skip to main content

Explore Research Products in the NSF-PAR

Title: Discriminative Pattern Mining for Runtime Security Enforcement of Cyber-Physical Point-of-Care Medical Technology
Point-of-care diagnostics are a key technology for various safety-critical applications from providing diagnostics in developing countries lacking adequate medical infrastructure to fight infectious diseases to screening procedures for border protection. Digital microfluidics biochips are an emerging technology that are increasingly being evaluated as a viable platform for rapid diagnosis and point-of-care field deployment. In such a technology, processing errors are inherent. Cyber-physical digital biochips offer higher reliability through the inclusion of automated error recovery mechanisms that can reconfigure operations performed on the electrode array. Recent research has begun to explore security vulnerabilities of digital microfluidic systems. This paper expands previous work that exploits vulnerabilities due to implicit trust in the error recovery mechanism. In this work, a discriminative data mining approach is introduced to identify frequent bioassay operations that can be cyber-physically attested for runtime security protection.  more » « less
Award ID(s):
1837472
NSF-PAR ID:
10301322
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC)
Page Range / eLocation ID:
1066 to 1072
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ( , 2020 30th International Conference on Field-Programmable Logic and Applications (FPL))
    null (Ed.)
    Lightweight cryptography offers viable security solutions for resource constrained Internet of Things (IoT) devices. However, IoT devices have implementation vulnerabilities such as side channel attacks (SCA), where observation of physical phenomena associated with device operations can reveal sensitive internal contents. The U.S. National Institute of Standards and Technology has called for lightweight cryptographic solutions to process authenticated encryption with associated data (AEAD), and is evaluating candidates for suitability in a Lightweight Cryptography (LWC) Standardization Process. Two Round 2 candidate variants, COMET-CHAM and SCHWAEMM, use Addition-Rotation-XOR (ARX) primitives. However, ARX ciphers are known to be costly to protect against certain SCA. In this work we implement side channel protected versions of COMET-CHAM and SCHWAEMM using register transfer level design. Identical protection schemes consisting of a threshold implementation (TI)-protected Kogge-Stone adder are adopted. Resistance to power side channel analysis is verified on an Artix-7 FPGA target device. Implementations comply with the Hardware API for Lightweight Cryptography, and use a custom-designed extension of the Development Package for the Hardware API for Lightweight Cryptography which enables test and evaluation of side channel resistant designs. We compare side channel protection costs of the two candidates against each other, against their unprotected counterparts, and against previous side channel protected AEAD implementations. COMET-CHAM is shown to consume less area and power, while SCHWAEMM has higher throughput and throughput to area ratio, and is more energy efficient. On average, the costs of protecting these ciphers against SCA are 32% more in area and 38% more in power, compared to the average protection costs for a large selection of previously-evaluated ciphers of similar implementation. Our results highlight the costs involved in implementing side channel protected ARX-ciphers, and help to inform NIST LWC late round and final portfolio selections. 
    more » « less
  2. ; ( , ADMI 2022:The Symposium of Computing at Minority Institutions)
    This report discusses Digital Forensics and Cyber-Security and different vulnerabilities that put the users at risk of compromising their sensitive data and making it available to attackers. With the raising of new threats aiming at technology, some people are not aware of hackers stealing their data. This study will discuss what Cyber-Security is and how many people are aware of what it all entails. This study will also recommendations on how to recognize attacks and learn basic terms to help inform the public. The study utilizes surveys of students from Hampton University so the authors can make the proper analysis and recommendations regarding the issue. 
    more » « less
  3. ; ; ( , Information Security Practice and Experience. ISPEC 2022. Lecture Notes in Computer Science)
    Su, C. ; Gritzalis, D. ; Piuri, V. (Ed.)
    Many cyber-physical systems (CPS) are critical infrastructure. Security attacks on these critical systems can have catastrophic consequences, putting human lives at risk. Consequently, it is very important to pace CPS systems to red-teaming/blue teaming exercises to understand vulnerabilities and the progression/impact of cyber attacks on them. Since it is not always prudent to conduct such security exercises on live CPS, researchers use CPS testbeds to conduct security-related experiments. Often, such testbeds are very expensive. Since attack scripts used in red-teaming/blue-teaming exercises are, in the strictest sense of the term, malicious in nature, there is a need to protect the testbed itself from these attack experiments that have the potential to go awry. Moreover, when multiple experiments are conducted on the same testbed, there is a need to maintain isolation among these experiments so that no experiment can accidentally or maliciously affect/compromise others. In this work, we describe a novel security architecture and framework to ensure protection of security-related experiments on a CPS testbed and at the same time support secure communication services among simultaneously running experiments based on well-formulated access control policies. 
    more » « less
  4. ; ; ; ; ( , Computing and Communication Workshop and Conference (CCWC))
    In recent years, there has been a growing interest in so-called smart cities. These cities use technology to connect and enhance the lives of their citizens. Smart cities use many Internet of Things (loT) devices, such as sensors and video cameras, that are interconnected to provide constant feedback and up-to-date information on everything that is happening. Despite the benefits of these cities, they introduce a numerous new vulnerabilities as well. These smart cities are now susceptible to cyber-attacks that aim to “alter, disrupt, deceive, degrade, or destroy computer systems.” Through the use of an educational and research-based loT test-bed with multiple networking layers and heterogeneous devices connected to simultaneously support networking research, anomaly detection, and security principles, we can pinpoint some of these vulnerabilities. This work will contribute potential solutions to these vulnerabilities that can hopefully be replicated in smart cities around the world. Specifically, in the transportation section of our educational smart city several vulnerabilities in the signal lights, street lights, and the cities train network were discovered. To conduct this research two scenarios were developed. These consisted of inside the network security and network perimeter security. For the latter we were able to find extensive vulnerabilities that would allow an attacker to map the entire smart city sub-network. Solutions to this problem are outlined that utilize an Intrusion Detection System and Port Mirroring. However, while we were able to exploit the city's Programmable Logic Controller (PLC) once inside the network, it was found that due to dated Supervisory Control and Data Acquisition (SCADA) systems, there were almost no solutions to these exploits. 
    more » « less
  5. ; ; ; ; ( , IEEE)
    The adoption of digital technology in industrial control systems (ICS) enables improved control over operation, ease of system diagnostics and reduction in cost of maintenance of cyber physical systems (CPS). However, digital systems expose CPS to cyber-attacks. The problem is grave since these cyber-attacks can lead to cascading failures affecting safety in CPS. Unfortunately, the relationship between safety events and cyber-attacks in ICS is ill-understood and how cyber-attacks can lead to cascading failures affecting safety. Consequently, CPS operators are ill-prepared to handle cyber-attacks on their systems. In this work, we envision adopting Explainable AI to assist CPS oper-ators in analyzing how a cyber-attack can trigger safety events in CPS and then interactively determining potential approaches to mitigate those threats. We outline the design of a formal framework, which is based on the notion of transition systems, and the associated toolsets for this purpose. The transition system is represented as an AI Planning problem and adopts the causal formalism of human reasoning to asssit CPS operators in their analyses. We discuss some of the research challenges that need to be addressed to bring this vision to fruition. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email