Engineering Commons^™

Using Feature Selection Enhancement To Evaluate Attack Detection In The Internet Of Things Environment, Khawlah Harahsheh, Rami Al-Naimat, Chung-Hao Chen

Electrical & Computer Engineering Faculty Publications

The rapid evolution of technology has given rise to a connected world where billions of devices interact seamlessly, forming what is known as the Internet of Things (IoT). While the IoT offers incredible convenience and efficiency, it presents a significant challenge to cybersecurity and is characterized by various power, capacity, and computational process limitations. Machine learning techniques, particularly those encompassing supervised classification techniques, offer a systematic approach to training models using labeled datasets. These techniques enable intrusion detection systems (IDSs) to discern patterns indicative of potential attacks amidst the vast amounts of IoT data. Our investigation delves into various aspects …

Sub-Band Backdoor Attack In Remote Sensing Imagery, Kazi Aminul Islam, Hongyi Wu, Chunsheng Xin, Rui Ning, Liuwan Zhu, Jiang Li

Electrical & Computer Engineering Faculty Publications

Remote sensing datasets usually have a wide range of spatial and spectral resolutions. They provide unique advantages in surveillance systems, and many government organizations use remote sensing multispectral imagery to monitor security-critical infrastructures or targets. Artificial Intelligence (AI) has advanced rapidly in recent years and has been widely applied to remote image analysis, achieving state-of-the-art (SOTA) performance. However, AI models are vulnerable and can be easily deceived or poisoned. A malicious user may poison an AI model by creating a stealthy backdoor. A backdoored AI model performs well on clean data but behaves abnormally when a planted trigger appears in …

Designing High-Performance Identity-Based Quantum Signature Protocol With Strong Security, Sunil Prajapat, Pankaj Kumar, Sandeep Kumar, Ashok Kumar Das, Sachin Shetty, M. Shamim Hossain

VMASC Publications

Due to the rapid advancement of quantum computers, there has been a furious race for quantum technologies in academia and industry. Quantum cryptography is an important tool for achieving security services during quantum communication. Designated verifier signature, a variant of quantum cryptography, is very useful in applications like the Internet of Things (IoT) and auctions. An identity-based quantum-designated verifier signature (QDVS) scheme is suggested in this work. Our protocol features security attributes like eavesdropping, non-repudiation, designated verification, and hiding sources attacks. Additionally, it is protected from attacks on forgery, inter-resending, and impersonation. The proposed scheme benefits from the traditional designated …

Applications Of Ai/Ml In Maritime Cyber Supply Chains, Rafael Diaz, Ricardo Ungo, Katie Smith, Lida Haghnegahdar, Bikash Singh, Tran Phuong

School of Cybersecurity Faculty Publications

Digital transformation is a new trend that describes enterprise efforts in transitioning manual and likely outdated processes and activities to digital formats dominated by the extensive use of Industry 4.0 elements, including the pervasive use of cyber-physical systems to increase efficiency, reduce waste, and increase responsiveness. A new domain that intersects supply chain management and cybersecurity emerges as many processes as possible of the enterprise require the convergence and synchronizing of resources and information flows in data-driven environments to support planning and execution activities. Protecting the information becomes imperative as big data flows must be parsed and translated into actions …

Anonymous Attribute-Based Broadcast Encryption With Hidden Multiple Access Structures, Tran Viet Xuan Phuong

School of Cybersecurity Faculty Publications

Due to the high demands of data communication, the broadcasting system streams the data daily. This service not only sends out the message to the correct participant but also respects the security of the identity user. In addition, when delivered, all the information must be protected for the party who employs the broadcasting service. Currently, Attribute-Based Broadcast Encryption (ABBE) is useful to apply for the broadcasting service. (ABBE) is a combination of Attribute-Based Encryption (ABE) and Broadcast Encryption (BE), which allows a broadcaster (or encrypter) to broadcast an encrypted message, including a predefined user set and specified access policy to …

Iot Health Devices: Exploring Security Risks In The Connected Landscape, Abasi-Amefon Obot Affia, Hilary Finch, Woosub Jung, Issah Abubakari Samori, Lucas Potter, Xavier-Lewis Palmer

School of Cybersecurity Faculty Publications

The concept of the Internet of Things (IoT) spans decades, and the same can be said for its inclusion in healthcare. The IoT is an attractive target in medicine; it offers considerable potential in expanding care. However, the application of the IoT in healthcare is fraught with an array of challenges, and also, through it, numerous vulnerabilities that translate to wider attack surfaces and deeper degrees of damage possible to both consumers and their confidence within health systems, as a result of patient-specific data being available to access. Further, when IoT health devices (IoTHDs) are developed, a diverse range of …

Artificial Intelligence-Enabled Exploratory Cyber-Physical Safety Analyzer Framework For Civilian Urban Air Mobility, Md. Shirajum Munir, Sumit Howlader Dipro, Kamrul Hasan, Tariqul Islam, Sachin Shetty

VMASC Publications

Urban air mobility (UAM) has become a potential candidate for civilization for serving smart citizens, such as through delivery, surveillance, and air taxis. However, safety concerns have grown since commercial UAM uses a publicly available communication infrastructure that enhances the risk of jamming and spoofing attacks to steal or crash crafts in UAM. To protect commercial UAM from cyberattacks and theft, this work proposes an artificial intelligence (AI)-enabled exploratory cyber-physical safety analyzer framework. The proposed framework devises supervised learning-based AI schemes such as decision tree, random forests, logistic regression, K-nearest neighbors (KNN), and long short-term memory (LSTM) for predicting and …

Light Auditor: Power Measurement Can Tell Private Data Leakage Through Iot Covert Channels, Woosub Jung, Kailai Cui, Kenneth Koltermann, Junjie Wang, Chunsheng Xin, Gang Zhou

Electrical & Computer Engineering Faculty Publications

Despite many conveniences of using IoT devices, they have suffered from various attacks due to their weak security. Besides well-known botnet attacks, IoT devices are vulnerable to recent covert-channel attacks. However, no study to date has considered these IoT covert-channel attacks. Among these attacks, researchers have demonstrated exfiltrating users' private data by exploiting the smart bulb's capability of infrared emission.

In this paper, we propose a power-auditing-based system that defends the data exfiltration attack on the smart bulb as a case study. We first implement this infrared-based attack in a lab environment. With a newly-collected power consumption dataset, we pre-process …

A Survey Of Using Machine Learning In Iot Security And The Challenges Faced By Researchers, Khawlah M. Harahsheh, Chung-Hao Chen

Electrical & Computer Engineering Faculty Publications

The Internet of Things (IoT) has become more popular in the last 15 years as it has significantly improved and gained control in multiple fields. We are nowadays surrounded by billions of IoT devices that directly integrate with our lives, some of them are at the center of our homes, and others control sensitive data such as military fields, healthcare, and datacenters, among others. This popularity makes factories and companies compete to produce and develop many types of those devices without caring about how secure they are. On the other hand, IoT is considered a good insecure environment for cyber …

Commentary On Healthcare And Disruptive Innovation, Hilary Finch, Affia Abasi-Amefon, Woosub Jung, Lucas Potter, Xavier-Lewis Palmer

Electrical & Computer Engineering Faculty Publications

Exploits of technology have been an issue in healthcare for many years. Many hospital systems have a problem with “disruptive innovation” when introducing new technology. Disruptive innovation is “an innovation that creates a new market by applying a different set of values, which ultimately overtakes an existing market” (Sensmeier, 2012). Modern healthcare systems are historically slow to accept new technological advancements. This may be because patient-based, provider-based, or industry-wide decisions are tough to implement, giving way to dire consequences. One potential consequence is that healthcare providers may not be able to provide the best possible care to patients. For example, …

Security Of Internet Of Things (Iot) Using Federated Learning And Deep Learning — Recent Advancements, Issues And Prospects, Vinay Gugueoth, Sunitha Safavat, Sachin Shetty

Electrical & Computer Engineering Faculty Publications

There is a great demand for an efficient security framework which can secure IoT systems from potential adversarial attacks. However, it is challenging to design a suitable security model for IoT considering the dynamic and distributed nature of IoT. This motivates the researchers to focus more on investigating the role of machine learning (ML) in the designing of security models. A brief analysis of different ML algorithms for IoT security is discussed along with the advantages and limitations of ML algorithms. Existing studies state that ML algorithms suffer from the problem of high computational overhead and risk of privacy leakage. …

Ict Security Tools And Techniques Among Higher Education Institutions: A Critical Review, Miko Nuñez, Xavier-Lewis Palmer, Lucas Potter, Chris Jordan Aliac, Lemuel Clark Velasco

Electrical & Computer Engineering Faculty Publications

Higher education institutions (HEIs) are increasingly relying on digital technologies for classroom and organizational management, but this puts them at higher risk for information and communication (ICT security attacks. Recent studies show that HEIs have experienced more security breaches in ICT security composed of both cybersecurity an information security. A literature review was conducted to identify common ICT security practices in HEIs over the last decade. 11 journal articles were profiled and analyzed, revealing threats to HEIs’ security and protective measures in terms of organizational security, technological security, physical security, and standards and frameworks. Security tools and techniques were grouped …

A Review Of Iot Security And Privacy Using Decentralized Blockchain Techniques, Vinay Gugueoth, Sunitha Safavat, Sachin Shetty, Danda Rawat

Electrical & Computer Engineering Faculty Publications

IoT security is one of the prominent issues that has gained significant attention among the researchers in recent times. The recent advancements in IoT introduces various critical security issues and increases the risk of privacy leakage of IoT data. Implementation of Blockchain can be a potential solution for the security issues in IoT. This review deeply investigates the security threats and issues in IoT which deteriorates the effectiveness of IoT systems. This paper presents a perceptible description of the security threats, Blockchain based solutions, security characteristics and challenges introduced during the integration of Blockchain with IoT. An analysis of different …

Social-Engineering, Bio-Economies, And Nation-State Ontological Security: A Commentary, Brandon Griffin, Keitavius Alexander, Xavier-Lewis Palmer, Lucas Potter

Electrical & Computer Engineering Faculty Publications

Biocybersecurity is an evolving discipline that aims to identify the gaps and risks associated with the convergence of Biology (the science of life and living organisms) and cybersecurity (the science, study, and theory of cyberspace and cybernetics) to protect the bioeconomy. The biological industries’ increased reliance on digitization, automation, and computing power has resulted in benefits for the scientific community, it has simultaneously multiplied the risk factors associated with industrial espionage and the protection of data both commercial and proprietary. The sensitive and potentially destructive power of this data and its access inherently poses a risk to the national and …

A Reflection Of Typology And Verification Flaws In Consideration Of Biocybersecurity/Cyberbiosecurity: Just Another Gap In The Wall, Luke Potter, Kim Mossberg, Xavier Palmer

Electrical & Computer Engineering Faculty Publications

Verification is central to any process in a functional and enduring cyber-secure organization. This verification is how the validity or accuracy of a state of being is assessed (Schlick, 1936; Balci, 1998). Conversely, breakdown in verification procedures is core to the interruption of normal operations for an organization. A key problem for organizations that utilize biology as an interlock within their systems is that personnel lack sufficient ability to verify all practically relevant biological information for procedures such as a nurse logging a blood draw, or a molecular biology technician preparing agar to culture microbes for study. This has several …

Implications Of Cyberbiosecurity In Advanced Agriculture, Simone Stephen, Keitavius Alexander, Lucas Potter, Xavier-Lewis Palmer

Electrical & Computer Engineering Faculty Publications

The world is currently undergoing a rapid digital transformation sometimes referred to as the fourth industrial revolution. During this transformation, it is increasingly clear that many scientific fields are not prepared for this change. One specific area is agriculture. As the sector which creates global food supply, this critical infrastructure requires detailed assessment and research via newly developed technologies (Millett et al, 2019; Peccoud et al, 2018) . Despite its fundamental significance to modern civilization, many aspects of industrial agriculture have not yet adapted to the digital world. This is evident in the many vulnerabilities currently present within agricultural systems, …

Blockchain And Puf-Based Secure Key Establishment Protocol For Cross-Domain Digital Twins In Industrial Internet Of Things Architecture, Khalid Mahmood, Salman Shamshad, Muhammad Asad Saleem, Rupak Kharel, Ashok Kumar Das, Sachin Shetty, Joel J. P. C. Rodrigues

VMASC Publications

Introduction:: The Industrial Internet of Things (IIoT) is a technology that connects devices to collect data and conduct in-depth analysis to provide value-added services to industries. The integration of the physical and digital domains is crucial for unlocking the full potential of the IIoT, and digital twins can facilitate this integration by providing a virtual representation of real-world entities.

Objectives:: By combining digital twins with the IIoT, industries can simulate, predict, and control physical behaviors, enabling them to achieve broader value and support industry 4.0 and 5.0. Constituents of cooperative IIoT domains tend to interact and collaborate during their complicated …

Robustembed: Robust Sentence Embeddings Using Self-Supervised Contrastive Pre-Training, Javad Asl, Eduardo Blanco, Daniel Takabi

School of Cybersecurity Faculty Publications

Pre-trained language models (PLMs) have demonstrated their exceptional performance across a wide range of natural language processing tasks. The utilization of PLM-based sentence embeddings enables the generation of contextual representations that capture rich semantic information. However, despite their success with unseen samples, current PLM-based representations suffer from poor robustness in adversarial scenarios. In this paper, we propose RobustEmbed, a self-supervised sentence embedding framework that enhances both generalization and robustness in various text representation tasks and against diverse adversarial attacks. By generating high-risk adversarial perturbations to promote higher invariance in the embedding space and leveraging the perturbation within a novel contrastive …

Cybersecurity And Digital Privacy Aspects Of V2x In The Ev Charging Structure, Umit Cali, Murat Kuzlu, Onur Elma, Osman Gazi Gucluturk, Ahmet Kilic, Ferhat Ozgur Catak

Engineering Technology Faculty Publications

With the advancement of green energy technology and rising public and political acceptance, electric vehicles (EVs) have grown in popularity. Electric motors, batteries, and charging systems are considered major components of EVs. The electric power infrastructure has been designed to accommodate the needs of EVs, with an emphasis on bidirectional power flow to facilitate power exchange. Furthermore, the communication infrastructure has been enhanced to enable cars to communicate and exchange information with one another, also known as Vehicle-to-Everything (V2X) technology. V2X is positioned to become a bigger and smarter system in the future of transportation, thanks to upcoming digital technologies …

Defending Ai-Based Automatic Modulation Recognition Models Against Adversarial Attacks, Haolin Tang, Ferhat Ozgur Catak, Murat Kuzlu, Evren Catak, Yanxiao Zhao

Engineering Technology Faculty Publications

Automatic Modulation Recognition (AMR) is one of the critical steps in the signal processing chain of wireless networks, which can significantly improve communication performance. AMR detects the modulation scheme of the received signal without any prior information. Recently, many Artificial Intelligence (AI) based AMR methods have been proposed, inspired by the considerable progress of AI methods in various fields. On the one hand, AI-based AMR methods can outperform traditional methods in terms of accuracy and efficiency. On the other hand, they are susceptible to new types of cyberattacks, such as model poisoning or adversarial attacks. This paper explores the vulnerabilities …

An Optimized And Scalable Blockchain-Based Distributed Learning Platform For Consumer Iot, Zhaocheng Wang, Xueying Liu, Xinming Shao, Abdullah Alghamdi, Md. Shirajum Munir, Sujit Biswas

School of Cybersecurity Faculty Publications

Consumer Internet of Things (CIoT) manufacturers seek customer feedback to enhance their products and services, creating a smart ecosystem, like a smart home. Due to security and privacy concerns, blockchain-based federated learning (BCFL) ecosystems can let CIoT manufacturers update their machine learning (ML) models using end-user data. Federated learning (FL) uses privacy-preserving ML techniques to forecast customers' needs and consumption habits, and blockchain replaces the centralized aggregator to safeguard the ecosystem. However, blockchain technology (BCT) struggles with scalability and quick ledger expansion. In BCFL, local model generation and secure aggregation are other issues. This research introduces a novel architecture, emphasizing …

Applications Of Blockchain In Business Processes: A Comprehensive Review, Wattana Viriyasitavat, Li Xu, Dusit Niyato, Zhuming Bi, Danupol Hoonsopon

Information Technology & Decision Sciences Faculty Publications

Blockchain (BC), as an emerging technology, is revolutionizing Business Process Management (BPM) in multiple ways. The main adoption is to serve as a trusted infrastructure to guarantee the trust of collaborations among multiple partners in trustless environments. Especially, BC enables trust of information by using Distributed Ledger Technology (DLT). With the power of smart contracts, BC enforces the obligations of counterparties that transact in a business process (BP) by programming the contracts as transactions. This paper aims to study the state-of-the-art of BC technologies by (1) exploring its applications in BPM with the focus on how BC provides the trust …

A Probabilistic Perspective Of Human-Machine Interaction, Mustafa Canan, Mustafa Demir, Samuel Kovacic

Engineering Management & Systems Engineering Faculty Publications

Human-machine interaction (HMI) has become an essential part of the daily routine in organizations. Although the machines are designed with state-of-the-art Artificial Intelligence applications, they are limited in their ability to mimic human behavior. The human-human interaction occurs between two or more humans; when a machine replaces a human, the interaction dynamics are not the same. The results indicate that a machine that interacts with a human can increase the mental uncertainty that a human experiences. Developments in decision sciences indicate that using quantum probability theory (QPT) improves the understanding of human decision-making than merely using classical probability theory (CPT). …

Deeppose: Detecting Gps Spoofing Attack Via Deep Recurrent Neural Network, Peng Jiang, Hongyi Wu, Chunsheng Xin

Electrical & Computer Engineering Faculty Publications

The Global Positioning System (GPS) has become a foundation for most location-based services and navigation systems, such as autonomous vehicles, drones, ships, and wearable devices. However, it is a challenge to verify if the reported geographic locations are valid due to various GPS spoofing tools. Pervasive tools, such as Fake GPS, Lockito, and software-defined radio, enable ordinary users to hijack and report fake GPS coordinates and cheat the monitoring server without being detected. Furthermore, it is also a challenge to get accurate sensor readings on mobile devices because of the high noise level introduced by commercial motion sensors. To this …

"Mystify": A Proactive Moving-Target Defense For A Resilient Sdn Controller In Software Defined Cps, Mohamed Azab, Mohamed Samir, Effat Samir

Electrical & Computer Engineering Faculty Publications

The recent devastating mission Cyber–Physical System (CPS) attacks, failures, and the desperate need to scale and to dynamically adapt to changes, revolutionized traditional CPS to what we name as Software Defined CPS (SD-CPS). SD-CPS embraces the concept of Software Defined (SD) everything where CPS infrastructure is more elastic, dynamically adaptable and online-programmable. However, in SD-CPS, the threat became more immanent, as the long-been physically-protected assets are now programmatically accessible to cyber attackers. In SD-CPSs, a network failure hinders the entire functionality of the system. In this paper, we present MystifY, a spatiotemporal runtime diversification for Moving-Target Defense (MTD) to secure …

A Channel State Information Based Virtual Mac Spoofing Detector, Peng Jiang, Hongyi Wu, Chunsheng Xin

Electrical & Computer Engineering Faculty Publications

Physical layer security has attracted lots of attention with the expansion of wireless devices to the edge networks in recent years. Due to limited authentication mechanisms, MAC spoofing attack, also known as the identity attack, threatens wireless systems. In this paper, we study a new type of MAC spoofing attack, the virtual MAC spoofing attack, in a tight environment with strong spatial similarities, which can create multiple counterfeits entities powered by the virtualization technologies to interrupt regular services. We develop a system to effectively detect such virtual MAC spoofing attacks via the deep learning method as a countermeasure. …

Development Of Experiential Learning Experiences For K-12 Students Focusing On Smart Cities, Murat Kuzlu, Vukica Jovanovic, Nathan Puryear, Patrick J. Martin, Sherif Abdelwahed, Özgür Güler

Engineering Technology Faculty Publications

The main objective of this paper is to describe a project focused on the development of experiential learning experiences for undergraduate and graduate students focusing on smart cities. The future workforce needs students with various data analytics skills, service reliability, and sustainability. The team of researchers from Old Dominion University and Virginia Commonwealth University is developing a virtual smart city lab environment at both universities and collaborating on multiple research projects. The main purpose of this virtual labs is to provide a testbed that can be used for students who are interested in careers related to cyber-physical systems (CPS). These …

Bfv-Based Homomorphic Encryption For Privacy-Preserving Cnn Models, Febrianti Wibawa, Ferhat Ozgur Catak, Salih Sarp, Murat Kuzlu

Engineering Technology Faculty Publications

Medical data is frequently quite sensitive in terms of data privacy and security. Federated learning has been used to increase the privacy and security of medical data, which is a sort of machine learning technique. The training data is disseminated across numerous machines in federated learning, and the learning process is collaborative. There are numerous privacy attacks on deep learning (DL) models that attackers can use to obtain sensitive information. As a result, the DL model should be safeguarded from adversarial attacks, particularly in medical data applications. Homomorphic encryption-based model security from the adversarial collaborator is one of the answers …

Defensive Distillation-Based Adversarial Attack Mitigation Method For Channel Estimation Using Deep Learning Models In Next-Generation Wireless Networks, Ferhat Ozgur Catak, Murat Kuzlu, Evren Catak, Umit Cali, Ozgur Guler

Engineering Technology Faculty Publications

Future wireless networks (5G and beyond), also known as Next Generation or NextG, are the vision of forthcoming cellular systems, connecting billions of devices and people together. In the last decades, cellular networks have dramatically grown with advanced telecommunication technologies for high-speed data transmission, high cell capacity, and low latency. The main goal of those technologies is to support a wide range of new applications, such as virtual reality, metaverse, telehealth, online education, autonomous and flying vehicles, smart cities, smart grids, advanced manufacturing, and many more. The key motivation of NextG networks is to meet the high demand for those …

Precursors Of Email Response To Cybersecurity Scenarios: Factor Exploration And Scale Development, Miguel A. Toro-Jarrin, Pilar Pazos-Lago, Miguel Padilla

Engineering Management & Systems Engineering Faculty Publications

In the last decade, information security research has further expanded to include human factors as key elements of the organization's cybersecurity infrastructure. Numerous factors from several theories have been explored to explain and predict the multitude of information security-related behaviors in organizations. Lately, there has been a call for the study of specific cybersecurity behaviors in contextualized scenarios that reflect specific and realistic situations of a potential cyber-attack. This paper focuses on precursors of email response in situations that can be the origin of cybersecurity incidents in organizations (i.e., phishing attacks, ransomware, etc.). This study explores participants' intentions to follow …