Funded programs

1. Title: Psychological game Theory-Based Optimization Approaches and Virtualization Tools for Networked Computing Systems
PI: Manish Bansal
Lead Institution: Virginia Tech
Co-PIs & Institution: Dr. Alec Smith, Dr. Mark Gardner
Funding Program: FY25 Research Program

Summary: Networked computing systems have found a multitude of applications across various domains, revolutionizing the way we communicate, collaborate, and interact with the world. Despite these advantages, the limited capabilities of existing decision tools for networked computing systems to conduct vulnerability analysis against cyberattacks of a stochastic nature, is hindering the reliance on this technology. With the rapid rise in cyberattacks, it is critical to develop data driven control and decision support tools (algorithms/mathematical/simulation models) for system operators, especially tools that utilize relevant historical data and belief-dependent psychological payoffs of attackers and operators for modeling, and virtualization tools for validation. This project will integrate mathematical optimization techniques with game theory and behavioral economics to address cyber-security and cyber-defense for networked computing systems. Specifically, the project will introduce data driven and computationally efficient decision tools that allow limited availability of relevant historical data to infer patterns, and thereby assess the probability of success and the potential impact of cyberattacks. Novel game theory-based algebraic/optimization models for vulnerability analysis of networked computing systems will be developed. These models will be extended to include psychological payoff terms that capture emotions such as anger, frustration, or guilt. The predictive validity of these payoff terms will also be evaluated. This research will offer a unique advantage of analyzing the impact of potential cyberattacks under a wide range of circumstances. The proposed models and algorithms will be evaluated by emulating the networked computing system using virtualization technology, staged Mirai virus attacks, and real network activity data. 

2. Title: Quantum Information Science and Engineering Activities at Virginia Tech
PI: Ed Barnes
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY25 Research Program

Summary: Virginia Tech's Center for Quantum Information Science and Engineering (VTQ) plays a pivotal role in advancing QISE research through key activities including the semi-annual VTQ Symposium and weekly seminar series. The symposium features faculty and senior postdocs presenting research, fostering interdisciplinary collaborations, and building community within VTQ. The seminar series, organized by an interdisciplinary committee, hosts impactful speakers to enhance QISE visibility and reputation. Additionally, VTQ conducts outreach, including a high-school-level summer school on quantum computing. Budget allocations include $12,000 for seminars, $6,000 for symposiums, and $2,000 for summer school support.

3. Title: Bridging the Gap Between User Interface Security and CI?CD workflows
PI: Chris Brown
Lead Institution: Virginia Tech
Co-PIs & Institution:  None
Funding Program: FY25 Research Program

Summary: Software, a set of instructions to execute tasks and manipulate data on devices, impacts nearly every facet of modern life. Humans interact with software-based applications through user interfaces (UIs) which handle the input and output for programs—such as web applications hosted online and accessed through internet browsers. To enhance the delivery of software to users, continuous integration and continuous deployment (CI/CD) techniques have been introduced to automate tasks for more efficient testing and sharing of software. However, as the complexity and demand for technology increases, user interfaces grow increasingly difficult to design and secure while web-based attacks become more sophisticated. Research findings have posited a wide variety of automated tools to enhance the security of software, such as dynamic application security testing (DAST) tools which can assess the security of web applications by simulating attacks on user interfaces. However, these tools are often avoided in practice—with open source software developers facingdifficulties integrating UI test cases into CI/CD workflows and often relying on more ad hoc and manual approaches to test the security of their software.To this end, the proposed work aims to bridge the gap between UI testing and CI/CD pipelines in the context of securing web applications. We accomplish this by designing, implementing, and evaluating a novel tool that leverages large language models (LLMS) that synthesize DAST tool results to support finding and repairing UI-based security vulnerabilities. This work provides implications and motivates future research to further secure user interfaces and safeguard user experiences with software. 

4. Title: Moving Target Defense for Continuous Operation in Mission-Critical Cyber-Physical Systems
PI: Thidapat (Tam) Chantem
Lead Institution: Virginia Tech
Co-PIs & Institution: Mohamed Azab (VT)
Funding Program: FY25 Research Program

Summary: In this project, we aim to explore the application of Moving Target Defense (MTD) strategies within Real-Time Cyber-Physical Systems (RT-CPS) to enhance their security. MTD involves implementing dynamic and unpredictable changes to the system architecture, making it more challenging for attackers to exploit vulnerabilities. This proactive approach aims to increase the complexity and effort required for an attacker to locate vulnerabilities, thereby consuming significant amounts of their resources and time. The project’s primary objective is to integrate MTD effectively without compromising the operational efficiency of RT-CPS, which often operate under stringent time constraints and resource limitations. We plan to develop a framework that carefully balances the security enhancements provided by MTD with the critical operational demands of real-time systems. This framework will be evaluated using two key CPS scenarios: connected vehicles and smart grids. Both contexts are highly relevant and sensitive to delays and disruptions, making them ideal candidates to test the feasibility and impact of MTD. Through this investigation, we seek to achieve a robust security posture that significantly extends beyond conventional defense mechanisms, adapting to emerging threats while maintaining system integrity and performance.

5. Title: IrisSwap: A public research challenge on digital iris spoofing attacks
PI: Brendan David-John
Lead Institution: Virginia Tech
Co-PIs & Institution: Chris Thomas (VT)
Funding Program: FY25 Research Program

Summary: Video-based eye trackers capture the iris biometric and enable authentication to secure user identity. Iris authentication through eye trackers is becoming standard within virtual and augmented reality headsets. However, iris biometric authentication is susceptible to spoofing another user’s identity through physical or digital manipulation. The current standard to identify physical iris spoofing attacks on eye-tracking sensors uses gaze-based liveness detection. Liveness detection classifies gaze data as real or fake, which is sufficient to detect physical presentation attacks. However, preliminary work has exposed a vulnerability in current liveness detection models to digitally manipulated spoofing attacks. The proposed objectives of this project are to explore a broader set of digital manipulation attacks to compile a benchmarking dataset for the field of iris spoofing, and use this dataset to facilitate a globally visible research challenge and workshop to establish a new state-of-the-art defense mechanism. The results of this challenge dataset and the research deliverables in this proposal will inform future considerations for iris spoofing vulnerabilities and is expected to produce IP for the system developed by the PIs, as well as provide a roadmap for future large external research roposals on securing iris biometrics.

6. Title: Fundamentals of Geotagging Images and Videos Using Non-Unique Landmarks
PI: Harpreet S. Dhillon
Lead Institution: Virginia Tech
Co-PIs & Institution: Michael Buehrer (VT)
Funding Program: FY25 Research Program

Summary: The problem of geolocating videos and images from unknown locations is of fundamental interest in numerous cybersecurity applications. Since large databases of geotagged aerial/satellite images are available, this problem reduces to establishing a mapping between a ground viewpoint and its corresponding geotagged aerial viewpoint. This is a highly challenging problem since different parts of the same object might be occluded in the two viewpoints, making it appear very different in the ground and aerial images. Despite recent advances in deep learning, a deployable solution to this problem has eluded us. The overarching goal of this research effort is to develop a systematic solution to this problem based on the observation that only a small part of any image is typically useful for geolocation. In the absence of any recognizable landmarks, the task reduces to using the relative placement of a combination of distinct types of landmarks, where landmarks of the same type may be indistinguishable. If this relative placement of several landmarks is unique enough on a map, it immediately reduces the number of candidate solutions significantly. Modeling these landmarks as an appropriately chosen marked point process, we study the uniqueness of various combinations of different landmarks through a metric termed localizability, which is the probability that the exact pattern of landmarks observed in the image of interest will appear elsewhere in the dataset or map. These initial results will feed into an external grant application where the point process representations will also inform novel attention mechanisms for cross-domain learning.

7. Title: Addressing Software Defects and Security Vulnerabilities in Smart Home Automations
PI: Xinghua Gao
Lead Institution: Virginia Tech
Co-PIs & Institution:  Na Meng, Daphne Yao
Funding Program: FY25 Research Program

Summary: Smart homes are becoming prevalent. People tend to transform residences into smart homes by customizing off-the-shelf smart home platforms, instead of creating IoT systems from scratch. Among the alternatives, Home Assistant (HA) is the most popular platform and has about one million users around the world, mainly because it is free and open-sourced. HA allows end-users (i.e., home residents) to smartify homes by (S1) integrating selected devices into the system and (S2) creating YAML files to control those devices. Unfortunately, due to the diversity of devices and complexity of automatic configuration, many users have difficulty correctly creating YAML files (i.e., fail in S2). Consequently, their smart homes do not work as expected, causing frustration in users and jeopardizing home safety as well as security. Existing tools provide limited support in helping people develop home automation. This project will create HAC (short for Home Automation Check)—a tool framework to help people address software bugs and security vulnerabilities in YAML files.

Specifically, we will (i) create a debugger to detect and fix bugs in YAML-based automation configuration via static analysis, to address coding issues that prevent automation from execution, (ii) create a simulation-based automatic test generator, to reveal vulnerabilities of safety and security via automatic test generation and simulation, and (iii) hold a workshop on smart home security to invite researchers, share ideas, and promote collaboration. If successful, our research will help HA end-users to easily customize HA to their own smart homes for better life quality, home security, and energy efficiency.

9. Title: Enhancing the Privacy of Users with Disabilities Through Transparent Web Advertisement
PI: Muhammad Ali Gulzar
Lead Institution: Virginia Tech
Co-PIs & Institution: Eugenia Rho (VT)
Funding Program: FY25 Research Program

Summary: Web advertising (ads) fuels free content and services but often comes at the cost of privacy violations. This is especially concerning for users with visual impairment and cognitive disabilities who are deceived into interacting with ads as they struggle to interpret the ads’ true intent. Such involuntary interaction with deceptive ads leaks users' browsing activity to third-party services, which is a clear breach of privacy. This proposal aims to achieve equal access to privacy-critical information necessary for users with disabilities to distinguish ads from benign web content, understand the true content of ads, and the consequences of interacting with ads on the web. To this end, we will first conduct a large-scale mixed-method investigation to assess the ADA compliance of web ads across 100K sample websites. More importantly, we will measure the prevalence of misleading alternate text of accessible ads, which is even more deceiving and harmful. We will design a technique that automatically transforms non-ADA-compliant ads into accessible and transparent ads, disclosing their privacy-invasive operations preemptively in plain language. Utilizing the team’s complementary expertise in tracking Javascript localization and computational linguistics, we propose tracing the flow of sensitive personal data from ads to malicious actors and incorporating its comprehensible description in the ads' alternate text. There are 84 million internet users in the US alone who have some form of disability. This research will be transformative in equipping these internet users with tools to perform safe and informed interactions on the web.

8. Title: Secure Component Monitoring in Open FutureG Networks
PI: Wenjing Lou
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY25 Research Program

Summary: The project aims to ensure operational security and build observability into network components in the 5G and beyond (i.e., FutureG) cellular networks using remote attestation. The FutureG network serves as the information backbone for millions of connected devices, enabling high bandwidth, low latency, greater coverage, and reliable connectivity. The implementation of Open Radio Access Network (ORAN) opens up the interfaces between network components and enables the operators to mix and match components from different vendors. However, this also increases the risk of disruption or malicious attacks that could lead to severe consequences. To address this, full visibility into the network’s operational state is crucial. Remote attestation is a recent development in trusted computing that allows for cryptographic verification of the system’s expected functionality. The PI and her research team have extensive research experience in this field. In this project, we propose a network attestation tool with two key components: a network evidence aggregator and an end-point evidence monitoring system. We will develop and implement the two novel components and demonstrate their capability to verify components’ operational security and enhance network visibility. The outcomes are expected to provide important preliminary results for a planned large proposal submission.

10. Title: Coding theory for modern secure communication and computation
PI: Gretchen Matthews
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY25 Research Program

Summary: This project uses coding theory to address two key themes in connected computing, modern communications and computations: providing noise control and mitigation in support of quantum computing and ensuring security and efficiency of quantum-safe schemes for encryption. Objectives include the design of new quantum error correcting codes which mitigate errors in qubits and updated security analysis of quantum-safe cryptosystems.

11. Title: Resilient cordinated control of renewable-based power grid under cyberattacks
PI: Ali Mehrizi-Sani
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY25 Research Program

Summary: The overarching objective of this research proposal is to create and evaluate cyberattack-resilient algorithms for control of the renewables-based power grid. The United States is investing in generating electricity from renewable sources such as solar and wind. These resources differ from conventional thermal and hydro generation plants, which are based on large synchronous generators, in how they are connected to the grid: Instead of direct connection, they use power electronics devices called inverters to condition the generated electric power to have the voltage and current waveform required by the grid. This mode of generation introduces several challenges in power system operation and control. Examples of these challenges include smaller size, larger number, lack of mechanical inertia, and sensitivity to overcurrents and overvoltages. These present a major departure in both steady-state and dynamic characteristics of the power system. Addressing these challenges requires closer coordination between IBRs through communication- based distributed control. However, communication introduces the risk of cyberattacks. Therefore, this proposal focuses on creating algorithms that are resilient-by-design to cyberattacks. We argue that this line of research addresses a critical gap as we are at a point when different technology areas are maturing and have introduced new applications: these technologies are power system IBR-based edge devices, communication (5G and beyond), and availability of control and computational power. Upon its successful completion, this proposal will enable the foundational work leading to creation of a start-up marketing cybersecurity solutions for the power grid.

12. Title: Bolstering safety and trust in multimodal foundation models through risk, attack, and defense analysis
PI: Chris Thomas
Lead Institution: Virginia Tech
Co-PIs & Institution: Ruoxi Jia 
Funding Program: FY25 Research Program

Summary: Recent years have seen an explosion of interest in large language model AI systems like ChatGPT. Despite the promise of these models, their use comes with many risks, such as producing harmful outputs or being compromised by malicious actors. These risks have limited the deployment of such models in critical settings where reliability and security are important. Advanced AI systems are now moving beyond purely textual models to handle multiple types of data, such as both text and images, which introduces new risks. This project aims to make the next generation of large multimodal models, like GPT-4o, safer and more reliable by understanding the unique risks associated with these models and creating new methods to test and improve their security. It will develop techniques to detect and fix problems in the data used to train these models and spot hidden threats that could cause unexpected behaviors. The goal is to ensure these AI systems can be safely used in important areas like healthcare by enhancing their safety and reliability. Expected outcomes include improved techniques for testing AI safety, identifying risks, and ensuring models are safe to use. The project will share its findings through workshops and academic papers to help others understand and address AI security challenges.

13. Title: Privacy-Preserving Digital Twin Generation for Electronic Health Records with Large Language Models
PI: Xuan Wang
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY25 Research Program

Summary: This project aims to develop high-fidelity digital twin generation methods for patient electronic health records (EHRs) to ensure personalized care in complex clinical settings while preserving privacy. Digital twins are anonymized and synthetic representations of real patients, providing valuable insights for healthcare research and analysis while minimizing clinical risks and reducing costs. However, generating digital twins for EHRs poses significant challenges due to data inconsistencies, diverse events, and model generalizability. To address these challenges, we propose novel methods combining temporal augmentation, external supervision, and multi-agent large language models to enhance digital twin accuracy and clinical validity. Additionally, we propose to demonstrate adaptability and effectiveness of our methods in real-world settings and test generalizability across various medical conditions and treatment procedures. This project will have a profound impact on healthcare and society, contributing to improved patient care, enhanced healthcare research, increased patient privacy, reduced healthcare costs, and broader applications in medical device development, pharmaceutical research, and public health policy. 

1. Title: CyberFarm: The Commonwelth's 1st CyberAg Datathon
PI: Feras A. Batarseh
Lead Institution: Virginia tech
Co-PIs & Institution: None
Funding Program: FY25 Workforce

Summary: The Commonwealth Cyber Initiative Southwest Node (CCI-SW), Center for Advanced Innovation in Agriculture (CAIA), and the AI Assurance & Applications (A3) Lab, will hold the first VA Cyberbiosecurity/CyberAg challenge, i.e., CyberFarm. Teams from CCI SW node institutions partake, but have to be led by a Virginia Tech member (a VT graduate student, postdoc, or faculty), undergrads are allowed to partake. Each team should at least have two members. Teams submit proposals to develop Cyber frameworks for one form of agriculture, for instance, for controlled- environment agriculture (CEA), seafood, water systems, dairy farm, or any other agricultural system.

2. Title: Professional Accelerated Cyber Education (PACE)
PI: Matt Dunleavy
Lead Institution: Radford University
Co-PIs & Institution: Prem Uppuluri (RU)
Funding Program: FY25 Workforce 

Summary: In this Commonwealth Cyber Initiative (CCI) proposal, Radford University’s Professional Accelerated Cyber Education (PACE) project will increase cybersecurity capacity within a select group of businesses and organizations in southwest Virginia. This proposed project aligns directly with the workforce development component of the CCI mission. The proposed PACE training initiative will increase cybersecurity capacity in participating organizations and research its alignment and efficacy relative to industry needs by:

• Delivering accelerated, online, and competency-based cybersecurity courses and certificates to working adults in companies and organizations in southwest Virginia;
• Strengthening the quality of the PACE training with Quality Matters certification for each cybersecurity course;
• Researching the PACE course alignment and efficacy with industry needs.

This proposed project will help businesses and organizations strengthen their cybersecurity posture to protect their data and networks more effectively by upskilling and reskilling their participating IT personnel. In addition, the project will enhance and align thetraining with industry needs and Quality Matters standards.

3. Title: Use & Abuse of Personal Information - Account Interaction Engine
PI: Dr. Alan Michaels
Lead Institution: Virginia Military Institute
Co-PIs & Institution: None
Funding Program: FY25 Workforce 

Summary: The Use & Abuse of Personal Information project seeks to address research questions across diverse academic disciplines by measuring online stewardship of personally-identifiable information (PI) and propagation of spam across the internet using an open-source intelligence (OSINT) automated collection engine. This OSINT engine generates fake online personas (fakeIDs) featuring a broad array of characteristics including name, age, race/ethnicity, political party, highest education achieved, job title, etc., which stand up to superficial scrutiny. Using a semi-automated signup process, these fakeIDs are used to sign up in a one-time-only online transaction with a single online service which allows us to attribute any propagation of that fakeID’s attributes to a failure of stewardship on behalf of the target online service. Using this generalized experimental model, we have addressed a wide range of applied cybersecurity and social science research questions, producing student-led publications as well as mentoring students through OSINT collection and data analysis. As an extension of the foundational passive collection system (email, SMS, voicemail), we plan to re-architect the production U&A systems to support integration of a real-time “account interaction engine” that will enable more robust interactive experimentation with the fake IDs. As a stretch objective, we will also refine current web scraping and data analysis capabilities. The proposed U&A research will continue to engage students from a wide array of majors, though the present scope is more focused on the U&A infrastructure, while related proposals are pending with greater focus on paid engagement of experiential learning students.

1. Title: Security vs Performance Trade-offs for symmetric ciphers in the Quantum world
PI: Atul Mantri 
Lead Institution: Virginia Tech 
Co-PIs & Institution: None
Funding Program: FY25 Innovation Program

Summary: This project addresses the security of symmetric cryptography in the quantum era, focusing on block ciphers like AES. Our main objectives are to establish provable security bounds and design effective quantum attacks by exploiting cipher structures and integrating quantum algorithms. We will optimize quantum resource requirements to assess attack feasibility on current quantum hardware.Collaborations with experimental groups and industry partners will ensure practical applicability and explore the real-world impact of quantum cryptanalysis on IoT devices. Additionally, we will train students and postdocs in quantum cybersecurity. The outcomes will enhance our understanding of quantum-safe cryptography, inform seure cipher designs, and support future NSF CAREER proposals and collaborative grants. This research will develop robust, quantum-resistant cryptographic solutions to protect sensitive data and infrastructure in the quantum world.

2. Title: Holistic Measurement and Mitigation of Email Security Vulnerabilities: Infrastructure, Tools, and Commercialization
PI: Dr. Taejoong Chung
Lead Institution: Virginia Tech 
Co-PIs & Institution: None
Funding Program: FY25 Innovation Program

Summary: Email has become an essential communication tool, but the original email protocol lacks inherent security features, leaving it vulnerable to various threats. While security protocols like SPF, DKIM, DMARC, DANE and MTA-STS have been introduced to address sender verification and encryption, their effectiveness is hindered by misconfigurations, vulnerabilities and lack of user awareness. This project aims to enhance email security through a holistic approach:

• Develop a comprehensive measurement infrastructure to continuously monitor the adoption, deployment and configuration of email security protocols across major providers and domains.
• Create diagnostic tools leveraging machine learning to automatically generate code for implementing new email security protocols, reducing the time and effort required.
• Explore commercialization of the research deliverables, offering email security assessments, continuous monitoring services, and integration with existing security solutions.
• Raise awareness and educate users and providers about email security best practices.