Publications

Project Connected Home over IP, known as Matter, a unifying standard for the smart home, will begin formal device certification in late 2022. The standard will prioritize connectivity using short-range wireless communication protocols such as Wi-Fi, Thread, and Ethernet. The standard will also include emerging technologies such as Blockchain for device certification and security. In this paper, we rely on the Matter protocol to solve the long-standing heterogeneity problem in intelligent homes. This work presents a hardware Testbed built using development kits, as very few devices currently support Matter protocol. In addition, it presents a network architecture that automates smart homes to cloud services. The work is a simple and inexpensive way to develop a Testbed for automating smart homes using Matter protocol. The architecture lays the foundation for exploring security and privacy issues, data collection analysis, and data provenance in a smart home ecosystem built on Matter protocol.

The number of African American females participating in cyber fields is significantly low. To increase African American female participation in cybersecurity, STEM education requires a new approach to student engagement. The most common approach to engaging more African American females in STEM is to provide students access to professional images or role models active in STEM; however, this is not enough. More race-centered strategies beyond role modeling are needed to attract and retain African American females in STEM. Research studies show that integrating personal experiences and making cultural connections can help improve student participation in STEM from underrepresented populations. This work uses culturally responsive teaching strategies (CRT) to engage African American female middle school participants in a summer program.

  Despite its long-contested viability, numerous applications still rely upon AES Counter mode (AES-CTR). Research supports that the vulnerabilities associated with CTR from a mathematical perspective, mainly forgery attempts, stem from misusing the nonce. When paired with cryptographic algorithms, assuming no nonce misuse increases the complexity of unraveling CTR. Hence, we tasked ourselves with examining the pairing of CTR with AES-128 (AES-CTR). Our contributions in this work include (1) performing full key recovery for a software implementation of AES-CTR utilizing a template attack (TA) and (2) enhancing the TA analysis's point of interest (POI) using first-order analysis and known key to identify leaky samples.

“Detecting encrypted traffic activities and patterns in ZigBee network Data,” accepted for presentation at the 2023 IEEE Integrated STEM Education Conference (ISEC), March 11, 2023.   With the increase in data transmissions and network traffic over the years, there has been an increase in concerns about protecting network data and information from snooping. With this concern, encryptions are incorporated into network protocols. From wireless protocols to web and phone applications, systems that handle the going and coming of data on the network have applied different kinds of encryptions to protect the confidentiality and integrity of their data transfers. The addition of encryptions poses a new question. What will be observed from encrypted traffic data? This work in progress research delivers an in-depth overview of the ZigBee protocol and analyzes encrypted ZigBee traffic on the ZigBee network. From our analysis, we developed possible strategies for ZigBee traffic analysis. Adopting the proposed strategy makes it possible to detect encrypted traffic activities and patterns of use on the ZigBee network. To the best of our knowledge, this is the first work that tries to understand encrypted ZigBee traffic. By understanding what can be gained from encrypted traffic, this work will benefit the security…

Industrial Control Systems (ICS) collect information from various sensors through routine processes, using the data collected to control the physical environments. However, from the industrial control perspective, the reliability in the communication between sensors and edge node devices is in question. This paper looks at the specific threats of physical layer attacks on BACnet systems and how an adversary can physically manipulate an MS/TP network to cause an error.

One of the grand challenges recently thrust on engineering education is providing active, experiential learning that can flex with significant global events such as pandemics and meet the needs of individual students. The COVID pandemic is a prominent driving force for change, but beyond that, meeting the needs of students with physical, economic, or temporal barriers, such as with professional learning, is critical for our education system. This is especially true for university laboratories, where hands-on nature is often more challenging to provide remote learning services to engineering students. In electrical engineering education, the immediate response to the pandemic-induced closure of university laboratories was to cancel laboratory learning, assemble hobbyist-type experimental kits, and ship the kits to students to learn fundamentals. This approach provided a flexible experimental arrangement for students but was limited due to a lack of student exposure to tools and processes used in the industry. These learnings are critical to students who want to excel in internships or their first regular employment. Here, we describe the development of a remote active, experiential training program based on industrial tools for students to learn at a distance with industrial-type laboratory equipment. A pedagogical electronic amplifier was set up in…

Internet of Things (IoT) has infiltrated the digital realm, and critical efforts are being made to create robust security for these technologies. However, with increasingly sophisticated attacks, it is essential to understand IoT device security in depth. We orchestrated Denial of Service (DoS) attacks for four different IoT devices through network flooding to understand the device vulnerabilities from the network level. We conducted our experiment in the lab environment using other IoT devices, including the Amazon Echo, a smart light-bulb, a smart camera, and a smart garage door opener. We used Raspberry Pi as the main target to access other network devices with different protocols to conduct the DoS attack. We generated the DoS attack using Kali Linux installed in a virtual environment. This experiment demonstrated that hackers might exploit sensor vulnerabilities to gain unauthorized network access and use user data through various IoT devices. We proposed an effective Intrusion Detection technique using a combination of machine learning classifiers and deep learning. The machine learning models include logistic regression, decision tree, random forest, and support vector machine to detect and mitigate the attack. The outcomes show the algorithm which presents the highest degree of attack detection accuracy. Our findings also…

Advances in artificial intelligence, machine learning, and robotics have profoundly impacted the field of autonomous navigation and driving. However, sensor spoofing attacks can compromise critical components and the control mechanisms of mobile robots. Therefore, understanding vulnerabilities in autonomous driving and developing countermeasures remains imperative for the safety of unmanned vehicles. Hence, we demonstrate cross-validation techniques for detecting spoofing attacks on the sensor data in autonomous driving in this work. First, we discuss how visual and inertial odometry (VIO) algorithms can provide a root-of-trust during navigation. Then, we develop examples for sensor data spoofing attacks using the open-source driving dataset. Next, we design an attack detection technique using VIO algorithms that cross-validates the navigation parameters using the IMU and the visual data. Following, we consider hardware-dependent attack survival mechanisms that support an autonomous system during an attack. Finally, we also provide an example of spoofing survival technique using on-board hardware oscillators. Our work demonstrates the applicability of classical mobile robotics algorithms and hardware security primitives in defending autonomous vehicles from targeted cyber attacks.

Our premise is that assuring autonomy has operational and security components and that artificial intelligence (AI) based methods are appropriate for this task; however, making these AI techniques “Explainable” can be non-trivial. Further, our position is that a reasonable solution to this problem would require a monitor (preferably at the ground station) to access the drone's operational autonomy and individual components. The monitor could be developed to review every decision made by the native operational autonomy. When a significant number of “bad decisions” (i.e., different from the monitor) are made, the monitor can “lock out” the native autonomy and take over (establishing an explainable “safe state”). Similarly, the monitor can use data from mini-anomaly detectors to observe all of the drone's major components and aggregate the feedback to determine if the drone's security has been compromised. Essentially, we propose an “Explainable AI Security” Monitor that not only simultaneously assures the operational autonomy and security of autonomous drone fleets but also can likely output the logic that sourced its decisions. This paper will survey the current autonomy, assurance, and security literature and point out this gap (i.e., Explainable AI Security Monitor) and the critical need.

This paper proposes an adaptive algorithm to maximize energy efficiency in cellular network considering a dynamic user clustering technique. First, a base station (BS) sleeping algorithm is designed, which minimizes the energy consumption to almost more than half. Then a Linear Radius User Clustering algorithm is modeled. Using feedback channel state information to the base station, the algorithm varies the mobile cell radius adaptively to minimize a total energy consumption of overall cellular network based on the threshold user density. The minimum distance where a Mobile Station can get a signal from the base station without a significant effect on human health can be located. Since the Base Station with modern scanner installed on its transmitter part can scan 390 times per second, the time scale to marginalize users from the coverage under threshold densities is in milliseconds. As a result, there is no significant effect on quality of services when the cell coverage is zoomed in/out periodically. Numerical results show that the proposed algorithm can considerably reduce energy consumption compared with the cases where a base station is always turned on with constant maximum transmit power.

The proliferation of the Internet of Things continues to be a critical issue today. The current landscape provides security with minimal oversight and is furthermore inadequate due to unaccounted human behavior in the design flow and management of personal networks. As a result, these inherently insecure devices exponentially increase the attack surface of our critical infrastructure. This research leverages a specification-based protocol called Manufacturer Usage Description or MUD that is designed to automate access control at the "edge" of the network where IoT devices reside. This research approaches improved network security by underlining inherent weaknesses and key research areas to create a resilient architecture that is both sustainable and scalable.

This invention relates to systems and methods for trusted computing in a heterogeneous network, and more particu­larly to systems and methods for establishing a hardware­based root-of-trust within a heterogeneous network com­prised of non-TPM (Trusted Platform Module) enabled Internet of Things (IoT) devices and legacy computing devices.

As Blockchain technology become more understood in recent years and its capability to solve enterprise business use cases become evident, technologist have been exploring Blockchain technology to solve use cases that have been daunting industries for years. Unlike existing technologies, one of the key features of blockchain technology is its unparalleled capability to provide, traceability, accountability and immutable records that can be accessed at any point in time. One application area of interest for blockchain is securing heterogenous networks. This paper explores the security challenges in a heterogonous network of IoT devices and whether blockchain can be a viable solution. Using an experimental approach, we explore the possibility of using blockchain technology to secure IoT devices, validate IoT device transactions, and establish a chain of trust to secure an IoT device mesh network, as well as investigate the plausibility of using immutable transactions for forensic analysis.

This paper proposes an adaptive algorithm to maximize energy efficiency in cellular network considering a dynamic user clustering technique. First, a base station (BS) sleeping algorithm is designed, which minimizes the energy consumption to almost more than half. Then a Linear Radius User Clustering algorithm is modeled. Using feedback channel state information to the base station, the algorithm varies the mobile cell radius adaptively to minimize a total energy consumption of overall cellular network based on the threshold user density. The minimum distance where a Mobile Station can get a signal from the base station without a significant effect on human health can be located. Since the Base Station with modern scanner installed on its transmitter part can scan 390 times per second, the time scale to marginalize users from the coverage under threshold densities is in milliseconds. As a result, there is no significant effect on quality of services when the cell coverage is zoomed in/out periodically. Numerical results show that the proposed algorithm can considerably reduce energy consumption compared with the cases where a base station is always turned on with constant maximum transmit power.