Virginia Tech National Security Institute
Permanent URI for this community
Browse
Browsing Virginia Tech National Security Institute by Issue Date
Now showing 1 - 20 of 54
Results Per Page
Sort Options
- Vulnerability of LTE to Hostile InterferenceLichtman, Marc; Reed, Jeffrey H.; Clancy, Thomas Charles III; Norton, Mark (IEEE, 2013-01-01)LTE is well on its way to becoming the primary cellular standard, due to its performance and low cost. Over the next decade we will become dependent on LTE, which is why we must ensure it is secure and available when we need it. Unfortunately, like any wireless technology, disruption through radio jamming is possible. This paper investigates the extent to which LTE is vulnerable to intentional jamming, by analyzing the components of the LTE downlink and uplink signals. The LTE physical layer consists of several physical channels and signals, most of which are vital to the operation of the link. By taking into account the density of these physical channels and signals with respect to the entire frame, as well as the modulation and coding schemes involved, we come up with a series of vulnerability metrics in the form of jammer to signal ratios. The “weakest links” of the LTE signals are then identified, and used to establish the overall vulnerability of LTE to hostile interference.
- Application of Cybernetics and Control Theory for a New Paradigm in CybersecurityAdams, Michael D.; Hitefield, Seth D.; Hoy, Bruce; Fowler, Michael C.; Clancy, Thomas Charles III (Virginia Tech, 2013-11-01)A significant limitation of current cyber security research and techniques is its reactive and applied nature. This leads to a continuous ‘cyber cycle’ of attackers scanning networks, developing exploits and attacking systems, with defenders detecting attacks, analyzing exploits and patching systems. This reactive nature leaves sensitive systems highly vulnerable to attack due to un-patched systems and undetected exploits. Some current research attempts to address this major limitation by introducing systems that implement moving target defense. However, these ideas are typically based on the intuition that a moving target defense will make it much harder for attackers to find and scan vulnerable systems, and not on theoretical mathematical foundations. The continuing lack of fundamental science and principles for developing more secure systems has drawn increased interest into establishing a ‘science of cyber security’. This paper introduces the concept of using cybernetics, an interdisciplinary approach of control theory, systems theory, information theory and game theory applied to regulatory systems, as a foundational approach for developing cyber security principles. It explores potential applications of cybernetics to cyber security from a defensive perspective, while suggesting the potential use for offensive applications. Additionally, this paper introduces the fundamental principles for building non-stationary systems, which is a more general solution than moving target defenses. Lastly, the paper discusses related works concerning the limitations of moving target defense and one implementation based on non-stationary principles.
- Distributed Storage Systems with Secure and Exact Repair - New ResultsTandon, Ravi; Amuru, SaiDhiraj; Clancy, Thomas Charles III; Buehrer, R. Michael (IEEE, 2014-02)Distributed storage systems (DSS) in the presence of a passive eavesdropper are considered in this paper. A typical DSS is characterized by 3 parameters (n, k, d) where, a file is stored in a distributed manner across n nodes such that it can be recovered entirely from any k out of n nodes. Whenever a node fails, d ∈ [k, n) nodes participate in the repair process. In this paper, we study the exact repair capabilities of a DSS, where a failed node is replaced with its exact replica. Securing this DSS from a passive eavesdropper capable of wiretapping the repair process of any l < k nodes, is the main focus of this paper. Specifically, we characterize the optimal secure storagevs- exact-repair-bandwidth tradeoff region for the (4, 2, 3) DSS when l = 1 and the (n, n − 1, n − 1) DSS when l = n − 2.
- Physical layer orthogonal frequency-division multiplexing acquisition and timing synchronization securityLa Pan, Matthew J.; Clancy, Thomas Charles III; McGwier, Robert W. (Wiley, 2014-08-18)Orthogonal frequency-division multiplexing (OFDM) has become the manifest modulation choice for 4G standards. Timing acquisition and carrier frequency offset synchronization are prerequisite to OFDM demodulation and must be performed often. Most of the OFDM methods for synchronization were not designed with security in mind. In particular, we analyze the performance of a maximum likelihood synchronization estimator against highly correlated jamming attacks. We present a series of attacks against OFDM timing acquisition: preamble whitening, the false preamble attack, preamble warping, and preamble nulling.The performance of OFDM synchronization turns out to be very poor against these attacks, and a number of mitigation strategies and security improvements are discussed.
- A Multi-Tier Wireless Spectrum Sharing System Leveraging Secure Spectrum AuctionsAbdelhadi, Ahmed; Shajaiah, Haya; Clancy, Thomas Charles III (IEEE, 2015-10-08)Secure spectrum auctions can revolutionize the spectrum utilization of cellular networks and satisfy the ever increasing demand for resources. In this paper, a multi-tier dynamic spectrum sharing system is studied for efficient sharing of spectrum with commercial wireless system providers (WSPs), with an emphasis on federal spectrum sharing. The proposed spectrum sharing system optimizes usage of spectrum resources, manages intra-WSP and inter-WSP interference and provides essential level of security, privacy, and obfuscation to enable the most efficient and reliable usage of the shared spectrum. It features an intermediate spectrum auctioneer responsible for allocating resources to commercial WSPs by running secure spectrum auctions. The proposed secure spectrum auction, MTSSA, leverages Paillier cryptosystem to avoid possible fraud and bidrigging. Numerical simulations are provided to compare the performance of MTSSA, in the considered spectrum sharing system, with other spectrum auction mechanisms for realistic cellular systems.
- Intrusion Detection System for Applications using Linux ContainersAbed, Amr S.; Clancy, Thomas Charles III; Levy, David S. (Springer, 2015-12-09)Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical operational requirement. This paper introduces a real-time host-based intrusion detection system that can be used to passively detect malfeasance against applications within Linux containers running in a standalone or in a cloud multi-tenancy environment. The demonstrated intrusion detection system uses bags of system calls monitored from the host kernel for learning the behavior of an application running within a Linux container and determining anomalous container behavior. Performance of the approach using a database application was measured and results are discussed.
- Towards Optimal Secure Distributed Storage Systems with Exact RepairTandon, Ravi; Amuru, SaiDhiraj; Clancy, Thomas Charles III; Buehrer, R. Michael (IEEE, 2016-06)Distributed storage systems in the presence of a wiretapper are considered. A distributed storage system (DSS) is parameterized by three parameters (𝑛, 𝑘, 𝑑), in which a file stored across n distributed nodes, can be recovered from any 𝑘 out of 𝑛 nodes. This is called as the reconstruction property of a DSS. If a node fails, any 𝑑 out of (𝑛-1) nodes help in the repair of the failed node so that the regeneration property of the DSS is preserved. For such a (𝑛, 𝑘, 𝑑)-DSS, two types of wiretapping scenarios are investigated: (a) Type-I (node) adversary which can wiretap the data stored on any 𝑙< 𝑘 nodes; and a more severe (b) Type-II (repair data) adversary which can wiretap the contents of the repair data that is used to repair a set of l failed nodes over time. The focus of this work is on the practically relevant setting of exact repair regeneration in which the repair process must replace a failed node by its exact replica. We make new progress on several non-trivial instances of this problem which prior to this work have been open. The main contribution of this paper is the optimal characterization of the secure storage-vs-exact-repair-bandwidth tradeoff region of a (𝑛, 𝑘, 𝑑)-DSS, with 𝑛 ≤ 4 and any 𝑙 < 𝑘 in the presence of both Type-I and Type-II adversaries. While the problem remains open for a general (𝑛, 𝑘, 𝑑)-DSS with 𝑛 > 4, we present extensions of these results to a (𝑛, 𝑛-1, 𝑛-1)-DSS, in presence of a Type-II adversary that can observe the repair data of any 𝑙 = (𝑛-2) nodes. The key technical contribution of this work is in developing novel information theoretic converse proofs for the Type-II adversarial scenario. From our results, we show that in the presence of Type-II attacks, the only efficient point in the storage-vs-exact-repair-bandwidth tradeoff is the MBR (minimum bandwidth regenerating) point. This is in sharp contrast to the case of a Type-I attack in which the storage-vs-exactrepair-bandwidth tradeoff allows a spectrum of operating points beyond the MBR point.
- System and method for heterogenous spectrum sharing between commercial cellular operators and legacy incumbent users in wireless networks(United States Patent and Trademark Office, 2016-12-06)Described herein are systems and methods for telecommunications spectrum sharing between multiple heterogeneous users, which leverage a hybrid approach that includes both distributed spectrum sharing, spectrum-sensing, and use of geo-reference databases.
- Framework for Evaluating the Severity of Cybervulnerability of a Traffic CabinetErnst, Joseph M.; Michaels, Alan J. (National Academy of Sciences, 2017)The increasing connectivity in transportation infrastructure is driving a need for additional security in transportation systems. For security decisions in a budget-constrained environment, the possible effect of a cyberattack must be numerically characterized. The size of an effect depends on the level of access and the vehicular demand on the intersections being controlled. This paper proposes a framework for better understanding of the levels of access and the effect that can be had in scenarios with varying demand. Simulations are performed on a simplistic corridor to provide numerical examples of the possible effects. The paper concludes that the possibility of some levels of cyberthreat may be acceptable in locations where traffic volumes would not be able to create an unmanageable queue. The more intimate levels of access can cause serious safety concerns by modifying the settings of the traffic controller in ways that encourage red-light running and accidents. The proposed framework can be used by transportation professionals and cybersecurity professionals to prioritize the actions to be taken to secure the infrastructure.
- Development and Analysis of a Spiral Theory-based Cybersecurity CurriculumBack, Godmar V.; Basu, Debarati; Naciri, William; Lohani, Vinod K.; Plassmann, Paul E.; Barnette, Dwight; Ribbens, Calvin J.; Gantt, Kira; McPherson, David (2017-01-09)Enhance cybersecurity learning experiences of students at Virginia Tech’s large engineering program
- Analyzing the Russian Way of War: Evidence from the 2008 Conflict with GeorgiaBeehner, Lionel; Collins, Liam; Ferenzi, Steve; Person, Robert; Brantly, Aaron F. (Modern War Institute, 2018-03-20)In the dog days of August 2008, a column of Russian tanks and troops rolled across the Republic of Georgia’s northern border and into South Ossetia, sparking a war that was over almost before it began. The war, while not insignificant, lasted all of five days. The number of casualties did not exceed one thousand, the threshold most political scientists use to classify a war, although thousands of Georgians were displaced. By historical comparison, when Soviet tanks entered Hungary in 1956 and Afghanistan in 1979–89, the fatalities totaled 2,500 and roughly 14,000 respectively.1 The Russia-Georgia conflict was a limited war with limited objectives, yet it was arguably a watershed in the annals of modern war. It marked the first invasion by Russian ground forces into a sovereign nation since the Cold War. It also marked a breakthrough in the integration of cyberwarfare and other nonkinetic tools into a conventional strategy— what some observers in the West have termed “hybrid warfare.” Finally, and perhaps most importantly, it provided a stark preview of what was to come in Ukraine in 2014. Russian “peacekeepers,” including unmarked Russian special forces—or Spetsnaz—stationed in the region carried out an armed incursion. That is, Russia used separatist violence as a convenient pretext to launch a full-scale multidomain invasion to annex territory, a type of aggression that many analysts in the West thought was a relic of the twentieth century. The 2008 Russia-Georgia War highlights not a new form of conflict but rather the incorporation of a new dimension to that conflict: cyberspace. Where states once tried to control the radio waves, broadcast television channels, newspapers, or other forms of communications, they now add to these sources of information control cyberspace and its component aspects, websites, and social media.2 This allows Russia to influence audiences around the world. Propaganda, disinformation, and the manipulation of the informational aspects of both conflict and nonconflict settings has been a persistent attribute of state behavior.3 The new dimension added to the conduct of hostilities created by cyberspace is both a challenge to conventional hybrid information manipulation tactics and a benefit. Even though the tactical gains achieved through cyberspace in Georgia by Russian non-state actors had limited impact, the strategic and psychological effects were robust. The plausibly deniable nature of the cyber side of conflict should not be understated and adds a new dimension to hybrid warfare that once required state resources to accomplish. Now, managed through forums and social media, decentralized noncombatants can join the fight. Arguably, the inclusion of cyber means into a kinetic battle, not as a standalone effect but rather as a force multiplier, constitutes a logical progression to the natural evolution of conflict and demonstrates the value of information operations (IO) during conflict.
- Further Analysis of PRNG-Based Key Derivation FunctionsMcGinthy, Jason M.; Michaels, Alan J. (IEEE, 2019)The Internet of Things (IoT) is growing at a rapid pace. With everyday applications and services becoming wirelessly networked, security still is a major concern. Many of these sensors and devices have limitations, such as low power consumption, reduced memory storage, and reduced fixed point processing capabilities. Therefore, it is imperative that high-performance security primitives are used to maximize the lifetime of these devices while minimally impacting memory storage and timing requirements. Previous work presented a residue number system (RNS)-based pseudorandom number generator (PRNG)-based key derivation function (KDF) (PKDF) that showed good initial energy-efficient performance for the IoT devices. This paper provides additional analysis on the PRNG-based security and draws a comparison to a current industry-standard KDF. Subsequently, embedded software implementations were performed on an MSP430 and MSP432 and compared with the transport layer security (TLS) 1.3 hash-based message authentication code (HMAC) key derivation function (HKDF); these results demonstrate substantial computational savings for the PKDF approach, while both pass the NIST randomness quality tests. Finally, hardware translation for the PKDF is evaluated through the Mathworks' HDL Coder toolchain and mapping for throughput and die area approximation on an Intel (R) Arria 10 FPGA.
- Specific Emitter Identification Using Convolutional Neural Network-Based IQ Imbalance EstimatorsWong, Lauren J.; Headley, William C.; Michaels, Alan J. (IEEE, 2019)Specific Emitter Identification is the association of a received signal to a unique emitter, and is made possible by the naturally occurring and unintentional characteristics an emitter imparts onto each transmission, known as its radio frequency fingerprint. This paper presents an approach for identifying emitters using convolutional neural networks to estimate the inphase/quadrature (IQ) imbalance parameters of each emitter, using only the received raw IQ data as input. Because an emitter's IQ imbalance parameters will not change as it changes modulation schemes, the proposed approach has the ability to track emitters, even as they change the modulation scheme. The performance of the developed approach is evaluated using simulated quadrature amplitude modulation and phase-shift keying signals, and the impact of signal-tonoise ratio, imbalance value, and modulation scheme are considered. Furthermore, the developed approach is shown to outperform a comparable feature-based approach, while making fewer assumptions and using fewer data per decision.
- Cyberbiosecurity: A New Perspective on Protecting US Food and Agricultural SystemDuncan, Susan E.; Reinhard, Robert; Williams, Robert C.; Ramsey, A. Ford; Thomason, Wade E.; Lee, Kiho; Dudek, Nancy; Mostaghimi, Saied; Colbert, Edward; Murch, Randall Steven (Frontiers, 2019-03-29)Our national data and infrastructure security issues affecting the "bioeconomy" are evolving rapidly. Simultaneously, the conversation about cyber security of the U.S. food and agricultural system (cyber biosecurity) is incomplete and disjointed. The food and agricultural production sectors influence over 20% of the nation's economy ($ 6.7T) and 15% of U.S. employment (43.3M jobs). The food and agricultural sectors are immensely diverse and they require advanced technologies and efficiencies that rely on computer technologies, big data, cloud-based data storage, and internet accessibility. There is a critical need to safeguard the cyber biosecurity of our bio economy, but currently protections are minimal and do not broadly exist across the food and agricultural system. Using the food safetymanagement Hazard Analysis Critical Control Point systemconcept as an introductory point of reference, we identify important features in broad food and agricultural production and food systems: dairy, food animals, row crops, fruits and vegetables, and environmental resources (water). This analysis explores the relevant concepts of cyber biosecurity from food production to the end product user (such as the consumer) and considers the integration of diverse transportation, supplier, and retailer networks. We describe common challenges and unique barriers across these systems and recommend solutions to advance the role of cyber biosecurity in the food and agricultural sectors.
- 2019 SAIC National Security Education Program Colloquium(Virginia Tech. Hume Center., 2019-04-16)The annual National Security Education Program Colloquium is the highlight of our educational programs. It allows students from across the university to interact with leaders from the intelligence and national security community and includes a student research poster session, panels featuring government and industry speakers, networking sessions, and a keynote address. The theme for 2019 is The Weaponization of Information and Artificial Intelligence.
- Fallthrough Correlation Techniques for Arbitrary-Phase Spread Spectrum WaveformsFletcher, Michael; Michaels, Alan J.; Ridge, Devin (IEEE, 2019-09-11)The use of practically non-repeating spreading codes to generate sequence-based spread spectrum waveforms is a strong method to improve transmission security, by limiting an observer's opportunity to cross-correlate snapshots of the signal into a coherent gain. Such time-varying codes, particularly when used to define multi-bit resolution arbitrary-phase waveforms, present significant challenges to the intended receiver, who must synchronize acquisition processing to match the time-varying code each time it changes. This paper presents a series of options for optimizing the traditional brute-force matched-filter preamble correlator for burst-mode arbitrary-phase spread spectrum signals, achieving significant computational gains and flexibility, backed by measurable results from hardware prototypes built on an Intel Arria 10 Field Programmable Gate Array (FPGA). The most promising of which requires no embedded multipliers and reduces the total hardware logic by more than 76%. Extensions of the core fallthrough correlator techniques are considered to support low-power asynchronous reception, underlay-based physical layer rewall functions, and Receiver-Assigned Code Division Multiple Access (RA-CDMA) protocols in Internet of Things (IoT)-caliber devices.
- A Practical Guide for Managing Interdisciplinary Teams: Lessons Learned from Coupled Natural and Human Systems ResearchHenson, V. Reilly; Cobourn, Kelly M.; Weathers, Kathleen C.; Carey, Cayelan C.; Farrell, Kaitlin J.; Klug, Jennifer L.; Sorice, Michael G.; Ward, Nicole K.; Weng, Weizhe (MDPI, 2020-07-09)Interdisciplinary team science is essential to address complex socio-environmental questions, but it also presents unique challenges. The scientific literature identifies best practices for high-level processes in team science, e.g., leadership and team building, but provides less guidance about practical, day-to-day strategies to support teamwork, e.g., translating jargon across disciplines, sharing and transforming data, and coordinating diverse and geographically distributed researchers. This article offers a case study of an interdisciplinary socio-environmental research project to derive insight to support team science implementation. We evaluate the project’s inner workings using a framework derived from the growing body of literature for team science best practices, and derive insights into how best to apply team science principles to interdisciplinary research. We find that two of the most useful areas for proactive planning and coordinated leadership are data management and co-authorship. By providing guidance for project implementation focused on these areas, we contribute a pragmatic, detail-oriented perspective on team science in an effort to support similar projects.
- Multi-Physics Modeling of Electrochemical DepositionKauffman, Justin; Gilbert, John; Paterson, Eric G. (MDPI, 2020-12-11)Electrochemical deposition (ECD) is a common method used in the field of microelectronics to grow metallic coatings on an electrode. The deposition process occurs in an electrolyte bath where dissolved ions of the depositing material are suspended in an acid while an electric current is applied to the electrodes. The proposed computational model uses the finite volume method and the finite area method to predict copper growth on the plating surface without the use of a level set method or deforming mesh because the amount of copper layer growth is not expected to impact the fluid motion. The finite area method enables the solver to track the growth of the copper layer and uses the current density as a forcing function for an electric potential field on the plating surface. The current density at the electrolyte-plating surface interface is converged within each PISO (Pressure Implicit with Splitting Operator) loop iteration and incorporates the variance of the electrical resistance that occurs via the growth of the copper layer. This paper demonstrates the application of the finite area method for an ECD problem and additionally incorporates coupling between fluid mechanics, ionic diffusion, and electrochemistry.
- A Coupled OpenFOAM-WRF Study on Atmosphere-Wake-Ocean InteractionGilbert, John; Pitt, Jonathan (MDPI, 2020-12-30)This work aims to better understand how small scale disturbances that are generated at the air-sea interface propagate into the surrounding atmosphere under realistic environmental conditions. To that end, a one-way coupled atmosphere-ocean model is presented, in which predictions of sea surface currents and sea surface temperatures from a microscale ocean model are used as constant boundary conditions in a larger atmospheric model. The coupled model consists of an ocean component implemented while using the open source CFD software OpenFOAM, an atmospheric component solved using the Weather Research and Forecast (WRF) model, and a Python-based utility foamToWRF, which is responsible for mapping field data between the ocean and atmospheric domains. The results are presented for two demonstration cases, which indicate that the proposed coupled model is able to capture the propagation of small scale sea surface disturbances in the atmosphere, although a more thorough study is required in order to properly validate the model.
- Cyberphysical Security Through Resiliency: A Systems-Centric ApproachFleming, Cody H.; Elks, Carl R.; Bakirtzis, Georgios; Adams, Stephen C.; Carter, Bryan; Beling, Peter A.; Horowitz, Barry M. (2021-06)Cyberphysical systems require resiliency techniques for defense, and multicriteria resiliency problems need an approach that evaluates systems for current threats and potential design solutions. A systems-oriented view of cyberphysical security, termed Mission Aware, is proposed based on a holistic understanding of mission goals, system dynamics, and risk.
- «
- 1 (current)
- 2
- 3
- »