“No problem can be solved from the same level of consciousness that created it.” - Einstein
Security has become one of the cornerstones in the design of computer systems and networks. My long-term research goal is to support the security of emerging computing environments against sophisticated threats, which has proven to require a high level of innovation in both theoretical and applied cyber defense.
Secure Systems and Networks for the Internet of Things
The Internet of Things (IoT) has brought new service opportunities across various sectors such as digitized health, autonomous transportation, and intelligent manufacturing, and has played a crucial role in building smart cities. IoT involves smart devices that can upload data to the Internet and control the decisions of cyber-physical processes. Also, the Industrial IoT (IIoT) paradigm combines automated machines and advanced data analytics techniques to improve productivity and efficiency. However, IoT has shown to raise many security vulnerabilities that can lead to cyber and cyber-physical attacks with potentially catastrophic impact on public safety as well as the economy. Hence, with more critical infrastructures becoming intrinsically reliant on IoT technologies, securing IoT systems and networks becomes of utmost importance.
My ongoing research focuses on the design of secure and resilient large-scale IoT systems and networks. It emphasizes the concepts of intelligence-driven offense/defense and rethinks the real-time interactions of system modules (e.g., cyber components and physical nodes) to prepare them to strategically face and recover from potential compromise. The research adopts a number of innovative security engineering concepts, such as the design of intrinsic resilience against zero-day threats and the integration of autonomous defense through learning in non-deterministic environments. It also aims to leverage the advancement in deep and federated learning to design robust intrusion detection systems in distributed IoT computing infrastructures and prevent botnet-enabled cyber attacks originating from IoT networks.
The research also focuses on investigating novel security and resilience solutions against Distributed Denial of Service (DDoS) and False Data Injection (FDI) attacks on sensors and actuators in IIoT and Cyber-Physical Systems (CPS) including Industrial Control Systems (ICS) and Automated Highway Systems (AHS). These are particularly vulnerable to Advanced Persistent Threats (APTs) that stealthily undermine CPS operations to cause a long-term impact on system reliability and safety.
One of the key challenges is that security in IoT must be optimized due to the many functional and architectural requirements and constraints dictated by the IoT environment such as large scale, resource limitation, and real-time communications. Hence, the research objectives also include the design of cooperative attack prevention and mitigation schemes in decentralized IoT and edge computing systems while emphasizing strategic and resource-aware security deployment. More specifically, my team and I focus on leveraging the power of game theory to devise optimal and adaptive defense strategies under incomplete threat information in adversarial IoT settings. Game theory has been extensively used to optimize the design and deployment of cyber systems, and has become one of the fundamental tools for security risk assessment and management in vulnerable systems and networks.
"The Best for the Group comes when everyone in the group does what's best for himself AND the group." - John Nash