Browsing by Author "Clancy, Thomas Charles III"

Now showing 1 - 20 of 75
  • Thumbnail Image
    An Agent-based Platform for Demand Response Implementation in Smart Buildings
    Khamphanchai, Warodom (Virginia Tech, 2016-04-28)
    The efficiency, security and resiliency are very important factors for the operation of a distribution power system. Taking into account customer demand and energy resource constraints, electric utilities not only need to provide reliable services but also need to operate a power grid as efficiently as possible. The objective of this dissertation is to design, develop and deploy the Multi-Agent Systems (MAS) - together with control algorithms - that enable demand response (DR) implementation at the customer level, focusing on both residential and commercial customers. For residential applications, the main objective is to propose an approach for a smart distribution transformer management. The DR objective at a distribution transformer is to ensure that the instantaneous power demand at a distribution transformer is kept below a certain demand limit while impacts of demand restrike are minimized. The DR objectives at residential homes are to secure critical loads, mitigate occupant comfort violation, and minimize appliance run-time after a DR event. For commercial applications, the goal is to propose a MAS architecture and platform that help facilitate the implementation of a Critical Peak Pricing (CPP) program. Main objectives of the proposed DR algorithm are to minimize power demand and energy consumption during a period that a CPP event is called out, to minimize occupant comfort violation, to minimize impacts of demand restrike after a CPP event, as well as to control the device operation to avoid restrikes. Overall, this study provides an insight into the design and implementation of MAS, together with associated control algorithms for DR implementation in smart buildings. The proposed approaches can serve as alternative solutions to the current practices of electric utilities to engage end-use customers to participate in DR programs where occupancy level, tenant comfort condition and preference, as well as controllable devices and sensors are taken into account in both simulated and real-world environments. Research findings show that the proposed DR algorithms can perform effectively and efficiently during a DR event in residential homes and during the CPP event in commercial buildings.
  • Thumbnail Image
    Analysis of Firmware Security in Embedded ARM Environments
    Brown, Dane Andrew (Virginia Tech, 2019-09-30)
    Modern enterprise-grade systems with virtually unlimited resources have many options when it comes to implementing state of the art intrusion prevention and detection solutions. These solutions are costly in terms of energy, execution time, circuit board area, and capital. Sustainable Internet of Things devices and power-constrained embedded systems are thus forced to make suboptimal security trade-offs. One such trade-off is the design of architectures which prevent execution of injected shell code, yet have allowed Return Oriented Programming (ROP) to emerge as a more reliable way to execute malicious code following attacks. ROP is a method used to take over the execution of a program by causing the return address of a function to be modified through an exploit vector, then returning to small segments of otherwise innocuous code located in executable memory one after the other to carry out the attacker's aims. We show that the Tiva TM4C123GH6PM microcontroller, which utilizes anARM Cortex-M4F processor, can be fully controlled with this technique. Firmware code is pre-loaded into a ROM on Tiva microcontrollers which can be subverted to erase and rewrite the flash memory where the program resides. That same firmware is searched for a Turing-complete gadget set which allows for arbitrary execution. We then design and evaluate a method for verifying the integrity of firmware on embedded systems, in this case Solid State Drives (SSDs). Some manufacturers make firmware updates available, but their proprietary protections leave end users unable to verify the authenticity of the firmware post installation. This means that attackers who are able to get a malicious firmware version installed on a victim SSD are able to operate with full impunity, as the owner will have no tools for detection. We have devised a method for performing side channel analysis of the current drawn by an SSD, which can compare its behavior while running genuine firmware against its behavior when running modified firmware. We train a binary classifier with samples of both versions and are able to consistently discriminate between genuine firmware and modified firmware, even despite changes in external factors such as temperature and supplied power.
  • Thumbnail Image
    Analysis of Jamming-Vulnerabilities of Modern Multi-carrier Communication Systems
    Mahal, Jasmin Ara (Virginia Tech, 2018-06-19)
    The ever-increasing demand for private and sensitive data transmission over wireless networks has made security a crucial concern in the current and future large-scale, dynamic, and heterogeneous wireless communication systems. To address this challenge, wireless researchers have tried hard to continuously analyze the jamming threats and come up with improved countermeausres. In this research, we have analyzed the jamming-vulnerabilities of the leading multi-carrier communication systems, Orthogonal Frequency Division Multiplexing (OFDM) and Single-Carrier Frequency Division Multiple Access (SC-FDMA). In order to lay the necessary theoretical groundwork, first we derived the analytical BER expressions for BPSK/QPSK and analytical upper and lower bounds for 16-QAM for OFDMA and SC-FDMA using Pilot Symbol Assisted Channel Estimation (PSACE) techniques in Rayleigh slow-fading channel that takes into account channel estimation error as well as pilot-jamming effect. From there we advanced to propose more novel attacks on the Cyclic Prefix (CP) of SC-FDMA. The associated countermeasures developed prove to be very effective to restore the system. We are first to consider the effect of frequency-selectivity and fading correlation of channel on the achievable rates of the legitimate system under pilot-spoofing attack. With respect to jamming mitigation techniques, our approaches are more focused on Anti-Jamming (AJ) techniques rather than Low Probability of Intercept (LPI) methods. The Channel State Information (CSI) of the two transceivers and the CSI between the jammer and the target play critical roles in ensuring the effectiveness of jamming and nulling attacks. Although current literature is rich with different channel estimation techniques between two legitimate transceivers, it does not have much to offer in the area of channel estimation from jammer's perspective. In this dissertation, we have proposed novel, computationally simple, deterministic, and optimal blind channel estimation techniques for PSK-OFDM as well as QAM-OFDM that estimate the jammer channel to the target precisely in high Signal-to-Noise (SNR) environment from a single OFDM symbol and thus perform well in mobile radio channel. We have also presented the feasibility analysis of estimating transceiver channel from jammer's perspective at the transmitter as well as receiver side of the underlying OFDM system.
  • Thumbnail Image
    Android Application Install-time Permission Validation and Run-time Malicious Pattern Detection
    Ma, Zhongmin (Virginia Tech, 2014-01-31)
    The open source structure of Android applications introduces security vulnerabilities that can be readily exploited by third-party applications. We address certain vulnerabilities at both installation and runtime using machine learning. Effective classification techniques with neural networks can be used to verify the application categories on installation. We devise a novel application category verification methodology that involves machine learning the application permissions and estimating the likelihoods of different categories. To detect malicious patterns in runtime, we present a Hidden Markov Model (HMM) method to analyze the activity usage by tracking Intent log information. After applying our technique to nearly 1,700 popular third-party Android applications and malware, we report that a major portion of the category declarations were judged correctly. This demonstrates the effectiveness of neural network decision engines in validating Android application categories. The approach, using HMM to analyze the Intent log for the detection of malicious runtime behavior, is new. The test results show promise with a limited input dataset (69.7% accuracy). To improve the performance, further work will be carried out to: increase the dataset size by adding game applications, to optimize Baum-Welch algorithm parameters, and to balance the size of the Intent sequence. To better emulate the participant's usage, some popular applications can be selected in advance, and the remainder can be randomly chosen.
  • Thumbnail Image
    Android Hypovisors: Securing Mobile Devices through High-Performance, Light-Weight, Subsystem Isolation with Integrity Checking and Auditing Capabilities
    Krishnan, Neelima (Virginia Tech, 2014-12-12)
    The cellphone turned 40 years old in 2013, and its evolution has been phenomenal in these 40 years. Its name has evolved from "cellphone" to "mobile phone" and "smartphone" to "mobile device."] Its transformation has been multi-dimensional in size, functionality, application, and the like. This transformation has allowed the mobile device to be utilized for casual use, personal use, and enterprise use. Usage is further driven by the availability of an enormous number of useful applications for easy download from application (App) markets. Casual download of a seemingly useful application from an untrusted source can cause immense security risks to personal data and any official data resident in the mobile device. Intruding malicious code can also enter the enterprise networks and create serious security challenges. Thus, a mobile device architecture that supports secure multi-persona operation is strongly needed. The architecture should be able to prevent system intrusions and should be able to perform regular integrity checking and auditing. Since Android has the largest user base among mobile device operating systems (OS), the architecture presented here is implemented for Android. This thesis describes how an architecture named the "Android Hypovisor" has been developed and implemented successfully as part of this project work. The key contributions of the project work are: 1. Enhancement of kernel security 2. Incorporation of an embedded Linux distribution layer that supports Glibc/shared libraries so that open-source tools can be added easily 3. Integration of integrity checking and auditing tools (Intrusion Detection and Prevention System; IDPS) 4. Integration of container infrastructure to support multiple OS instances. 5. Analysis shows that the hypovisor increases memory usages by 40-50 MB. As the proposed OS is stripped down to support the embedded hypovisor, power consumption is only minimally increased. This thesis describes how the implemented architecture secures mobile devices through high-performance, light-weight, subsystem isolation with integrity checking and auditing capabilities.
  • Thumbnail Image
    Antifragile Communications
    Lichtman, Marc Louis (Virginia Tech, 2016-08-16)
    Jamming is an ongoing threat that plagues wireless communications in contested areas. Unfortunately, jamming complexity and sophistication will continue to increase over time. The traditional approach to addressing the jamming threat is to harden radios, such that they sacrifice communications performance for more advanced jamming protection. To provide an escape from this trend, we investigate the previously unexplored area of jammer exploitation. This dissertation develops the concept of antifragile communications, defined as the capability for a communications system to improve in performance due to a system stressor or harsh condition. Antifragility refers to systems that increase in capability, resilience, or robustness as a result of disorder (e.g., chaos, uncertainty, stress). An antifragile system is fundamentally different from one that is resilient (i.e., able to recover from failure) and robust (i.e., able to resist failure). We apply the concept of antifragility to wireless communications through several novel strategies that all involve exploiting a communications jammer. These strategies can provide an increase in throughput, efficiency, connectivity, or covertness, as a result of the jamming attack itself. Through analysis and simulation, we show that an antifragile gain is possible under a wide array of electronic warfare scenarios. Throughout this dissertation we provide guidelines for realizing these antifragile waveforms. Other major contributions of this dissertation include the development of a communications jamming taxonomy, feasibility study of reactive jamming in a SATCOM-type scenario, and a reinforcement learning-based reactive jamming mitigation strategy, for times when an antifragile approach is not practical. Most of the jammer exploitation strategies described in this dissertation fall under the category of jammer piggybacking, meaning the communications system turns the jammer into an unwitting relay. We study this jammer piggybacking approach under a variety of reactive jamming behaviors, with emphasis on the sense-and-transmit type. One piggybacking approach involves transmitting using a specialized FSK waveform, tailored to exploit a jammer that channelizes a block of spectrum and selectively jams active subchannels. To aid in analysis, we introduce a generalized model for reactive jamming, applicable to both repeater-based and sensing-based jamming behaviors. Despite being limited to electronic warfare scenarios, we hope that this work can pave the way for further research into antifragile communications.
  • Thumbnail Image
    Application of Cybernetics and Control Theory for a New Paradigm in Cybersecurity
    Adams, Michael D.; Hitefield, Seth D.; Hoy, Bruce; Fowler, Michael C.; Clancy, Thomas Charles III (Virginia Tech, 2013-11-01)
    A significant limitation of current cyber security research and techniques is its reactive and applied nature. This leads to a continuous ‘cyber cycle’ of attackers scanning networks, developing exploits and attacking systems, with defenders detecting attacks, analyzing exploits and patching systems. This reactive nature leaves sensitive systems highly vulnerable to attack due to un-patched systems and undetected exploits. Some current research attempts to address this major limitation by introducing systems that implement moving target defense. However, these ideas are typically based on the intuition that a moving target defense will make it much harder for attackers to find and scan vulnerable systems, and not on theoretical mathematical foundations. The continuing lack of fundamental science and principles for developing more secure systems has drawn increased interest into establishing a ‘science of cyber security’. This paper introduces the concept of using cybernetics, an interdisciplinary approach of control theory, systems theory, information theory and game theory applied to regulatory systems, as a foundational approach for developing cyber security principles. It explores potential applications of cybernetics to cyber security from a defensive perspective, while suggesting the potential use for offensive applications. Additionally, this paper introduces the fundamental principles for building non-stationary systems, which is a more general solution than moving target defenses. Lastly, the paper discusses related works concerning the limitations of moving target defense and one implementation based on non-stationary principles.
  • Thumbnail Image
    Architecture for Issuing DoD Mobile Derived Credentials
    Sowers, David Albert (Virginia Tech, 2014-07-01)
    With an increase in performance, dependency and ubiquitousness, the necessity for secure mobile device functionality is rapidly increasing. Authentication of an individual's identity is the fundamental component of physical and logical access to secure facilities and information systems. Identity management within the Department of Defense relies on Public Key Infrastructure implemented through the use of X.509 certificates and private keys issued on smartcards called Common Access Cards (CAC). However, use of CAC credentials on smartphones is difficult due to the lack of effective smartcard reader integration with mobile devices. The creation of a mobile phone derived credential, a new X.509 certificate and key pair based off the credentials of the CAC certificates, would eliminate the need for CAC integration with mobile devices This thesis describes four architectures for securely and efficiently generating and delivering a derived credential to a mobile device for secure communications with mobile applications. Two architectures generate credentials through a software cryptographic module providing a LOA-3 credential. The other two architectures provide a LOA-4 credential by utilizing a hardware cryptographic module for the generation of the key pair. In two of the architectures, the Certificate Authority']s (CA) for the new derived credentials is the digital signature certificate from the CAC. The other two architectures utilize a newly created CA, which would reside on the DoD network and be used to approve and sign the derived credentials. Additionally, this thesis demonstrates the prototype implementations of the two software generated derived credential architectures using CAC authentication and outlines the implementation of the hardware cryptographic derived credential.
  • Thumbnail Image
    Blind Comprehension of Waveforms through Statistical Observations
    Clark, William H. IV (2015)
    This paper proposes a cumulant based classification means to identify waveforms for a blind receiver in the presence of time varying channels, which is built from the work done on cumulants in static channels currently in the literature. Results show the classification accuracy is on the order or better than current methods in use in static channels that do not vary over an observation period. This is accomplished by making use of second through tenth order cumulants in a signature vector that the search engine platform has the means of differentiating. A receiver can then blindly identify waveforms accurately in the presence of multipath Rayleigh fading with AWGN noise. Channel learning occurs prior to classification in order to identify the consistent distortion pattern for a waveform that is observable in the signature vector. Then using a database look-up method, the observed waveform is identified as belonging to a particular cluster based on the observed signature vector. If the distortion patterns are collected from a variety of channel types, the database can then classify both the waveform and the rough channel type that the waveform passed through. If the exact channel model or channel parameters is known and used as a limiter, significant improvement on the waveform classification can be achieved. Greater accuracy comes from using the exact channel model as the limiter.
  • Thumbnail Image
    A Defense-In-Depth Security Architecture for Software Defined Radio Systems
    Hitefield, Seth D. (Virginia Tech, 2020-01-27)
    Modern wireless communications systems are constantly evolving and growing more complex. Recently, there has been a shift towards software defined radios due to the flexibility soft- ware implementations provide. This enables an easier development process, longer product lifetimes, and better adaptability for congested environments than conventional hardware systems. However, this shift introduces new attack surfaces where vulnerable implementa- tions can be exploited to disrupt communications or gain unauthorized access to a system. Previous research concerning wireless security mainly focuses on vulnerabilities within pro- tocols rather than in the radios themselves. This dissertation specifically addresses this new threat against software radios and introduces a new security model intended to mitigate this threat. We also demonstrate example exploits of waveforms which can result in either a denial-of-service or a compromise of the system from a wireless attack vector. These example exploits target vulnerabilities such as overflows, unsanitized control inputs, and unexpected state changes. We present a defense-in-depth security architecture for software radios that protects the system by isolating components within a waveform into different security zones. Exploits against vulnerabilities within blocks are contained by isolation zones which protects the rest of the system from compromise. This architecture is inspired by the concept of a microkernel and provides a minimal trusted computing base for developing secure radio systems. Unlike other previous security models, our model protects from exploits within the radio protocol stack itself and not just the higher layer application. Different isolation mechanisms such as containers or virtual machines can be used depending on the security risk imposed by a component and any security requirements. However, adding these isolation environments incurs a performance overhead for applications. We perform an analysis of multiple example waveforms to characterize the impact of isolation environments on the overall performance of an application and demonstrate the overhead generated from the added isolation can be minimal. Because of this, our defense-in-depth architecture should be applied to real-world, production systems. We finally present an example integration of the model within the GNU Radio framework that can be used to develop any waveform using the defense-in-depth se- curity architecture.
  • Thumbnail Image
    Differential Dependency Network and Data Integration for Detecting Network Rewiring and Biomarkers
    Fu, Yi (Virginia Tech, 2020-01-30)
    Rapid advances in high-throughput molecular profiling techniques enabled large-scale genomics, transcriptomics, and proteomics-based biomedical studies, generating an enormous amount of multi-omics data. Processing and summarizing multi-omics data, modeling interactions among biomolecules, and detecting condition-specific dysregulation using multi-omics data are some of the most important yet challenging analytics tasks. In the case of detecting somatic DNA copy number aberrations using bulk tumor samples in cancer research, normal cell contamination becomes one significant confounding factor that weakens the power regardless of whichever methods used for detection. To address this problem, we propose a computational approach – BACOM 2.0 to more accurately estimate normal cell fraction and accordingly reconstruct DNA copy number signals in cancer cells. Specifically, by introducing allele-specific absolute normalization, BACOM 2.0 can accurately detect deletion types and aneuploidy in cancer cells directly from DNA copy number data. Genes work through complex networks to support cellular processes. Dysregulated genes can cause structural changes in biological networks, also known as network rewiring. Genes with a large number of rewired edges are more likely to be associated with functional alteration leading phenotype transitions, and hence are potential biomarkers in diseases such as cancers. Differential dependency network (DDN) method was proposed to detect such network rewiring and biomarkers. However, the existing DDN method and software tool has two major drawbacks. Firstly, in imbalanced sample groups, DDN suffers from systematic bias and produces false positive differential dependencies. Secondly, the computational time of the block coordinate descent algorithm in DDN increases rapidly with the number of involved samples and molecular entities. To address the imbalanced sample group problem, we propose a sample-scale-wide normalized formulation to correct systematic bias and design a simulation study for testing the performance. To address high computational complexity, we propose several strategies to accelerate DDN learning, including two reformulated algorithms for block-wise coefficient updating in the DDN optimization problem. Specifically, one strategy on discarding predictors and one strategy on accelerating parallel computing. More importantly, experimental results show that new DDN learning speed with combined accelerating strategies is hundreds of times faster than that of the original method on medium-sized data. We applied the DDN method on several biomedical datasets of omics data and detected significant phenotype-specific network rewiring. With a random-graph-based detection strategy, we discovered the hub node defined biomarkers that helped to generate or validate several novel scientific hypotheses in collaborative research projects. For example, the hub genes detected by the DDN methods in proteomics data from artery samples are significantly enriched in the citric acid cycle pathway that plays a critical role in the development of atherosclerosis. To detect intra-omics and inter-omics network rewirings, we propose a method called multiDDN that uses a multi-layer signaling model to integrate multi-omics data. We adapt the block coordinate descent algorithm to solve the multiDDN optimization problem with accelerating strategies. The simulation study shows that, compared with the DDN method on single omics, the multiDDN method has considerable advantage on higher accuracy of detecting network rewiring. We applied the multiDDN method on the real multi-omics data from CPTAC ovarian cancer dataset, and detected multiple hub genes associated with histone protein deacetylation and were previously reported in independent ovarian cancer data analysis.
  • Thumbnail Image
    Differential Network Analysis based on Omic Data for Cancer Biomarker Discovery
    Zuo, Yiming (Virginia Tech, 2017-06-16)
    Recent advances in high-throughput technique enables the generation of a large amount of omic data such as genomics, transcriptomics, proteomics, metabolomics, glycomics etc. Typically, differential expression analysis (e.g., student's t-test, ANOVA) is performed to identify biomolecules (e.g., genes, proteins, metabolites, glycans) with significant changes on individual level between biologically disparate groups (disease cases vs. healthy controls) for cancer biomarker discovery. However, differential expression analysis on independent studies for the same clinical types of patients often led to different sets of significant biomolecules and had only few in common. This may be attributed to the fact that biomolecules are members of strongly intertwined biological pathways and highly interactive with each other. Without considering these interactions, differential expression analysis could lead to biased results. Network-based methods provide a natural framework to study the interactions between biomolecules. Commonly used data-driven network models include relevance network, Bayesian network and Gaussian graphical models. In addition to data-driven network models, there are many publicly available databases such as STRING, KEGG, Reactome, and ConsensusPathDB, where one can extract various types of interactions to build knowledge-driven networks. While both data- and knowledge-driven networks have their pros and cons, an appropriate approach to incorporate the prior biological knowledge from publicly available databases into data-driven network model is desirable for more robust and biologically relevant network reconstruction. Recently, there has been a growing interest in differential network analysis, where the connection in the network represents a statistically significant change in the pairwise interaction between two biomolecules in different groups. From the rewiring interactions shown in differential networks, biomolecules that have strongly altered connectivity between distinct biological groups can be identified. These biomolecules might play an important role in the disease under study. In fact, differential expression and differential network analyses investigate omic data from two complementary perspectives: the former focuses on the change in individual biomolecule level between different groups while the latter concentrates on the change in pairwise biomolecules level. Therefore, an approach that can integrate differential expression and differential network analyses is likely to discover more reliable and powerful biomarkers. To achieve these goals, we start by proposing a novel data-driven network model (i.e., LOPC) to reconstruct sparse biological networks. The sparse networks only contains direct interactions between biomolecules which can help researchers to focus on the more informative connections. Then we propose a novel method (i.e., dwgLASSO) to incorporate prior biological knowledge into data-driven network model to build biologically relevant networks. Differential network analysis is applied based on the networks constructed for biologically disparate groups to identify cancer biomarker candidates. Finally, we propose a novel network-based approach (i.e., INDEED) to integrate differential expression and differential network analyses to identify more reliable and powerful cancer biomarker candidates. INDEED is further expanded as INDEED-M to utilize omic data at different levels of human biological system (e.g., transcriptomics, proteomics, metabolomics), which we believe is promising to increase our understanding of cancer. Matlab and R packages for the proposed methods are developed and available at Github (https://github.com/Hurricaner1989) to share with the research community.
  • Thumbnail Image
    Distributed Machine Learning for Autonomous and Secure Cyber-physical Systems
    Ferdowsi Khosrowshahi, Aidin (Virginia Tech, 2020-07-31)
    Autonomous cyber-physical systems (CPSs) such as autonomous connected vehicles (ACVs), unmanned aerial vehicles (UAVs), critical infrastructure (CI), and the Internet of Things (IoT) will be essential to the functioning of our modern economies and societies. Therefore, maintaining the autonomy of CPSs as well as their stability, robustness, and security (SRS) in face of exogenous and disruptive events is a critical challenge. In particular, it is crucial for CPSs to be able to not only operate optimally in the vicinity of a normal state but to also be robust and secure so as to withstand potential failures, malfunctions, and intentional attacks. However, to evaluate and improve the SRS of CPSs one must overcome many technical challenges such as the unpredictable behavior of a CPS's cyber-physical environment, the vulnerability to various disruptive events, and the interdependency between CPSs. The primary goal of this dissertation is, thus, to develop novel foundational analytical tools, that weave together notions from machine learning, game theory, and control theory, in order to study, analyze, and optimize SRS of autonomous CPSs. Towards achieving this overarching goal, this dissertation led to several major contributions. First, a comprehensive control and learning framework was proposed to thwart cyber and physical attacks on ACV networks. This framework brings together new ideas from optimal control and reinforcement learning (RL) to derive a new optimal safe controller for ACVs in order to maximize the street traffic flow while minimizing the risk of accidents. Simulation results show that the proposed optimal safe controller outperforms the current state of the art controllers by maximizing the robustness of ACVs to physical attacks. Furthermore, using techniques from convex optimization and deep RL a joint trajectory and scheduling policy is proposed in UAV-assisted networks that aims at maintaining the freshness of ground node data at the UAV. The analytical and simulation results show that the proposed policy can outperform policies such discretized state RL and value-based methods in terms of maximizing the freshness of data. Second, in the IoT domain, a novel watermarking algorithm, based on long short term memory cells, is proposed for dynamic authentication of IoT signals. The proposed watermarking algorithm is coupled with a game-theoretic framework so as to enable efficient authentication in massive IoT systems. Simulation results show that using our approach, IoT messages can be transmitted from IoT devices with an almost 100% reliability. Next, a brainstorming generative adversarial network (BGAN) framework is proposed. It is shown that this framework can learn to generate real-looking data in a distributed fashion while preserving the privacy of agents (e.g. IoT devices, ACVs, etc). The analytical and simulation results show that the proposed BGAN architecture allows heterogeneous neural network designs for agents, works without reliance on a central controller, and has a lower communication over head compared to other state-of-the-art distributed architectures. Last, but not least, the SRS challenges of interdependent CI (ICI) are addressed. Novel game-theoretic frameworks are proposed that allow the ICI administrator to assign different protection levels on ICI components to maximizing the expected ICI security. The mixed-strategy Nash of the games are derived analytically. Simulation results coupled with theoretical analysis show that, using the proposed games, the administrator can maximize the security level in ICI components. In summary, this dissertation provided major contributions across the areas of CPSs, machine learning, game theory, and control theory with the goal of ensuring SRS across various domains such as autonomous vehicle networks, IoT systems, and ICIs. The proposed approaches provide the necessary fundamentals that can lay the foundations of SRS in CPSs and pave the way toward the practical deployment of autonomous CPSs and applications.
  • Thumbnail Image
    A Distributed Software Framework for the Virginia Tech Ground Station
    David, Paul Uri (Virginia Tech, 2015-10-05)
    The key goal in this work is to enable a flexible ground station that is not constrained to a particular mission or set of hardware. In addition, with the concepts and software produced in this thesis, it will play a significant role in educating engineers and students by providing critical infrastructure and a sandbox for ground station operations. Key pieces of software were developed in this work to create a flexible and robust software-defined ground station. Several digital transmission modes were developed in order to allow communication between the ground station and common amateur radio CubeSats and SmallSats. In order to handle distributed tasks and process at a ground station with multiple servers and controllers, a specialized actor framework was written in Python for ease of use. Actors have the ability to send messages to one another over a network, and they maintain their own memory in order to avoid synchronization problems that come with sharing memory. In addition to the software developed in this work, a novel Peer-to-Peer (P2P) protocol for a network of ground stations is proposed in order to increase coverage and access to spacecraft without requiring centralized server infrastructure. This protocol provides the method to scale the developed software architecture beyond a single ground station. Since the Virginia Tech Ground Station (VTGS) will have many concurrent processes running across multiple servers, it was necessary to apply the actor model in order to simplify the design of the system. The purpose of this thesis is to describe the developed software for the VTGS as well as the P2P protocol for a larger network of ground stations. There are three primary repositories: planck-dsp, gr-vtgs, and pystation. The planck-dsp library and gr-vtgs Out-of-tree (OOT) make up the primary digital signal processing and communications toolboxes, where GNU Radio serves as the scheduler for signal processing blocks used in flow graphs. The pystation module is the extensible software actor framework that connects various systems both locally and remotely. It is also responsible for scheduling and handling ground station requests. While the software was primarily created for the VTGS, it is general enough to apply to other ground station implementations.
  • Thumbnail Image
    Distributed Storage Systems with Secure and Exact Repair - New Results
    Tandon, Ravi; Amuru, SaiDhiraj; Clancy, Thomas Charles III; Buehrer, R. Michael (IEEE, 2014-02)
    Distributed storage systems (DSS) in the presence of a passive eavesdropper are considered in this paper. A typical DSS is characterized by 3 parameters (n, k, d) where, a file is stored in a distributed manner across n nodes such that it can be recovered entirely from any k out of n nodes. Whenever a node fails, d ∈ [k, n) nodes participate in the repair process. In this paper, we study the exact repair capabilities of a DSS, where a failed node is replaced with its exact replica. Securing this DSS from a passive eavesdropper capable of wiretapping the repair process of any l < k nodes, is the main focus of this paper. Specifically, we characterize the optimal secure storagevs- exact-repair-bandwidth tradeoff region for the (4, 2, 3) DSS when l = 1 and the (n, n − 1, n − 1) DSS when l = n − 2.
  • Thumbnail Image
    Distributed Wireless Resource Management in the Internet of Things
    Park, Taehyeun (Virginia Tech, 2020-06-18)
    The Internet of Things (IoT) is a promising networking technology that will interconnect a plethora of heterogeneous wireless devices. To support the connectivity across a massive-scale IoT, the scarce wireless communication resources must be appropriately allocated among the IoT devices, while considering the technical challenges that arise from the unique properties of the IoT, such as device heterogeneity, strict communication requirements, and limited device capabilities in terms of computation and memory. The primary goal of this dissertation is to develop novel resource management frameworks using which resource-constrained IoT devices can operate autonomously in a dynamic environment. First, a comprehensive overview on the use of various learning techniques for wireless resource management in an IoT is provided, and potential applications for each learning framework are proposed. Moreover, to capture the heterogeneity among IoT devices, a framework based on cognitive hierarchy theory is discussed, and its implementation with learning techniques of different complexities for IoT devices with varying capabilities is analyzed. Next, the problem of dynamic, distributed resource allocation in an IoT is studied when there are heterogeneous messages. Particularly, a novel finite memory multi-state sequential learning is proposed to enable diverse IoT devices to reallocate the limited communication resources in a self-organizing manner to satisfy the delay requirement of critical messages, while minimally affecting the delay-tolerant messages. The proposed learning framework is shown to be effective for the IoT devices with limited memory and observation capabilities to learn the number of critical messages. The results show that the performance of learning framework depends on memory size and observation capability of IoT devices and that the learning framework can realize low delay transmission in a massive IoT. Subsequently, the problem of one-to-one association between resource blocks and IoT devices is studied, when the IoT devices have partial information. The one-to-one association is formulated as Kolkata Paise Restaurant (KPR) game in which an IoT device tries to choose a resource block with highest gain, while avoiding duplicate selection. Moreover, a Nash equilibrium (NE) of IoT KPR game is shown to coincide with socially optimal solution. A proposed learning framework for IoT KPR game is shown to significantly increase the number of resource blocks used to successful transmit compared to a baseline. The KPR game is then extended to consider age of information (AoI), which is a metric to quantify the freshness of information in the perspective of destination. Moreover, to capture heterogeneity in an IoT, non-linear AoI is introduced. To minimize AoI, centralized and distributed approaches for the resource allocation are proposed to enable the sharing of limited communication resources, while delivering messages to the destination in a timely manner. Moreover, the proposed distributed resource allocation scheme is shown to converge to an NE and to significantly lower the average AoI compared to a baseline. Finally, the problem of dynamically partitioning the transmit power levels in non-orthogonal multiple access is studied when there are heterogeneous messages. In particular, an optimization problem is formulated to determine the number of power levels for different message types, and an estimation framework is proposed to enable the network base station to adjust power level partitioning to satisfy the performance requirements. The proposed framework is shown to effectively increase the transmission success probability compared to a baseline. Furthermore, an optimization problem is formulated to increase sum-rate and reliability by adjusting target received powers. Under different fading channels, the optimal target received powers are analyzed, and a tradeoff between reliability and sum-rate is shown. In conclusion, the theoretical and performance analysis of the frameworks proposed in this dissertation will prove essential for implementing an appropriate distributed resource allocation mechanisms for dynamic, heterogeneous IoT environments.
  • Thumbnail Image
    DPP: Dual Path PKI for Secure Aircraft Data Communication
    Buchholz, Alexander Karl (Virginia Tech, 2013-05-02)
    Through application of modern technology, aviation systems are becoming more automated and are relying less on antiquated air traffic control (ATC) voice systems. Aircraft are now able to wirelessly broadcast and receive identity and location information using transponder technology. This helps reduce controller workload and allows the aircraft to take more responsibility for maintaining safe separation. However, these systems lack source authentication methods or the ability to check the integrity of message content. This opens the door for hackers to potentially create fraudulent messages or manipulate message content. This thesis presents a solution to handling many of the potential security issues in aircraft data communication. This is accomplished through the implementation of a Dual Path PKI (DPP) design which includes a novel approach to handling certificate revocation through session certificates. DPP defines two authentication protocols, one between aircraft and another between aircraft and ATC, to achieve source authentication. Digital signature technology is utilized to achieve message content and source integrity as well as enable bootstrapping DPP into current ATC systems. DPP employs cutting-edge elliptic curve cryptography (ECC) algorithms to increase performance and reduce overhead. T is found that the DPP design successfully mitigates several of the cyber security concerns in aircraft and ATC data communications. An implementation of the design shows that anticipated ATC systems can accommodate the additional processing power and bandwidth required by DPP to successfully achieve system integrity and security.
  • Thumbnail Image
    Efficient Resource Allocation Schemes for Wireless Networks with with Diverse Quality-of-Service Requirements
    Kumar, Akshay (Virginia Tech, 2016-08-16)
    Quality-of-Service (QoS) to users is a critical requirement of resource allocation in wireless networks and has drawn significant research attention over a long time. However, the QoS requirements differ vastly based on the wireless network paradigm. At one extreme, we have a millimeter wave small-cell network for streaming data that requires very high throughput and low latency. At the other end, we have Machine-to-Machine (M2M) uplink traffic with low throughput and low latency. In this dissertation, we investigate and solve QoS-aware resource allocation problems for diverse wireless paradigms. We first study cross-layer dynamic spectrum allocation in a LTE macro-cellular network with fractional frequency reuse to improve the spectral efficiency for cell-edge users. We show that the resultant optimization problem is NP-hard and propose a low-complexity layered spectrum allocation heuristic that strikes a balance between rate maximization and fairness of allocation. Next, we develop an energy efficient downlink power control scheme in a energy harvesting small-cell base station equipped with local cache and wireless backhaul. We also study the tradeoff between the cache size and the energy harvesting capabilities. We next analyzed the file read latency in Distributed Storage Systems (DSS). We propose a heterogeneous DSS model wherein the stored data is categorized into multiple classes based on arrival rate of read requests, fault-tolerance for storage etc. Using a queuing theoretic approach, we establish bounds on the average read latency for different scheduling policies. We also show that erasure coding in DSS serves the dual purpose of reducing read latency and increasing the energy efficiency. Lastly, we investigate the problem of delay-efficient packet scheduling in M2M uplink with heterogeneous traffic characteristics. We classify the uplink traffic into multiple classes and propose a proportionally-fair delay-efficient heuristic packet scheduler. Using a queuing theoretic approach, we next develop a delay optimal multiclass packet scheduler and later extend it to joint medium access control and packet scheduling for M2M uplink. Using extensive simulations, we show that the proposed schedulers perform better than state-of-the-art schedulers in terms of average delay and packet delay jitter.
  • Thumbnail Image
    Exploring the Vulnerabilities of Traffic Collision Avoidance Systems (TCAS) Through Software Defined Radio (SDR) Exploitation
    Berges, Paul Martin (Virginia Tech, 2019-06-13)
    Traffic Collision Avoidance Systems (TCAS) are safety-critical systems that are deployed on most commercial aircraft in service today. However, TCAS transactions were not designed to account for malicious actors. While in the past it may have been infeasible for an attacker to craft arbitrary radio signals, attackers today have access to open-source digital signal processing software like GNU Radio and inexpensive Software Define Radios (SDR). Therefore, this thesis presents motivation through analytical and experimental means for more investigation into TCAS from a security perspective. Methods for analyzing TCAS both qualitatively and quantitatively from an adversarial perspective are presented, and an experimental attack is developed in GNU Radio to perform an attack in a well-defined threat model.
  • Thumbnail Image
    Fast and Scalable Structure-from-Motion for High-precision Mobile Augmented Reality Systems
    Bae, Hyojoon (Virginia Tech, 2014-04-24)
    A key problem in mobile computing is providing people access to necessary cyber-information associated with their surrounding physical objects. Mobile augmented reality is one of the emerging techniques that address this key problem by allowing users to see the cyber-information associated with real-world physical objects by overlaying that cyber-information on the physical objects's imagery. As a consequence, many mobile augmented reality approaches have been proposed to identify and visualize relevant cyber-information on users' mobile devices by intelligently interpreting users' positions and orientations in 3D and their associated surroundings. However, existing approaches for mobile augmented reality primarily rely on Radio Frequency (RF) based location tracking technologies (e.g., Global Positioning Systems or Wireless Local Area Networks), which typically do not provide sufficient precision in RF-denied areas or require additional hardware and custom mobile devices. To remove the dependency on external location tracking technologies, this dissertation presents a new vision-based context-aware approach for mobile augmented reality that allows users to query and access semantically-rich 3D cyber-information related to real-world physical objects and see it precisely overlaid on top of imagery of the associated physical objects. The approach does not require any RF-based location tracking modules, external hardware attachments on the mobile devices, and/or optical/fiducial markers for localizing a user's position. Rather, the user's 3D location and orientation are automatically and purely derived by comparing images from the user's mobile device to a 3D point cloud model generated from a set of pre-collected photographs. A further challenge of mobile augmented reality is creating 3D cyber-information and associating it with real-world physical objects, especially using the limited 2D user interfaces in standard mobile devices. To address this challenge, this research provides a new image-based 3D cyber-physical content authoring method designed specifically for the limited screen sizes and capabilities of commodity mobile devices. This new approach does not only provide a method for creating 3D cyber-information with standard mobile devices, but also provides an automatic association of user-driven cyber-information with real-world physical objects in 3D. Finally, a key challenge of scalability for mobile augmented reality is addressed in this dissertation. In general, mobile augmented reality is required to work regardless of users' location and environment, in terms of physical scale, such as size of objects, and in terms of cyber-information scale, such as total number of cyber-information entities associated with physical objects. However, many existing approaches for mobile augmented reality have mainly tested their approaches on limited real-world use-cases and have challenges in scaling their approaches. By designing fast direct 2D-to-3D matching algorithms for localization, as well as applying caching scheme, the proposed research consistently supports near real-time localization and information association regardless of users' location, size of physical objects, and number of cyber-physical information items. To realize all of these research objectives, five research methods are developed and validated: 1) Hybrid 4-Dimensional Augmented Reality (HD4AR), 2) Plane transformation based 3D cyber-physical content authoring from a single 2D image, 3) Cached k-d tree generation for fast direct 2D-to-3D matching, 4) double-stage matching algorithm with a single indexed k-d tree, and 5) K-means Clustering of 3D physical models with geo-information. After discussing each solution with technical details, the perceived benefits and limitations of the research are discussed with validation results.