Cybersecurity Research
CoVA CCI is conducting research that will lead to breakthroughs in cyber physical systems, contributing to the CCI mission of establishing Virginia as a global leader in secure CPS and in the digital economy. This research is focused in the areas of cyber physical systems (CPSS), 5G, and Artificial Intelligence in the Maritime, Defense and Transportation business sectors. CoVA CCI will partner with local cybersecurity businesses as well as researchers from across the Commonwealth to accomplish this goal by supporting three objectives.
CoVA CCI will create a secure shared research environment (COVA SHARE) for researchers, faculty and businesses to conduct cybersecurity research and instruction in state-of-art computer labs.
We will develop a 5G testbed to conduct research on the vulnerabilities and opportunities of 5G (and future generation) wireless communication technology.
CoVA CCI will sponsor cybersecurity research projects focused on CPSS, 5G, AI and other emerging fields with through collaborative research partnerships within CCI institutions and business partners.
FY 2023 Cybersecurity Research Projects
2023 Maritime Research Project Article
Project: Applying NIST SP 800-33 Risk Assessment methodology to produce cyber-hardened 5G communications capabilities for autonomous maritime platforms
Project team: Yiannis Papelis, ODU, Ahmet Saglam, ODU, and Casey Batten, SimIS, Inc.
Project Abstract: SimIS Inc., a Portsmouth-based company, designs and develops a family of marine autonomous vehicles. One of these vehicles is the RiverScout, a two-man portable autonomous surveillance platform equipped with sensors for surveillance and autonomous operations. To meet expanding DOD operational mission requirements, the RiverScout requires a high-bandwidth, long-range, cyber-encrypted data link using the new global wireless 5G standard. VMASC is an enterprise research center engaged in multidisciplinary applied research to integrate new technologies into maritime platforms and develop novel maritime autonomy solutions. SimIS’ RiverScout system consists of hundreds of micro-electronic assets (components and subcomponents) which are vulnerable to threats that could have an adverse effect on a RiverScout mission. CMMC guides the implementation of a “zero-trust” framework in system design and production to validate the security of system assets (components). We will apply the SP 800-30 Risk Assessment process in RiverScout data-link design and extend it to support maritime systems. Our Tidewater maritime partner Fairlead Boatworks provides commercial vessel system design and integration expertise that will enable the maturation and extension of a RiverScout-based risk assessment framework to support maritime industry-wide risk assessment/CMMC requirements. Additionally, the commercialization of the RiverScout capability must ensure CMMC cybersecurity Risk Assessment (RA) compliance – a core SimIS competency. The VMASC R&D capabilities teamed with SimIS maritime platform development and SP 800-30 Cyber Risk Assessment expertise, and FairLead commercial maritime manufacturing skills establishes an experienced team for the COVA-CCI project. The goal of this joint project is to design and integrate an autonomous communications system for the RiverScout that implements SP 800-171R2 and SP 800-30 Risk Assessment processes that assess maritime platform asset threat vulnerability (through supply chain activities and external service providers) and supports the accelerated commercialization and SP 800-30 compliance of Tidewater maritime industry products and services.
Project: Exploring challenges and adoption enablers of cybersecurity maturity model certification in maritime industries
Project team: Chon Abraham, W&M, Tracy Gregorio, G2Ops
Project Abstract: Implementation of cybersecurity guidance and governance is as complex as cyber threats themselves. This research builds on prior research funded by the CCI Experiential Learning Grant that resulted in preliminary systems analysis and design (SA&D) of the Cybersecurity Maturity Model Certification Assessment Assistant (CyMMCAA) tool for meeting Cybersecurity Maturity Model Certification (CMMC) compliance requirements. Research conducted utilized the NIST SP 800-171, NIST SP 800-171A, and other related documents that define CMMC assessment. The SA&D prior effort involved process analysis and a case study approach to map and refine manual CMMC assessment performed by G2 Ops Inc. and Registered Provider Organization (RPO) as a prime vendor for ship modernization and a real client of G2 Ops as an Organization Seeking Certification (OSC). The process illuminated the challenges of compliance by metrics of time and cost. The RPO in the prior study is the project partner for this current proposal to continue development and refinement of the CyMMCAA tool, consolidate insight for its use in CMMC compliance via a cyber roadmap, and provide guidance for cyber risk valuation costs for which the tool and roadmap can aid in avoiding.
Project: Navigating cybersecurity compliance challenges for the maritime industry in southeast Virginia
Project team: Mohammad Almalag, CNU, Michael Lapke, CNU, Christopher Kreider, CNU, and Leigh Armistead, Peregrine Technical Solutions, LLC
Project Abstract: This project intends to develop a screening process to help the Maritime Industry in Hampton Roads to ensure compliance with a variety of cybersecurity requirements. It is led by Christopher Newport University and is teamed with Dr. Leigh Armistead at Peregrine Technical Solutions. To facilitate this work, the team will reach out to a large number of shipbuilding, ship repair, and ship modernization industries in Tidewater, to perform requirements gathering of all of the required cybersecurity regimes to include but limited to:
DoD-mandated Cybersecurity Maturity Model Certification (CMMC).
National Institute of Standards and Technology (NIST) controls
International Maritime Organization – MSC-FAL.1/Circ.3 Guidelines on maritime cyber risk management and Resolution MSC.428(98) – Maritime Cyber Risk Management in Safety Management Systems.
This will be done by a series of surveys to the maritime industry partners and the result will be a recommendation of actions that they should take to become compliant.
Project: Automated CMMC compliance for shipbuilding
Project team: Safdar Bouk, ODU and Andrew Mixon, Chitra
Project Abstract: Shipbuilding companies supporting Department of Defense (DOD) contracts with controlled unclassified information (CUI) will require certification under Cybersecurity Maturity Model Certification (CMMC) 2.0. The current lack of standard cybersecurity practices for DOD contractors inhibits cyber readiness for all DOD organizations. CMMC 2.0, a process managed and controlled by the DOD, ensures contractors are compliant with requisite cybersecurity requirements. There is currently a lack of effective tools, technology, and training to assist companies in their effort to achieve certification under CMMC 2.0. The existing tools and training services lack inherent simplicity of use and require operating personnel to have a strong cybersecurity background through the CMMC process. Chitra Productions, LLC (CHITRA), a woman-owned small business founded in 2008 in Virginia Beach, Virginia, has supported several shipbuilding, ship modernization, and ship maintenance initiatives in the Coastal Virginia area, including cybersecurity, maintenance, training, and engineering support. Chitra has recently developed and engineered a software tool that facilitates cybersecurity compliance within the Risk Management Framework (RMF) for systems and software in DOD organizations. Chitra is currently developing similar software to facilitate efficiency within the CMMC process for contract companies that support shipbuilding, ship modernization, and ship maintenance within the DOD and maritime industry. We will collaborate with the ODU cybersecurity research team and ManTech Advanced System International lnc.’s shipbuilding cybersecurity team to develop the CMMC compliance tool for the shipbuilding industry.
Project: Maritime cybersecurity maturity model certification domain handbook.
Project team: Sachin Shetty, ODU, Warren Bizub, SimIS, Inc., and Michael Humprey, SimIS, Inc.
Project Abstract: SimIS Inc., a Portsmouth, VA-based Capability Maturity Model Integrated (CMMI) level 3 accredited IT services and maritime platform production company, is implementing the Cybersecurity Maturity Model Certification (CMMC) 2.0 controls to support our existing customers. We deliver technology solutions for land and sea autonomous platforms. CMMC compliance goals and best practices require a thorough analysis and implementation of secure IT controls for existing maritime IT network capabilities. Maritime autonomous industry cybersecurity staff lack experience in the elevated standards prescribed by CMMC. The subject matter experts for compliant CMMC deployment are mid to high level cybersecurity engineers – not the front-line Cyber-IT technician. The experience gap between cybersecurity engineers and front-line Cyber-IT technicians’ results in compliance challenges for many of the current generation of Cyber IT technicians (System Admins, Network Engineers, etc.). The SimIS proposed project goal is to create a Maritime CMMC Domain Handbook based on the CMMC version 2.0 level 2 published system controls (levels most applicable to maritime industry) with implementation guidelines for the 14 individual control domains. Each domain playbook will provide detailed analysis, planning, and implementation roadmaps for each of the 14 domains and will be written in language suitable for maritime staff with technical level implementation knowledge. We will collaborate with our ODU cybersecurity partners coupled with Fairlead to provide translation from maritime engineering to cybersecurity engineering vocabulary by leveraging our extensive CMMC experience to translate the considerable nesting of cybersecurity and CMMC governance into a clear, scalable and standards based Maritime CMMC Domain Handbook.
Project: Spotlighting and mitigating cyber attacks in AIoT-enabled maritime transportation systems.
Project Team: Yi He, ODU, Rui Ning, ODU, Yuhong Li, ODU, Peng Jiang, ODU, and Leigh Armistead, Peregrine Technical Solutions LLC
Project Abstract: The increasing adoption of Artificial-Intelligence-of-Things (AIoT) in maritime transportation systems (MTS) has the potential to bring significant benefits, including increased efficiency and safety. However, the integration of AIoT also introduces new vulnerabilities that can be exploited by the unprecedentedly evolving cyber threat actors. In this project, we strive to help ensure the safe and secure integration of AIoT in the maritime transportation industry, enabling it to realize the full potential of this technology without exposing itself to undue risks. To that end, we will spotlight the specific cybersecurity challenges faced by AIoT-enabled MTS and propose strategies for mitigating these risks. A comprehensive set of penetration tests will be tailored and performed on an MTS testbed to enable experiments and analyses of real-world cyberattacks on AIoT-enabled maritime transportation. Based on the experimental results, we will develop two defense models for improving the cybersecurity of the AIoT-enabled MTS: one can defend against the neural backdoor attacks that target on its multi-modal data inputs, and the other can detect the malicious signals hidden behind the background traffic of a complex communication network. These defense models will be designed to be practical and achievable for industry stakeholders, with a focus on the alignment with the Cybersecurity Maturity Model Certification (CMMC) program to ensure their implementation has minimal disruption to current maritime operations. Future proposals will be developed based on the project outcomes to solicit federal fundings from NSF and DoD to sustain the research topic.
FY 2022 Cybersecurity Research Projects
Project: Developing A Smart City Virtual Lab to Support CPS Experiential Learning
Project Team: Murat Kuzlu, ODU and Sherif Abdelwahed, VCU
Project Abstract: In this project, our team will develop a virtual smart city lab environment, called VirtualLab@OpenCity, which engages researchers, students, and companies with smart city challenges, such as automation, data analysis, service reliability and sustainability. VirtualLab@OpenCity will provide an experimental environment using a standardized service that supports remote connectivity, data collection, visualization, analysis, resource management and control. VirtualLab@OpenCity aims to build Virginia’s cyber-physical systems (CPS) workforce with hands-on-experience on new technologies that ultimately lead to innovative smart city solutions. This project will contribute to positioning Virginia as a global leader in secure and trustworthy cyber-physical systems by (a) providing students, researchers, and developers a virtual ecosystem of advanced CPS technologies, (b) providing guidance and support to employ advanced technologies and innovative management systems for ongoing and future smart city plans and (c) foster fruitful collaboration between academia and industry to build a Commonwealth-wide smart city innovation workforce.
Complete Proposal: CV-008-Kuzlu_COVA_CCI_21_Final
Project Presentation: Developing a SmartCity Virtual Lab to Support CPS Experiential Learning (Mural Kuzlu)
Project: Comprehensive Assessment and Diagnostics for Federated AI Algorithms in Cyber-Physical Systems
Project Team: Rui Ning, ODU, Jiang Li, ODU, Chunsheng Xin, ODU, Xinwei Deng, VT, Yili Hong, VT, and Luara Freeman, VT.
Project Abstract: Federated Artificial Intelligence (AI) is becoming a critical part of cyber physical systems (CPS) in modern maritime, defense and transportation industry, with its game-changing capability for handling large volumes of data and making collaborative complex decisions in support of self-control and self-actuation systems. While the Federated AI is actively
integrated into CPS applications, its malfunction can cause catastrophic failure or even be life-threatening for security-essential and safety-critical CPS such as in transportation and defense. Worse yet, as the Federated AI system incorporates AI and distributed devices, it inevitably introduces heterogeneity, randomness, contamination. Specifically, local data of different participants can be noisy and imbalanced, resulting in performance degradation. Moreover, it is also vulnerable to data poisoning attacks. The overarching
goals of this project include (1) establishing a design of experiments (DoE) framework to enable systematical investigation of the security and robustness of the Federated AI system; (2) investigating, assessing and unveiling characteristics of Federated AI models under different data imperfections; (3) developing effective schemes to comprehensively
diagnose given Federated AI models for potential data imperfections; (4) developing experimental environment for secure and robust Federated AI research. The project will also develop training modules of secure and robust Federated AI, aiming to prepare students and practitioners with advanced skills to succeed in a cybersecurity career. Overall, the proposed work will lead to enabling technologies for secure and robust Federated AI systems, accelerating their development and broadening their adoption in various application domains, especially the transportation, defense, and maritime sectors.
Complete Proposal: CV-006-Ning-COVA CCI Cybersecurity Research and Innovation_Rui_updated
Project Presentation: Ning_Presentation Rui Ning
Project: CIVIIC: Cybercrime in Virginia: Impacts on Industry and Citizens
Project Team: Randy Gainey, ODU, Tancy Vandecar-Burdin, ODU, Jay Albanese, VCU, James Hawdon, VT, Katalin Parti, VT, and Thomas Dearden, VT
Project Abstract: Victimization from cybercrime is a major concern in Virginia, the US, and the world. It is estimated that in 2020, cybercrime resulted in Americans losing an estimated $4.2 billion (FBI 2021). Yet, precise measurement and understanding of the nature of the problem, methods, types, and targets is lacking. While the FBI maintains the Internet Crime Report (IC3), these data are limited to only those crimes reported by victims,
which is only a small fraction of the cybercrimes that occur. While a few national citizen and business surveys have been conducted on specific types of cybercrime, the samples have been small, and there is reason to believe their findings may not represent the experience in the Commonwealth. Virginia presents a unique intersection of cyber physical systems with its large workforce in the maritime, defense, and transportation sectors, combined with an educated and mobile workforce making it a uniquely targeted area compared to many other states. This project will create, deploy,
analyze, and report on a statewide cybercrime survey of both citizens and businesses. A study and analysis specifically focused on Virginia will enable the delineation of the highest priority threats, identify cybercrime methods used, and provide an assessment of geographic, demographic and industry variation in victimization across the state. The project will provide baseline knowledge and data for future policy, research, and interventions to reduce exposure to cyber victimization in the Commonwealth.
Complete Proposal: CV-004-Gainey-CIVIIC_CCI_track2_FINAL
Project Presentation: Cybercrime in Virginia_ppt_6.2022
Final Survey Report: Survey and Final Report
Project: A Real-Time Dependency Network Approach to Quantifying Risks and
Ripple Effects from Cyberattacks in Shipbuilding and Repair Supply Networks
Project Team: Rafael Diaz, ODU and Helen Shen, UVA
Project Abstract: The evolution of defense shipbuilding supply networks toward digital environments increases operational complexity and requires reliable communication and coordination to regulate information exchange. As workers and suppliers transition to digital platforms, interconnection,
information transparency, and decentralized decisions become prevalent. The appearance and extensive use of these digital platforms inexorably increase their exposure to cyberattacks. Unfortunately, the effects of a systematic cyberattack on one or more nodes belonging to the shipbuilding supply network (e.g., Colonial Pipeline) are unknown. This collectively may represent
a substantial source of disruption. Cybersecurity protection of these networks requires a systemic approach to evaluate their vulnerability and understand ripple effects. However, current evaluation technologies and techniques are primarily applied to individual nodes or firms (if they are applied at all) and commonly lack systemic perspectives that consider overlapping risks and tiered hierarchies. To overcome these limitations, we propose developing a cybersecurity supply network Artificial Intelligence (A.I.) framework that enables characterizing and monitoring shipbuilding
supply networks and determining ripple effects from disruptions caused by cyberattacks. By representing and replicating the collective behavior of relevant shipbuilding supply network nodes, shipbuilders can monitor and measure the impact of cybersecurity disruptions and test the reconfiguration options that minimize the detrimental effects on the supply network. This
framework extends a novel risk management framework developed by Diaz and Smith (2021) and Smith and Diaz (2021) that considers complex tiered networks and systemic hypervulnerabilities (COVA CCI – 2021ODU-06.005) and is currently tested in the port security cyber physical setting.
Complete Proposal: CV-002-Diaz-210682_Diaz, Rafael
Project Presentation: An Artificial Intelligence Approach to Assess Shipbuilding and Repair Supply Networks (Rafael Diaz)
Project: Towards Trustworthiness in Autonomous Vehicles
Project Team: Evgenia Smirni, W&M and Homa Alemzadeh, UVA
Project Abstract: Autonomous vehicles (AVs) are one of the most complex software-intensive Cyber-Physical Systems (CPS). In addition to the basic car machinery, they are equipped with driving assistance mechanisms that use smart sensors and machine learning (ML) for environment perception, pathfinding, and navigation. Even though tremendous progress has been made in advancing the safety and security of AVs, they are shown to be vulnerable to accidental and malicious faults that negatively affect their perception and control functionality and result in safety incidents. Recent works have highlighted two major challenges in safety validation and assurance of AVs: (i) With the increasing use of specialized hardware accelerators (GPUs) for running ML-based perception algorithms, AV control systems have become susceptible to transient faults (soft errors) that can result in erroneous ML inference and unsafe decision making and control. (ii) Safety assurance for AVs requires testing their resilience by identifying and simulating realistic safety-critical fault and attack scenarios by mining a tremendous fault space. To address these challenges, this project brings together a team of experts in GPU and CPS resilience from two CCI nodes to develop a holistic approach for end-to-end resilience assessment of AVs. We combine strategic fault injection at both hardware accelerator and controller software levels to assess the sensitivity of the ML components and control system to accidental or malicious faults and identify critical components and system states. The results from this project will make a firm step towards achieving trustworthiness in autonomous vehicles.
Complete Proposal: CV-007-Smirni-COVA_CCI_2021_AV_WM-UVA
Project Presentation: Towards Trustworthiness in Autonomous Vehicles (Evgenia Smirni)
FY 2020-2021 Cybersecurity Research and Innovation Projects.
COVA CC released a Request for Proposals in March 2020 for researchers to conduct fundamental research leading to breakthroughs in CPSS. A total of five projects were selected for this first round of cybersecurity research funding.
The selected projects for this RFP are…
Leveraging AI and Machine Learning to Develop New CPSS and Workforce Development Solutions
Project Abstract: Data breaches and cyberattacks are now a daily reality for entities across the globe. As these attacks increase in frequency and sophistication, organizations are faced with an increasing shortage of quality trained cyber security professionals with the most current knowledge to meet this growing crisis. The proposed research & development project will seek to determine how to effectively automate the match of candidates to cyber jobs and associated training using Artificial Intelligence, analytics and novel data collection methodologies. The project will leverage crowd-sourced content and input to surface new approaches to developing disruptive cyber-physical systems through the use of workforce assessment and experiential education via a secure platform (www.idispla.org) and planned cloud-based cyber Insights Engine. The proprietary Insights Engine will apply Artificial Intelligence and Machine Learning, to power talent aptitude assessment and identification, and deliver smart training to match and develop personnel specifically for the roles for which they are best suited. This first ever effort will be led by researchers at Old Dominion University, supported by a team which includes: Melvin Greer, Chief Data Scientist, Americas, Intel Corp; and Dr. Nibir Dhar, Chief Scientist at Army Night Vision & Electronic Sensors Directorate; and Carlos Rivero, Chief Data Officer for the Commonwealth of Virginia, and CivilianCyber of Richmond, Virginia.
Project Team: Dr. Deri Draper, Old Dominion University, ddraper@odu.edu; Bobby Kenner, CivilianCyber, bobby@civiliancyber.com.
Encouraging Positive Changes in Cyber Hygiene Behaviors and Knowledge in the Department of Defense.
Project Abstract: Requesting funding to develop SCORE to identify poor cyber-hygiene behavior, and to design an interface that effectively increases users’ awareness of their cyber risk. The system will alert users to at-risk behaviors and creates reports. The goal is to show SCORE can raise the awareness of cybersecurity policy violations. Both the technology and user experience will be developed to increase users’ cyber awareness, knowledge, and willingness to comply with cybersecurity policies.
Project Team: Dr. Jeremiah Still, Old Dominion University, jstill@odu.edu and Mike Ihrig, MI Technical Solutions.
Explore Privacy-Preserving in Deep Image Retrieval Systems
With the rapid growth of visual content, deep learning to hash is gaining popularity in the image retrieval community recently. Although it facilitates search efficiency, privacy is also at risks when images on the web are retrieved at a large scale and exploited as a rich mine of personal information. An adversary can extract private images by querying similar images from the targeted category for any usable model. Existing methods based on image processing preserve privacy at a sacrifice of perceptual quality. In this research, we propose a novel privacy-preserving mechanism based on adversarial learning to “stash” private images in the deep hash space while still maintaining perceptual similarity in both white-box and black-box settings. The research is expected to establish and deepen multi-institutional collaboration between William Mary, ODU and Hampton University and provide opportunities to include undergraduate and minority students into AI and security research. The ubiquityof AI technology brings both opportunities and challenges: offering convenience at the expense of our privacy. This research targets at a unique angle of the pervasive privacy challenges on the Internet and exploits a new vulnerability of AI algorithms to preserve privacy. If successful, the fundamental algorithms and tools provided will be transformative to enhance the ongoing research of AI security.
Project Team: Dr. Cong Wang, Old Dominion University, c1wang@odu.edu, Dr. Qun Li, William and Mary, liqun@cs.wm.edu, and Dr. Janett Walters-Williams, Hampton University, janett.williams@hampton.edu.
Securing IoT Devices through Power Side Channel Auditing and Privacy Preserved Convolutional Neural Networks
Internet of Things (IoT) devices have become the new cybercrime intermediaries to process cyber attacks and deploy malicious contents. The reasons are two folds. First, the popularity of IoT devices has attracted cybercriminals to conduct large-scale cyber attacks. Second, the cybercriminals also take advantage of the innocence of IoT devices, compared to the dedicated hosts, to deploy cyber attacks and evade the IP blacklist-based detection. Further, some of the IoT devices, such as web cameras and routers, were known for their weak security protection. Although there have been indications of IoT devices misuse, identifying and understanding how such devices are abused are challenging, because IoT bot attacks are stealthy, IoT devices are diverse and resource limited, and desired IoT bot detections need to be non-invasive. As a result, existing techniques cannot be directly applied to capture IoT bots, because they require invasive devices upgrade or modification. Also, these techniques are typically limited to detecting homogeneous devices (e.g., just PCs). Therefore, we propose a novel scheme to exploit IoT devices’ power side channel information to identify the compromised IoT devices.Specifically, we propose a universal Smart Plug design that provides power for heterogeneous IoT devices while at the same time detect malicious bot behaviors through Convolutional Neural Networks (CNN). A LEAP framework is proposed to offload CNN computation from IoT devices to the cloud while at the same time ensuring data privacy of IoT devices.
Project Team: Dr. Gang Zhou, William and Mary, gzhou@cs.wm.edu, Dr. Chunsheng Xin, Old Dominion University, cxin@odu.edu, and Dr. Danella Zhao, Old Dominion University, dzhao@odu.edu.
Trust, Interoperability and Inclusion: A Framework for Creating Cyber-Trust in Connected Homes
Internet-of-Things (IoT) devices are a growing part of people’s lives, collecting and communicating everything from health information to data on appliance use in homes. Users may be aware of some data collection practices, but there are also hidden ways in which devices collect data. These issues can be exacerbated when people are on the spectrum (hearing, vision, physical/motor, autism) because devices may not adjust to accommodate these differences. Furthermore, these pools of data are susceptible to cyber attacks and misuse in ways that may not be readily apparent to users. There is a gap in trust between devices in spaces and the people who inhabit those spaces. Therefore, we want to create, implement, and test a cyber-trust framework (CTF) that considers elements such as manufacturer information; background and experience of users, focusing specifically on people on the spectrum; and content collection (disclosed and undisclosed). The CTF will be rooted in technical, empirical, and theoretical thrusts, and this research will contribute to CCI’s mission, as noted in the blueprint, of establishing Virginia as a global leader in secure cyberphysical systems and the digital economy.
Project Team: Dr. Stephanie Blackmon, William and Mary, sjblackmon@wm.edu, Dr. Saikou Diallo, Old Dominion University, sdiallo@odu.edu, and Dr. D.E. Wittkower, Old Dominion University, dwittkower@odu.edu.
COVA CCI is supported by the Commonwealth Cyber Initiative and funded through the Commonwealth of Virginia.
Contact: covacci@odu.edu
