Cyber Security Research

Open Cyber Challenge Platform

Cyber Challenges have been proven to be effective, realistic, up-to-date, hands-on training tools to teach cyber security at the high school, college, industry, and government levels. The most common type of cyber challenge is the Red Team v Blue Team exercise, that prepare participants for responding to different types of common cyber related incidents. This research project proposes the development of an Open-source Cyber Challenge Platform (OCCP), that is composed of a low-cost platform, allows for community developed plug-and-play modules, and is freely distributed to high schools and universities. [Read More]

Securing Reputation Systems in the Cyber Space

Word-of-mouth, one of the most ancient mechanisms in the history of human society, is gaining new significance in the Internet. The online reputation systems are creating large scale, virtual word-of-mouth networks. Recently, manipulation of such systems is rapidly growing. We develop novel methods to detect unfair ratings and evaluate the proposed using real user attack data. [Read More]

Cross-Layer Attack and Defense in Cognitive Radio Networks

The existing research on security issues in wireless networks mainly focuses on attack and defense in individual network layers. However, the attackers do not necessarily restrict themselves within the boundaries of network layers. In this project, we raise the concern that smart attacker can launch several attacks in different layers coordinately, and develop solutions to such attacks. [Read More]

Redeemable Trust Based Secure Routing Protocol for Wireless Sensor Networks

Most, secure routing protocols are based on a notion of trust, which involves observing neighboring nodes’ behaviors and choosing a route with the most trustworthy nodes. In some of these trust schemes, it is necessary to allow a node to redeem itself in the eyes of its neighbors. However, a smart attacker can capitalize on this feature of the secure routing protocol and create an “on-off” attack in which a node is only bad every once in a while. We have developed a special type of trust, predictability trust, that we use to allow the speed of trust redemption to be controlled based on a node’s previous behavior. As part of this trust mechanism, we have utilized a notion of dynamic sliding windows to keep track of behaviors of each node. If a node has a behaved badly recently, we use the sliding window to remember more bad behaviors for the computation of trust. If the node has behaved mostly well, the size of the window is smaller, and thus we use fewer behaviors to compute the trust value. In simulations, we have found that our protocol performs just as well as existing trust-based redemption algorithms in situations where an attacker is always bad and, in a more sophisticated attack, where the node intermixes good behaviors with bad behaviors, our protocol performs significantly better than the existing algorithms. Our protocol is able to detect an on/off attack as obvious as 1 good, 1 bad, and as subtle as 9 good, 1 bad, while the other protocols cannot detect and respond to these attacks at all. [Read More]

Understanding Cascading Failures in U.S. Power Grid

With the continuous growing energy demand and environmental concerns, it has recently attracted significant attention of academia, industry, and governments in the development of a smart electric power grid to provide affordable, reliable, efficient, and secure supply of electricity. Among many enabling technologies toward such a smart grid, security has been widely identified as one of the key components for such a complex system. In this project, we present a comprehensive analysis of the foundations, system models, and assessment metrics for power system cascading failures. Furthermore, we provide critical insights to understand the power grid behavior subject to complex attacks. [Read More]

Secure Adaptive Routing Protocol for Wireless Sensor Networks

The lack of a holistic routing solution to integrate WSNs with security solutions along with the fact that the tiny limited sensor nodes make WSNs more prone to security attacks such as physical tampering and eavesdropping has lead to the need for secure adaptive routing for WSNs. We have developed a protocol that uses the concept of trust to determine the most secure route from a node collecting data to a base station that can analyze the data. We present a distributed, dynamic, efficient tree-based routing algorithm that uses multi-dimensional trust-metrics in order to find the most trusted paths. We describe the integration of the algorithm and trust framework, including how new routes are formed, avoiding the suspected nodes (less trusted nodes). We also provide a discussion of the implementation of defenses against representative attacks including selective forwarding and intentional loop creation. Through simulations and a small 8-mote proof-of-concept system we demonstrate the ability of our solution to provide trusted, efficient delivery of data from the sensor field to the base station. [Read More]

Bridging Reliability Analysis and Reality in Sensor Systems

From the viewpoint of researchers, developers, and even consumers, reliability analysis is recognized as an indispensable step before sensor network systems can be widely deployed for mission-critical applications. However, there is a big gap between traditional network reliability analysis theories and realistic sensor network system environments. In this research, we close such gap through new metrics, analytic models, and approaches for the reliability analysis of large-scale sensor networks. [Read More]

Trust Sensor Interface for Improving Reliability of EMG-based User Intent Recognition

Electromyographic (EMG) signal, which is widely investigated for natural and smooth control of prosthesis, can be easily contaminated by diverse disturbances. The disturbed EMG signal may lead to errors in user intent identification (UII), and even cause dangers (e.g. tumbles and falls) to the amputees. To address this problem, we proposed the trust sensor interface (TSI). TSI contains 2 modules: the abnormal detector, which detects diverse disturbances with high accuracy and low latency, and the trust evaluation, which dynamically evaluates the reliability of EMG sensors. [Read More]