second half of my internship has been extremely valuable in helping me move beyond theory and begin applying what I have learned to a real project. Working on the AI phishing detection tool has allowed me to combine my interests in cybersecurity and artificial intelligence while also learning more about how modern applications are developed. I have gained experience researching technical topics, designing system features, and experimenting with AI models in a practical environment.

As I continue working toward the completion of my internship hours, I hope to continue improving the phishing detection tool and exploring additional features that could make it more useful. This experience has shown me how powerful AI can be when applied to cybersecurity problems and has strengthened my interest in continuing to work with AI-driven security technologies in the future.

 

Nathaniel Bradley

4/5/2026

CYSE368

Spring 2026

Professor Teresa Duvall

TA Joshua Russell

Ampersand accounting

Reflection #3

 

Over the course of the last 50 hours of my internship, I have made significant progress both technically and professionally, especially through the development of my AI-powered phishing detection application. This phase of the internship was focused heavily on building, expanding, and refining a working cybersecurity tool that leverages a large language model to analyze potentially malicious emails. Compared to my earlier work, I now have a much stronger understanding of how backend systems, user authentication, and AI integration all come together in a real-world application.

One of the most important milestones I reached during this period was successfully implementing a full user authentication system. I built login and registration functionality using Flask and integrated session management to ensure that only authenticated users could access the core features of the application. I also learned how to securely store user credentials by hashing passwords instead of saving them in plain text. This experience gave me a deeper appreciation for how security principles are applied in practice, not just in theory.

In addition to authentication, I expanded the application’s database functionality by storing user-specific data, including analyzed emails and a “trusted email” system. This feature allows users to save known safe email addresses, which the application can reference when analyzing new messages for potential phishing attempts. Building this feature helped me better understand how relational databases work and how to structure data in a way that supports both functionality and scalability.

Another major area of growth during this period was improving the user interface and overall usability of the application. I transitioned from a very basic layout to a more structured and visually appealing design that resembles a real cybersecurity tool. This included adding a dashboard to view past scans, implementing a risk scoring system with visual indicators, and creating a cleaner workflow for submitting and reviewing email analyses. These changes made the application feel much more like a real product rather than just a technical prototype.

One of the most challenging but valuable aspects of this phase was dealing with unexpected issues and learning how to debug them effectively. As I added more features, there were multiple points where the application stopped behaving as expected, such as login sessions not working correctly, pages not rendering, or certain features breaking after updates. I had to learn how to isolate problems by testing individual components, checking error messages, and carefully reviewing both frontend and backend code. This process taught me that troubleshooting is not just about fixing errors, but about understanding how different parts of a system interact and identifying where something is going wrong. It also reinforced the importance of making incremental changes and testing frequently, rather than trying to implement too many updates at once.

Working through these difficulties improved my problem-solving skills and patience, as well as my ability to think critically about system behavior. Instead of getting frustrated when something broke, I became more methodical in diagnosing issues and more confident in my ability to resolve them. This is a skill that will be extremely valuable in any cybersecurity or software development role, where systems are often complex and issues are not always immediately obvious.

Overall, these 50 hours have been some of the most productive and educational of my internship so far. I not only expanded my technical skill set in areas like web development, databases, and AI integration, but I also developed a stronger mindset for tackling complex problems. The progress I have made on this project has given me confidence in my ability to build real-world applications and has reinforced my interest in pursuing a career in cybersecurity.

 

 

Nathaniel Bradley

4/19/2026

CYSE368

Spring 2026

Professor Teresa Duvall

TA Joshua Russell

Ampersand accounting

Final Paper

Table of Contents

  1. Introduction
  2. Management Environment
  3. Work Duties, Assignments, and Projects
  4. Application of Cybersecurity Knowledge
  5. Connection to ODU Curriculum
  6. Internship Learning Outcomes Evaluation
  7. Motivating Aspects of the Internship
  8. Discouraging Aspects of the Internship
  9. Challenging Aspects of the Internship
  10. Recommendations for Future Interns
  11. Conclusion

1. Introduction

I decided to pursue my internship with Ampersand Accounting because I wanted an opportunity to apply cybersecurity concepts in a real-world environment, specifically in a setting where sensitive financial data is involved. Financial organizations are frequent targets of phishing and social engineering attacks, and I was particularly interested in gaining experience in defending against those types of threats. Additionally, I wanted to gain hands-on experience working with artificial intelligence, especially large language models, to better understand how emerging technologies can be used in cybersecurity applications.

Before beginning my internship, I established several learning objectives as part of my Memorandum of Agreement. One of my main goals was to develop a practical understanding of how phishing detection systems work and how they can be implemented in a real environment. Another objective was to improve my programming and development skills by building a functional application from the ground up. A third goal was to gain experience troubleshooting real-world technical issues, rather than relying on structured lab environments. These objectives guided my work throughout the internship and helped me stay focused on meaningful progress.

Ampersand Accounting is a professional firm that provides accounting and financial services to small and medium-sized businesses. The company works with sensitive financial information, making cybersecurity a critical concern. While the organization primarily focuses on accounting, it has recognized the increasing importance of protecting client data from cyber threats. The company’s client base includes businesses that rely heavily on digital communication, which makes them particularly vulnerable to phishing attacks. This created a strong need for solutions that could help identify and prevent malicious emails.

At the beginning of my internship, I went through an informal orientation process where I was introduced to the company’s operations and the expectations for my role. Unlike a highly structured corporate internship, this experience required me to take initiative and define my own workflow. My initial impression was that the environment was flexible but also required a high level of independence. I quickly realized that I would be responsible for driving my own progress, which was both challenging and motivating.

2. Management Environment

The management environment at Ampersand Accounting was relatively informal compared to larger organizations, but it was still effective for the type of work I was performing. I worked directly under the CEO, which provided me with a unique perspective on how decisions are made at the top level of a company. This direct line of communication allowed for quick feedback and made it easier to adjust the direction of my project as needed.

The structure of the internship required a high degree of self-management. Instead of being assigned daily tasks, I was given a general objective and expected to make consistent progress toward it. This approach helped me develop independence and accountability, as I had to manage my time, set priorities, and ensure that I was meeting expectations without constant supervision.

Overall, the management environment was effective because it balanced guidance with independence. While I had the freedom to explore different approaches, I also had access to feedback when needed. This combination allowed me to grow both technically and professionally.

3. Work Duties, Assignments, and Projects

My primary responsibility during the internship was to design and develop an AI-powered email analysis tool known as PhishGuard AI. This project involved multiple stages, including research, design, implementation, testing, and troubleshooting. Each stage required a different set of skills and contributed to the overall success of the project.

The core function of the application was to analyze emails and determine whether they were safe or potentially malicious. This required building a system that could accept user input, process that input through an AI model, and return meaningful results. In addition to this main functionality, I also implemented user authentication and a dashboard for tracking previous scans.

Each component of the project served a specific purpose within the business context. The email analysis feature helps identify potential phishing threats, which is directly relevant to protecting financial data. The authentication system ensures that only authorized users can access the application, while the dashboard allows users to review past analyses and track patterns over time.

4. Application of Cybersecurity Knowledge

Throughout the internship, I applied a variety of cybersecurity concepts that I had learned in my coursework. This included understanding phishing attack techniques, recognizing social engineering tactics, and identifying indicators of malicious activity. These concepts were essential for designing a system that could effectively analyze emails.

In addition to applying existing knowledge, I also had to learn new skills on the job. One of the most significant areas of growth was understanding how to integrate artificial intelligence into a cybersecurity application. This required learning how to structure prompts for a large language model and how to interpret its responses.

This experience changed my understanding of cybersecurity by showing me how it can be combined with other technologies to create more advanced solutions. Instead of viewing cybersecurity as a separate field, I began to see it as something that can be integrated into a wide range of applications.

5. Connection to ODU Curriculum

The coursework I completed at ODU provided a strong foundation for this internship, particularly in areas such as networking, security principles, and system analysis. Concepts such as threat detection, network security, and risk management were directly applicable to the work I was doing.

At the same time, the internship revealed areas where additional preparation would have been beneficial. For example, while I had experience with programming, I had not previously built a full web application or integrated an AI model into a system. These were skills that I had to develop during the internship.

Overall, the experience reinforced many of the concepts I learned in school while also introducing new techniques and technologies that I had not yet encountered.

6. Internship Learning Outcomes Evaluation

The learning objectives I established at the beginning of the internship were largely achieved. I gained a practical understanding of phishing detection systems by building one myself, which provided insights that could not be gained through theory alone. I also improved my programming skills by developing a full application, which required learning new tools and techniques.

Additionally, I successfully developed my troubleshooting abilities by working through complex issues, including a major system failure. This experience demonstrated that I had met my goal of gaining real-world problem-solving experience.

7. Motivating Aspects of the Internship

One of the most motivating aspects of this internship was the sense that the work I was doing had a direct connection to real-world cybersecurity problems. Phishing is not an abstract concept; it is one of the most common entry points for attackers, especially in organizations that handle sensitive financial data. Knowing that the application I was building could realistically help someone pause, think, and potentially avoid a malicious email made the work feel meaningful on a day-to-day basis. That sense of purpose made it easier to stay engaged even when progress slowed down or when I encountered technical roadblocks.

Another major source of motivation came from seeing the system gradually come together over time. In the early stages, the application was extremely simple and limited in functionality. As I continued to develop it, I was able to add features such as AI-driven analysis, user authentication, and a dashboard to track scan history. Each successful addition made the system feel more complete and reinforced the idea that consistent effort leads to tangible results. This progression created a feedback loop where small wins encouraged continued work and improvement.

I was also motivated by the opportunity to work with technologies that are highly relevant in the current cybersecurity landscape, particularly large language models. Being able to experiment with prompt design and see how changes in wording affected the model’s output made the project feel both modern and intellectually engaging. It pushed me to think beyond traditional rule-based detection and consider how context and language can be analyzed in more advanced ways.

Finally, the level of independence in the internship environment contributed to my motivation. Because I was responsible for managing my own progress, I had the freedom to explore ideas, test different approaches, and take ownership of the project. While this level of responsibility was challenging at times, it also made the experience more rewarding because the results were directly tied to my own effort and decision-making.

8. Discouraging Aspects of the Internship

Despite the many positive aspects of the internship, there were also moments that were discouraging, particularly when technical issues prevented progress. There were periods where I would spend hours working on a problem without seeing immediate results, which made it difficult to feel productive. For example, when the application began to malfunction due to session handling issues, it was not immediately clear where the problem originated. This created a situation where multiple parts of the system had to be examined, often without clear indicators of what was wrong.

Another discouraging aspect was dealing with inconsistencies when working with external systems such as APIs. At times, errors related to authentication or rate limits would interrupt development and require additional troubleshooting that was not directly related to the core functionality of the application. These interruptions could be frustrating because they slowed down progress and required shifting focus away from building features to resolving underlying issues.

There were also moments where improvements introduced new problems. A change that fixed one issue could unintentionally break another part of the system, which made it feel like progress was being undone. This was particularly noticeable when working with routing and template rendering in Flask, where small changes could have larger impacts on how the application behaved.

However, while these aspects were discouraging in the moment, they ultimately contributed to my growth. They forced me to develop patience, persistence, and a more disciplined approach to debugging. Over time, I learned to view these challenges as part of the development process rather than as setbacks.

9. Challenging Aspects of the Internship

The most challenging aspect of the internship was diagnosing and resolving complex system failures, especially when the cause was not immediately obvious. One of the most significant challenges occurred when the application’s authentication system failed, leading to users being automatically logged in and the application becoming stuck on the dashboard. This issue required a deep understanding of how Flask handles sessions, how routes are executed, and how templates are rendered.

What made this challenge particularly difficult was that it involved multiple layers of the application working together incorrectly. The problem was not isolated to a single function or file; instead, it was the result of interactions between session variables, route logic, and front-end rendering. This required me to step back and analyze the entire flow of the application rather than focusing on individual components in isolation.

Another challenge was learning how to effectively work with a large language model in a way that produced reliable and meaningful results. Unlike traditional programming, where outputs are deterministic, the responses from an LLM can vary depending on how the input is structured. This required experimentation and refinement of prompts to achieve consistency. Understanding how to guide the model’s behavior without direct control over its internal logic was a new and complex skill to develop.

Time management was also a challenge, particularly when balancing development, troubleshooting, and documentation requirements. Because there was no strict daily task list, I had to determine how to allocate my time effectively to ensure steady progress. This required setting personal milestones and adjusting priorities based on what issues were most critical at the time.

Overall, these challenges pushed me to develop a more comprehensive approach to problem solving. They required technical knowledge, critical thinking, and persistence, all of which are essential skills in cybersecurity and software development.

10. Recommendations for Future Interns

Future interns entering this role should be prepared for a high level of independence and should be comfortable taking initiative in their work. Having a strong foundation in Python programming will be extremely beneficial, particularly experience with basic web development concepts such as routing, request handling, and template rendering. While it is not necessary to have prior experience with Flask specifically, familiarity with how web applications function will make the learning curve more manageable.

It is also important for future interns to have a solid understanding of fundamental cybersecurity concepts, especially phishing and social engineering techniques. Understanding how attackers craft emails and what makes them convincing will provide valuable context when working on detection systems. This knowledge will make it easier to design features that are both practical and effective.

Another key recommendation is to develop strong debugging and troubleshooting habits early on. Problems will arise that do not have immediate solutions, and the ability to methodically work through those problems is essential. This includes reading error messages carefully, testing changes incrementally, and avoiding the temptation to make multiple changes at once without understanding their impact.

Future interns should also be prepared to learn new technologies on the job, particularly when working with AI systems. Large language models behave differently from traditional programs, and understanding how to interact with them effectively requires experimentation and patience. Being open to trial and error will make this process much smoother.

Finally, it is important to maintain persistence and a positive mindset. There will be moments where progress feels slow or where the system does not behave as expected. These moments are a normal part of the development process, and working through them is where the most meaningful learning occurs. Interns who approach challenges with determination and a willingness to learn will gain the most from this experience.

11. Conclusion

In conclusion, this internship provided a valuable opportunity to apply cybersecurity knowledge in a real-world setting. It allowed me to develop technical skills, gain practical experience, and grow professionally.

The experience will influence the remainder of my time at ODU by motivating me to take on more challenging projects and continue developing my skills. It has also helped shape my future career goals by reinforcing my interest in cybersecurity and artificial intelligence.

Overall, this internship has been a significant step in my professional development and has prepared me for future opportunities in the field.