GGrantIndex
← Search

CIF: Small: Combining Information Theoretic Security and Stochastic Control to Study Advanced Persistent Threats

$354,695FY2016CSENSF

Lehigh University, Bethlehem PA

Investigators

Abstract

Despite tremendous advances in cryptography and communication security, information attacks -- both passive such as eavesdropping, and active such as unauthorized data injection --, can severely impair the functioning of modern infrastructural systems that combine cyber communication systems and networked physical components. The ability of adversaries to monitor transmitted data or introduce false information for sustained periods of time whilst staying undetected can result in leakage of sensitive information or cause critical damages to underlying systems with consequences ranging from airline collisions, power blackouts to malfunctioning nuclear reactors. In this research, rigorous frameworks are developed to study vulnerabilities of cyber physical systems to such persistent security threats with the goal of designing novel and resilient system controllers. The systematic approach to study adversarial behavior will not only enable effective cyber policing, but also lay a platform for developing technologies to prevent the next generation of cyber terrorism that aims to cripple basic infrastructural systems in energy, healthcare, transportation etc. The education and outreach components will facilitate an enhanced awareness in society of potential vulnerabilities of the burgeoning Internet of Things and the path towards cyber physical security. This research will study two key challenges in securing cyber physical systems: preventing retrieval of physical system information through continually monitored cyber flows, and limiting disruption to system operations through continually hacked cyber flows. Incorporating the strengths of information theoretic security and statistical inference methodologies into a dynamic programming framework which models cyber physical system evolution as a function of external information and internal control, this research will study quantitatively the trade-offs between information security and the system operational performance, and through the process, develop attack detection and mitigation methodologies.

View original record on NSF Award Search →