Virginia Tech National Security Institute
Permanent URI for this community
Browse
Browsing Virginia Tech National Security Institute by Department "Electrical and Computer Engineering"
Now showing 1 - 5 of 5
Results Per Page
Sort Options
- Application of Cybernetics and Control Theory for a New Paradigm in CybersecurityAdams, Michael D.; Hitefield, Seth D.; Hoy, Bruce; Fowler, Michael C.; Clancy, Thomas Charles III (Virginia Tech, 2013-11-01)A significant limitation of current cyber security research and techniques is its reactive and applied nature. This leads to a continuous ‘cyber cycle’ of attackers scanning networks, developing exploits and attacking systems, with defenders detecting attacks, analyzing exploits and patching systems. This reactive nature leaves sensitive systems highly vulnerable to attack due to un-patched systems and undetected exploits. Some current research attempts to address this major limitation by introducing systems that implement moving target defense. However, these ideas are typically based on the intuition that a moving target defense will make it much harder for attackers to find and scan vulnerable systems, and not on theoretical mathematical foundations. The continuing lack of fundamental science and principles for developing more secure systems has drawn increased interest into establishing a ‘science of cyber security’. This paper introduces the concept of using cybernetics, an interdisciplinary approach of control theory, systems theory, information theory and game theory applied to regulatory systems, as a foundational approach for developing cyber security principles. It explores potential applications of cybernetics to cyber security from a defensive perspective, while suggesting the potential use for offensive applications. Additionally, this paper introduces the fundamental principles for building non-stationary systems, which is a more general solution than moving target defenses. Lastly, the paper discusses related works concerning the limitations of moving target defense and one implementation based on non-stationary principles.
- Distributed Storage Systems with Secure and Exact Repair - New ResultsTandon, Ravi; Amuru, SaiDhiraj; Clancy, Thomas Charles III; Buehrer, R. Michael (IEEE, 2014-02)Distributed storage systems (DSS) in the presence of a passive eavesdropper are considered in this paper. A typical DSS is characterized by 3 parameters (n, k, d) where, a file is stored in a distributed manner across n nodes such that it can be recovered entirely from any k out of n nodes. Whenever a node fails, d ∈ [k, n) nodes participate in the repair process. In this paper, we study the exact repair capabilities of a DSS, where a failed node is replaced with its exact replica. Securing this DSS from a passive eavesdropper capable of wiretapping the repair process of any l < k nodes, is the main focus of this paper. Specifically, we characterize the optimal secure storagevs- exact-repair-bandwidth tradeoff region for the (4, 2, 3) DSS when l = 1 and the (n, n − 1, n − 1) DSS when l = n − 2.
- Intrusion Detection System for Applications using Linux ContainersAbed, Amr S.; Clancy, Thomas Charles III; Levy, David S. (Springer, 2015-12-09)Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical operational requirement. This paper introduces a real-time host-based intrusion detection system that can be used to passively detect malfeasance against applications within Linux containers running in a standalone or in a cloud multi-tenancy environment. The demonstrated intrusion detection system uses bags of system calls monitored from the host kernel for learning the behavior of an application running within a Linux container and determining anomalous container behavior. Performance of the approach using a database application was measured and results are discussed.
- Physical layer orthogonal frequency-division multiplexing acquisition and timing synchronization securityLa Pan, Matthew J.; Clancy, Thomas Charles III; McGwier, Robert W. (Wiley, 2014-08-18)Orthogonal frequency-division multiplexing (OFDM) has become the manifest modulation choice for 4G standards. Timing acquisition and carrier frequency offset synchronization are prerequisite to OFDM demodulation and must be performed often. Most of the OFDM methods for synchronization were not designed with security in mind. In particular, we analyze the performance of a maximum likelihood synchronization estimator against highly correlated jamming attacks. We present a series of attacks against OFDM timing acquisition: preamble whitening, the false preamble attack, preamble warping, and preamble nulling.The performance of OFDM synchronization turns out to be very poor against these attacks, and a number of mitigation strategies and security improvements are discussed.
- System and method for heterogenous spectrum sharing between commercial cellular operators and legacy incumbent users in wireless networks(United States Patent and Trademark Office, 2016-12-06)Described herein are systems and methods for telecommunications spectrum sharing between multiple heterogeneous users, which leverage a hybrid approach that includes both distributed spectrum sharing, spectrum-sensing, and use of geo-reference databases.