A5037601467- Network Security and Intrusion Detection
- Smart Grid Security and Resilience
- Reinforcement Learning in Robotics
- Information and Cyber Security
- Infrastructure Resilience and Vulnerability Analysis
- Radiation Effects in Electronics
- Security and Verification in Computing
Texas State University
2017-2020
In recent years, there have been a number of successful cyber attacks on enterprise networks by malicious actors which caused severe damage. These Intrusion Detection and Prevention Systems in place to protect them, but they are notorious for producing high volume alerts. alerts must be investigated analysts determine whether an attack or benign. Unfortunately, magnitude more generated than investigate them. This trend is expected continue into the future creating need tools find optimal...
Allocating cyber-security analysts to incoming cyber alerts is an important task in any organization employing cyber-defense mechanisms. Alerts are typically generated when intrusion detection software on computer systems (e.g., servers, routers) detect abnormal or suspicious activity. Based the respective significance level of alerts, some assigned for further investigation. Due wide range potential attacks coupled with high degrees attack sophistication, identifying what constitutes a true...
Securing Cyber-Physical Systems (CPS) against cyber-attacks is challenging due to the wide range of possible attacks - from stealthy ones that seek manipulate/drop/delay control and measurement signals malware infects host machines physical process. This has prompted research community address this problem through developing targeted methods protect check run-time operation CPS. Since protecting checking for errors result in performance penalties, they must be performed within delay bounds...
One important aspect in protecting Cyber Physical System (CPS) is ensuring that the proper control and measurement signals are propagated within loop. The CPS research community has been developing a large set of check blocks can be integrated loop to against various types attacks (e.g., false data injection attacks). Unfortunately, it not possible integrate all these "checks" as overhead introduced when checking may violate delay constraints Moreover, do completely operate isolation each...