A5015415577- Advanced Authentication Protocols Security
- Cryptographic Implementations and Security
- Smart Grid Security and Resilience
- Cryptography and Data Security
- User Authentication and Security Systems
- Information and Cyber Security
- Systems Engineering Methodologies and Applications
- Infrastructure Resilience and Vulnerability Analysis
- Risk and Safety Analysis
- Advanced Malware Detection Techniques
- Blockchain Technology Applications and Security
- Security and Verification in Computing
- Software-Defined Networks and 5G
- Physical Unclonable Functions (PUFs) and Hardware Security
- Privacy, Security, and Data Protection
- UAV Applications and Optimization
- Opportunistic and Delay-Tolerant Networks
- Network Security and Intrusion Detection
- Complexity and Algorithms in Graphs
- Advanced Steganography and Watermarking Techniques
- Bluetooth and Wireless Communication Technologies
- Context-Aware Activity Recognition Systems
- Safety Systems Engineering in Autonomy
- Chaos-based Image/Signal Encryption
- IPv6, Mobility, Handover, Networks, Security
Naval Postgraduate School
2018-2025
Norwegian University of Science and Technology
2014-2019
Abstract Designing complex, socio-technical, cyber-physical systems has become increasingly challenging in recent years. Interdependencies between engineering domains can lead to emergent behavior that is difficult predict and manage. The shift toward model-based design demonstrated significant advantages for minimizing these challenges (McDermott et al. 2020. Benchmarking the benefits current maturity of across enterprise. results (MBSE) survey, part 1: Executive summary. Technical Report...
Space networking has become an increasing area of development with the advent commercial satellite networks such as those hosted by Starlink and Kuiper, increased space presence governments around world. Yet, historically network designs have not been made public, leading to limited formal cryptographic analysis security offered them. One few public protocols used in is Bundle Protocol, which secured Protocol Security (BPSec), Internet Engineering Task Force (IETF) standard. We undertake a...
Abstract While digital twin (DT) has made significant strides in recent years, much work remains to be done the research community and industry fully realize benefits of DT. A group 25 professionals, US federal government researchers, academics came together from 11 different institutions organizations identify 14 key thrusts 3 cross-cutting areas for further DT development (R&D). This article presents our vision future R&D, provides historical context DT’s birth growth as a field,...
Software-defined networking (SDN) has become a fundamental technology for data centers and 5G networks. Transport Layer Security (TLS) been proposed as its single security layer SDN networks; however, use of TLS is optional connections between the controller switches are still vulnerable to downgrade attacks. In this paper, we propose protocol dialecting approach provide additional customizable assurance network control messages. We consider evaluate two approaches OpenFlow operation, adding...
Abstract Fuelled by recent technological advances, Machine Learning (ML) is being introduced to safety and security-critical applications like defence systems, financial autonomous machines. ML components can be used either for processing input data and/or decision making. The response time success rate demands are very high this means that the deployed training algorithms often produce complex models not readable verifiable humans (like multi layer neural networks). Due complexity of these...
Abstract In an age of worsening global threat landscape and accelerating uncertainty, the design manufacture systems must increase resilience robustness across both system itself entire process. We generally trust our colleagues after initial clearance/background checks; to function as intended within operating parameters safety engineering review, verification, validation, and/or qualification testing. This approach has led increased insider impacts; thus, we suggest moving “trust, but...
This paper explores how reliability analysis and cyber-security can be combined using Artificial Intelligence Machine Learning (AI/ML), Large Language Models (LLM) to produce a continuously updated resilience analysis. is achieved by modeling both the hardware software of system, employing LLMs AI/ML search for new vulnerabilities feed that information into updating models. A case study drone presented demonstrates promise proposed method. It expected method, named Assessment Risk in...
Given their usefulness for evading traceability in networks, it is not surprising that steganographic techniques continue the modern era and have been looked at through lens of threats technologies. Among such include linkage contextual information (associated data) to de-anonymize traffic. Such detection would be fatal goals. Cryptographic analyses expanded associated data when analyzing confidentiality authenticity channel security; this work we take a similar approach extrapolate security...
Assuming that an adversary cannot effect such channels is no longer realistic, as demonstrated by recent attacks leveraging malware to target the user interface, well more established social engineering attacks.Notably Tap 'n Ghost attack [33], which specifically targets Bluetooth devices, refutes idea communications should be ignored in protocol analysis.As a result, it critical analyze protocols their entirety, accounting for both interaction and device-to-device communication -namely,...
Abstract Risk assessment is an essential step for architecting the resilience (safety/security) of a mission critical software-intensive system as well regular maintenance procedures. It closely relates to estimating (cyber) insurance needs system. Managing cyber risk involves gathering threat intelligence, prioritizing current threats against interest, and planning mitigation strategies. While reliability engineering can rely on relatively stable set failure modes statistical data related...
Modern messaging applications often rely on out-of-band communication to achieve entity authentication, with human users verifying and attesting long-term public keys. This is done primarily reduce reliance trusted third parties by replacing that role the user. Despite a great deal of research focusing analyzing confidentiality aspect secure messaging, authenticity it, which relies user mediation, has been largely assumed away. Consequently, while many existing protocols provide some...
Abstract Designing and improving the resilience of complex sociotechnical/cyber-physical systems is not a simple task. Interdependencies between engineering domains can lead to emerging behavior which difficult predict handle. Early identification safety security weaknesses safety-critical system leads reduced redesign costs in later design phases. The scientific contribution this paper method for early combined assessment based on interdisciplinary dependency models system. focus factors...
Modern complex cyber-physical systems heavily rely on humans and AI for mission-critical operations decision making. Unfortunately, these components are often "black boxes" to the operator, either because models too human comprehension (e.g. deep neural networks) or intentionally hidden proprietary intellectual property). In cases, logic cannot be validated therefore trust is forced.
Existing counter-unmanned aerial system (C-UAS) defensive mechanisms rely heavily on radio frequency (RF) jamming techniques that require a large amount of energy to operate. The effects RF result in undesirable consequences, such as the other nearby friendly devices well increase footprint for local operators. Current cybersecurity analysis commercial off-the-shelf (COTS) UASs have revealed multiple vulnerabilities give rise opportunities conduct C-UAS operations cyber domain. This is...
Recent advancements in unmanned aerial vehicle (UAV) capabilities have led to increasing research into swarming systems. Unfortunately, efforts date not resulted viable secure communications frameworks, and the limited processing power constrained networking environments that characterize these systems preclude use of many existing group protocols. The Messaging Layer Security (MLS) protocol, currently under development at Internet Engineering Task Force (IETF), offers some attractive...
The proliferation of Unmanned Aerial System (UAS) capabilities in the commercial sector is posing potentially significant threats to traditional perimeter defense civilian and military facilities. Commercial Off-The-Shelf (COTS) UAS are small, cheap, come with multiple types functions which have growing interest among hobbyists. This has prompted need for facility commanders a methodology conduct quick evaluation analysis existing Counter-Unmanned (CUAS)’s effectiveness. research proposes...
The use of autonomous and unmanned systems continues to increase, with uses spanning from package delivery simple automation tasks factory usage defense industries agricultural applications. With the proliferation comes question how secure command-and-control communication links among such devices their operators. In this work, we look at Messaging Layer Security (MLS) protocol, designed support long-lived continuous sessions group a high degree security. We build out MAUI—an MLS API for UxS...
Abstract The pending development of a cryptographically relevant quantum computer (CRQC) puts cryptographic security relying on public key cryptography at risk. Such can be found throughout systems today, including cyber-physical systems, which raises question when to transition resistant alternatives, i.e., post-quantum cryptography. Criticality timeline and planning non-trivial for system managers the cybersecurity risk delay is often opaque. This paper investigates functional modeling...