Research

Image source: https://research.kudelskisecurity.com/2016/06/23/drones-a-hackers-playground/

UAVs or as popularly known, drones, have recently been widely used in many applications such as providing communications in emergency situations, delivering goods, and for monitoring services. This wide use of UAVs was due to the advances in their design that make them efficient and reliable in many situations where other types of transportation are not suitable. For instance, UAVs can help provide aerial services in remote areas or hard to reach regions such as mountains or valleys. In addition, UAVs can contribute to many critical applications such as delivering medical supplies to war zones or providing the essential communication services to disaster-sites. This wide use of UAVs raises concerns about their security against cyber-physical attacks such as false data injection, GPS spoofing, GPS jamming, hijacking the controller's signals, and deactivation attacks.

The goal of this research is to develop novel defense mechanisms to mitigate and thwart the effects of specific cyber-physical attacks against the UAVs. For example, game theory can be used to formulate the interactions between a UAV and a possible attacker in case of controller's attacks, while machine learning techniques can help to identify false injected data by separating the legitimate from malicious data.

Critical infrastructure (CI) system are the systems that are vital to modern day cities and communities such as power grids, communication systems, nuclear reactors, transportation systems, water supply, and financial services. Recently, many of these CI systems (CIs) are being transformed into smart systems by equipping them with sensors, data processing, and network connectivity. Owing to the essential role of CIs, ensuring their proper operation is of utmost importance in all countries. The operation of CI systems can be evaluated using different measures, e.g., reliability and resilience. In particular, resilience is a key measure that is used to evaluate the ability of an infrastructure to deliver its designated service, under potentially disruptive situations. In general, resilience can be defined as the ability of an infrastructure to adapt to or rapidly recover from a potentially disruptive event. However, this definition is wide enough to allow for different resilience perspectives that are mostly application-specific. These different perspectives represent a major challenge in developing general resilience improving techniques. Other challenges include the existence of variable disruptive events, different domains of CI systems, and the interdependence among many CI systems.

To tackle such problems, the goal of this research is to further explore resilience-related problems. In particular, the research include three key thrusts: 1) develop new resilience metrics for cyber-physical CIs that can capture the effect of more disruptive events and attacks. Of particular interest, is the resilience in the face of the failure of the IoT devices within the system as this aims at enhancing both the security and resilience of CIs. 2) Design new interdependency models to capture the effect of cascading failure, i.e., the effect of a failure of one CI on other connected or dependent CIs. For instance, intelligent transportation systems are highly dependent on the communication infrastructure, which, in turn, depends on the smart grid. Thus, failures in the smart grid can affect parts in the communication infrastructure, and can eventually cause disruptions to the operation of the intelligent transportation system. 3) Develop new resource allocation mechanisms that consider both the effect of the resources on the CI components as well as the time required to fix these components.

Image source: https://www.mouser.fr/blog/how-gateways-secure-iot-architectures

The specific nature of the IoT of connecting different heterogeneous devices makes it hard to rely on conventional security mechanisms. Moreover, as many IoT devices are battery-operated, they do not mostly have sufficient processing capabilities. This, in turn, hinders their ability to run complex security algorithms compared to other powerful IoT devices. While special security mechanisms, e.g. lightweight encryption techniques are usually used for resource-constrained devices, securing a mix of heterogeneous devices remains a challenge.

Of particular interest is the access management problem in the presence of potentially un-trusted nodes. While traditional access control mechanisms, e.g., role-based and attribute-based access control mechanisms can manage the access levels for different users, they cannot be generalized to manage IoT devices as these devices do not have specific same roles or attributes like the users. Moreover, the devices can be compromised and targeted, by an attacker, to broadcast manipulated data or to be used to launch system-wide attacks. To this end, the goal of this research is to develop a trust-aware dynamic lightweight access control mechanism. This mechanism is part of a security management layer that provides end-to-end security protection to the IoT devices. Here, the research includes three key thrusts: 1) develop a new lightweight trust metric that accounts for different categories of the constrained IoT devices and their available resources. This trust metric will facilitate tracking the dynamic behavior of the devices to establish confidence in their generated data. 2) Integrate the newly developed trust metric into a dynamic access control mechanism that can manage both the devices and the users. This mechanism will be responsible of protecting the confidentiality of the data through limiting the access of malicious or compromised devices, and, hence, limit their impact on the IoT system. 3) Develop new security policies based on the optimized use of the proposed access control mechanism. A form of optimization can be to satisfy the system's security needs while limiting the security overhead for the IoT devices.

E-Health systems are one of the primary services supported by the IoT that provides them with pervasive Internet access. E-health systems are smart health systems, connected to the IoT, that provide services such as monitoring the health status of patients remotely while providing the ability for a rapid response in emergency cases. Connecting healthcare services to the IoT brings forward new security threats and vulnerabilities that can jeopardize the patients’ data or even their lives. Thus, the goal of this research is to build security framework for e-Health IoT systems. For instance, moving target defense can be used to secure e-health systems by allowing the devices to change their encryption keys periodically to increase uncertainty on an attacker and secure the patients' data. In this regard, one goal is to optimize the update of encryption keys to account for the heterogeneity nature of the e-health system and to minimize data loss.

Another goal of this research is to study the different ways medical devices can be integrated into e-health systems. Recent works show that many of the available smart medical devices use their own cloud services to exchange the data, which limits the research advances in this critical field. One possible solution is to develop secure proxy gateways that can connect different medical devices from different manufacturers. Another approach that can be explored is to build on the available Horizontal IoT Platforms, e.g., OneM2M and develop new ways tp integrate the medical devices with such horizontal systems.

Moving target defense (MTD) is one of the effective ways to thwart cyber attacks. MTD is based on continuously randomizing a system's configuration (e.g., IP addresses and encryption keys) to increase the attacker’s uncertainty and cost for performing a successful attack. Applying MTD in an IoT system requires meeting several challenges that range from optimizing the randomization to balancing the costs and the benefits of the randomization. The goal of this research is to use deception, as a novel approach to apply MTD. In particular, deception can help the defender to achieve a higher utility by changing the attacker's view of the system. Recently, deceptive defense mechanisms have emerged as novel approaches to thwart advanced attacks against different IoT systems, however, deception was not applied in the context of MTD. Indeed, deception can be achieved by, for example, using signals where the defender can transmit crafted signals to cause misconception at the attacker's side. Thus, causing the attacker to target less valuable or honeypot components instead of the critical components. This scenario can be explored and modeled using hyper game theory or the newly defined Cyber Deception Games. Although solving problems formulated using this type of games can be NP hard, heuristic algorithms can be developed to find solutions of the game in reasonable time.

Another goal of this research is to study the effect of different MTD states on the stability and resilience of the IoT systems. It is noted that some of the MTD configurations might cause the system to fail, if they are targeted by an attacker. Therefore, it is imperative to study the resilience of such MTD-enabled IoT systems under certain attacks with the a goal to find the optimum configuration for each system to switch to, if it fails due to an attack. Choosing such a configuration is challenging as an IoT system should minimize the cost of configuration change in addition to ensuring longer stability on the new configuration.

The power grid, arguably one of the most critical aspects of every nation's infrastructure, is undergoing a period of unprecedented changes. The integration of renewable energy sources, electric cars, smart meters, and advanced communications architectures has transformed the conventional power grid into, what is known as the smart grid. However, utilizing these smart devices brought forward new cyber-physical threats that target the smart grids such as malware spreading, compromising communication equipment, injecting false information on price and meter data, and eavesdropping attacks. To this end, the goal of this research is to analyze and develop new security mechanisms to thwart such attacks on smart grids. We propose to use the blockchain technology to mitigate the effects of data injection attacks or false transactions on the smart grid. In particular, the proposed approach will consider the prosumers, i.e., consumers that also produce energy using e.g., solar panels, and can use it or sell it to the power grid or other users. The proposed blockchain will be used to record the transactions taking place among the users as well as the users' consumption information. Keeping immutable records of all the generated, consumed, and transferred electricity in the smart grid will enable to verify any energy request and to check any new data created in the smart grid. Moreover, as these attacks can push some generators to their production limits (due to false requests), the proposed approach should provide a method to defend against these attacks in order to protect the physical components of the smart grid.

However, one drawback of using blockchains is that they can affect the users' privacy as all the consumption levels can be tracked. These privacy concerns become more critical for energy prosumers as they need to keep their production levels private from other users, in order to maximize their profits. One promising approach is to design and implement an efficient energy management system based on blockchains that optimizes the energy consumption based on the users consumption profiles. This energy management system can help to preserve the users' privacy by sharing only insensitive users' information, e.g., their percentage change in energy consumption, instead of their actual consumption levels. The research goal also includes developing a suitable consensus mechanism to reach an agreement on the created block while avoiding the problems of traditional proof-of-work and proof-of-stake protocols.