Scholarly Works, Hume Center for National Security and Technology
Permanent URI for this collection
Browse
Browsing Scholarly Works, Hume Center for National Security and Technology by Content Type "Article - Refereed"
Now showing 1 - 20 of 22
Results Per Page
Sort Options
- Attacks and Defenses for Single-Stage Residue Number System PRNGsVennos, Amy; George, Kiernan; Michaels, Alan J. (MDPI, 2021-06-25)This paper explores the security of a single-stage residue number system (RNS) pseudorandom number generator (PRNG), which has previously been shown to provide extremely high-quality outputs when evaluated through available RNG statistical test suites or in using Shannon and single-stage Kolmogorov entropy metrics. In contrast, rather than blindly performing statistical analyses on the outputs of the single-stage RNS PRNG, this paper provides both white box and black box analyses that facilitate reverse engineering of the underlying RNS number generation algorithm to obtain the residues, or equivalently key, of the RNS algorithm. We develop and demonstrate a conditional entropy analysis that permits extraction of the key given a priori knowledge of state transitions as well as reverse engineering of the RNS PRNG algorithm and parameters (but not the key) in problems where the multiplicative RNS characteristic is too large to obtain a priori state transitions. We then discuss multiple defenses and perturbations for the RNS system that fool the original attack algorithm, including deliberate noise injection and code hopping. We present a modification to the algorithm that accounts for deliberate noise, but rapidly increases the search space and complexity. Lastly, we discuss memory requirements and time required for the attacker and defender to maintain these defenses.
- A Coupled OpenFOAM-WRF Study on Atmosphere-Wake-Ocean InteractionGilbert, John; Pitt, Jonathan (MDPI, 2020-12-30)This work aims to better understand how small scale disturbances that are generated at the air-sea interface propagate into the surrounding atmosphere under realistic environmental conditions. To that end, a one-way coupled atmosphere-ocean model is presented, in which predictions of sea surface currents and sea surface temperatures from a microscale ocean model are used as constant boundary conditions in a larger atmospheric model. The coupled model consists of an ocean component implemented while using the open source CFD software OpenFOAM, an atmospheric component solved using the Weather Research and Forecast (WRF) model, and a Python-based utility foamToWRF, which is responsible for mapping field data between the ocean and atmospheric domains. The results are presented for two demonstration cases, which indicate that the proposed coupled model is able to capture the propagation of small scale sea surface disturbances in the atmosphere, although a more thorough study is required in order to properly validate the model.
- Cyberbiosecurity: A New Perspective on Protecting US Food and Agricultural SystemDuncan, Susan E.; Reinhard, Robert; Williams, Robert C.; Ramsey, A. Ford; Thomason, Wade E.; Lee, Kiho; Dudek, Nancy; Mostaghimi, Saied; Colbert, Edward; Murch, Randall Steven (Frontiers, 2019-03-29)Our national data and infrastructure security issues affecting the "bioeconomy" are evolving rapidly. Simultaneously, the conversation about cyber security of the U.S. food and agricultural system (cyber biosecurity) is incomplete and disjointed. The food and agricultural production sectors influence over 20% of the nation's economy ($ 6.7T) and 15% of U.S. employment (43.3M jobs). The food and agricultural sectors are immensely diverse and they require advanced technologies and efficiencies that rely on computer technologies, big data, cloud-based data storage, and internet accessibility. There is a critical need to safeguard the cyber biosecurity of our bio economy, but currently protections are minimal and do not broadly exist across the food and agricultural system. Using the food safetymanagement Hazard Analysis Critical Control Point systemconcept as an introductory point of reference, we identify important features in broad food and agricultural production and food systems: dairy, food animals, row crops, fruits and vegetables, and environmental resources (water). This analysis explores the relevant concepts of cyber biosecurity from food production to the end product user (such as the consumer) and considers the integration of diverse transportation, supplier, and retailer networks. We describe common challenges and unique barriers across these systems and recommend solutions to advance the role of cyber biosecurity in the food and agricultural sectors.
- Cyberphysical Security Through Resiliency: A Systems-Centric ApproachFleming, Cody H.; Elks, Carl R.; Bakirtzis, Georgios; Adams, Stephen C.; Carter, Bryan; Beling, Peter A.; Horowitz, Barry M. (2021-06)Cyberphysical systems require resiliency techniques for defense, and multicriteria resiliency problems need an approach that evaluates systems for current threats and potential design solutions. A systems-oriented view of cyberphysical security, termed Mission Aware, is proposed based on a holistic understanding of mission goals, system dynamics, and risk.
- Decoupling RNN Training and Testing Observation Intervals for Spectrum Sensing ApplicationsMoore, Megan O.; Buehrer, R. Michael; Headley, William Chris (MDPI, 2022-06-22)Recurrent neural networks have been shown to outperform other architectures when processing temporally correlated data, such as from wireless communication signals. However, compared to other architectures, such as convolutional neural networks, recurrent neural networks can suffer from drastically longer training and evaluation times due to their inherent sample-by-sample data processing, while traditional usage of both of these architectures assumes a fixed observation interval during both training and testing, the sample-by-sample processing capabilities of recurrent neural networks opens the door for alternative approaches. Rather than assuming that the testing and observation intervals are equivalent, the observation intervals can be “decoupled” or set independently. This can potentially reduce training times and will allow for trained networks to be adapted to different applications without retraining. This work illustrates the benefits and considerations needed when “decoupling” these observation intervals for spectrum sensing applications, using modulation classification as the example use case. The sample-by-sample processing of RNNs also allows for the relaxation of the typical requirement of a fixed time duration of the signals of interest. Allowing for variable observation intervals is important in real-time applications like cognitive radio where decisions need to be made as quickly and accurately as possible as well as in applications like electronic warfare in which the sequence length of the signal of interest may be unknown. This work examines a real-time post-processing method called “just enough” decision making that allows for variable observation intervals. In particular, this work shows that, intuitively, this method can be leveraged to process less data (i.e., shorter observation intervals) for simpler inputs (less complicated signal types or channel conditions). Less intuitively, this works shows that the “decoupling” is dependent on appropriate training to avoid bias and ensure generalization.
- Designing a Block Cipher in Galois Extension Fields for IoT SecurityGeorge, Kiernan; Michaels, Alan J. (MDPI, 2021-11-05)This paper focuses on a block cipher adaptation of the Galois Extension Fields (GEF) combination technique for PRNGs and targets application in the Internet of Things (IoT) space, an area where the combination technique was concluded as a quality stream cipher. Electronic Codebook (ECB) and Cipher Feedback (CFB) variations of the cryptographic algorithm are discussed. Both modes offer computationally efficient, scalable cryptographic algorithms for use over a simple combination technique like XOR. The cryptographic algorithm relies on the use of quality PRNGs, but adds an additional layer of security while preserving maximal entropy and near-uniform distributions. The use of matrices with entries drawn from a Galois field extends this technique to block size chunks of plaintext, increasing diffusion, while only requiring linear operations that are quick to perform. The process of calculating the inverse differs only in using the modular inverse of the determinant, but this can be expedited by a look-up table. We validate this GEF block cipher with the NIST test suite. Additional statistical tests indicate the condensed plaintext results in a near-uniform distributed ciphertext across the entire field. The block cipher implemented on an MSP430 offers a faster, more power-efficient alternative to the Advanced Encryption Standard (AES) system. This cryptosystem is a secure, scalable option for IoT devices that must be mindful of time and power consumption.
- Enabling Artificial Intelligence Adoption through AssuranceFreeman, Laura J.; Rahman, Abdul; Batarseh, Feras A. (MDPI, 2021-08-25)The wide scale adoption of Artificial Intelligence (AI) will require that AI engineers and developers can provide assurances to the user base that an algorithm will perform as intended and without failure. Assurance is the safety valve for reliable, dependable, explainable, and fair intelligent systems. AI assurance provides the necessary tools to enable AI adoption into applications, software, hardware, and complex systems. AI assurance involves quantifying capabilities and associating risks across deployments including: data quality to include inherent biases, algorithm performance, statistical errors, and algorithm trustworthiness and security. Data, algorithmic, and context/domain-specific factors may change over time and impact the ability of AI systems in delivering accurate outcomes. In this paper, we discuss the importance and different angles of AI assurance, and present a general framework that addresses its challenges.
- Fallthrough Correlation Techniques for Arbitrary-Phase Spread Spectrum WaveformsFletcher, Michael; Michaels, Alan J.; Ridge, Devin (IEEE, 2019-09-11)The use of practically non-repeating spreading codes to generate sequence-based spread spectrum waveforms is a strong method to improve transmission security, by limiting an observer's opportunity to cross-correlate snapshots of the signal into a coherent gain. Such time-varying codes, particularly when used to define multi-bit resolution arbitrary-phase waveforms, present significant challenges to the intended receiver, who must synchronize acquisition processing to match the time-varying code each time it changes. This paper presents a series of options for optimizing the traditional brute-force matched-filter preamble correlator for burst-mode arbitrary-phase spread spectrum signals, achieving significant computational gains and flexibility, backed by measurable results from hardware prototypes built on an Intel Arria 10 Field Programmable Gate Array (FPGA). The most promising of which requires no embedded multipliers and reduces the total hardware logic by more than 76%. Extensions of the core fallthrough correlator techniques are considered to support low-power asynchronous reception, underlay-based physical layer rewall functions, and Receiver-Assigned Code Division Multiple Access (RA-CDMA) protocols in Internet of Things (IoT)-caliber devices.
- Framework for Evaluating the Severity of Cybervulnerability of a Traffic CabinetErnst, Joseph M.; Michaels, Alan J. (National Academy of Sciences, 2017)The increasing connectivity in transportation infrastructure is driving a need for additional security in transportation systems. For security decisions in a budget-constrained environment, the possible effect of a cyberattack must be numerically characterized. The size of an effect depends on the level of access and the vehicular demand on the intersections being controlled. This paper proposes a framework for better understanding of the levels of access and the effect that can be had in scenarios with varying demand. Simulations are performed on a simplistic corridor to provide numerical examples of the possible effects. The paper concludes that the possibility of some levels of cyberthreat may be acceptable in locations where traffic volumes would not be able to create an unmanageable queue. The more intimate levels of access can cause serious safety concerns by modifying the settings of the traffic controller in ways that encourage red-light running and accidents. The proposed framework can be used by transportation professionals and cybersecurity professionals to prioritize the actions to be taken to secure the infrastructure.
- Further Analysis of PRNG-Based Key Derivation FunctionsMcGinthy, Jason M.; Michaels, Alan J. (IEEE, 2019)The Internet of Things (IoT) is growing at a rapid pace. With everyday applications and services becoming wirelessly networked, security still is a major concern. Many of these sensors and devices have limitations, such as low power consumption, reduced memory storage, and reduced fixed point processing capabilities. Therefore, it is imperative that high-performance security primitives are used to maximize the lifetime of these devices while minimally impacting memory storage and timing requirements. Previous work presented a residue number system (RNS)-based pseudorandom number generator (PRNG)-based key derivation function (KDF) (PKDF) that showed good initial energy-efficient performance for the IoT devices. This paper provides additional analysis on the PRNG-based security and draws a comparison to a current industry-standard KDF. Subsequently, embedded software implementations were performed on an MSP430 and MSP432 and compared with the transport layer security (TLS) 1.3 hash-based message authentication code (HMAC) key derivation function (HKDF); these results demonstrate substantial computational savings for the PKDF approach, while both pass the NIST randomness quality tests. Finally, hardware translation for the PKDF is evaluated through the Mathworks' HDL Coder toolchain and mapping for throughput and die area approximation on an Intel (R) Arria 10 FPGA.
- Hidden vulnerability of US Atlantic coast to sea-level rise due to vertical land motionOhenhen, Leonard O.; Shirzaei, Manoochehr; Ojha, Chandrakanta; Kirwan, Matthew L. (Nature Research, 2023-04-11)The vulnerability of coastal environments to sea-level rise varies spatially, particularly due to local land subsidence. However, high-resolution observations and models of coastal subsidence are scarce, hindering an accurate vulnerability assessment. We use satellite data from 2007 to 2020 to create high-resolution map of subsidence rate at mm-level accuracy for different land covers along the ~3,500 km long US Atlantic coast. Here, we show that subsidence rate exceeding 3mm per year affects most coastal areas, including wetlands, forests, agricultural areas, and developed regions. Coastal marshes represent the dominant land cover type along the US Atlantic coast and are particularly vulnerable to subsidence. We estimate that 58 to 100% of coastal marshes are losing elevation relative to sea level and show that previous studies substantially underestimate marsh vulnerability by not fully accounting for subsidence.
- Intrusion Detection System for Applications using Linux ContainersAbed, Amr S.; Clancy, Thomas Charles III; Levy, David S. (Springer, 2015-12-09)Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical operational requirement. This paper introduces a real-time host-based intrusion detection system that can be used to passively detect malfeasance against applications within Linux containers running in a standalone or in a cloud multi-tenancy environment. The demonstrated intrusion detection system uses bags of system calls monitored from the host kernel for learning the behavior of an application running within a Linux container and determining anomalous container behavior. Performance of the approach using a database application was measured and results are discussed.
- Multi-Physics Modeling of Electrochemical DepositionKauffman, Justin; Gilbert, John; Paterson, Eric G. (MDPI, 2020-12-11)Electrochemical deposition (ECD) is a common method used in the field of microelectronics to grow metallic coatings on an electrode. The deposition process occurs in an electrolyte bath where dissolved ions of the depositing material are suspended in an acid while an electric current is applied to the electrodes. The proposed computational model uses the finite volume method and the finite area method to predict copper growth on the plating surface without the use of a level set method or deforming mesh because the amount of copper layer growth is not expected to impact the fluid motion. The finite area method enables the solver to track the growth of the copper layer and uses the current density as a forcing function for an electric potential field on the plating surface. The current density at the electrolyte-plating surface interface is converged within each PISO (Pressure Implicit with Splitting Operator) loop iteration and incorporates the variance of the electrical resistance that occurs via the growth of the copper layer. This paper demonstrates the application of the finite area method for an ECD problem and additionally incorporates coupling between fluid mechanics, ionic diffusion, and electrochemistry.
- A Multi-Tier Wireless Spectrum Sharing System Leveraging Secure Spectrum AuctionsAbdelhadi, Ahmed; Shajaiah, Haya; Clancy, Thomas Charles III (IEEE, 2015-10-08)Secure spectrum auctions can revolutionize the spectrum utilization of cellular networks and satisfy the ever increasing demand for resources. In this paper, a multi-tier dynamic spectrum sharing system is studied for efficient sharing of spectrum with commercial wireless system providers (WSPs), with an emphasis on federal spectrum sharing. The proposed spectrum sharing system optimizes usage of spectrum resources, manages intra-WSP and inter-WSP interference and provides essential level of security, privacy, and obfuscation to enable the most efficient and reliable usage of the shared spectrum. It features an intermediate spectrum auctioneer responsible for allocating resources to commercial WSPs by running secure spectrum auctions. The proposed secure spectrum auction, MTSSA, leverages Paillier cryptosystem to avoid possible fraud and bidrigging. Numerical simulations are provided to compare the performance of MTSSA, in the considered spectrum sharing system, with other spectrum auction mechanisms for realistic cellular systems.
- An ontological metamodel for cyber-physical system safety, security, and resilience coengineeringBakirtzis, Georgios; Sherburne, Tim; Adams, Stephen C.; Horowitz, Barry M.; Beling, Peter A.; Fleming, Cody H. (2021-06-01)Cyber-physical systems are complex systems that require the integration of diverse software, firmware, and hardware to be practical and useful. This increased complexity is impacting the management of models necessary for designing cyber-physical systems that are able to take into account a number of "-ilities", such that they are safe and secure and ultimately resilient to disruption of service. We propose an ontological metamodel for system design that augments an already existing industry metamodel to capture the relationships between various model elements (requirements, interfaces, physical, and functional) and safety, security, and resilient considerations. Employing this metamodel leads to more cohesive and structured modeling efforts with an overall increase in scalability, usability, and unification of already existing models. In turn, this leads to a mission-oriented perspective in designing security defenses and resilience mechanisms to combat undesirable behaviors. We illustrate this metamodel in an open-source GraphQL implementation, which can interface with a number of modeling languages. We support our proposed metamodel with a detailed demonstration using an oil and gas pipeline model.
- Physical layer orthogonal frequency-division multiplexing acquisition and timing synchronization securityLa Pan, Matthew J.; Clancy, Thomas Charles III; McGwier, Robert W. (Wiley, 2014-08-18)Orthogonal frequency-division multiplexing (OFDM) has become the manifest modulation choice for 4G standards. Timing acquisition and carrier frequency offset synchronization are prerequisite to OFDM demodulation and must be performed often. Most of the OFDM methods for synchronization were not designed with security in mind. In particular, we analyze the performance of a maximum likelihood synchronization estimator against highly correlated jamming attacks. We present a series of attacks against OFDM timing acquisition: preamble whitening, the false preamble attack, preamble warping, and preamble nulling.The performance of OFDM synchronization turns out to be very poor against these attacks, and a number of mitigation strategies and security improvements are discussed.
- A Practical Guide for Managing Interdisciplinary Teams: Lessons Learned from Coupled Natural and Human Systems ResearchHenson, V. Reilly; Cobourn, Kelly M.; Weathers, Kathleen C.; Carey, Cayelan C.; Farrell, Kaitlin J.; Klug, Jennifer L.; Sorice, Michael G.; Ward, Nicole K.; Weng, Weizhe (MDPI, 2020-07-09)Interdisciplinary team science is essential to address complex socio-environmental questions, but it also presents unique challenges. The scientific literature identifies best practices for high-level processes in team science, e.g., leadership and team building, but provides less guidance about practical, day-to-day strategies to support teamwork, e.g., translating jargon across disciplines, sharing and transforming data, and coordinating diverse and geographically distributed researchers. This article offers a case study of an interdisciplinary socio-environmental research project to derive insight to support team science implementation. We evaluate the project’s inner workings using a framework derived from the growing body of literature for team science best practices, and derive insights into how best to apply team science principles to interdisciplinary research. We find that two of the most useful areas for proactive planning and coordinated leadership are data management and co-authorship. By providing guidance for project implementation focused on these areas, we contribute a pragmatic, detail-oriented perspective on team science in an effort to support similar projects.
- Real-Time Mask RecognitionBillings, Rachel M.; Michaels, Alan J. (MDPI, 2021-11-08)While a variety of image processing studies have been performed to quantify the potential performance of neural network-based models using high-quality still images, relatively few studies seek to apply those models to a real-time operational context. This paper seeks to extend prior work in neural-network-based mask detection algorithms to a real-time, low-power deployable context that is conducive to immediate installation and use. Particularly relevant in the COVID-19 era with varying rules on mask mandates, this work applies two neural network models to inference of mask detection in both live (mobile) and recorded scenarios. Furthermore, an experimental dataset was collected where individuals were encouraged to use presentation attacks against the algorithm to quantify how perturbations negatively impact model performance. The results from evaluation on the experimental dataset are further investigated to identify the degradation caused by poor lighting and image quality, as well as to test for biases within certain demographics such as gender and ethnicity. In aggregate, this work validates the immediate feasibility of a low-power and low-cost real-time mask recognition system.
- Shannon Entropy Loss in Mixed-Radix ConversionsVennos, Amy; Michaels, Alan J. (MDPI, 2021-07-27)This paper models a translation for base-2 pseudorandom number generators (PRNGs) to mixed-radix uses such as card shuffling. In particular, we explore a shuffler algorithm that relies on a sequence of uniformly distributed random inputs from a mixed-radix domain to implement a Fisher–Yates shuffle that calls for inputs from a base-2 PRNG. Entropy is lost through this mixed-radix conversion, which is assumed to be surjective mapping from a relatively large domain of size 2J to a set of arbitrary size n. Previous research evaluated the Shannon entropy loss of a similar mapping process, but this previous bound ignored the mixed-radix component of the original formulation, focusing only on a fixed n value. In this paper, we calculate a more precise formula that takes into account a variable target domain radix, n, and further derives a tighter bound on the Shannon entropy loss of the surjective map, while demonstrating monotonicity in a decrease in entropy loss based on increased size J of the source domain 2J. Lastly, this formulation is used to specify the optimal parameters to simulate a card-shuffling algorithm with different test PRNGs, validating a concrete use case with quantifiable deviations from maximal entropy, making it suitable to low-power implementation in a casino.
- Specific Emitter Identification Using Convolutional Neural Network-Based IQ Imbalance EstimatorsWong, Lauren J.; Headley, William C.; Michaels, Alan J. (IEEE, 2019)Specific Emitter Identification is the association of a received signal to a unique emitter, and is made possible by the naturally occurring and unintentional characteristics an emitter imparts onto each transmission, known as its radio frequency fingerprint. This paper presents an approach for identifying emitters using convolutional neural networks to estimate the inphase/quadrature (IQ) imbalance parameters of each emitter, using only the received raw IQ data as input. Because an emitter's IQ imbalance parameters will not change as it changes modulation schemes, the proposed approach has the ability to track emitters, even as they change the modulation scheme. The performance of the developed approach is evaluated using simulated quadrature amplitude modulation and phase-shift keying signals, and the impact of signal-tonoise ratio, imbalance value, and modulation scheme are considered. Furthermore, the developed approach is shown to outperform a comparable feature-based approach, while making fewer assumptions and using fewer data per decision.