Publications

ExHPD: Exploiting Human, Physical and Driving Behaviors to Detect Vehicle Cyber Attacks

Published in IEEE Internet of Things Journal, ( Volume: 8, Issue: 18, Sept.15, 15 2021), 2020

As increasingly more vehicles are connected to the Internet, cyber attacks against vehicles are becoming a real threat with devastating consequences. This highlights the importance of detecting vehicle cyber attacks before fatal accidents occur. One natural method for tackling this problem is to adapt existing approaches for detecting attacks in enterprize networks, but which has achieved limited success. In this article, we propose a new approach to treat vehicles as cyber–physical–human systems, leading to a novel framework called exploiting human, physical and driving behaviors to detect vehicle cyber attacks (ExHPD). The framework has four detectors: 1) a human detector; 2) a physical behavior-based detector; 3) a driving behavior-based detector (DBD); and 4) an integrated physical and DBD. As the proof of concept, we recruited 50 drivers to conduct institutional review board-approved simulation-based driving tests. The experimental results show that ExHPD is effective to detect vehicle cyber attacks and avoid deadly crashes by offering drivers adequate time to safely pull over their compromised vehicle. The impact of driver’s impulsiveness (one aspect of human factors) on the detectors’ effectiveness and limitations of the present study are discussed. Future research directions toward an ultimately usable solution are outlined.

Download here

DeepRan: Attention-based BiLSTM and CRF for Ransomware Early Detection and Classification

Published in Information Systems Frontiers - Springer Journal, 1-17, 2020

Ransomware is a self-propagating malware encrypting file systems of the compromised computers to extort victims for financial gains. Hundreds of schools, hospitals, and local government municipalities have been disrupted by ransomware that already caused 12.1 days of system downtime on average (Siegel 2019). This study aims at developing a deep learning-based detector DeepRan for ransomware early detection and classification to prevent network-wide data encryption. DeepRan applies an attention-based bi-directional Long Short Term Memory (BiLSTM) with a fully connected (FC) layer to model normalcy of hosts in an operational enterprise system and detects abnormal activity from a large volume of ambient host logging data collected from bare metal servers.

Download here

Detailed Statistical Models of Host-Based Data for Detection of Malicious Activity

Published in Sandia National Lab.(SNL-NM), Albuquerque, NM (United States), 2019

The cybersecurity research community has focused primarily on the analysis and automation of intrusion detection systems by examining network traffic behaviors. Expanding on this expertise, advanced cyber defense analysis is turning to host-based data to use in research and development to produce the next generation network defense tools. The ability to perform deep packet inspection of network traffic is increasingly harder with most boundary network traffic moving to HTTPS. Additionally, network data alone does not provide a full picture of end-to-end activity. These are some of the reasons that necessitate looking at other data sources such as host data. We outline our investigation into the processing, formatting, and storing of the data along with the preliminary results from our exploratory data analysis. In writing this report, it is our goal to aid in guiding future research by providing foundational understanding for an area of cybersecurity that is rich with a variety of complex, categorical, and sparse data, with a strong human influence component. Including suggestions for guiding potential directions for future research.

Download here

Single-mode porous fiber for low-loss polarization maintaining terahertz transmission

Published in Optical Engineering, 2016

We report on a polymer-based porous-core photonic crystal fiber for simultaneous high-birefringent and low-loss propagation of narrowband terahertz (THz) electromagnetic waves. The high birefringence is induced by using rotated elliptical air holes inside the porous-core. The fiber is numerically analyzed with an efficient finite-element method. The simulation results exhibit an extremely high birefringence of ∼0.042 and a very low effective material loss of ∼0.07  cm−1 at an operating frequency of 1 THz. Moreover, we have found an optimal rotation angle (θ)=n30  deg (n is an odd integer). Other modal features of the fiber, such as confinement loss, power fraction, effective area, bending loss, and dispersion, also have been analyzed. We anticipate that the proposed fiber would be suitable in polarization maintaining THz wave guidance applications.

Download here