Publications

Cross-layer secure cyber-physical control system design for networked 3D printers

July 6, 2016

Zhiheng Xu, Quanyan Zhu

The authors explore the vulnerabilities of 3D-printing systems, and design a cross-layer approach for the system.

Deterring Financially Motivated Cybercrime

July 5, 2016

CCS_Lock

Zachary K. Goldman and Damon McCoy

In “Deterring Financially Motivated Cybercrime,” Zachary K. Goldman and Damon McCoy present three strategies for deterring attacks that use malicious cyber capabilities to generate a profit.

The Cybersecurity Competition Experience: Perceptions from Cybersecurity Workers

June 22, 2016

Colin Wee, Masooda Bashir, and Nasir Memon

How do workers within the field of cybersecurity perceive cybersecurity competitions? This study aims to address this question and investigate if competitions left a positive mark on the information security workers who participated in them.

Student research highlight: Secure and resilient distributed machine learning under adversarial environments

June 17, 2016

Rui Zhang and Quanyan Zhu

Machine learning algorithms, such as support vector machines (SVMs), neutral networks, and decision trees (DTs) have been widely used in data processing for estimation and detection. They can be used to classify samples based on a model built from training data. However, under the assumption that training and testing samples come from the same natural distribution, an attacker who can generate or modify training data will lead to misclassification or misestimation.

Do You Trust Your Chip?

June 2, 2016

Ozgur Sinanoglu

This talk will cover various forms of threats that the electronic chip supply chain is up against, as well as defenses against these threats. The talk will elucidate the development of CAD algorithms/tools for this newly emerging field by mostly leveraging principles from other more mature research domains.

Profiling Underground Merchants Based on Network Behavior

June 1, 2016

Srikanth Sundaresan, Damon McCoy, Sadia Afroz, and Vern Paxson

Online underground forums serve a key role in facilitating information exchange and commerce between gray market or even cybercriminal actors. In order to streamline
bilateral communication to complete sales, merchants often publicly post their IM contact details, such as their Skype handle. Merchants that publicly post their Skype handle
potentially leak information, since Skype has a known protocol flaw that reveals the IP address(es) of a user when they are online.

Coding Schemes for Securing Cyber-Physical Systems Against Stealthy Data Injection Attacks

May 25, 2016

Fei Miao, Quanyan Zhu, Miroslav Pajic, and George J. Pappas

This paper considers a method of coding the sensor outputs in order to detect stealthy false data injection attacks.

Manufacturing and Security Challenges in 3D Printing

May 11, 2016

Steven Eric Zeltmann, Nikhil Gupta, Nektarios Georgios Tsoutsos, Michail Maniatakos, Jeyavijayan Rajendran, and Ramesh Karri

As the manufacturing time, quality, and cost associated with additive manufacturing (AM) continue to improve, more and more businesses and consumers are adopting this technology. Some of the key benefits of AM include customizing products, localizing production and reducing logistics. Due to these and numerous other benefits, AM is enabling a globally distributed manufacturing process and supply chain spanning multiple parties, and hence raises concerns about the reliability of the manufactured product. In this work, we first present a brief overview of the potential risks that exist in the cyber-physical environment of additive manufacturing.

Controlling your control flow graph

May 3, 2016

Arun Kanuparthi, Jeyavijayan Rajendran, Ramesh Karri

In this paper, the authors propose Dynamic Sequence Checker (DSC), a framework to verify the validity of control flow between basic blocks in the program

SARLock: SAT attack resistant logic locking

May 3, 2016

Muhammad Yasin, Bodhisatwa Mazumdar, Jeyavijayan J V Rajendran, and Ozgur Sinanoglu

Logic locking is an Intellectual Property (IP) protection technique that thwarts IP piracy, hardware Trojans, reverse engineering, and IC overproduction. Researchers have taken multiple attempts in breaking logic locking techniques and recovering its secret key. A Boolean Satisfiability (SAT) based attack has been recently presented that breaks all the existing combinational logic locking techniques.

Threshold-Dependent Camouflaged Cells to Secure Circuits Against Reverse Engineering Attacks

May 2, 2016

Maria I. Mera Collantes, Mohamed El Massad, and Siddharth Garg

With current tools and technology, someone who has physical access to a chip can extract the detailed layout of the integrated circuit (IC). By using advanced visual imaging techniques, reverse engineering can reveal details that are meant to be kept secret, such as a secure protocol or novel implementation that offers a competitive advantage.

The Cybersecurity Landscape in Industrial Control Systems

May 1, 2016

Stephen McLaughlin, Charalambos Konstantinou, Xueyang Wang, Lucas Davi, Ahmad-Reza Sadeghi, Michail Maniatakos, and Ramesh Karri

Industrial control systems (ICSs) are transitioning from legacy-electromechanical-based systems to modern information and communication technology (ICT)-based systems creating a close coupling between cyber and physical components. In this paper, we explore the ICS cybersecurity landscape including: 1) the key principles and unique aspects of ICS operation; 2) a brief history of cyberattacks on ICS; 3) an overview of ICS security assessment; 4) a survey of “uniquely-ICS” testbeds that capture the interactions between the various layers of an ICS; and 5) current trends in ICS attacks and defenses.

Compliance signaling games: toward modeling the deterrence of insider threats

April 28, 2016

William Casey, Jose Andre Morales, Evan Wright, Quanyan Zhu, Bud Mishra

The authors form a signaling game model to address the controllable risks acting within an organization whether they are expressed from malicious, unwitting, or benign insiders who are trusted to operate within an organization.

Educating Tomorrow’s Lawyers to Handle New Digital Problems

April 18, 2016

NYLJ-CCS

Zachary K. Goldman

Tomorrow’s lawyers—today’s law students—need to be better equipped to understand the underlying technical systems that will push the law in new directions. In no area of law is this dynamic more apparent than cyber security.

Characterizing Long-tail SEO Spam on Cloud Web Hosting Services

April 11, 2016

Xiaojing Liao, Chang Liu, Damon McCoy, Elaine Shi, Shuang Hao. Raheem Beyah

In this paper, the authors take the first step toward understanding how long-tail SEO spam is implemented on cloud hosting platforms.

Building trustworthy systems using untrusted components: A High-level synthesis approach

April 11, 2016

Jeyavijayan (JV) Rajendran, Ozgur Sinanoglu, and Ramesh Karri

Trustworthiness of system-on-chip designs is undermined by malicious logic (Trojans) in third-party intellectual properties (3PIPs). In this paper, duplication, diversity, and isolation principles have been extended to detect build trustworthy systems using untrusted, potentially Trojan-infected 3PIPs.

Stress Testing the Booters: Understanding and Undermining the Business of DDoS Services

April 11, 2016

Mohammad Karami, Youngsam Park, and Damon McCoy

DDoS-for-hire services, also known as booters, have commoditized DDoS attacks and enabled abusive subscribers of these services to cheaply extort, harass and intimidate businesses and people by taking them offline. However, due to the underground nature of these booters, little is known about their underlying technical and business structure.

Hardware Performance Counter-Based Malware Identification and Detection with Adaptive Compressive Sensing

April 1, 2016

Xueyang Wang, Sek Chai, Michael Isnardi, Sehoon Lim, and Ramesh Karri

Hardware Performance Counter-based (HPC) runtime checking is an effective way to identify malicious behaviors of malware and detect malicious modifications to a legitimate program’s control flow. To reduce the overhead in the monitored system which has limited storage and computing resources, we present a “sample-locally-analyze-remotely” technique. The sampled HPC data are sent to a remote server for further analysis. To minimize the I/O bandwidth required for transmission, the fine-grained HPC profiles are compressed into much smaller vectors with Compressive Sensing. The experimental results demonstrate an 80% I/O bandwidth reduction after applying Compressive Sensing, without compromising the detection and identification capabilities.