Engineering Commons^™

A Retrospective On 2022 Cyber Incidents In The Wind Energy Sector And Building Future Cyber Resilience, Megan Egan

Cyber Operations and Resilience Program Graduate Projects

Between February and June 2022, multiple wind energy sector companies were hit by cyber-attacks impacting their ability to monitor and control wind turbines. With projected growth in the United States of 110.66 GW from 2020 to 2030, wind energy will increasingly be a critical source of electricity for the United States and an increasingly valuable target for cyberattacks. This paper shows the importance of redundant remote communications, secure third-party providers, and improving response and recovery processes that would ensure this growth period fulfills its potential as a unique opportunity to build in cyber resilience from the outset of new installations …

Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba

Dissertations

Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC.

In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our …

Development Of A Security-Focused Multi-Channel Communication Protocol And Associated Quality Of Secure Service (Qoss) Metrics, Paul M. Simon

Theses and Dissertations

The threat of eavesdropping, and the challenge of recognizing and correcting for corrupted or suppressed information in communication systems is a consistent challenge. Effectively managing protection mechanisms requires an ability to accurately gauge the likelihood or severity of a threat, and adapt the security features available in a system to mitigate the threat. This research focuses on the design and development of a security-focused communication protocol at the session-layer based on a re-prioritized communication architecture model and associated metrics. From a probabilistic model that considers data leakage and data corruption as surrogates for breaches of confidentiality and integrity, a set …

Anonymization & Generation Of Network Packet Datasets Using Deep Learning, Spencer K. Vecile

Electronic Thesis and Dissertation Repository

Corporate networks are constantly bombarded by malicious actors trying to gain access. The current state of the art in protecting networks is deep learning-based intrusion detection systems (IDS). However, for an IDS to be effective it needs to be trained on a good dataset. The best datasets for training an IDS are real data captured from large corporate networks. Unfortunately, companies cannot release their network data due to privacy concerns creating a lack of public cybersecurity data. In this thesis I take a novel approach to network dataset anonymization using character-level LSTM models to learn the characteristics of a dataset; …

Power Market Cybersecurity And Profit-Targeting Cyberattacks, Qiwei Zhang

Doctoral Dissertations

The COVID-19 pandemic has forced many companies and business to operate through remote platforms, which has made everyday life and everyone more digitally connected than ever before. The cybersecurity has become a bigger priority in all aspects of life. A few real-world cases have demonstrated the current capability of cyberattacks as in [1], [2], and [3]. These cases invalidate the traditional belief that cyberattacks are unable to penetrate real-world industrial systems. Beyond the physical damage, some attackers target financial arbitrage advantages brought by false data injection attacks (FDIAs) [4]. Malicious breaches into power market operations could induce catastrophic consequences on …

A Novel Testbed For Evaluation Of Operational Technology Communications Protocols And Their On-Device Implementations, Matthew Boeding

Department of Electrical and Computer Engineering: Dissertations, Theses, and Student Research

Operational Technology (OT) and Infrastructure Technology (IT) systems are converging with the rapid addition of centralized remote management in OT systems. Previously air-gapped systems are now interconnected through the internet with application-specific protocols. This has led to systems that had limited access points being remotely accessible. In different OT sectors, legacy protocols previously transmitted over serial communication were updated to allow internet communication with legacy devices. New protocols such as IEC-61850 were also introduced for monitoring of different OT resources. The IEC-61850 standard’s Generic Object Oriented Substation Event (GOOSE) protocol outlines the representation and communication of a variety of different …

Actuator Cyberattack Handling Using Lyapunov-Based Economic Model Predictive Control, Keshav Kasturi Rangan, Henrique Oyama, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

Cybersecurity has gained increasing interest as a consequence of the potential impacts of cyberattacks on profits and safety. While attacks can affect various components of a plant, prior work from our group has focused on the impact of cyberattacks on control components such as process sensors and actuators and the development of detection strategies for cybersecurity derived from control theory. In this work, we provide greater focus on actuator attacks; specifically, we extend a detection and control strategy previously applied for sensor attacks and based on an optimization-based control technique called Lyapunov-based economic model predictive control (LEMPC) to detect attacks …

Quantum Computing And Resilient Design Perspectives For Cybersecurity Of Feedback Systems, Keshav Kasturi Rangan, Jihan Abou Halloun, Henrique Oyama, Samantha Cherney, Ilham Azali Assoumani, Nazir Jairazbhoy, Helen Durand, Simon Ka Ng

Chemical Engineering and Materials Science Faculty Research Publications

Cybersecurity of control systems is an important issue in next-generation manufac- turing that can impact both operational objectives (safety and performance) as well as process designs (via hazard analysis). Cyberattacks differ from faults in that they can be coordinated efforts to exploit system vulnerabilities to create otherwise unlikely hazard scenarios. Because coordination and targeted process manipulation can be characteristics of attacks, some of the tactics previously analyzed in our group from a control system cybersecurity perspective have incorporated randomness to attempt to thwart attacks. The underlying assumption for the generation of this randomness has been that it can be achieved …

Quantum Computing And Resilient Design Perspectives For Cybersecurity Of Feedback Systems, Keshav Kasturi Rangan, Jihan Abou Halloun, Henrique Oyama, Samantha Cherney, Ilham Azali Assoumani, Nazir Jairazbhoy, Helen Durand, Simon Ka Ng

Chemical Engineering and Materials Science Faculty Research Publications

Cybersecurity of control systems is an important issue in next-generation manufac- turing that can impact both operational objectives (safety and performance) as well as process designs (via hazard analysis). Cyberattacks differ from faults in that they can be coordinated efforts to exploit system vulnerabilities to create otherwise unlikely hazard scenarios. Because coordination and targeted process manipulation can be characteristics of attacks, some of the tactics previously analyzed in our group from a control system cybersecurity perspective have incorporated randomness to attempt to thwart attacks. The underlying assumption for the generation of this randomness has been that it can be achieved …

Assessing Security Risks With The Internet Of Things, Faith Mosemann

Senior Honors Theses

For my honors thesis I have decided to study the security risks associated with the Internet of Things (IoT) and possible ways to secure them. I will focus on how corporate, and individuals use IoT devices and the security risks that come with their implementation. In my research, I found out that IoT gadgets tend to go unnoticed as a checkpoint for vulnerability. For example, often personal IoT devices tend to have the default username and password issued from the factory that a hacker could easily find through Google. IoT devices need security just as much as computers or servers …

Detecting Iot Attacks Using An Ensemble Machine Learning Model, Vikas Tomar, Sachin Sharma

Articles

Malicious attacks are becoming more prevalent due to the growing use of Internet of Things (IoT) devices in homes, offices, transportation, healthcare, and other locations. By incorporating fog computing into IoT, attacks can be detected in a short amount of time, as the distance between IoT devices and fog devices is smaller than the distance between IoT devices and the cloud. Machine learning is frequently used for the detection of attacks due to the huge amount of data available from IoT devices. However, the problem is that fog devices may not have enough resources, such as processing power and memory, …

A Trusted Platform For Unmanned Aerial Vehicle-Based Bridge Inspection Management System, Hwapyeong Song

Theses, Dissertations and Capstones

Bridge inspection has a pivotal role in assuring the safety of critical structures constituting society. However, high cost, worker safety, and low objectivity of quality are classic problems in traditional visual inspection. Recent trends in bridge inspection have led to a proliferation of research utilizing Unmanned Aerial Vehicles (UAVs). This thesis proposes a Trusted Platform for Bridge Inspection Management System (Trusted-BIMS) for safe and efficient bridge inspection by proving the UAV-based inspection process and improving the prototype of the previous study. Designed based on a Zero-Trust (ZT) strategy, Trusted-BIMS consist of (1) a database-driven web framework with security features for …

Book Review: This Is How They Tell Me The World Ends: The Cyberweapons Arms Race (2020) By Nicole Perlroth, Amy C. Gaudion

Dickinson Law Review (2017-Present)

No abstract provided.