Engineering Commons^™

Longitudinal Attacks Against Iterative Data Collection With Local Differential Privacy, Mehmet Emre Gürsoy

Turkish Journal of Electrical Engineering and Computer Sciences

Local differential privacy (LDP) has recently emerged as an accepted standard for privacy-preserving collection of users’ data from smartphones and IoT devices. In many practical scenarios, users’ data needs to be collected repeatedly across multiple iterations. In such cases, although each collection satisfies LDP individually by itself, a longitudinal collection of multiple responses from the same user degrades that user’s privacy. To demonstrate this claim, in this paper, we propose longitudinal attacks against iterative data collection with LDP. We formulate a general Bayesian adversary model, and then individually show the application of this adversary model on six popular LDP protocols: …

Sel4 On Risc-V - Developing High Assurance Platforms With Modular Open-Source Architectures, Michael A. Doran Jr

Masters Theses

Virtualization is now becoming an industry standard for modern embedded systems. Modern embedded systems can now support multiple applications on a single hardware platform while meeting power and cost requirements. Virtualization on an embedded system is achieved through the design of the hardware-software interface. Instruction set architecture, ISA, defines the hardware-software interface for an embedded system. At the hardware level the ISA, provides extensions to support virtualization.

In addition to an ISA that supports hypervisor extensions it is equally important to provide a hypervisor completely capable of exploiting the benefits of virtualization for securing modern embedded systems. Currently there does …

Resiliency Of Power Systems In The Cyber Layer: Application To Load Forecasting And Security Assessment, Mojtaba Dezvarei

Doctoral Dissertations

Integrating sensors, actuators, and communication infrastructure in the electrical grid creates a smart grid, known as a cyber-physical system (CPS), which combines the physical framework with a cyber layer. The cyber layer is crucial as it houses the decision-making responsible for reliable operation. However, the complexity of the physical layers, due partly to the deployment of integrated battery resources (IBRs), and the cyber layer itself, introduces challenges such as reliance on measurement quality and vulnerability to data corruption from cyber threats. These challenges result in uncertainties in the CPS framework, emphasizing the need for accurate and robust responses from the …

Cybersecurity In Industrial Automation Lab Design For Ee 435, Jules Khalil Emile Hajjar, Emily Zhou

Electrical Engineering

This project involves the creation of an instructional laboratory aimed at teaching cybersecurity for industrial automation applications. Specifically tailored for Electrical Engineering students at Cal Poly, the experiment focuses on configuring the Modicon M580, a PLC from Schneider Electric, and serves to introduce students to relevant cybersecurity protocols and techniques. This project will be implemented into the EE435 (Industrial Power Control and Automation) course curriculum upon Cal Poly’s transition to the semester system.

Perspectives On Design Considerations Inspired By Security And Quantum Technology In Cyberphysical Systems For Process Engineering, Helen Durand, Jihan Abou Halloun, Kip Nieman, Keshav Kasturi Rangan

Chemical Engineering and Materials Science Faculty Research Publications

Advances in computer science have been a driving force for change in process systems engineering for decades. Faster computers, expanded computing resources, simulation software, and improved optimization algorithms have all changed chemical engineers’ abilities to predict, control, and optimize process systems. Two newer areas relevant to computer science that are impacting process systems engineering are cybersecurity and quantum computing. This work reviews some of our group’s recent work in control-theoretic approaches to control system cybersecurity and touches upon the use of quantum computers, with perspectives on the relationships between process design and control when cybersecurity and quantum technologies are of …

Commentary On Healthcare And Disruptive Innovation, Hilary Finch, Affia Abasi-Amefon, Woosub Jung, Lucas Potter, Xavier-Lewis Palmer

Electrical & Computer Engineering Faculty Publications

Exploits of technology have been an issue in healthcare for many years. Many hospital systems have a problem with “disruptive innovation” when introducing new technology. Disruptive innovation is “an innovation that creates a new market by applying a different set of values, which ultimately overtakes an existing market” (Sensmeier, 2012). Modern healthcare systems are historically slow to accept new technological advancements. This may be because patient-based, provider-based, or industry-wide decisions are tough to implement, giving way to dire consequences. One potential consequence is that healthcare providers may not be able to provide the best possible care to patients. For example, …

Ict Security Tools And Techniques Among Higher Education Institutions: A Critical Review, Miko Nuñez, Xavier-Lewis Palmer, Lucas Potter, Chris Jordan Aliac, Lemuel Clark Velasco

Electrical & Computer Engineering Faculty Publications

Higher education institutions (HEIs) are increasingly relying on digital technologies for classroom and organizational management, but this puts them at higher risk for information and communication (ICT security attacks. Recent studies show that HEIs have experienced more security breaches in ICT security composed of both cybersecurity an information security. A literature review was conducted to identify common ICT security practices in HEIs over the last decade. 11 journal articles were profiled and analyzed, revealing threats to HEIs’ security and protective measures in terms of organizational security, technological security, physical security, and standards and frameworks. Security tools and techniques were grouped …

A Retrospective On 2022 Cyber Incidents In The Wind Energy Sector And Building Future Cyber Resilience, Megan Egan

Cyber Operations and Resilience Program Graduate Projects

Between February and June 2022, multiple wind energy sector companies were hit by cyber-attacks impacting their ability to monitor and control wind turbines. With projected growth in the United States of 110.66 GW from 2020 to 2030, wind energy will increasingly be a critical source of electricity for the United States and an increasingly valuable target for cyberattacks. This paper shows the importance of redundant remote communications, secure third-party providers, and improving response and recovery processes that would ensure this growth period fulfills its potential as a unique opportunity to build in cyber resilience from the outset of new installations …

Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba

Dissertations

Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC.

In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our …

Development Of A Security-Focused Multi-Channel Communication Protocol And Associated Quality Of Secure Service (Qoss) Metrics, Paul M. Simon

Theses and Dissertations

The threat of eavesdropping, and the challenge of recognizing and correcting for corrupted or suppressed information in communication systems is a consistent challenge. Effectively managing protection mechanisms requires an ability to accurately gauge the likelihood or severity of a threat, and adapt the security features available in a system to mitigate the threat. This research focuses on the design and development of a security-focused communication protocol at the session-layer based on a re-prioritized communication architecture model and associated metrics. From a probabilistic model that considers data leakage and data corruption as surrogates for breaches of confidentiality and integrity, a set …

Anonymization & Generation Of Network Packet Datasets Using Deep Learning, Spencer K. Vecile

Electronic Thesis and Dissertation Repository

Corporate networks are constantly bombarded by malicious actors trying to gain access. The current state of the art in protecting networks is deep learning-based intrusion detection systems (IDS). However, for an IDS to be effective it needs to be trained on a good dataset. The best datasets for training an IDS are real data captured from large corporate networks. Unfortunately, companies cannot release their network data due to privacy concerns creating a lack of public cybersecurity data. In this thesis I take a novel approach to network dataset anonymization using character-level LSTM models to learn the characteristics of a dataset; …

Power Market Cybersecurity And Profit-Targeting Cyberattacks, Qiwei Zhang

Doctoral Dissertations

The COVID-19 pandemic has forced many companies and business to operate through remote platforms, which has made everyday life and everyone more digitally connected than ever before. The cybersecurity has become a bigger priority in all aspects of life. A few real-world cases have demonstrated the current capability of cyberattacks as in [1], [2], and [3]. These cases invalidate the traditional belief that cyberattacks are unable to penetrate real-world industrial systems. Beyond the physical damage, some attackers target financial arbitrage advantages brought by false data injection attacks (FDIAs) [4]. Malicious breaches into power market operations could induce catastrophic consequences on …

A Novel Testbed For Evaluation Of Operational Technology Communications Protocols And Their On-Device Implementations, Matthew Boeding

Department of Electrical and Computer Engineering: Dissertations, Theses, and Student Research

Operational Technology (OT) and Infrastructure Technology (IT) systems are converging with the rapid addition of centralized remote management in OT systems. Previously air-gapped systems are now interconnected through the internet with application-specific protocols. This has led to systems that had limited access points being remotely accessible. In different OT sectors, legacy protocols previously transmitted over serial communication were updated to allow internet communication with legacy devices. New protocols such as IEC-61850 were also introduced for monitoring of different OT resources. The IEC-61850 standard’s Generic Object Oriented Substation Event (GOOSE) protocol outlines the representation and communication of a variety of different …

Actuator Cyberattack Handling Using Lyapunov-Based Economic Model Predictive Control, Keshav Kasturi Rangan, Henrique Oyama, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

Cybersecurity has gained increasing interest as a consequence of the potential impacts of cyberattacks on profits and safety. While attacks can affect various components of a plant, prior work from our group has focused on the impact of cyberattacks on control components such as process sensors and actuators and the development of detection strategies for cybersecurity derived from control theory. In this work, we provide greater focus on actuator attacks; specifically, we extend a detection and control strategy previously applied for sensor attacks and based on an optimization-based control technique called Lyapunov-based economic model predictive control (LEMPC) to detect attacks …

Quantum Computing And Resilient Design Perspectives For Cybersecurity Of Feedback Systems, Keshav Kasturi Rangan, Jihan Abou Halloun, Henrique Oyama, Samantha Cherney, Ilham Azali Assoumani, Nazir Jairazbhoy, Helen Durand, Simon Ka Ng

Chemical Engineering and Materials Science Faculty Research Publications

Cybersecurity of control systems is an important issue in next-generation manufac- turing that can impact both operational objectives (safety and performance) as well as process designs (via hazard analysis). Cyberattacks differ from faults in that they can be coordinated efforts to exploit system vulnerabilities to create otherwise unlikely hazard scenarios. Because coordination and targeted process manipulation can be characteristics of attacks, some of the tactics previously analyzed in our group from a control system cybersecurity perspective have incorporated randomness to attempt to thwart attacks. The underlying assumption for the generation of this randomness has been that it can be achieved …

Quantum Computing And Resilient Design Perspectives For Cybersecurity Of Feedback Systems, Keshav Kasturi Rangan, Jihan Abou Halloun, Henrique Oyama, Samantha Cherney, Ilham Azali Assoumani, Nazir Jairazbhoy, Helen Durand, Simon Ka Ng

Chemical Engineering and Materials Science Faculty Research Publications

Cybersecurity of control systems is an important issue in next-generation manufac- turing that can impact both operational objectives (safety and performance) as well as process designs (via hazard analysis). Cyberattacks differ from faults in that they can be coordinated efforts to exploit system vulnerabilities to create otherwise unlikely hazard scenarios. Because coordination and targeted process manipulation can be characteristics of attacks, some of the tactics previously analyzed in our group from a control system cybersecurity perspective have incorporated randomness to attempt to thwart attacks. The underlying assumption for the generation of this randomness has been that it can be achieved …

Assessing Security Risks With The Internet Of Things, Faith Mosemann

Senior Honors Theses

For my honors thesis I have decided to study the security risks associated with the Internet of Things (IoT) and possible ways to secure them. I will focus on how corporate, and individuals use IoT devices and the security risks that come with their implementation. In my research, I found out that IoT gadgets tend to go unnoticed as a checkpoint for vulnerability. For example, often personal IoT devices tend to have the default username and password issued from the factory that a hacker could easily find through Google. IoT devices need security just as much as computers or servers …

Detecting Iot Attacks Using An Ensemble Machine Learning Model, Vikas Tomar, Sachin Sharma

Articles

Malicious attacks are becoming more prevalent due to the growing use of Internet of Things (IoT) devices in homes, offices, transportation, healthcare, and other locations. By incorporating fog computing into IoT, attacks can be detected in a short amount of time, as the distance between IoT devices and fog devices is smaller than the distance between IoT devices and the cloud. Machine learning is frequently used for the detection of attacks due to the huge amount of data available from IoT devices. However, the problem is that fog devices may not have enough resources, such as processing power and memory, …

A Trusted Platform For Unmanned Aerial Vehicle-Based Bridge Inspection Management System, Hwapyeong Song

Theses, Dissertations and Capstones

Bridge inspection has a pivotal role in assuring the safety of critical structures constituting society. However, high cost, worker safety, and low objectivity of quality are classic problems in traditional visual inspection. Recent trends in bridge inspection have led to a proliferation of research utilizing Unmanned Aerial Vehicles (UAVs). This thesis proposes a Trusted Platform for Bridge Inspection Management System (Trusted-BIMS) for safe and efficient bridge inspection by proving the UAV-based inspection process and improving the prototype of the previous study. Designed based on a Zero-Trust (ZT) strategy, Trusted-BIMS consist of (1) a database-driven web framework with security features for …

Book Review: This Is How They Tell Me The World Ends: The Cyberweapons Arms Race (2020) By Nicole Perlroth, Amy C. Gaudion

Dickinson Law Review (2017-Present)

No abstract provided.

Analysis Of Deep Learning Methods For Wired Ethernet Physical Layer Security Of Operational Technology, Lucas Torlay

All Theses

The cybersecurity of power systems is jeopardized by the threat of spoofing and man-in-the-middle style attacks due to a lack of physical layer device authentication techniques for operational technology (OT) communication networks. OT networks cannot support the active probing cybersecurity methods that are popular in information technology (IT) networks. Furthermore, both active and passive scanning techniques are susceptible to medium access control (MAC) address spoofing when operating at Layer 2 of the Open Systems Interconnection (OSI) model. This thesis aims to analyze the role of deep learning in passively authenticating Ethernet devices by their communication signals. This method operates at …

Cybert: Cybersecurity Claim Classification By Fine-Tuning The Bert Language Model, Kimia Ameri, Michael Hempel, Hamid Sharif, Juan Lopez Jr., Kalyan Perumalla

Department of Electrical and Computer Engineering: Faculty Publications

We introduce CyBERT, a cybersecurity feature claims classifier based on bidirectional encoder representations from transformers and a key component in our semi-automated cybersecurity vetting for industrial control systems (ICS). To train CyBERT, we created a corpus of labeled sequences from ICS device documentation collected across a wide range of vendors and devices. This corpus provides the foundation for fine-tuning BERT’s language model, including a prediction-guided relabeling process. We propose an approach to obtain optimal hyperparameters, including the learning rate, the number of dense layers, and their configuration, to increase the accuracy of our classifier. Fine-tuning all hyperparameters of the resulting …

Another Brick In The Wall: An Exploratory Analysis Of Digital Forensics Programs In The United States, Syria Mccullough, Stella Abudu, Ebere Onwubuariri, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

We present a comprehensive review of digital forensics programs offered by universities across the United States (U.S.). While numerous studies on digital forensics standards and curriculum exist, few, if any, have examined digital forensics courses offered across the nation. Since digital forensics courses vary from university to university, online course catalogs for academic institutions were evaluated to curate a dataset. Universities were selected based on online searches, similar to those that would be made by prospective students. Ninety-seven (n = 97) degree programs in the U.S. were evaluated. Overall, results showed that advanced technical courses are missing from curricula. We …

The Cyber Security Evaluation Of A Wireless And Wired Smart Electric Meter, Patrick Nnaji

Theses and Dissertations

In this thesis, an Experimental cyber security evaluation of Wireless Smart Electric Meter has been performed under cyber security attacks. The security integrity of data collection from EPM 6100 Power Quality Wireless Smart Electric Meter under a wireless cyber-attack was evaluated. After which the security integrity of data collection from the same Wireless Smart Electric Meter was evaluated under a different configuration. In this Thesis, we tested three different smart meters for their connectivity under different cybersecurity attacks. We compared the security integrity of the three different smart meters to measure their response under different cybersecurity attacks.

Industrial Control System Data Resiliency, Daniel A. Bovard

Boise State University Theses and Dissertations

This thesis identifies and fortifies against a critical vulnerability in industrial control system (ICS) security. A properly designed ICS security framework consists of a multi-layered approach starting with heavy fortifications in information technology and ending with control information of operational technology. Currently, ICS security frameworks lack visibility and place blind trust in devices at the lowest level of the control hierarchy. Attaining control data visibility at the lowest level of the control hierarchy is critical to increasing the resiliency of an ICS security posture. This thesis demonstrates how this data can be captured at the lowest level of the control …

Reference Design Of An Online Emulation And Hot-Patching Approach For Power Electronic Controller Validation, Estefano Soria Pearson

Graduate Theses and Dissertations

This thesis aims to develop a reference design of an online security system approach embedded in a power electronic controller for cybersecurity purposes. Cybersecurity in power electronics focuses on reducing vulnerabilities in the system, where most reside in the communication with the hardware devices. Although methods to secure communications lessen the probability and effects of cyber-attacks, discovering vulnerabilities is inevitable. This thesis attempts to provide a fail-safe approach to securing the system by targeting the safety of the power-electronic controller. This approach applies an additional security layer in case of a malicious or accidental controller firmware malfunction.

The online security …

Class-Incremental Learning For Wireless Device Identification In Iot, Yongxin Liu, Jian Wang, Jianqiang Li, Shuteng Niu, Houbing Song

Publications

Deep Learning (DL) has been utilized pervasively in the Internet of Things (IoT). One typical application of DL in IoT is device identification from wireless signals, namely Noncryptographic Device Identification (NDI). However, learning components in NDI systems have to evolve to adapt to operational variations, such a paradigm is termed as Incremental Learning (IL). Various IL algorithms have been proposed and many of them require dedicated space to store the increasing amount of historical data, and therefore, they are not suitable for IoT or mobile applications. However, conventional IL schemes can not provide satisfying performance when historical data are not …

A Framework To Detect The Susceptibility Of Employees To Social Engineering Attacks, Hashim H. Alneami

Doctoral Dissertations and Master's Theses

Social engineering attacks (SE-attacks) in enterprises are hastily growing and are becoming increasingly sophisticated. Generally, SE-attacks involve the psychological manipulation of employees into revealing confidential and valuable company data to cybercriminals. The ramifications could bring devastating financial and irreparable reputation loss to the companies. Because SE-attacks involve a human element, preventing these attacks can be tricky and challenging and has become a topic of interest for many researchers and security experts. While methods exist for detecting SE-attacks, our literature review of existing methods identified many crucial factors such as the national cultural, organizational, and personality traits of employees that enable …

Digital Twin-Based Cooperative Control Techniques For Secure And Intelligent Operation Of Distributed Microgrids, Ahmed Aly Saad Ahmed

FIU Electronic Theses and Dissertations

Networked microgrids play a key role in constructing future active distribution networks for providing the power system with resiliency and reliability against catastrophic physical and cyber incidents. Motivated by the increasing penetration of renewable resources and energy storage systems in the distribution grids, utility companies are encouraged to unleash the capabilities of the distributed microgrid to work as virtual power plants that can support the power systems. The microgrids nature is transforming the grid and their control systems from centralized architecture into distributed architectures. The distributed networked microgrids introduced many benefits to the future smart grids, it created many challenges …

Blockchain-Based Architecture For Secured Cyberattack Signatures And Features Distribution, Oluwaseyi J. Ajayi

Dissertations and Theses

One effective way of detecting malicious traffic in computer networks is intrusion detection systems (IDS). Despite the increased accuracy of IDSs, distributed or coordinated attacks can still go undetected because of the single vantage point of the IDSs. Due to this reason, there is a need for attack characteristics' exchange among different IDS nodes. Another reason for IDS coordination is that a zero-day attack (an attack without a known signature) experienced in organizations located in different regions is not the same. Collaborative efforts of the participating IDS nodes can stop more attack threats if IDS nodes exchange these attack characteristics …