Engineering Commons^™

Blockchain-Based Architecture For Secured Cyberattack Signatures And Features Distribution, Oluwaseyi J. Ajayi

Dissertations and Theses

One effective way of detecting malicious traffic in computer networks is intrusion detection systems (IDS). Despite the increased accuracy of IDSs, distributed or coordinated attacks can still go undetected because of the single vantage point of the IDSs. Due to this reason, there is a need for attack characteristics' exchange among different IDS nodes. Another reason for IDS coordination is that a zero-day attack (an attack without a known signature) experienced in organizations located in different regions is not the same. Collaborative efforts of the participating IDS nodes can stop more attack threats if IDS nodes exchange these attack characteristics …

Energy Considerations In Blockchain-Enabled Applications, Cesar Enrique Castellon Escobar

UNF Graduate Theses and Dissertations

Blockchain-powered smart systems deployed in different industrial applications promise operational efficiencies and improved yields, while mitigating significant cybersecurity risks pertaining to the main application. Associated tradeoffs between availability and security arise at implementation, however, triggered by the additional resources (e.g., memory, computation) required by each blockchain-enabled host. This thesis applies an energy-reducing algorithmic engineering technique for Merkle Tree root and Proof of Work calculations, two principal elements of blockchain computations, as a means to preserve the promised security benefits but with less compromise to system availability. Using pyRAPL, a python library to measure computational energy, we experiment with both the …

Zero-Bias Deep Learning For Accurate Identification Of Internet Of Things (Iot) Devices, Yongxin Liu, Houbing Song, Thomas Yang, Jian Wang, Jianqiang Li, Shuteng Niu, Zhong Ming

Publications

The Internet of Things (IoT) provides applications and services that would otherwise not be possible. However, the open nature of IoT makes it vulnerable to cybersecurity threats. Especially, identity spoofing attacks, where an adversary passively listens to the existing radio communications and then mimic the identity of legitimate devices to conduct malicious activities. Existing solutions employ cryptographic signatures to verify the trustworthiness of received information. In prevalent IoT, secret keys for cryptography can potentially be disclosed and disable the verification mechanism. Noncryptographic device verification is needed to ensure trustworthy IoT. In this article, we propose an enhanced deep learning framework …

First Year Students' Experience In A Cyber World Course - An Evaluation, Frank Breitinger, Ryan Tully-Doyle, Kristen Przyborski, Lauren Beck, Ronald S. Harichandran

Electrical & Computer Engineering and Computer Science Faculty Publications

Although cybersecurity is a major present concern, it is not a required subject in University. In response, we developed Cyber World which introduces students to eight highly important cybersecurity topics (primarily taught by none cybersecurity experts). We embedded it into our critical thinking Common Course (core curriculum) which is a team-taught first-year experience required for all students. Cyber World was first taught in Fall 2018 to a cohort of over 150 students from various majors at the University of New Haven. This article presents the evaluation of our Fall taught course. In detail, we compare the performance of Cyber World …

Securing Photovoltaic (Pv) System Deployments With Data Diodes, Robert D. Larkin, Torrey J. Wagner, Barry E. Mullins

Faculty Publications

A survey of a typical photovoltaic (PV) system with and without the cybersecurity protections of a data diode is explored. This survey includes a brief overview of Industrial Control Systems (ICS) and their relationship to the Internet of Things (IoT), Industrial Internet of Things (IIoT), and Industry 4.0 terminology. The cybersecurity features of eight data diodes are compared, and the cyber attack surface, attack scenarios, and mitigations of a typical PV system are discussed. After assessing cybersecurity, the economic considerations to purchase a data diode are considered. At 13.19 cents/kWh, the sale of 227,445 kWh is needed to fund one …

Cybersecurity Methods For Grid-Connected Power Electronics, Stephen Joe Moquin

Graduate Theses and Dissertations

The present work shows a secure-by-design process, defense-in-depth method, and security techniques for a secure distributed energy resource. The distributed energy resource is a cybersecure, solar inverter and battery energy storage system prototype, collectively called the Cybersecure Power Router. Consideration is given to the use of the Smart Green Power Node for a foundation of the present work. Metrics for controller security are investigated to evaluate firmware security techniques. The prototype's ability to mitigate, respond to, and recover from firmware integrity degradation is examined. The prototype shows many working security techniques within the context of a grid-connected, distributed energy resource. …

On-Device Security And Privacy Mechanisms For Resource-Limited Devices: A Bottom-Up Approach, Leonardo Babun

FIU Electronic Theses and Dissertations

This doctoral dissertation introduces novel mechanisms to provide on-device security and privacy for resource-limited smart devices and their applications. These mechanisms aim to cover five fundamental contributions in the emerging Cyber-Physical Systems (CPS), Internet of Things (IoT), and Industrial IoT (IIoT) fields. First, we present a host-based fingerprinting solution for device identification that is complementary to other security services like device authentication and access control. Then, we design a kernel- and user-level detection framework that aims to discover compromised resource-limited devices based on behavioral analysis. Further we apply dynamic analysis of smart devices’ applications to uncover security and privacy risks …

Establishment Of Cyber-Physical Correlation And Verification Based On Attack Scenarios In Power Substations, Koji Yamashita

Dissertations, Master's Theses and Master's Reports

Insurance businesses for the cyberworld are an evolving opportunity. However, a quantitative model in today's security technologies may not be established. Besides, a generalized methodology to assess the systematic risks remains underdeveloped. There has been a technical challenge to capture intrusion risks of the cyber-physical system, including estimating the impact of the potential cascaded events initiated by the hacker's malicious actions.

This dissertation attempts to integrate both modeling aspects: 1) steady-state probabilities for the Internet protocol-based substation switching attack events based on hypothetical cyberattacks, 2) potential electricity losses. The phenomenon of sequential attacks can be characterized using a time-domain simulation …

Application Of Quantum Cryptography To Cybersecurity And Critical Infrastructures In Space Communications, Rita Meraz, Linda Vahala

OUR Journal: ODU Undergraduate Research Journal

As society becomes more dependent on technology and the internet, critical infrastructure, which provides the fundamental services that millions of people depend on, becomes more vulnerable to cyber threats. This paper presents the importance of cybersecurity in critical infrastructure addressing the communications sector which is prevailed by space systems. It gives an overview of laser communications via satellite, and it argues the utility that quantum cryptography can provide to secure the data transmitted between communication satellites and ground stations from cyber attacks. Common encryption algorithms are briefly introduced as well as a review on quantum computing. Quantum cryptography is still …

Guest Editorial Special Issue On Toward Securing Internet Of Connected Vehicles (Iov) From Virtual Vehicle Hijacking, Yue Cao, Houbing Song, Omprakash Kaiwartya, Sinem Coleri Ergen, Jaime Lloret, Naveed Ahmad

Houbing Song

Today’s vehicles are no longer stand-alone transportation means, due to the advancements on vehicle-tovehicle (V2V) and vehicle-to-infrastructure (V2I) communications enabled to access the Internet via recent technologies in mobile communications, including WiFi, Bluetooth, 4G, and even 5G networks. The Internet of vehicles was aimed toward sustainable developments in transportation by enhancing safety and efficiency. The sensor-enabled intelligent automation of vehicles’ mechanical operations enhances safety in on-road traveling, and cooperative traffic information sharing in vehicular networks improves traveling efficiency.

Guest Editorial Special Issue On Toward Securing Internet Of Connected Vehicles (Iov) From Virtual Vehicle Hijacking, Yue Cao, Houbing Song, Omprakash Kaiwartya, Sinem Coleri Ergen, Jaime Lloret, Naveed Ahmad

Publications

Today’s vehicles are no longer stand-alone transportation means, due to the advancements on vehicle-tovehicle (V2V) and vehicle-to-infrastructure (V2I) communications enabled to access the Internet via recent technologies in mobile communications, including WiFi, Bluetooth, 4G, and even 5G networks. The Internet of vehicles was aimed toward sustainable developments in transportation by enhancing safety and efficiency. The sensor-enabled intelligent automation of vehicles’ mechanical operations enhances safety in on-road traveling, and cooperative traffic information sharing in vehicular networks improves traveling efficiency.

Process/Equipment Design Implications For Control System Cybersecurity, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

An emerging challenge for process safety is process control system cybersecurity. An attacker could gain control of the process actuators through the control system or communication policies within control loops and potentially drive the process state to unsafe conditions. Cybersecurity has traditionally been handled as an information technology (IT) problem in the process industries. In the literature for cybersecurity specifically of control systems, there has been work aimed at developing control designs that seek to fight cyberattacks by either giving the system appropriate response mechanisms once attacks are detected or seeking to make the attacks difficult to perform. In this …

Mitigating Colluding Attacks In Online Social Networks And Crowdsourcing Platforms, Georges Arsene K. Kamhoua

FIU Electronic Theses and Dissertations

Online Social Networks (OSNs) have created new ways for people to communicate, and for companies to engage their customers -- with these new avenues for communication come new vulnerabilities that can be exploited by attackers. This dissertation aims to investigate two attack models: Identity Clone Attacks (ICA) and Reconnaissance Attacks (RA). During an ICA, attackers impersonate users in a network and attempt to infiltrate social circles and extract confidential information. In an RA, attackers gather information on a target's resources, employees, and relationships with other entities over public venues such as OSNs and company websites. This was made easier for …

Hybrid Black-Box Solar Analytics And Their Privacy Implications, Dong Chen

Doctoral Dissertations

The aggregate solar capacity in the U.S. is rising rapidly due to continuing decreases in the cost of solar modules. For example, the installed cost per Watt (W) for residential photovoltaics (PVs) decreased by 6X from 2009 to 2018 (from $8/W to $1.2/W), resulting in the installed aggregate solar capacity increasing 128X from 2009 to 2018 (from 435 megawatts to 55.9 gigawatts). This increasing solar capacity is imposing operational challenges on utilities in balancing electricity's real-time supply and demand, as solar generation is more stochastic and less predictable than aggregate demand. To address this problem, both academia and utilities have …

A Nonlinear Systems Framework For Cyberattack Prevention For Chemical Process Control Systems, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

Recent cyberattacks against industrial control systems highlight the criticality of preventing future attacks from disrupting plants economically or, more critically, from impacting plant safety. This work develops a nonlinear systems framework for understanding cyberattack-resilience of process and control designs and indicates through an analysis of three control designs how control laws can be inspected for this property. A chemical process example illustrates that control approaches intended for cyberattack prevention which seem intuitive are not cyberattack-resilient unless they meet the requirements of a nonlinear systems description of this property.

State Measurement Spoofing Prevention Through Model Predictive Control Design, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

Security of chemical process control systems against cyberattacks is critical due to the potential for injuries and loss of life when chemical process systems fail. A potential means by which process control systems may be attacked is through the manipulation of the measurements received by the controller. One approach for addressing this is to design controllers that make manipulating the measurements received by the controller in any meaningful fashion very difficult, making the controllers a less attractive target for a cyberattack of this type. In this work, we develop a model predictive control (MPC) implementation strategy that incorporates Lyapunov-based stability …

Survey Results On Adults And Cybersecurity Education, Frank Breitinger, Joseph Ricci, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Cyberattacks and identity theft are common problems nowadays where researchers often say that humans are the weakest link in the security chain. Therefore, this survey focused on analyzing the interest for adults for ‘cyber threat education seminars’, e.g., how to project themselves and their loved ones. Specifically, we asked questions to understand a possible audience, willingness for paying / time commitment, or fields of interest as well as background and previous training experience. The survey was conducted in late 2016 and taken by 233 participants. The results show that many are worried about cyber threats and about their children exploring …

Low Latency Intrusion Detection In Smart Grids, Israel Zairi Akingeneye

Graduate Theses and Dissertations

The transformation of traditional power grids into smart grids has seen more new technologies such as communication networks and smart meters (sensors) being integrated into the physical infrastructure of the power grids. However, these technologies pose new vulnerabilities to the cybersecurity of power grids as malicious attacks can be launched by adversaries to attack the smart meters and modify the measurement data collected by these meters. If not timely detected and removed, these attacks may lead to inaccurate system state estimation, which is critical to the system operators for control decisions such as economic dispatch and other related functions.

This …

Scada And Plc Systems Configuration For The Ncrept Test Facility, Arman Ahmed

Electrical Engineering Undergraduate Honors Theses

This thesis details the project to update the control and interface system of the National Center for Reliable Electric Power Transmission (NCREPT) testing facility. The need for this project arose from the 2017-2018 expansion of the facility, which included some modifications in the layout of electrical equipment used for testing purposes. These modifications necessitated the update of the control and interface system. Additionally, the old system was implemented a decade ago and is nearing obsolescence, so the facility’s expansion served as an opportune time for an upgrade.

There were two main parts to the scope of this project, which were …

Command Validation For Cybersecure Power Router, Isaac M. Kroger

Electrical Engineering Undergraduate Honors Theses

For grid-connected homes equipped with solar panels, power electronics are necessary to manage and convert power between the solar panels, battery storage, grid, and residential load. A power router can be used to manage these power electronics and govern power generation, storage, and distribution within the household. This level of control makes power routers that do not employ cybersecurity a target for external attacks. The use of command validation is an effective way to prevent unauthorized commands from maliciously altering the state of a home’s power router. The purpose of this thesis is to describe the development of the command …

Conceptual Systems Security Analysis Aerial Refueling Case Study, Martin Trae Span Iii

Theses and Dissertations

In today’s highly interconnected and technology reliant environment, systems security is rapidly growing in importance to complex systems such as automobiles, airplanes, and defense-oriented weapon systems. While systems security analysis approaches are critical to improving the security of these advanced cyber-physical systems-of-systems, such approaches are often poorly understood and applied in ad hoc fashion. To address these gaps, first a study of key architectural analysis concepts and definitions is provided with an assessment of their applicability towards complex cyber-physical systems. From this initial work, a definition of cybersecurity architectural analysis for cyber-physical systems is proposed. Next, the System Theory Theoretic …

Employing A User-Centered Design Process For Cybersecurity Awareness In The Power Grid, Jean C. Scholtz, Lyndsey Franklin, Aditya Ashok, Katya Leblanc, Christopher Bonebrake, Eric Andersen, Michael Cassiadoro

Journal of Human Performance in Extreme Environments

In this paper, we discuss the process we are using in the design and implementation of a tool to improve the situation awareness of cyberattacks in the power grid. We provide details of the steps we have taken to date and describe the steps that still need to be accomplished. The focus of this work is to provide situation awareness of the power grid to staff from different, non-overlapping roles in an electrical transmission organization in order to facilitate an understanding of a possible occurrence of a cyberattack. Our approach follows a user-centered design process and includes determining the types …

Teaching Security Defense Through Web-Based Hacking At The Undergraduate Level, Brent Wilson

Faculty Publications - Department of Electrical Engineering and Computer Science

The attack surface for hackers and attackers is growing every day. Future cybersecurity professionals must have the knowledge and the skills to defend against these cyber attacks. Learning defensive techniques and tools can help defend against today’s attacks but what about tomorrow's? As the types of attacks change so must the cybersecurity professional. The only way for the cybersecurity professional to achieve this nimbleness is to understand the structural anatomy of the various attack types. Understanding the threat environment is the key to future success. Security defense through offensive techniques should and can be taught at the undergraduate level. Using …

Teaching Hands-On Cyber Defense Labs To Middle School And High School Students: Our Experience From Gencyber Camps, Peng Jiang, Xin Tian, Chunsheng Xin, Wu He

Electrical & Computer Engineering Faculty Publications

With the high demand of the nation for next generation cybersecurity experts, it is important to design and provide hands-on labs for students at the K-12 level in order to increase their interest in cybersecurity and enhance their confidence in learning cybersecurity skills at the young age. This poster reports some preliminary analysis results from the 2016 GenCyber summer camp held at Old Dominion University (ODU), which is part of a nationwide grant program funded by the National Security Agency (NSA) and the National Science Foundation (NSF). This poster also demonstrates the design of three hands-on labs which have been …

Scada System Security: Accounting For Operator Error And Malicious Intent, Ryan Kilbride, Jeremy Straub, Eunjin Kim

Jeremy Straub

Supervisory control and data acquisition (SCADA) systems are becoming more and more com-monplace in many industries today. Industries are making better use of software and large scale control systems to run efficiently, without the need for large amounts of oversight. Security is a particularly large issue with such systems, however. A human must still be involved to ensure smooth operation in the event of catastrophic system error, or unusual circumstanc-es. Human involvement presents problems: operators could make mistakes, configure the system to operate sub-optimally or take malicious actions. This imple-mentation of SCADA security aims to combat these problems.

Cyber Espionage Or Cyber War?: International Law, Domestic Law, And Self-Protective Measures, Christopher S. Yoo

All Faculty Scholarship

Scholars have spent considerable effort determining how the law of war (particularly jus ad bellum and jus in bello) applies to cyber conflicts, epitomized by the Tallinn Manual on the International Law Applicable to Cyber Warfare. Many prominent cyber operations fall outside the law of war, including the surveillance programs that Edward Snowden has alleged were conducted by the National Security Agency, the distributed denial of service attacks launched against Estonia and Georgia in 2007 and 2008, the 2008 Stuxnet virus designed to hinder the Iranian nuclear program, and the unrestricted cyber warfare described in the 1999 book by …

A Knowledge Discovery Approach For The Detection Of Power Grid State Variable Attacks, Nathan Wallace

Doctoral Dissertations

As the level of sophistication in power system technologies increases, the amount of system state parameters being recorded also increases. This data not only provides an opportunity for monitoring and diagnostics of a power system, but it also creates an environment wherein security can be maintained. Being able to extract relevant information from this pool of data is one of the key challenges still yet to be obtained in the smart grid. The potential exists for the creation of innovative power grid cybersecurity applications, which harness the information gained from advanced analytics. Such analytics can be based on the extraction …