Computer Engineering Commons^™

Improving Ethics Surrounding Collegiate-Level Hacking Education: Recommended Implementation Plan & Affiliation With Peer-Led Initiatives, Shannon Morgan, Dr. Sanjay Goel

Military Cyber Affairs

Cybersecurity has become a pertinent concern, as novel technological innovations create opportunities for threat actors to exfiltrate sensitive data. To meet the demand for professionals in the workforce, universities have ramped up their academic offerings to provide a broad range of cyber-related programs (e.g., cybersecurity, informatics, information technology, digital forensics, computer science, & engineering). As the tactics, techniques, and procedures (TTPs) of hackers evolve, the knowledge and skillset required to be an effective cybersecurity professional have escalated accordingly. Therefore, it is critical to train cyber students both technically and theoretically to actively combat cyber criminals and protect the confidentiality, integrity, …

Using Digital Twins To Protect Biomanufacturing From Cyberattacks, Brenden Fraser-Hevlin, Alec W. Schuler, B. Arda Gozen, Bernard J. Van Wie

Military Cyber Affairs

Understanding of the intersection of cyber vulnerabilities and bioprocess regulation is critical with the rise of artificial intelligence and machine learning in manufacturing. We detail a case study in which we model cyberattacks on network-mediated signals from a novel bioreactor, where it is important to control medium feed rates to maintain cell proliferation. We use a digital twin counterpart reactor to compare glucose and oxygen sensor signals from the bioreactor to predictions from a kinetic growth model, allowing discernment of faulty sensors from hacked signals. Our results demonstrate a successful biomanufacturing cyberattack detection system based on fundamental process control principles.

Characterizing Advanced Persistent Threats Through The Lens Of Cyber Attack Flows, Logan Zeien, Caleb Chang, Ltc Ekzhin Ear, Dr. Shouhuai Xu

Military Cyber Affairs

Effective cyber defense must build upon a deep understanding of real-world cyberattacks to guide the design and deployment of appropriate defensive measures against current and future attacks. In this abridged paper (of which the full paper is available online), we present important concepts for understanding Advanced Persistent Threats (APTs), our methodology to characterize APTs through the lens of attack flows, and a detailed case study of APT28 that demonstrates our method’s viability to draw useful insights. This paper makes three technical contributions. First, we propose a novel method of constructing attack flows to describe APTs. This abstraction allows technical audiences, …

Commercial Enablers Of China’S Cyber-Intelligence And Information Operations, Ethan Mansour, Victor Mukora

Military Cyber Affairs

In a globally commercialized information environment, China uses evolving commercial enabler networks to position and project its goals. They do this through cyber, intelligence, and information operations. This paper breaks down the types of commercial enablers and how they are used operationally. It will also address the CCP's strategy to gather and influence foreign and domestic populations throughout cyberspace. Finally, we conclude with recommendations for mitigating the influence of PRC commercial enablers.

Security-Enhanced Serial Communications, John White, Alexander Beall, Joseph Maurio, Dane Fichter, Dr. Matthew Davis, Dr. Zachary Birnbaum

Military Cyber Affairs

Industrial Control Systems (ICS) are widely used by critical infrastructure and are ubiquitous in numerous industries including telecommunications, petrochemical, and manufacturing. ICS are at a high risk of cyber attack given their internet accessibility, inherent lack of security, deployment timelines, and criticality. A unique challenge in ICS security is the prevalence of serial communication buses and other non-TCP/IP communications protocols. The communication protocols used within serial buses often lack authentication and integrity protections, leaving them vulnerable to spoofing and replay attacks. The bandwidth constraints and prevalence of legacy hardware in these systems prevent the use of modern message authentication and …

Enhancing The Battleverse: The People’S Liberation Army’S Digital Twin Strategy, Joshua Baughman

Military Cyber Affairs

No abstract provided.

Operationalizing Deterrence By Denial In The Cyber Domain, Gentry Lane

Military Cyber Affairs

No abstract provided.

What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer

Military Cyber Affairs

On April 6, 2023, the Atlantic Council’s Cyber Statecraft Initiative hosted a panel discussion on the new National Cybersecurity Strategy. The panel featured four senior officials from the Office of the National Cyber Director (ONCD), the Department of State (DoS), the Department of Justice (DoJ), and the Department of Homeland Security (DHS). The author attended and asked each official to identify the most important elements that policymakers and strategists must understand about cyber. This article highlights historical and recent struggles to express cyber policy, the responses from these officials, and the author’s ongoing research to improve national security cyber policy.

Towards More Task-Generalized And Explainable Ai Through Psychometrics, Alec Braynen

USF Tampa Graduate Theses and Dissertations

In this work, we propose that adopting the methods, principles, and guidelines of the field of psychometrics can help the Artificial Intelligence (AI) community to build more task-generalizable and explainable AI. Three arguments are presented and explored. These arguments are that psychometrics can help by providing 1) a framework for formulating better datasets, 2) psychometric AI data that can lead to models of generalization in AI, and 3) explainable AI through more informative evaluations.

A review of psychometrics and psychological generalization is performed, along with an overview of evaluation, generalization, and explainability in AI. Various ideas are presented throughout for …

Defensive Industrial Policy: Cybersecurity Interventions To Reduce Intellectual Property Theft, Dr. Chad Dacus, Dr. Carl (Cj) Horn

Military Cyber Affairs

Through cyber-enabled industrial espionage, China has appropriated what Keith Alexander, the former Director of the National Security Agency, dubbed “the largest transfer of wealth in history.” Although China disavows intellectual property (IP) theft by its citizens and has set self-sustained research and development as an important goal, it is unrealistic to believe IP theft will slow down meaningfully without changing China’s decision calculus. China and the United States have twice agreed, in principle, to respect one another’s IP rights. However, these agreements have lacked any real enforcement mechanism, so the United States must do more to ensure its IP is …

Enter The Battleverse: China's Metaverse War, Josh Baughman

Military Cyber Affairs

No abstract provided.

Data-Driven Studies On Social Networks: Privacy And Simulation, Yasanka Sameera Horawalavithana

USF Tampa Graduate Theses and Dissertations

Social media datasets are fundamental to understanding a variety of phenomena, such as epidemics, adoption of behavior, crowd management, and political uprisings. At the same time, many such datasets capturing computer-mediated social interactions are recorded nowadays by individual researchers or by organizations. However, while the need for real social graphs and the supply of such datasets are well established, the flow of data from data owners to researchers is significantly hampered by privacy risks: even when humans’ identities are removed, or data is anonymized to some extent, studies have proven repeatedly that re-identifying anonymized user identities (i.e., de-anonymization) is doable …

Cyber Metaphors And Cyber Goals: Lessons From “Flatland”, Pierre Trepagnier

Military Cyber Affairs

Reasoning about complex and abstract ideas is greatly influenced by the choice of metaphors through which they are represented. In this paper we consider the framing effect in military doctrine of considering cyberspace as a domain of action, parallel to the traditional domains of land, sea, air, and space. By means of the well-known Victorian science-fiction novella Flatland, we offer a critique of this dominant cyber metaphor. In Flatland, the problems of lower-dimensional beings comprehending additional dimensions are explored at some length. Inspired by Flatland, our suggested alternate metaphor for cyber is an additional (fourth) dimension. We …

Leveraging Lexical Link Analysis (Lla) To Discover New Knowledge, Ying Zhao, Douglas J. Mackinnon, Shelley P. Gallup, Joseph L. Billingsley

Military Cyber Affairs

Lexical Link Analysis (LLA) is a form of text mining in which word meanings represented in lexical terms (e.g., word pairs) are treated as if they are in a community of a word network. LLA can provide automated awareness for analyzing text data and reveal previously unknown, data-driven themed connections. We applied LLA to develop authentic archetypes and conversely determine potential imposters of that same archetype. We use publically available social media data to develop a cyber professional as an example. This paper reports the development of the algorithm, the collection and labeling of data, as well as the results …

Data To Decisions For Cyberspace Operations, Steve Stone

Military Cyber Affairs

In 2011, the United States (U.S.) Department of Defense (DOD) named cyberspace a new operational domain. The U.S. Cyber Command and the Military Services are working to make the cyberspace environment a suitable place for achieving national objectives and enabling military command and control (C2). To effectively conduct cyberspace operations, DOD requires data and analysis of the Mission, Network, and Adversary. However, the DOD’s current data processing and analysis capabilities do not meet mission needs within critical operational timelines. This paper presents a summary of the data processing and analytics necessary to effectively conduct cyberspace operations.