VTechWorks staff will be away for the winter holidays starting Tuesday, December 24, 2024, through Wednesday, January 1, 2025, and will not be replying to requests during this time. Thank you for your patience, and happy holidays!

Virginia Tech National Security Institute

Permanent URI for this community

https://hdl.handle.net/10919/110083

Browse

Browsing Virginia Tech National Security Institute by Department "Hume Center for National Security and Technology"

Now showing 1 - 16 of 16
  • Thumbnail Image
    Application of Cybernetics and Control Theory for a New Paradigm in Cybersecurity
    Adams, Michael D.; Hitefield, Seth D.; Hoy, Bruce; Fowler, Michael C.; Clancy, Thomas Charles III (Virginia Tech, 2013-11-01)
    A significant limitation of current cyber security research and techniques is its reactive and applied nature. This leads to a continuous ‘cyber cycle’ of attackers scanning networks, developing exploits and attacking systems, with defenders detecting attacks, analyzing exploits and patching systems. This reactive nature leaves sensitive systems highly vulnerable to attack due to un-patched systems and undetected exploits. Some current research attempts to address this major limitation by introducing systems that implement moving target defense. However, these ideas are typically based on the intuition that a moving target defense will make it much harder for attackers to find and scan vulnerable systems, and not on theoretical mathematical foundations. The continuing lack of fundamental science and principles for developing more secure systems has drawn increased interest into establishing a ‘science of cyber security’. This paper introduces the concept of using cybernetics, an interdisciplinary approach of control theory, systems theory, information theory and game theory applied to regulatory systems, as a foundational approach for developing cyber security principles. It explores potential applications of cybernetics to cyber security from a defensive perspective, while suggesting the potential use for offensive applications. Additionally, this paper introduces the fundamental principles for building non-stationary systems, which is a more general solution than moving target defenses. Lastly, the paper discusses related works concerning the limitations of moving target defense and one implementation based on non-stationary principles.
  • Thumbnail Image
    Attacks and Defenses for Single-Stage Residue Number System PRNGs
    Vennos, Amy; George, Kiernan; Michaels, Alan J. (MDPI, 2021-06-25)
    This paper explores the security of a single-stage residue number system (RNS) pseudorandom number generator (PRNG), which has previously been shown to provide extremely high-quality outputs when evaluated through available RNG statistical test suites or in using Shannon and single-stage Kolmogorov entropy metrics. In contrast, rather than blindly performing statistical analyses on the outputs of the single-stage RNS PRNG, this paper provides both white box and black box analyses that facilitate reverse engineering of the underlying RNS number generation algorithm to obtain the residues, or equivalently key, of the RNS algorithm. We develop and demonstrate a conditional entropy analysis that permits extraction of the key given a priori knowledge of state transitions as well as reverse engineering of the RNS PRNG algorithm and parameters (but not the key) in problems where the multiplicative RNS characteristic is too large to obtain a priori state transitions. We then discuss multiple defenses and perturbations for the RNS system that fool the original attack algorithm, including deliberate noise injection and code hopping. We present a modification to the algorithm that accounts for deliberate noise, but rapidly increases the search space and complexity. Lastly, we discuss memory requirements and time required for the attacker and defender to maintain these defenses.
  • Thumbnail Image
    A Coupled OpenFOAM-WRF Study on Atmosphere-Wake-Ocean Interaction
    Gilbert, John; Pitt, Jonathan (MDPI, 2020-12-30)
    This work aims to better understand how small scale disturbances that are generated at the air-sea interface propagate into the surrounding atmosphere under realistic environmental conditions. To that end, a one-way coupled atmosphere-ocean model is presented, in which predictions of sea surface currents and sea surface temperatures from a microscale ocean model are used as constant boundary conditions in a larger atmospheric model. The coupled model consists of an ocean component implemented while using the open source CFD software OpenFOAM, an atmospheric component solved using the Weather Research and Forecast (WRF) model, and a Python-based utility foamToWRF, which is responsible for mapping field data between the ocean and atmospheric domains. The results are presented for two demonstration cases, which indicate that the proposed coupled model is able to capture the propagation of small scale sea surface disturbances in the atmosphere, although a more thorough study is required in order to properly validate the model.
  • Thumbnail Image
    Cyberbiosecurity: A New Perspective on Protecting US Food and Agricultural System
    Duncan, Susan E.; Reinhard, Robert; Williams, Robert C.; Ramsey, A. Ford; Thomason, Wade E.; Lee, Kiho; Dudek, Nancy; Mostaghimi, Saied; Colbert, Edward; Murch, Randall Steven (Frontiers, 2019-03-29)
    Our national data and infrastructure security issues affecting the "bioeconomy" are evolving rapidly. Simultaneously, the conversation about cyber security of the U.S. food and agricultural system (cyber biosecurity) is incomplete and disjointed. The food and agricultural production sectors influence over 20% of the nation's economy ($ 6.7T) and 15% of U.S. employment (43.3M jobs). The food and agricultural sectors are immensely diverse and they require advanced technologies and efficiencies that rely on computer technologies, big data, cloud-based data storage, and internet accessibility. There is a critical need to safeguard the cyber biosecurity of our bio economy, but currently protections are minimal and do not broadly exist across the food and agricultural system. Using the food safetymanagement Hazard Analysis Critical Control Point systemconcept as an introductory point of reference, we identify important features in broad food and agricultural production and food systems: dairy, food animals, row crops, fruits and vegetables, and environmental resources (water). This analysis explores the relevant concepts of cyber biosecurity from food production to the end product user (such as the consumer) and considers the integration of diverse transportation, supplier, and retailer networks. We describe common challenges and unique barriers across these systems and recommend solutions to advance the role of cyber biosecurity in the food and agricultural sectors.
  • Thumbnail Image
    Cyberphysical Security Through Resiliency: A Systems-Centric Approach
    Fleming, Cody H.; Elks, Carl R.; Bakirtzis, Georgios; Adams, Stephen C.; Carter, Bryan; Beling, Peter A.; Horowitz, Barry M. (2021-06)
    Cyberphysical systems require resiliency techniques for defense, and multicriteria resiliency problems need an approach that evaluates systems for current threats and potential design solutions. A systems-oriented view of cyberphysical security, termed Mission Aware, is proposed based on a holistic understanding of mission goals, system dynamics, and risk.
  • Thumbnail Image
    Development and Analysis of a Spiral Theory-based Cybersecurity Curriculum
    Back, Godmar V.; Basu, Debarati; Naciri, William; Lohani, Vinod K.; Plassmann, Paul E.; Barnette, Dwight; Ribbens, Calvin J.; Gantt, Kira; McPherson, David (2017-01-09)
    Enhance cybersecurity learning experiences of students at Virginia Tech’s large engineering program
  • Thumbnail Image
    Distributed Storage Systems with Secure and Exact Repair - New Results
    Tandon, Ravi; Amuru, SaiDhiraj; Clancy, Thomas Charles III; Buehrer, R. Michael (IEEE, 2014-02)
    Distributed storage systems (DSS) in the presence of a passive eavesdropper are considered in this paper. A typical DSS is characterized by 3 parameters (n, k, d) where, a file is stored in a distributed manner across n nodes such that it can be recovered entirely from any k out of n nodes. Whenever a node fails, d ∈ [k, n) nodes participate in the repair process. In this paper, we study the exact repair capabilities of a DSS, where a failed node is replaced with its exact replica. Securing this DSS from a passive eavesdropper capable of wiretapping the repair process of any l < k nodes, is the main focus of this paper. Specifically, we characterize the optimal secure storagevs- exact-repair-bandwidth tradeoff region for the (4, 2, 3) DSS when l = 1 and the (n, n − 1, n − 1) DSS when l = n − 2.
  • Thumbnail Image
    Enabling Artificial Intelligence Adoption through Assurance
    Freeman, Laura J.; Rahman, Abdul; Batarseh, Feras A. (MDPI, 2021-08-25)
    The wide scale adoption of Artificial Intelligence (AI) will require that AI engineers and developers can provide assurances to the user base that an algorithm will perform as intended and without failure. Assurance is the safety valve for reliable, dependable, explainable, and fair intelligent systems. AI assurance provides the necessary tools to enable AI adoption into applications, software, hardware, and complex systems. AI assurance involves quantifying capabilities and associating risks across deployments including: data quality to include inherent biases, algorithm performance, statistical errors, and algorithm trustworthiness and security. Data, algorithmic, and context/domain-specific factors may change over time and impact the ability of AI systems in delivering accurate outcomes. In this paper, we discuss the importance and different angles of AI assurance, and present a general framework that addresses its challenges.
  • Thumbnail Image
    Intrusion Detection System for Applications using Linux Containers
    Abed, Amr S.; Clancy, Thomas Charles III; Levy, David S. (Springer, 2015-12-09)
    Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical operational requirement. This paper introduces a real-time host-based intrusion detection system that can be used to passively detect malfeasance against applications within Linux containers running in a standalone or in a cloud multi-tenancy environment. The demonstrated intrusion detection system uses bags of system calls monitored from the host kernel for learning the behavior of an application running within a Linux container and determining anomalous container behavior. Performance of the approach using a database application was measured and results are discussed.
  • Thumbnail Image
    Multi-Physics Modeling of Electrochemical Deposition
    Kauffman, Justin; Gilbert, John; Paterson, Eric G. (MDPI, 2020-12-11)
    Electrochemical deposition (ECD) is a common method used in the field of microelectronics to grow metallic coatings on an electrode. The deposition process occurs in an electrolyte bath where dissolved ions of the depositing material are suspended in an acid while an electric current is applied to the electrodes. The proposed computational model uses the finite volume method and the finite area method to predict copper growth on the plating surface without the use of a level set method or deforming mesh because the amount of copper layer growth is not expected to impact the fluid motion. The finite area method enables the solver to track the growth of the copper layer and uses the current density as a forcing function for an electric potential field on the plating surface. The current density at the electrolyte-plating surface interface is converged within each PISO (Pressure Implicit with Splitting Operator) loop iteration and incorporates the variance of the electrical resistance that occurs via the growth of the copper layer. This paper demonstrates the application of the finite area method for an ECD problem and additionally incorporates coupling between fluid mechanics, ionic diffusion, and electrochemistry.
  • Thumbnail Image
    An ontological metamodel for cyber-physical system safety, security, and resilience coengineering
    Bakirtzis, Georgios; Sherburne, Tim; Adams, Stephen C.; Horowitz, Barry M.; Beling, Peter A.; Fleming, Cody H. (2021-06-01)
    Cyber-physical systems are complex systems that require the integration of diverse software, firmware, and hardware to be practical and useful. This increased complexity is impacting the management of models necessary for designing cyber-physical systems that are able to take into account a number of "-ilities", such that they are safe and secure and ultimately resilient to disruption of service. We propose an ontological metamodel for system design that augments an already existing industry metamodel to capture the relationships between various model elements (requirements, interfaces, physical, and functional) and safety, security, and resilient considerations. Employing this metamodel leads to more cohesive and structured modeling efforts with an overall increase in scalability, usability, and unification of already existing models. In turn, this leads to a mission-oriented perspective in designing security defenses and resilience mechanisms to combat undesirable behaviors. We illustrate this metamodel in an open-source GraphQL implementation, which can interface with a number of modeling languages. We support our proposed metamodel with a detailed demonstration using an oil and gas pipeline model.
  • Thumbnail Image
    Physical layer orthogonal frequency-division multiplexing acquisition and timing synchronization security
    La Pan, Matthew J.; Clancy, Thomas Charles III; McGwier, Robert W. (Wiley, 2014-08-18)
    Orthogonal frequency-division multiplexing (OFDM) has become the manifest modulation choice for 4G standards. Timing acquisition and carrier frequency offset synchronization are prerequisite to OFDM demodulation and must be performed often. Most of the OFDM methods for synchronization were not designed with security in mind. In particular, we analyze the performance of a maximum likelihood synchronization estimator against highly correlated jamming attacks. We present a series of attacks against OFDM timing acquisition: preamble whitening, the false preamble attack, preamble warping, and preamble nulling.The performance of OFDM synchronization turns out to be very poor against these attacks, and a number of mitigation strategies and security improvements are discussed.
  • Thumbnail Image
    A Practical Guide for Managing Interdisciplinary Teams: Lessons Learned from Coupled Natural and Human Systems Research
    Henson, V. Reilly; Cobourn, Kelly M.; Weathers, Kathleen C.; Carey, Cayelan C.; Farrell, Kaitlin J.; Klug, Jennifer L.; Sorice, Michael G.; Ward, Nicole K.; Weng, Weizhe (MDPI, 2020-07-09)
    Interdisciplinary team science is essential to address complex socio-environmental questions, but it also presents unique challenges. The scientific literature identifies best practices for high-level processes in team science, e.g., leadership and team building, but provides less guidance about practical, day-to-day strategies to support teamwork, e.g., translating jargon across disciplines, sharing and transforming data, and coordinating diverse and geographically distributed researchers. This article offers a case study of an interdisciplinary socio-environmental research project to derive insight to support team science implementation. We evaluate the project’s inner workings using a framework derived from the growing body of literature for team science best practices, and derive insights into how best to apply team science principles to interdisciplinary research. We find that two of the most useful areas for proactive planning and coordinated leadership are data management and co-authorship. By providing guidance for project implementation focused on these areas, we contribute a pragmatic, detail-oriented perspective on team science in an effort to support similar projects.
  • Thumbnail Image
    Shannon Entropy Loss in Mixed-Radix Conversions
    Vennos, Amy; Michaels, Alan J. (MDPI, 2021-07-27)
    This paper models a translation for base-2 pseudorandom number generators (PRNGs) to mixed-radix uses such as card shuffling. In particular, we explore a shuffler algorithm that relies on a sequence of uniformly distributed random inputs from a mixed-radix domain to implement a Fisher–Yates shuffle that calls for inputs from a base-2 PRNG. Entropy is lost through this mixed-radix conversion, which is assumed to be surjective mapping from a relatively large domain of size 2J to a set of arbitrary size n. Previous research evaluated the Shannon entropy loss of a similar mapping process, but this previous bound ignored the mixed-radix component of the original formulation, focusing only on a fixed n value. In this paper, we calculate a more precise formula that takes into account a variable target domain radix, n, and further derives a tighter bound on the Shannon entropy loss of the surjective map, while demonstrating monotonicity in a decrease in entropy loss based on increased size J of the source domain 2J. Lastly, this formulation is used to specify the optimal parameters to simulate a card-shuffling algorithm with different test PRNGs, validating a concrete use case with quantifiable deviations from maximal entropy, making it suitable to low-power implementation in a casino.
  • Thumbnail Image
    System and method for heterogenous spectrum sharing between commercial cellular operators and legacy incumbent users in wireless networks
    (United States Patent and Trademark Office, 2016-12-06)
    Described herein are systems and methods for telecommunications spectrum sharing between multiple heterogeneous users, which leverage a hybrid approach that includes both distributed spectrum sharing, spectrum-sensing, and use of geo-reference databases.
  • Thumbnail Image
    Towards Optimal Secure Distributed Storage Systems with Exact Repair
    Tandon, Ravi; Amuru, SaiDhiraj; Clancy, Thomas Charles III; Buehrer, R. Michael (IEEE, 2016-06)
    Distributed storage systems in the presence of a wiretapper are considered. A distributed storage system (DSS) is parameterized by three parameters (𝑛, 𝑘, 𝑑), in which a file stored across n distributed nodes, can be recovered from any 𝑘 out of 𝑛 nodes. This is called as the reconstruction property of a DSS. If a node fails, any 𝑑 out of (𝑛-1) nodes help in the repair of the failed node so that the regeneration property of the DSS is preserved. For such a (𝑛, 𝑘, 𝑑)-DSS, two types of wiretapping scenarios are investigated: (a) Type-I (node) adversary which can wiretap the data stored on any 𝑙< 𝑘 nodes; and a more severe (b) Type-II (repair data) adversary which can wiretap the contents of the repair data that is used to repair a set of l failed nodes over time. The focus of this work is on the practically relevant setting of exact repair regeneration in which the repair process must replace a failed node by its exact replica. We make new progress on several non-trivial instances of this problem which prior to this work have been open. The main contribution of this paper is the optimal characterization of the secure storage-vs-exact-repair-bandwidth tradeoff region of a (𝑛, 𝑘, 𝑑)-DSS, with 𝑛 ≤ 4 and any 𝑙 < 𝑘 in the presence of both Type-I and Type-II adversaries. While the problem remains open for a general (𝑛, 𝑘, 𝑑)-DSS with 𝑛 > 4, we present extensions of these results to a (𝑛, 𝑛-1, 𝑛-1)-DSS, in presence of a Type-II adversary that can observe the repair data of any 𝑙 = (𝑛-2) nodes. The key technical contribution of this work is in developing novel information theoretic converse proofs for the Type-II adversarial scenario. From our results, we show that in the presence of Type-II attacks, the only efficient point in the storage-vs-exact-repair-bandwidth tradeoff is the MBR (minimum bandwidth regenerating) point. This is in sharp contrast to the case of a Type-I attack in which the storage-vs-exactrepair-bandwidth tradeoff allows a spectrum of operating points beyond the MBR point.