Category: Publications

Keliris, Anastasis and Maniatakos, Michail. Cyberattacks are an emerging threat for Industrial Control Systems (ICS) that, given the tight coupling between the cyber and physical components, can have far-reaching implications. It is typical for contemporary ICS components to utilize Commercial-Off-The-Shelf (COTS) hardware and software, rendering them prone to vulnerabilities and exploitation techniques that afflict IT systems (Figure...

Imen Triki, Quanyan Zhu, Rachid Elazouzi, Majed Haddad, and Zhiheng Xu In general, the quality of experience QoE is subjective and context-dependent, identifying and calculating the factors that affect QoE is a difficult task. Recently, a lot of effort has been devoted to estimating the users QoE in order to enhance video delivery. In the...

Jerry Backer, David Hely and Ramesh Karri This work tackles the conflict between enforcing security of a system-on-chip (SoC) and providing observability during trace-based debugging. On one hand, security objectives require that assets remain confidential at different stages of the SoC life cycle. On the other hand, the trace-based debug infrastructure exposes values of internal...

Jeffrey Pawlick and Quanyan Zhu Strategic interactions ranging from politics and pharmaceuticals to e-commerce and social networks support equilibria in which agents with private information manipulate others which are vulnerable to deception. Especially in cyberspace and the Internet of things, deception is difficult to detect and trust is complicated to establish. For this reason, effective...

Anastasis Keliris and Michail Maniatakos Device fingerprinting can provide useful information for vulnerability assessment and penetration testing, and can also facilitate the reconnaissance phase of a malicious campaign. This information becomes critical when the target devices are deployed in industrial environments, given the potential impact of cyber-attacks on critical infrastructure devices. In this paper, we...

Muhammad Junaid Farooq and Quanyan Zhu This work aims to build the theoretical foundations of designing secure and reconfigurable IoBT networks. Leveraging the theories of stochastic geometry and mathematical epidemiology, we develop an integrated framework to study the communication of mission-critical data among different types of network devices and consequently design the network in a...

Muhammad Yasin, Bodhisatwa Mazumdar, Ozgur Sinanoglu, and Jeyavijayan Rajendran Logic encryption protects integrated circuits (ICs) against intellectual property (IP) piracy and overbuilding attacks by encrypting the IC with a key. A Boolean satisfiability (SAT) based attack breaks all existing logic encryption technique within few hours. Recently, a defense mechanism known as Anti-SAT was presented that...

Rui Zhang, Quanyan Zhu and Yezekael Hayel Network security becomes more challenging than ever as today’s computer networks become increasingly complex. The deployment of defense mechanisms such as firewalls , intrusion detection systems , and moving target defenses can effectively reduce the success rate of cyber attacks but cannot guarantee perfect network security as attacks are...

Vladislav Taynitskiy, Elena Gubar, and Quanyan Zhu Malware is a malicious software which aims to disrupt computer operations, gather sensitive information, and gain access to private computer systems. It can induce various sorts of damage, including economic costs, the leakage of private information, and instability of physical systems, etc. The distribution of antivirus patches in...

Prakhar Pandey, Ryan Brunt, Damon McCoy In this case study, we use the leaked database of a DDoS for hire service, vdos-s.com (VDOS), to investigate how users responded to disruptions in their payment options. Earlier this year VDOS was hacked and authorities were able to arrest the people running the site [2]. Using their leaked...