Destination Area: Integrated Security (IS)
Permanent URI for this collection
IS focuses on advancing and assuring the security of our vital social, political, and financial networks while balancing the crucial needs and expectations of privacy and governmental oversight. This mission cuts across four other destination areas and strategic growth areas, intersecting at key points of national interest where Virginia Tech has demonstrated expertise and capability:
Security for the Internet of Everything: The interconnection of the digital world, the physical world, and humans interacting with both worlds.
Governance and Ethics for Security: Questions and concerns about the adoption, use, and audit of security and privacy practices as they affect citizens and their government, consumers and business, and humans and their environment.
Analytics for National Security and Preparedness: Using the capabilities of big data to improve security, forecasting, awareness, and resilience in response to disasters and for national defense.
Browse
Browsing Destination Area: Integrated Security (IS) by Title
Now showing 1 - 20 of 119
Results Per Page
Sort Options
- Adaptive Key Protection in Complex Cryptosystems with AttributesWang, Zilong; Yao, Danfeng (Daphne); Feng, Rongquan (Department of Computer Science, Virginia Polytechnic Institute & State University, 2012)In the attribute-based encryption (ABE) model, attributes (as opposed to identities) are used to encrypt messages, and all the receivers with qualifying attributes can decrypt the ciphertext. However, compromised attribute keys may affect the communications of many users who share the same access control policies. We present the notion of forward-secure attribute-based encryption (fs-ABE) and give a concrete construction based on bilinear map and decisional bilinear Diffie-Hellman assumption. Forward security means that a compromised private key by an adversary at time t does not break the confidentiality of the communication that took place prior to t. We describe how to achieve both forward security and encryption with attributes, and formally prove our security against the adaptive chosen-ciphertext adversaries. Our scheme is non-trivial, and the key size only grows polynomially with logN (where N is the number of time periods). We further generalize our scheme to support the individualized key-updating schedule for each attribute, which provides a finer granularity for key management. Our insights on the required properties that an ABE scheme needs to possess in order to be forward-secure compatible are useful beyond the specific fs-ABE construction given. We raise an open question at the end of the paper on the escrow problem of the master key in ABE schemes.
- Adversarial Machine Learning for NextG Covert Communications Using Multiple AntennasKim, Brian; Sagduyu, Yalin; Davaslioglu, Kemal; Erpek, Tugba; Ulukus, Sennur (MDPI, 2022-07-29)This paper studies the privacy of wireless communications from an eavesdropper that employs a deep learning (DL) classifier to detect transmissions of interest. There exists one transmitter that transmits to its receiver in the presence of an eavesdropper. In the meantime, a cooperative jammer (CJ) with multiple antennas transmits carefully crafted adversarial perturbations over the air to fool the eavesdropper into classifying the received superposition of signals as noise. While generating the adversarial perturbation at the CJ, multiple antennas are utilized to improve the attack performance in terms of fooling the eavesdropper. Two main points are considered while exploiting the multiple antennas at the adversary, namely the power allocation among antennas and the utilization of channel diversity. To limit the impact on the bit error rate (BER) at the receiver, the CJ puts an upper bound on the strength of the perturbation signal. Performance results show that this adversarial perturbation causes the eavesdropper to misclassify the received signals as noise with a high probability while increasing the BER at the legitimate receiver only slightly. Furthermore, the adversarial perturbation is shown to become more effective when multiple antennas are utilized.
- Application of Cybernetics and Control Theory for a New Paradigm in CybersecurityAdams, Michael D.; Hitefield, Seth D.; Hoy, Bruce; Fowler, Michael C.; Clancy, Thomas Charles III (Virginia Tech, 2013-11-01)A significant limitation of current cyber security research and techniques is its reactive and applied nature. This leads to a continuous ‘cyber cycle’ of attackers scanning networks, developing exploits and attacking systems, with defenders detecting attacks, analyzing exploits and patching systems. This reactive nature leaves sensitive systems highly vulnerable to attack due to un-patched systems and undetected exploits. Some current research attempts to address this major limitation by introducing systems that implement moving target defense. However, these ideas are typically based on the intuition that a moving target defense will make it much harder for attackers to find and scan vulnerable systems, and not on theoretical mathematical foundations. The continuing lack of fundamental science and principles for developing more secure systems has drawn increased interest into establishing a ‘science of cyber security’. This paper introduces the concept of using cybernetics, an interdisciplinary approach of control theory, systems theory, information theory and game theory applied to regulatory systems, as a foundational approach for developing cyber security principles. It explores potential applications of cybernetics to cyber security from a defensive perspective, while suggesting the potential use for offensive applications. Additionally, this paper introduces the fundamental principles for building non-stationary systems, which is a more general solution than moving target defenses. Lastly, the paper discusses related works concerning the limitations of moving target defense and one implementation based on non-stationary principles.
- Applications and Security of Next-Generation, User-Centric Wireless SystemsRamstetter, Jerry Rick; Yang, Yaling; Yao, Danfeng (Daphne) (MDPI, 2010-07-28)Pervasive wireless systems have significantly improved end-users quality of life. As manufacturing costs decrease, communications bandwidth increases, and contextual information is made more readily available, the role of next generation wireless systems in facilitating users daily activities will grow. Unique security and privacy issues exist in these wireless, context-aware, often decentralized systems. For example, the pervasive nature of such systems allows adversaries to launch stealthy attacks against them. In this review paper, we survey several emergent personal wireless systems and their applications. These systems include mobile social networks, active implantable medical devices, and consumer products. We explore each systems usage of contextual information and provide insight into its security vulnerabilities. Where possible, we describe existing solutions for defendingagainst these vulnerabilities. Finally, we point out promising future research directions for improving these systems robustness and security
- Applying differential association theory to online hate groups: a theoretical statementHawdon, James E. (Social and Economic Research Association of the Turku Universities, 2012)In this paper, I will consider how social media can nurture and encourage mass murder within a framework of one of the most prominent and widely supported criminological theories: differential association. I will briefly discuss the presence of hate groups on the web, and then I will review how the core principles of differential association are met and potentially amplified through social media. I then provide an example of the interconnectedness of hate groups, and conclude with a call for future research.
- Assessing the Role of Cyberbiosecurity in Agriculture: A Case StudyDrape, Tiffany A.; Magerkorth, Noah; Sen, Anuradha; Simpson, Joseph; Seibel, Megan M.; Murch, Randall Steven; Duncan, Susan E. (Frontiers, 2021-08-19)Agriculture has adopted the use of smart technology to help meet growing food demands. This increased automation and associated connectivity increases the risk of farms being targeted by cyber-attacks. Increasing frequency of cybersecurity breaches in many industries illustrates the need for securing our food supply chain. The uniqueness of biological data, the complexity of integration across the food and agricultural system, and the importance of this system to the U.S. bioeconomy and public welfare suggests an urgency as well as unique challenges that are not common across all industries. To identify and address the gaps in awareness and knowledge as well as encourage collaborations, Virginia Tech hosted a virtual workshop consisting of professionals from agriculture, cybersecurity, government, and academia. During the workshop, thought leaders and influencers discussed 1) common food and agricultural system challenges, scenarios, outcomes and risks to various sectors of the system; 2) cyberbiosecurity strategies for the system, gaps in workforce and training, and research and policy needs. The meeting sessions were transcribed and analyzed using qualitative methodology. The most common themes that emerged were challenges, solutions, viewpoints, common vocabulary. From the results of the analysis, it is evident that none of the participating groups had available cybersecurity training and resources. Participants were uncertain about future pathways for training, implementation, and outreach related to cyberbiosecurity. Recommendations include creating training and education, continued interdisciplinary collaboration, and recruiting government involvement to speed up better security practices related to cyberbiosecurity.
- Attacks and Defenses for Single-Stage Residue Number System PRNGsVennos, Amy; George, Kiernan; Michaels, Alan J. (MDPI, 2021-06-25)This paper explores the security of a single-stage residue number system (RNS) pseudorandom number generator (PRNG), which has previously been shown to provide extremely high-quality outputs when evaluated through available RNG statistical test suites or in using Shannon and single-stage Kolmogorov entropy metrics. In contrast, rather than blindly performing statistical analyses on the outputs of the single-stage RNS PRNG, this paper provides both white box and black box analyses that facilitate reverse engineering of the underlying RNS number generation algorithm to obtain the residues, or equivalently key, of the RNS algorithm. We develop and demonstrate a conditional entropy analysis that permits extraction of the key given a priori knowledge of state transitions as well as reverse engineering of the RNS PRNG algorithm and parameters (but not the key) in problems where the multiplicative RNS characteristic is too large to obtain a priori state transitions. We then discuss multiple defenses and perturbations for the RNS system that fool the original attack algorithm, including deliberate noise injection and code hopping. We present a modification to the algorithm that accounts for deliberate noise, but rapidly increases the search space and complexity. Lastly, we discuss memory requirements and time required for the attacker and defender to maintain these defenses.
- Back to Reality: Cross domain deterrence and cyberspaceBrantly, Aaron F. (2018-09-01)This paper examines cross domain deterrence strategies involving cyber incidents. By focusing on efforts to halt Russian and Chinese cyber operations against the United States this paper examines the importance of developing, maintaining and implementing (when necessary) cross domain deterrence strategies. This paper departs from more theoretic debates on the value and potential success, or lack thereof relating to cyber deterrence strategies and focuses on two cases in which cross domain retaliations were utilized to halt adversary behavior. From these two cases this paper posits a preliminary theory of cross domain deterrence applicable to cyber interactions between states and advances the debates in the field by shifting the center of gravity away from within domain responses to other mechanisms to deter adversary behavior.
- Battling the bear: Ukraine's approach to national cyber and information securityBrantly, Aaron F. (Routledge, 2022-01)Ukraine has faced substantial challenges across multiple fronts in its successful 2014 Revolution of Dignity. Among the greatest challenges Ukraine has faced is the establishment of a national cybersecurity infrastructure capable of withstanding cyberattacks and information operations against military and civilian infrastructures. Ukraine’s experience is counterintuitive to the constant refrain in cyberspace regarding asymmetric advantage. Ukraine has struggled with the help of European and NATO allies to forge multiple organizational structures capable of facilitating national information and cyber defense. This work offers detailed analysis on the construction of national information resilience and cyber capabilities by a medium-sized state under duress and coercion from an adversary state by leveraging interviews with and documents from Ukrainian ministers, general staffs, security service personnel, soldiers, journalists, civilians, and academics conducted over two years. The result is analysis that informs the underlying notions about small to medium state defenses in relation to well-resourced adversaries.
- Battling the Bear: Ukraine's Approach to National CybersecurityBrantly, Aaron F. (2018-09-29)Ukraine has faced substantial challenges across multiple fronts its successful 2014 Revolution of Dignity. Among the greatest challenges Ukraine has faced is the establishment of a national cybersecurity infrastructure capable of withstanding cyberattacks and information operations against military and civilian infrastructures. Ukraine’s experience is counterintuitive to the constant refrain in cyberspace regarding asymmetric advantage. Ukraine has struggled with the help of European and NATO allies to forge multiple organizational structures capable to facilitating national cyber defense. This work offers detailed analysis on the construction of national cyber capabilities by a medium sized state under duress and coercion from an adversary state by leveraging interviews with and documents from Ukrainian ministers, General Staffs, Security Service personnel, soldiers, journalists, civilians and academics conducted over two years. The result is analysis that informs the underlying notions about small to medium state cyber defenses in relation to well-resourced adversaries.
- ‘Beating the news’ with EMBERS: Forecasting Civil Unrest using Open Source IndicatorsRamakrishnan, Naren; Butler, Patrick; Self, Nathan; Khandpur, Rupinder P.; Saraf, Parang; Wang, Wei; Cadena, Jose; Vullikanti, Anil Kumar S.; Korkmaz, Gizem; Kuhlman, Christopher J.; Marathe, Achla; Zhao, Liang; Ting, Hua; Huang, Bert; Srinivasan, Aravind; Trinh, Khoa; Getoor, Lise; Katz, Graham; Doyle, Andy; Ackermann, Chris; Zavorin, Ilya; Ford, Jim; Summers, Kristen; Fayed, Youssef; Arredondo, Jaime; Gupta, Dipak; Mares, David; Muthia, Sathappan; Chen, Feng; Lu, Chang-Tien (2014)We describe the design, implementation, and evaluation of EMBERS, an automated, 24x7 continuous system for forecasting civil unrest across 10 countries of Latin America using open source indicators such as tweets, news sources, blogs, economic indicators, and other data sources. Unlike retrospective studies, EMBERS has been making forecasts into the future since Nov 2012 which have been (and continue to be) evaluated by an independent T&E team (MITRE). Of note, EMBERS has successfully forecast the uptick and downtick of incidents during the June 2013 protests in Brazil. We outline the system architecture of EMBERS, individual models that leverage specific data sources, and a fusion and suppression engine that supports trading off specific evaluation criteria. EMBERS also provides an audit trail interface that enables the investigation of why specific predictions were made along with the data utilized for forecasting. Through numerous evaluations, we demonstrate the superiority of EMBERS over baserate methods and its capability to forecast significant societal happenings.
- Between a Rock and a Cell Phone: Social Media Use during Mass Protests in Iran, Tunisia and EgyptKavanaugh, Andrea L.; Yang, Seungwon; Sheetz, Steven D.; Li, Lin Tzy; Fox, Edward A. (Department of Computer Science, Virginia Polytechnic Institute & State University, 2011-05-01)In this paper we examine the use of social media, and especially Twitter, in Iran, Tunisia and Egypt during the mass political demonstrations and protests in June 2009, December 2010 - January 2011, and February 2011, respectively. We compare this usage with methods and findings from other studies on the use of Twitter in emergency situations, such as natural and man-made disasters. We draw on our own experiences and participant-observations as an eyewitness in Iran (first author), and on Twitter data from Iran, Tunisia and Egypt. In these three cases, Twitter filled a unique technology and communication gap at least partially. We summarize suggested directions for future research with a view of placing this work in the larger context of social media use in conditions of crisis and social convergence.
- Big Data Meet Cyber-Physical Systems: A Panoramic SurveyAtat, Rachad; Liu, Lingjia; Wu, Jinsong; Li, Guangyu; Ye, Chunxuan; Yi, Yang (IEEE, 2018)The world is witnessing an unprecedented growth of cyber-physical systems (CPS), which are foreseen to revolutionize our world via creating new services and applications in a variety of sectors, such as environmental monitoring, mobile-health systems, intelligent transportation systems, and so on. The information and communication technology sector is experiencing a significant growth in data traffic, driven by the widespread usage of smartphones, tablets, and video streaming, along with the significant growth of sensors deployments that are anticipated in the near future. It is expected to outstandingly increase the growth rate of raw sensed data. In this paper, we present the CPS taxonomy via providing a broad overview of data collection, storage, access, processing, and analysis. Compared with other survey papers, this is the first panoramic survey on big data for CPS, where our objective is to provide a panoramic summary of different CPS aspects. Furthermore, CPS requires cybersecurity to protect them against malicious attacks and unauthorized intrusion, which become a challenge with the enormous amount of data that are continuously being generated in the network. Thus, we also provide an overview of the different security solutions proposed for CPS big data storage, access, and analytics. We also discuss big data meeting green challenges in the contexts of CPS.
- Bitcoin and CryptocurrenciesVasek, Marie; Jardine, Eric; Brantly, Aaron F. (Virginia Tech, 2018-05-18)This panel includes three presentations: “Cryptocurrencies and Financial Crimes” by Marie Vasek; “Cryptocurrencies and Specific Drug Types” by Eric Jardine; and “Bitcoin and OPSEC for Terrorists” by Aaron Brantly. (Please note that due to technical difficulties, slides for the last presentation by Aaron Brantly were not captured on the video). The presentations were given as part of the conference "Understanding the Dark Web and Its Implications for Policy" held on May 18, 2018 at the Virginia Tech Executive Briefing Center in Arlington, Virginia.
- BRIoT: Behavior Rune Specification-Based Misbehavior Detection for IoT-Embedded Cyber-Physical SystemsSharma, Vishal; You, Ilsun; Vim, Kangbin; Chen, Ing-Ray; Cho, Jin-Hee (IEEE, 2019)The identification of vulnerabilities in a mission-critical system is one of the challenges faced by a cyber-physical system (CPS). The incorporation of embedded Internet of Things (IoT) devices makes it tedious to identify vulnerability and difficult to control the service-interruptions and manage the operations losses. Rule-based mechanisms have been considered as a solution in the past. However, rule-based solutions operate on the goodwill of the generated rules and perform assumption-based detection. Such a solution often is far from the actual realization of the IoT runtime performance and can be fooled by zero-day attacks. Thus, this paper takes this issue as motivation and proposes better lightweight behavior rule specification-based misbehavior detection for the IoT-embedded cyber-physical systems (BRIoT). The key concept of our approach is to model a system with which misbehavior of an IoT device manifested as a result of attacks exploiting the vulnerability exposed may be detected through automatic model checking and formal verification, regardless of whether the attack is known or unknown. Automatic model checking and formal verification are achieved through a 2-layer Fuzzy-based hierarchical context-aware aspect-oriented Petri net (HCAPN) model, while effective misbehavior detection to avoid false alarms is achieved through a Barycentric-coordinated-based center of mass calculation method. The proposed approach is verified by an unmanned aerial vehicle (UAV) embedded in a UAV system. The feasibility of the proposed model is demonstrated with high reliability, low operational cost, low false-positives, low false-negatives, and high true positives in comparison with existing rule-based solutions.
- CCS 2017- Women in Cyber Security (CyberW) WorkshopYao, Danfeng (Daphne); Bertino, Elisa (ACM, 2017)The CyberW workshop is motivated by the significant gender imbalance in all security conferences, in terms of the number of publishing authors, PC members, organizers, and attendees. What causes this gender imbalance remains unclear. However, multiple research studies have shown that a diverse group is more creative, diligent, and productive than a homogeneous group. Achieving cyber security requires a diverse group. To maintain a sustainable and creative workforce, substantial efforts need to be made by the security community to broaden the participation from underrepresented groups in cyber security research conferences. We hope this workshop can attract all underrepresented cybersecurity professionals, students, and researchers to attend top security and privacy conferences, engage in cutting-edge security and privacy research, excel in cyber security professions, and ultimately take on leadership positions.
- Civil Cyberconflict: Microsoft, Cybercrime, and BotnetsHiller, Janine S. (Santa Clara University School of Law, 2014-01)Cyber “warfare” and hackback by private companies is a hot discussion topic for its potential to fight cybercrime and promote cybersecurity. In the shadow of this provocative discussion, Microsoft has led a concerted, sustained fight against cybercriminals by using traditional legal theories and court actions to dismantle criminal networks known as botnets. This article brings focus to the role of the private sector in cybersecurity in light of the aggressive civil actions by Microsoft to address a thorny and seemingly intractable global problem. A botnet is a network of computers infected with unauthorized code that is controlled from a distance by malicious actors. The extent of botnet activity is staggering, and botnets have been called the plague of the Internet. The general public is more commonly aware of the damaging results of botnet activity rather than its operation, intrusion, or infection capabilities. Botnet activity may result in a website being unavailable due to a denial-of-service (DoS) attack, identity theft can occur because the botnet collects passwords from individual users, and bank accounts may be emptied related to botnet activity. Spam, fraud, spyware, and data breaches are all the result of botnet activity. Technical remedies for stopping botnet attacks and damages are ongoing, but technical solutions alone are inadequate. Law enforcement is active in tracking down criminal activities of botnets, yet the number and sophistication of the attackers overwhelm it. In a new development, multiple civil lawsuits by Microsoft have created the legal precedent for suing botnet operators and using existing law to dismantle botnets and decrease their global reach. This article reviews the threats created by botnets and describes the evolution of legal and technical strategies to address botnet proliferation. The distinctive aspects of each of the cases brought by Microsoft are described and analyzed and the complex questions surrounding a botnet takedown are identified. Discussion of the details of the lawsuits are important, because over a relatively short period of time, government and private sector roles have evolved considerably in the search for a methodology to deal effectively with botnets. Theoretical and international questions surrounding the sustainability and policy ramifications of private sector leadership in cybersecurity are examined, and questions for future research are identified.
- Conceptualizing Cyber Deterrence by EntanglementBrantly, Aaron F. (2018-03-01)Dr. Brantly was invited to give one of three keynote lectures for the opening of the Cyber Governance and Policy Center at the University of Oklahoma.
- Countering the Cyber ThreatBrantly, Aaron F.; Henry, Shawn (The Army Cyber Institute, 2018-05-09)The current path to national cybersecurity hides a fatal design flaw. Resident within the current national approach is the assumption that we can continue business as usual with limited sharing between the public and the private sector, the creation of information sharing and analysis centers, the National Cybersecurity and Communications Integration Center, and a range of ad hoc local, state and federal organizations each addressing a slice of a complex and highly interconnected environment. The result is a lack of integrated coordination, continued hacks, and a public increasingly weary of all things cyber. We are approaching the current challenge as if we are living in August of 2001, ignorant and oblivious to the tragedies just over the horizon. All the while the private sector treats each incident in isolation, highly focused on their slice of a broader digital ecosystem. In the aftermath of the 9/11 attacks, Congress, the executive agencies and departments, and the judicial system in coordination with the will of the American people moved swiftly on legislation and strategies to address a complex asymmetric threat. While many of these new pieces of legislation failed in the courts, the unity of effort and the subsequent cooperative environment across all levels of government, and with the private sector, have arguably altered the national security posture and environment within the United States. Most of these changes have created a safer and more resilient domestic environment that has largely been spared the ravages of foreign-inspired terrorism. While not perfect, the current approaches adapted through years of learning, information sharing, and practice have safeguarded the homeland in an increasingly dangerous world. Lessons from the last 16 years of countering terrorism (CT) should serve as a roadmap for developing a robust, whole-of-society approach to safeguarding the homeland against the threats emanating from cyberspace looming beyond view.
- Creating Technological SurpriseWalker, Steven H. (Virginia Tech, 2018-10-05)This is an abstract from the 2018 Hugh and Ethel Kelly Lecture, "Creating Technological Surprise", presented by Dr. Steven H. Walker in Goodwin Hall on October 5, 2018.