Bridging Cybersecurity Gaps

Virginia Universities' Transdisciplinary Research is Driving Digital Security Advancements

The world’s increasing connectivity offers more opportunity for cybercriminals. The FBI’s 2020 Internet Crime Report cited a 69% increase in complaints of suspected cybercrimes. Globally, the cost of cybercrime exceeded $1 trillion last year, according to research from McAfee Corp.

Mirroring this growth in connectivity and cyber risk is a swell in research from Virginia universities exploring innovative approaches to cybersecurity. Researchers are exploring the gaps left in the fast pace of technology development. An added bonus of this university-driven research: the development of a savvy workforce ready to fill the nation’s projected 3.5 million cybersecurity job openings.

Virginia Tech

Supporting Cybersecurity Policy and Practical Applications

Understanding the motivation behind cybercrimes is critical in developing policies that support cybersecurity. That’s the approach being taken by research bridging both computer and political science at Virginia Tech. Eric Jardine, an assistant professor in the university’s department of political science and deputy director of dark web initiatives for its recently launched Tech4Humanity Lab, is examining the effects of media coverage around drug market closures on the ensuing level of dark web searches for drug-related activity.

“Basically, when the media talks about the closure in deterrent terms — ‘We caught them, we want to punish them, they’re going to jail for life,’ etc. — that tends to suppress dark web traffic to a degree,” Jardine said. “When they talk about some of the more sensational elements, like ‘We found millions of dollars,’ or ‘There are exotic parrots for sale,’ that actually tends to have an opposite effect.”

This is one of many issues with which researchers at the Tech4Humanity Lab are grappling. The lab provides a space where students can immerse themselves within the advanced technologies they’re studying.

Tech4Humanity Lab, Virginia Tech

Jardine sees this transdisciplinary space as critical in driving better understanding between two fields that have traditionally approached cybersecurity problems with very different modes of problem solving. Understanding patterns in cybercrime can have tremendous impact on how governments can create policy-driven responses.

Other Virginia Tech researchers are working on real-world cyber concerns like modernization of the national utility grid. A current project is exploring strategies to support power grid operators’ shift to 5G communications. Power grid operators use communication tools for several applications, from coordinating protection across transmission lines, to transferring line status to control centers, to ensuring substation automation and operation of remote-controlled devices.

“Because of this embedded communication, as a critical infrastructure that sustains other services, the energy sector has become a major target of cyberattacks,” said Ali Mehrizi-Sani, associate professor in the university’s Bradley Department of Electrical and Computer Engineering and its Power and Energy Research Center and principal researcher on the project.

The current practice is to use proprietary communication tools to address security concerns, but this approach lacks interoperability with other systems and limits expansion. 5G is viewed as a game changer in many ways because it enables higher connection speeds among communication tools, lower latency, and slicing — the division of network connections into multiple virtual connections to better allocate resources to different types of traffic, allowing multiple applications to simultaneously use the same physical communication infrastructure with unique performance requirements.

At present, Virginia Tech researchers are testing strategies to reduce latency in network signals, where the industry standard currently sits around 10 milliseconds on 5G and Wi-Fi. The team has gotten those delays down to around seven milliseconds in trials, working toward an industry goal of one millisecond — a development that will aid the usability of autonomous vehicles, factory robots, and virtual reality.

George Mason University

Integrating Upfront Cybersecurity in Advanced Technologies

Internet of things (IoT) connectivity is new and growing fast, so it’s no wonder connected devices present significant vulnerabilities. Some of this risk stems from a lack of upfront security integration encompassing both hardware and software systems. This gap is where cybersecurity engineering comes into play.

Cybersecurity engineering focuses on embedding integrated security solutions during system development. Peggy Brouse, director of the Cyber Security Engineering UG Program and professor of systems engineering and operations research at George Mason University (GMU) in Fairfax County, worked with industry partners to develop the first-in-the-nation cybersecurity engineering degree because of the need for a stronger emphasis on vulnerability analysis before cyberattacks occur.

“You’re never going to completely solve the [cybersecurity] problem, but a lot of what’s going on with regard to hacks and ransomware could have been prevented if there had been a vulnerability analysis and mitigation strategies put in place,” Brouse said.

Cyber Living Innovation Lab at George Mason University, Arlington Campus

While manufacturers are achieving new levels of production efficiency through IoT-driven advancements, these facilities are one of the top targets for cybercriminals. One issue: A piecemeal approach to technology deployment makes these systems particularly vulnerable. To counter one common type of cyberattack that leverages some IoT devices’ low levels of computing power and battery life, four GMU researchers recently received a $1.6 million U.S. Defense Advanced Research Projects Agency grant to create a low-energy security architecture for different types of IoT devices.

GMU researchers are applying similar insights into a number of projects, including the CCI-backed Cyber Living Innovation Lab and an initiative for the Cybersecurity Manufacturing Initiative Institute (CyManII), funded by the U.S. Department of Energy (DOE). The university leads the East Coast headquarters for CyManII and, along with Virginia Tech, serves as a managing member of the $111 million public-private partnership launched in November 2020, while Virginia Commonwealth University is a strategic member. GMU researchers are playing leading roles within CyManII in developing technical approaches to secure the manufacturing supply chain and improve cybersecurity within individual manufacturing sites.

Other major initiatives from GMU researchers include:

• The Rapid Prototyping Research Center, aimed at establishing GMU as the country’s premier Command, Control, Communication, Computer, Cyber, and Intelligence (C5I) education and research institution serving U.S. Department of Defense and intelligence community stakeholders. The center is focused on integrating new and emerging technologies into existing infrastructures to help speed up the prototype acquisition process to solve battlefield communications challenges and other infrastructure issues.
• The Criminal Investigations and Network Analysis Center, a multidisciplinary academic consortium aimed at improving criminal network analysis, forensics, and investigative processes to counter transnational criminal activities in the physical and cyber spaces. Research is conducted across several GMU colleges and partner institutions, including Virginia Tech.
• Research into the capacity and security of the communications systems by which autonomous vehicles transmit and receive information.

Radford University

Engaging Faculty in Cybersecurity Education Across Disciplines

Expanding cybersecurity education to encompass additional disciplines offers tremendous value, but requires that transdisciplinary faculty understand how to address cybersecurity through their unique lenses. Providing faculty with the tools and skillsets necessary to teach cybersecurity through a broader perspective is a focus for researchers at Radford University’s Center for Information Security (CIS).

Radford University

“Most of our research is on either building engaging curriculum to excite students who probably haven’t heard of cybersecurity, or to help teachers get over the learning curve in order to learn and teach cybersecurity,” said CIS Director Prem Uppuluri.

Through grants from the National Security Agency, Radford also develops curriculum to teach cybersecurity to K-12 teachers in Virginia. Helping these teachers engage students of all ages in cybersecurity education has two important implications. First, it makes cyber-awareness and security skills second nature to a generation of students growing up as digital natives. Second, it significantly expands awareness of cybersecurity careers to meet the demand for these skillsets.

Radford researchers are taking a wide range of approaches to providing this education. For example, Radford IT professor Jeff Pittges is working with a team led by ODU professor Kevin Moberly in developing a gamified mobile app for cybersecurity education.

Additionally, Radford’s cyber range is being adapted to support research on securing IoT devices. Toward this end, Uppuluri is working with students and researchers from the Universidade Federal de Pernambuco in Brazil to build a novel pedagogical lab nicknamed the “Hack House.” The house simulates a smart home environment equipped with IoT devices such as smart thermostats or smart door locks. Partially backed by a Commonwealth Cyber Initiative (CCI) grant, his team is researching and developing tools that will help researchers and educators co-relate network data across heterogenous IoT devices.

Old Dominion University

Building Resiliency Into Virginia Infrastructure

The Colonial Pipeline ransomware attack that shut down the largest fuel pipeline in the United States in April may have been a surprise to consumers, but not to cybersecurity researchers at Old Dominion University (ODU) in Norfolk. Since 2016, these researchers have been working to develop technologies to protect infrastructure from cybercrimes through the DOE-funded Cyber Resilience Energy Delivery Consortium. As part of this $28 million initiative, ODU researchers are studying security risk assessment and software-defined networking for detection and classification of the impact of attacks on energy delivery systems.

“A misconception is that you can stop the attack,” said Sachin Shetty, associate director of the Virginia Modeling, Analysis, and Simulation Center, and associate professor in the Department of Computational Modeling and Simulation Engineering at ODU. “You’re not going to stop it, but can you be resilient? Can you survive it? Can you operate?”

Virginia Modeling, Analysis, and Simulation Center at Old Dominion University

It’s from this perspective that Shetty is also leading ODU research for the Department of Homeland Security-funded Critical Infrastructure Resilience Institute, a five-year, $20 million research effort into strategies to enhance the resiliency of the nation’s critical infrastructure.

One of those critical infrastructure components sits right in ODU’s backyard. Shetty is working to develop 5G security and privacy mechanisms for the Virginia Port Authority’s (VPA) connected vehicles. Like many organizations today, VPA is looking to reap the advantages of IoT connectivity, which allows organizations to achieve significant efficiency improvements based on data. To achieve the speed and bandwidth needed to support IoT devices and track vehicles across Norfolk International Terminals (NIT), VPA is working to deploy a private 5G network infrastructure.

NIT has the capacity to process more than 1 million containers annually, and data gathered by tracking trucks can drive tremendous efficiencies in asset management and dynamic route planning, among other areas. However, securing the massive amounts of data being transmitted across new 5G infrastructure is critical. Marine Log reports that maritime industry cyberattacks increased by 900% from 2017 through 2020, and new infrastructure means potentially opening The Port of Virginia to new risks.

With support from collaborators at George Mason University, the University of Virginia, and Virginia Tech, ODU is developing a 5G security enhancement platform prototype that will incorporate machine learning mobility-aware security and an artificial intelligence-assisted trust management system.

James Madison University

Identifying the Human Motivation Behind Cybercrime

When the COVID-19 pandemic spurred a huge jump in remote work in 2020, ransomware attacks in North America leapt by 158% compared to the prior year, according to security provider SonicWall. Part of this growth stems from the ease of deploying such an attack today through an evolving “ransomware as a service” model.

“You don’t need to have any technical skills — you just go on the dark web and use available technology to attack companies,” said Mary Lou Bourne, director of technology innovation and economic development at James Madison University (JMU) in Harrisonburg.

This ease of access means it’s become increasingly critical for organizations to not only address the technical side of cybersecurity, but to also identify the human motives behind these attacks. Understanding the motive can help organizations determine how to prioritize security measures.

This intersection between business risk and technical response is at the heart of JMU’s one-year graduate certificate program in cyber intelligence, one of the first such programs in the country. By understanding vulnerabilities and prioritizing solutions based on need, organizations can make stronger decisions on how to address risk.

JMU is one of the seven original National Centers of Academic Excellence in Cyber Defense Education, managed by the National Cryptologic School at the National Security Agency. The university was one of the first in the country to offer a master’s degree in information security — a degree that dates back to 1997, when the first students graduated with master’s degrees in computer science with a concentration in information security.

JMU has prioritized education that engages students beyond traditional computer science and technology disciplines. Bourne finds that cyber intelligence certificate holders tend to have a passion for puzzle solving or aptitude for pattern recognition and may come from backgrounds in psychology or communications. JMU researchers are applying these skillsets to a broad range of research initiatives, including improving security for autonomous cars and other intelligent transportation solutions, and securing IoT-connected devices to support healthcare asset management and COVID-19 contact tracing.

“Cyber intelligence awareness forms a connection between the business and technical perspectives. That’s the beauty of it,” Bourne said. “It’s a common language between CEOs, CIOs, and CISOs that helps them communicate about the risk of cyberattacks and what to do to prevent them from a business standpoint.”