Funded programs

1. Title: Cybersecurity and Behavioral Risk Analytics in Remote Audit Practice: A Regional Study in Southwest Virginia and Appalachia
PI: Gurkan Akalin
Lead Institution: University of Virginia’s College at Wise
Co-PIs & Institution: Ms. Ning Zhou (UVA-Wise)
Funding Program: FY26 Research Program

Summary: This project investigates cybersecurity awareness and behavioral risk in remote audits, which are increasingly used to verify inventory and ensure financial accuracy without on-site visits. As digital operations expand, auditors face growing exposure to cybersecurity threats — especially in underserved regions like Southwest Virginia and the broader Appalachian area, where local small and mid-sized accounting firms often lack formal cybersecurity training. The research team will conduct a comprehensive regional assessment of auditors’ cybersecurity awareness. This will be achieved through scenario-based surveys designed to simulate real-world cybersecurity challenges related to inventory control in remote audit, alongside structured interviews aimed at evaluating auditors' understanding of remote inventory audit procedures, data integrity, and security best practices. Results can shape the development of regionally relevant cybersecurity guidelines for audit professionals and small firms.

2. Title: Securing Embodied Systems Against Adversarial Audio Through Physical Acoustics 
PI: Alaa Algargoosh
Lead Institution: Virginia Tech
Co-PIs & Institution: Chris Thomas (VT)
Funding Program: FY26 Research Program

Summary: Robots are increasingly using sound to better understand their surroundings beyond what they can see. However, this new input creates new cybersecurity threats. Unlike images or text, audio signals can be hijacked from a distance without altering the robot’s hardware or software. For instance, a phone playing malicious sounds can cause robots to misjudge their surroundings and collide with obstacles. These “adversarial attacks” have long been studied in vision and text and many defenses have been proposed. However, audio-based threats remain underexplored and existing defenses almost entirely rely on software solutions. This project addresses this gap by creating novel audio-based attacks and introducing a new type of defense that reshapes the physical environment itself. First, we develop adversarial sounds designed specifically to disrupt robotic navigation to model these systems’ vulnerabilities. Then, to counter these audio-based threats, we will use architectural acoustics by manipulating room layouts and surface materials to study how di˙erent acoustics neutralize harmful audio signals. Then, we will train a generative AI model to automatically re-design physical spaces to diminish audio-based vulnerabilities. Our approach opens a new path for securing autonomous systems by extending protection beyond algorithms into real-world environments.

3. Title: Futureproofing Consensus Protocols for Blockchain and More: Constructing Quantum-Resistant Threshold (Ring) Signatures
PI: Sarah Arpin
Lead Institution: Virginia Tech
Co-PIs & Institution:  Jason LeGrow (VT)
Funding Program: FY26 Research Program

Summary: The emergence of quantum computers capable of breaking today’s cryptographic standards makes it essential to develop new, quantum-safe security protocols. At the same time, rapidly evolving technologies create a growing demand for more sophisticated and adaptable types of cryptographic protocols, such as threshold signatures. Imagine a company stores its cryptocurrency in a digital vault. To protect it, they don’t want just one person to have the power to unlock it—what if that person’s device gets hacked, or they go rogue? With a threshold signature, the company can set it up so that any 3 out of 5 trusted managers must collaborate to authorize a transaction. No single person can act alone, and even if one key is stolen, the vault stays locked. This setup balances security and reliability, which is especially important in a world where data breaches and insider threats are common. Our research will lead to innovative quantum resistant threshold signatures based on isogeny graphs of elliptic curves. Isogeny-based cryptography is the most promising direction in post-quantum cryptography. The small key sizes are favorable for blockchain and cryptocurrency applications. Our protocol will pioneer isogeny-based digital signatures with advanced functional-ity. 

4. Title: A Real-Time / Security Co-Scheduling Framework for Time-Sensitive, Zero-Trust CPS
PI: Thidapat (Tam) Chantem
Lead Institution: Virginia Tech
Co-PIs & Institution: Mohamed Azab (VMI)
Funding Program: FY26 Research Program

Summary: This project addresses a critical and understudied gap in cyber-physical systems: the lack of integrated frameworks that jointly ensure real-time guarantees and adaptive, zero-trust security. Current CPS designs either overlook security or treat it as an add-on, resulting in unpredictable behavior under attack. To fill this gap, we propose a novel co-scheduling framework that unifies real-time task execution with security task scheduling, tailored for time-sensitive, mission-critical environments such as smart grids and connected vehicles.

5. Title: Quantum Changepoint Detection: A Statistical Framework for Cyber-Physical Threat Recognition
PI: Steven Flammia
Lead Institution: Virginia Tech
Co-PIs & Institution: Jamie Sikora (VT)
Funding Program: FY26 Research Program

Summary: This project focuses on detecting sudden changes in data sequences, which can indicate cyber-attacks or system malfunctions. In cybersecurity, early identification of such changes is essential for preventing unauthorized access and minimizing potential damage. However, when working with quantum data, traditional algorithms are ineffective, as quantum systems operate under principles fundamentally different from classical systems. The aim of this work is to develop specialized quantum algorithms that can identify these so-called changepoints quickly and efficiently. By analyzing continuous streams of quantum information, the algorithm will seek to detect the earliest signs of intrusion or anomaly.

6. Title: Evolving Zero-Trust for O-RAN Defense: Interpretable and Verifiable AI for 5G NTN Fake Base Station Detection
PI: Ming Jin
Lead Institution: Virginia Tech
Co-PIs & Institution: Lingjia Liu (VT)
Funding Program: FY26 Research Program

Summary: 5G Non-Terrestrial Networks (NTN) extending connectivity through satellites face critical vulnerabilities to fake base station (FBS) attacks, where malicious devices impersonate legitimate infrastructure to intercept communications. The reduced signal strength variation in satellite beams–covering areas up to 200km–makes traditional detection methods ineffective. This project develops an interpretability-by-design AI system that generates verifiable detection programs for FBS identification in O-RAN architectures. Unlike black-box machine learning that obscures decision logic, our approach produces human-auditable detection rules deployed as lightweight xApps within Zero Trust frameworks. Inspired by the recent success of DeepMind's AlphaEvolve, which discovered breakthrough algorithms through evolutionary synthesis to satisfy multiple objectives, we apply similar principles to security–using frontier large language models (LLMs) with strong coding capabilities during training to generate detection logic, then deploying these as efficient, interpretable programs. The system continuously evolves new detection strategies through competitive co-evolution, creating adaptive defenses that outpace adversarial innovations. This research establishes foundations for verifiable AI in telecommunications security, with pathways to deployment through O-RAN standards and collaboration with regional industry partners, addressing urgent national security priorities while advancing the science of interpretable artificial intelligence through evolutionary program synthesis. 

7. Title: Supporting Military Family Cybersecurity with an AI-Infused OSINT Tool 
PI: Kurt Luther
Lead Institution: Virginia Tech
Co-PIs & Institution:  Jin-Hee Cho (VT)
Funding Program: FY26 Research Program

Summary: This research proposal aims to safeguard U.S. military families from adversaries who scour public websites for operational clues. The one-year study will begin with interviews of 20 spouses and unit security managers to document online habits, perceived threats, and tensions between privacy and duty. Those findings will guide construction of the new Operational Security Cyber Vulnerability Index (OCVI), a quantitative score that combines social-media behavior, psychological cues, and estimated adversary capability. The team will then integrate this index into a software prototype, Homefront Helper, that silently inspects prospective social-media posts, flags text or images disclosing deployment timelines, unit locations, or personal identifiers, and offers clear edits that users may accept or refine. A peer feature allows fellow spouses to confirm or adjust the guidance, promoting community learning rather than surveillance. During a two-month field deployment, automated logs and follow-up interviews will measure shifts in posting behavior, situational awareness, and user confidence. Weekly anonymized dashboards will inform security officers where tailored micro-trainings are most urgent. Anticipated outcomes include a validated risk metric, empirical insights on family cyber exposure, and a transferable intervention that strengthens operational security while respecting household autonomy. 

8. Title: Coding theory for modern secure communication and computation
PI: Gretchen Matthews
Lead Institution: Virginia Tech
Co-PIs & Institution: none
Funding Program: FY26 Research Program

Summary: This project uses classical coding theory in new ways to address two key themes in connected computing, modern communications and computations: providing noise control and mitigation in support of quantum computing and ensuring security and efficiency of quantum-safe schemes for encryption. Objectives include the design of new quantum error correcting codes which mitigate errors in qubits and updated secuirty analysis of quantum-safe cryptosystems. 

9. Title: Data Privacy Landscape for Modern Transportation System While Using Multimodal Data
PI: Abhijit Sarker
Lead Institution: Virginia Tech
Co-PIs & Institution: Surendrabikram Thapa, Tammy Trimble (VT)
Funding Program: FY26 Research Program

Summary: The rapid integration of high-resolution visual sensing across transportation systems, ranging from roadside cameras and vehicle-mounted sensors to automated driving infrastructure, offers unprecedented opportunities for safety, mobility, and infrastructure intelligence. Yet, these advances raise concerns around individual privacy, especially when visual data is fused with GPS, V2X, or other metadata that can amplify re-identification risks. In the absence of standardized privacy frameworks, agencies and developers lack clear guidance on balancing privacy with the utility of shared data. This project seeks to address this gap by developing and evaluating privacy-preserving methods tailored to multimodal video data in transportation. Through two pilot studies, we will quantify privacy risks, simulate adversarial inferences, and assess effectiveness of task-aware de-identification techniques. By measuring utility loss in key downstream tasks, such as object and incident detection and trajectory forecasting, the project will generate empirical privacy-utility tradeoff benchmarks and contribute tools for evaluating privacy safeguards in real-world deployments. The team will engage with transportation agencies, AV developers, and policy stakeholders to ensure that outcomes are grounded in practical needs and regulatory realities. 

10. Title: Protecting AI with Security Guarantees using Confidential Virtual Machines with GPUs
PI: Wenjie Xiong
Lead Institution: Virginia Tech
Co-PIs & Institution: Dan Williams (VT)
Funding Program: FY26 Research Program

Summary: Artificial intelligence (AI) models have demonstrated their superior performance in a variety of tasks. These AI models are being used to process sensitive user data in both training and inference, and there is a need for securing AI computation. However, the currently com-plicated software and hardware infrastructure for AI training and inference from different stake-holders make protecting the data and model non-trivial. Confidential VMs (CVMs) supported by hardware are considered the most practical platform to protect AI workloads, and have been avail-able in public clouds. However, while hardware supports for CVM can protect against a malicious compute platform and attest the software in the CVM, they cannot stop provider software inside TEE from unintentionally or intentionally leaking user data through direct or covert channels. This project aims to understand the attack surfaces of commercial CVMs and develop secure software monitors to enhance the isolation in CVMs with GPUs.

11. Title: RISE-IoT: Resilient Intelligent and Secured Edge IoT
PI: Yang (Cindy) Yi
Lead Institution: Virginia Tech
Co-PIs & Institution: Lingjia Liu (VT)
Funding Program: FY26 Research Program

Summary: TThe RISE-IoT project pioneers a transformative platform at the intersection of cybersecurity, autonomy, and artificial intelligence—core to the mission of the Commonwealth Cyber Initiative (CCI). As autonomous systems like drones and smart sensors become widespread, they face critical challenges: how to process data securely and intelligently at the edge, while operating under tight energy and bandwidth constraints.  Our team addresses these challenges by integrating neuromorphic computing—brain-inspired processors that enable ultra-efficient, on-device learning—with NextG wireless networks supporting secure and resilient communication. Using Intel’s Loihi-2 chip, we will build and test compact IoT nodes that can learn, adapt, and protect themselves in real time. These nodes will collaboratively train AI models using privacy-preserving federated learning, making them ideal for applications such as smart infrastructure, environmental monitoring, and critical systems. 

1. Title: Professional Accelerated Cyber Education (PACE) Continuation
PI: Tom Bennett
Lead Institution: Radford University
Co-PIs & Institution: Prem Uppuluri (RU)
Funding Program: FY26 Workforce 

Summary: This continuation proposal builds on the success of Radford University’s Professional Accelerated Cyber Education (PACE) program. Through the 2025 initiative, the Vinod Chachra IMPACT Lab enrolled 62 IT professionals in an introductory, online, self-paced, competency-based cybersecurity course. This continuation will advance cybersecurity workforce development by enrolling a portion of the CBIT101 completers into the full cybersecurity certificate stack, equipping them with more advanced, industry-aligned credentials such as Security+, CEH, or SANS GIAC GPEN.  The continuation of the PACE training initiative will build upon this success by strengthening cybersecurity capacity within participating organizations and evaluate its alignment with industry needs by: 1) Delivering accelerated, online, and competency-based cybersecurity certificate to working professionals in companies and organizations across southwest Virginia; and 2) Conducting research to assess the effectiveness and industry relevance of the PACE coursework.

1. Title: Securing Eye-Tracking Data from Side-Channel Attacks in Virtual Reality Systems
PI: Brendan David-John
Lead Institution: Virginia Tech 
Co-PIs & Institution: Bo Ji (VT)
Funding Program: FY26 Innovation Program

Summary: Our project focuses on prototype development of defense mechanisms that will be translated into a product to secure foveated rendering systems from side-channel attacks broadly. Our vision goes beyond analyzing experimental data and proving we can detect the presence of the attack, but instead also provides a universal solution to mitigating these attacks.

2. Title: Towards End-to-End SOC Automation Using Large Language Models
PI:  Peng Gao
Lead Institution: Virginia Tech 
Co-PIs & Institution: Murat Kantarcioglu (VT)
Funding Program: FY26 Innovation Program

Summary: Advanced Persistent Threats present significant challenges to Security Operations Cen-ters (SOCs) due to their complex, multi-step nature and the overwhelming volume of security alerts. Existing AI-driven solutions struggle with effective detection, investigation, and response, leading to alert fatigue and delayed threat mitigation. This project aims to develop an end-to-end automated SOC solution leveraging large language models (LLMs) to enhance cyber threat investigation and response. 

3. Title: SmartHomeSecure: A GenAI-Powered Prototype for Detecting Defects and Vulnerabilities in Smart Home Automation Systems
PI:  Xinghua Gao
Lead Institution: Virginia Tech 
Co-PIs & Institution: Na Meng (VT)
Funding Program: FY26 Innovation Program

Summary: Smart homes are rapidly becoming a ubiquitous feature of modern living, as homeowners increasingly turn to off-the-shelf platforms to automate and control various aspects of their homes. Among these platforms, Home Assistant (HA) is particularly popular due to its open-source nature, local control, and flexibility, with over a million users worldwide. However, users often struggle with creating and managing the necessary automation configurations for their smart homes, particularly when working with YAML files. This complexity leads to common errors, such as incorrect syntax, misconfigured automations, and security vulnerabilities, which hinder functionality and compromise home safety and security. Existing tools offer limited support for detecting and resolving these issues.  To address this challenge, this project will develop SmartHomeSecure, an intelligent software prototype leveraging advanced Generative AI, LLaMA, to enhance smart home security and reliability. 

4. Title: DID Calendar Launch
PI:  Christiana Chamon Garcia
Lead Institution: Virginia Tech 
Co-PIs & Institution: Leyla Nazhandali (VT)
Funding Program: FY26 Innovation Program

Summary: This project addresses a critical need for secure scheduling systems in industries handling sensitive information, such as healthcare, legal services, government, and remote collaboration. By eliminating centralized points of failure and prioritizing privacy, the DID calendar fills an underserved market niche, empowering users with full control over their data.

5. Title: Virtual Reality–Augmented Digital twin for grid security OPerator Training (VR-ADOPT)
PI: Ali Mehrizi- Sani
Lead Institution: Virginia Tech 
Co-PIs & Institution: None
Funding Program: FY26 Innovation Program

Summary: Power system training is in significant demand especially because of the growing workforce needs: the existing workforce is retiring faster than the new workforce is trained, and they need to be trained in new technologies that did not exist in their current form merely a decade ago. Existing training systems are primarily lecture-based courses that, as their hands-on component, primarily rely on the simulation of a small test system with limited, artificial user interaction. Training systems that offer a flexible suite of learning scenarios in an authentic learning environment are needed to remedy this. To address this need, we have worked toward creating a virtual reality (VR)-based operator training system embedded within a digital twin of the power system assets, such as control room, substation, and transmission lines. This way, a system operator in training wears a VR display to create an immersive feeling of being in an authentic context, even from the comfort of their home.

6. Title: Defining a New Standard for IIoT Wireless Security
PI: Alan Michaels
Lead Institution: Virginia Tech 
Co-PIs & Institution: None
Funding Program: FY26 Innovation Program

Summary: Building upon nearly a decade of success in developing low-power secure communication techniques for the DoD/IC and commercial partners, this project seeks to bolster the commercialization of the High-Order PSK1 Signaling (HOPS) protocol for use as a building block in the industrial Internet of Things (IIoT).