Funded programs 2022
1. Title: SmallSat Testbed for Cybersecurity and Resiliency
PI: Jonathan Black
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY22 Research Program
Summary: The initial goal of this testbed is to serve as a foundation with which to research satellite-based internet constellations. Specifically, interconnections (crosslinking) between constellations, which is a capability unique to this facility. It is part of an overall project to emulate satellite constellations through scalable hardware and software models. Our collaborators including Space@VT, Wireless@VT, GMU, and the University of Surrey Distributed and Networked Systems Group and Surrey Centre for Cyber Security in the Department of Computer Science in the UK. We plan on linking these testbeds across the Atlantic providing students a unique international experiential educational collaboration. Applications of the scalable satellite testbed also include rural broadband, 5G in space, and space cybersecurity. Additional collaborations with external companies and universities were planned following the international workshop 12-13 July 2022.
2. Title: Deep Resilience for Multifaceted Federated Learning in Internet-of-Everything
PI: Jin-Hee Cho
Lead Institution: Virginia Tech
Co-PIs & Institution: Hoda Eldardiry (VT), Hongui Wu, Rui Ning, Chunsheng Xin, Jiang Li (ODU)
Funding Program: FY22 Research Collaboration
Summary: In this project, we will investigate security and privacy concerns in the system using federated learning (FL) as the uploaded data may contain private, valuable, or even safety-critical information. At the same time, it is expensive to continuously transfer the raw data from a massive number of Internet-of-Everything devices to the central server, and such a model is particularly prone to single-node failure due to its centralized nature. Moreover, it is usually infeasible to validate the ocean amount of data on a central server. The overarching goal of this project is to explore and analyze new attacks from the emerging Internet of Everything (IoE) environments in deploying the federated learning framework and develop defense mechanisms to detect and mitigate those new attacks.
3. Title: Cyber Biosecurity for SmartFarm Innovation Network agricultural testbeds
PI: Susan Duncan
Lead Institution: Virginia Tech
Co-PIs & Institution: Ford Ramsey (VT)
Funding Program: FY22 Research Program
Summary: The Virginia Tech SmartFarm Innovation Network research testbeds serve as demonstration sites for agricultural technology and innovation. These testbeds serve as excellent sites for evaluating cyberbiosecurity risks and protections for agricultural data. The objective of this project is to introduce CCI and Center for Advanced Innovation in Agriculture (CAIA) affiliated faculty to agricultural technologies in practice and assess and discuss networking, cyberbiosecurity, and cyber-physical security in relation to a variety of agricultural practices and commodity products. CAIA coordinated an agricultural-cyber field day event, held at the Virginia Tech farms, on April 29, 2022. The New Faculty CAIA-CCI Agricultural Cyber Road Trip to ARECs was held May 24-25. In both events, faculty learned about the use of technology and the internet-of-things influence in agriculture. The increasing risks associated with protecting and securing the farm to fork enterprise from malicious cyber-based attacks were discussed.
4. Title: Secure quantum networks robust to adversarial nodes via large scale-entanglement
PI: Sophia Economou
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY22 Research Program
Summary: Quantum networks will have a transformative effect on cybersecurity: quantum information is secure because eavesdroppers can be detected. A major obstacle in realizing quantum networks is the difficulty in creating complex quantum correlated states of light, which are critical for distributing quantum information robustly across the network. This project focuses on identifying optimal states that can be used for this task and on designing protocols for generating them. Unlike the standard approaches, which are probabilistic and thus inefficient, our approach is based on using photonic emitters, so that the generation process can be deterministic. Our team is taking the following approach: create quantum correlations between matter quantum bits (qubits), which are also quantum emitters, in a way that the quantum correlations between them can be transferred to the emitted photons. We propose to implement this using two complementary protocols: in the first protocol, we determine how to control and couple to each other two or more emitters prior to “pumping” them so that the resulting emitted photons emerge in the desired, highly correlated, state. Here, time is used as a resource, as the photons are created sequentially. In the second protocol, the full state is created on the matter qubits and then mapped (transferred) to the photons. There is a continuum between these two approaches, which we are exploring in order to determine the optimal scheme in the presence of realistic errors. The results of this research could have a dramatic effect in demonstrating ‘quantum advantage’ in quantum communication networks.
5. Title: Automated Construction of Threat Knowledge Graph for ICS Security
PI: Peng Gao
Lead Institution: Virginia Tech
Co-PIs & Institution: Yixin Sun (UVA)
Funding Program: FY22 Research Collaboration Program
Summary: We aim to build a knowledge graph for the Industrial Control Systems (ICS) security domain using Artificial Intelligence (AI) and Natural Language Processing (NLP) techniques. The knowledge graph would empower various defenses for ICS security.
6. Title: Supporting Multi-Scale Latency Services and Security Enhancement for 5G/Next-G
PI: Tom Hou
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY22 Research Program
Summary: This research focus on supporting ultra-low latency and enhancing security in 5G/next-G wireless communications. The main tasks in this CCI Southwest budget cycle are: 1) Develop fundamental principles and scheduling algorithms to support multi-scale latency services for 5G/next-G. This research not only generalizes existing research with greater technical depth, but also transforms latency research with new results of higher practical impacts. We propose to employ GPU-based design for latency scheduling, which has the potential to offer a low-cost, off-the-shelf solution in a time scale of ~100 us. This approach represents a new direction for scheduler design to meet the most stringent time resolution in the 5G standard. Our validation plan pursues a system-oriented approach that helps us to close the gap between new 5G latency theories and algorithms and what is achievable in practice. The outcome of this research will produce practical algorithms and patentable intellectual properties that address 5G latency problems in the field. 2) Enhance trustworthiness in information collection through device remote attestation. Remote attestation must provide reliable evidence about the state of the software execution on the remote system. Conventional software-based attestation is limited to one-hop network as it requires authenticated channel and the appraiser must know exact hardware configuration of the target. We will explore hardware-assisted remote attestation. Many modern devices are powerful enough to perform light-weight cryptographic functions. While a trusted platform module (TPM) available on many laptops and desktops may be too complex and expensive, next-generation ARM Microcontrollers widely used in mobile devices feature TrustZone-M, a lightweight trust anchor suitable for low-end embedded devices. In contrast to conventional software remote attestation that examines only the software properties of a device, our research aims to verify a broader array of application–specific context information.
7. Title: Security Issues and Challenges of Voice-based Social Networks
PI: Youna Jung
Lead Institution: Virginia Military Institute
Co-PIs & Institution: None
Funding Program: FY22 Research Engagement Program
Summary: In recent emergencies and disasters, we have witnessed online social networks (OSNs), such as Facebook, Twitter and Instagram, have been used to share vital information and organize groups to help victims of disasters. To provide emergency-responsive collaboration through OSNs, some innovative systems such as Whistle and HyDRS and community-based access control models including CRiBAC and CPBAC have been developed. However, the practical use of those systems has been hindered by its limitations in text-based communication: 1) non-hands-free operation, 2) no consideration for people with disabilities (reading and writing/typing are mandatory), and 3) time-consuming. The emerging voice-based social networks (VBSNs) like Clubhouse could address the limitation. To meet the necessity, in this project, we examine existing voice-based social networks and identify their security issues and challenges. The result of this project will be the basis of future research to develop a voice based real-time collaboration framework for emergency response.
8. Title: Impact of 5G on the Existing and Future Grid: Concept Evaluation and Testbed Demonstration
PI: Chen Ching Liu
Lead Institution: Virginia Tech
Co-PIs & Institution: Ali Mehrizi-Sani, Dushan Boroyevich, Igor Cvetkovic (VT)
Funding Program: FY22 Research Program
Summary: In this project, we are developing a testbed, called “5GPG,” that provides an environment for co-simulation of physical and cyber aspects of the electric power grid. This testbed leverages existing facilities and equipment available at Virginia Tech’s Power and Energy Center (PEC) and Center for Power Electronics Systems (CPES). Our goal is to enable future power grids with the emerging 5G communication capabilities. The 5GPG will allow power systems to greatly enhance the monitoring, operation, control, protection, and trading functions. The 5G provides a convergence of pervasive broadband, sensing, and intelligence. Furthermore, moving to 5G brings the Internet-of-Energy into future power markets, providing great benefits to the utilities and consumers. The testbed includes the following components and functions: transmission and distribution, distributed energy resources, loads, and controllers, we are developing the access to the CCI 5G Testbed. The VT 5GPG testbed enables the investigation of different communication strategies on the cyber-power system.
9. Title: Coding for Cybersecurity
PI: Gretchen Matthews
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY22 Research Program
Summary: Polar coding supports 5G technology with a new communication paradigm introduced in 2009. There remains a gap between theoretical results and applications, impacting their use in cyberphysical systems and presenting security risks and advantages. Synthetic channels are created, some of which are upgraded while others are deteriorated from the original. Polarization occurs when enough of the synthetic channels become nearly perfect while the others are practically unreliable. The desired communication takes place via the nearly perfect channels while the others, coined frozen, are not used. This project centers on coding designed to harness this phenomenon in practical settings. One thrust involves developing a framework which supports fast polarization for channels with memory, addressing the problem of intersymbol interference. Most applications involve channels that fall into this category rather than that for which the original theory was developed. Ignoring the difference makes for unreliable communication. Another theme involves utilizing the frozen channels for cryptographic purposes. The frozen channels are considered wasted as they are completely unreliable, meaning their outputs may not resemble the inputs due to high level of noise. However, we propose a method for manipulating the construction to allow for the frozen channels to be used to establish a shared key to be used for secure communication. Finally, we explore variants of polar codes for use in post-quantum cryptosystems, meaning those which are resilient to attack by algorithms executed on a quantum computer, as well as for quantum error-correction to support communication in quantum networks.
10. Title: C-V2X Support
PI: Michael Mollenhauer
Lead Institution: Virginia Tech
CoPIs & Institution: Luke Neurauter, Jean Paul Talledo Vilela, Marty Miller (VT) Funding Program: FY22 Research Program
Summary: This project is centered around executing secure private 5G deployments for transportation use-cases. VTTI is working with a new industry partner (NEC), who is contributing to testbed improvements and capabilities in exchange for VTTI’s development of communication protocols and performance analysis. NEC has provided equipment and software for evaluations of Private 5G and C-V2X enabled smart intersection monitoring and related use cases. VTTI and NEC have completed the install of a Private 5G network supporting video analytics using camera sensors at the VTTI Smart Road intersection. NEC visited VTTI during 06/13/22 – 06/24/22 time period and both teams executed the configuration, calibration and critical use case scenario testing at VTTI’s Smart Road. The 5G/Private LTE solution included systems running at VTTI’s Data Center and sub-systems running at the VTTI Smart Road intersection.
11. Title: Remote Operator Workstation
PI: Michael Mollenhauer
Lead Institution: Virginia Tech
Co-PIs & Institution: Luke Neurauter, Jean Paul Talledo Vilela, Marty Miller (VT)
Funding Program: FY22 Research Program
Summary: This project involves continued advancements with the remote automated vehicle experimenter/operator workstation that started in FY21. Efforts related to this concept during this round were focused on establishing a remote operator station and communications equipment, used to investigate communication, security, and usability issues while supporting the needs of parallel projects. Companies like Designated Driver https://designateddriver.ai/ and Phantom Auto https://phantom.auto/solution are establishing commercial services in this area. Almost every automobile OEM is also building an automated vehicle monitoring and management capability into their deployment models as well. VTTI and GCAPS have continued to advance capabilities for remote monitoring and implementing a more refined ability to control an automated vehicle from a remote operator station during FY22. As part of a redundant system of failsafe’s, the remote operator now has the ability to bring the vehicle to an abrupt, but controlled, stop, if necessary based on the given conditions. Considerable efforts were made to create a more robust and configurable user interface with which to monitor the vehicle’s sensors and status.
1. Title: Artificial Intelligence and Visual Analytics in Cybersecurity Experiential Learning for Workforce Readiness
PI: Mohamed Azab
Lead Institution: Virginia Military Institution
Co-PIs & Institution: Ramoni Lasisi, Sherif Abdelhamid (VMI)
Funding Program: FY22 Workforce Program
Summary: ProCyEd (Professional requirements to Cybersecurity Education) aims to address the “readiness gap” between the cybersecurity knowledge, skills and activities (KSA) used in real-life professional careers, and experiential learning offered in cybersecurity curricula. Data-driven assessment is needed to determine the efficacy of educational modules for workforce readiness and advancement. Combining Artificial Intelligence (AI) (for example, gaming, machine learning, and computational intelligence) and Visual Analytics (VA) (for example, interactive visualizations and using AI to inform and guide VA discovery process), ProCyEd can provide a comprehensive platform that helps guiding users acquiring the right experiential training and education that qualifies them for a specific career path in cybersecurity. ProCyEd framework and attached tools enables adaptive experiential learning experience that better prepare students for the cybersecurity work field.
2. Title: Cyber security aware IoT Networks: An Internship Program for high school students
PI: Mohamed Azab
Lead Institution: Virginia Military Institution
Co-PIs & Institution: None
Funding Program: FY22 Workforce Program
Summary: Inspired by the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, our aim is to graduate the next cyber leaders with the knowledge, skills, and abilities to effectively perform, both as individuals and as a member of team. We built our internship program as a pilot project to connect college students with high schoolers in a hands-on based training program. The tasks required for cybersecurity work, and the readiness to serve cyber missions depends mainly on the student’s ability to understand cyber operations, the value of cyber security aware design and development. These are key for many roles such as Data Scientists, Reverse Engineers, Malware and Exploitation Analysts, Vulnerability Researchers, and Information Operations Integrators into Cyber Operations. In addition to cultivating extensive technical competencies, effective cyber leadership requires the development of knowledge, skills, and abilities that are not typically addressed in regular educational programs. With the help of this grant and in cooperation with the DoD sponsored cyber defense lab, we used trained cadets (captains) as trainers and coworkers to transfer the knowledge and train the participating high school candidates.
3. Title: Research Experiences for Community College and K-12 teachers
PI: Joe Chase
Lead Institution: Radford University
Co-PIs & Institution: B. Bagby (VWCC)
Funding Program: FY22 Workforce Program
Summary: Radford University, in collaboration with Virginia Western Community College, is working with teachers in K-12 and Community Colleges across Virginia to develop research experiences in the areas of security analysis, cryptography and Internet of Things (IoT) security. K-12 and community college educators will use the experience gained through research participation to develop classroom-appropriate experiential learning exercises in cybersecurity and related topics. K-12 and community college educators will work in the Artis Cybersecurity Research and Education Lab - a facility that includes IoT labs and Security analysis lab - and participate in exploring privacy of IoT devices used in smart home and environments relevant to SWVA region such as manufacturing, agriculture and networking research. Current research in 5G at Radford will also be part of these experiences. To prepare the educators for research, camps will be conducted in security topics supported by other grants (e.g., NSA Capacity Building grant (2021-22)).
4. Title: CCI Southwest Cyber Internships - GCAPS
PI: Frank Della Pia
Lead Institution: GCAPS
Co-PIs & Institution: None
Funding Program: FY22 Workforce Program
Summary: The goal of this project was to provide local cybersecurity students with hands-on experience using cybersecurity concepts as well as providing them with relevant work experience to help them find future opportunities in the cybersecurity workspace. Two projects were created for the students to work on that would be relevant to their cybersecurity backgrounds and help them expand their knowledge in their field. The students were to be split into two groups with each of the groups being assigned one of the projects to take on and complete. One of the groups of students would be working on a project to support VTTI in their organization of a tech showcase event that would be used to demonstrate different CCI funded projects and technologies that were being developed and encourage researchers from the various CCI nodes to collaborate. Specifically, they would be working on developing a Hack-a-thon capture the flag style competition utilizing the technology that VTTI would be demonstrating in the tech showcase event to create challenges for participants to solve. This project also identifies a framework that can be used to organize future capture the flag competitions. The other group of students would be working on a project to identify and research security vulnerabilities and attacks and some security products and solutions for V2X networks. This project’s goal was to determine what security concerns currently exist in the growing V2X space and what the current state-of-the-art is for mitigating those concerns. This project gathers technical information about V2X security that can be used in future projects involving V2X technology.
5. Title: Experiential learning Mini-grants in cyberbiosecurity and data analytics in agricultural and food systems for increasing SmartFarm technology development, applications, and data security
PI: Susan Duncan
Lead Institution: Virginia Tech
Co-PIs & Institution: Ford Ramsey (VT)
Funding Program: FY22 Workforce Program
Summary: Data analytics and security are essential topics for students in agriculture and the life sciences; these students must be prepared to analyze and protect life science data in associated industries. While a few undergraduate courses introduce related concepts, greater effort is needed to reach the broader agricultural and life science student population. This initiative provides mini-grants to support experiential learning for developing cyberbiosecurity and data analytics case studies, course modules, or experiential learning opportunities for agricultural and food systems-focused community college, undergraduate, and graduate courses. A request for proposals was distributed in Fall 2021 for experiential learning materials developed by graduate students with mentoring from VT Center for Advanced Innovation in Agriculture (CAIA) affiliate faculty and faculty at other CCI-affiliated institutions. Four proposals were received and three proposals were funded (two from CCI funding; one from CAIA funding). A second RFA was distributed in January 2022 for faculty to address course module development. Seven proposals were received and six proposals were funded. Three projects were directly funded through CCI Southwest and three were funded through CAIA resources. Projects ranged from data analytics for animal agriculture, soil chemistry, and food processing to cyberbiosecurity for agriculture and food science students. Projects involved faculty and students from Virginia Tech, Radford University, Lord Fairfax/Laurel Ridge and Virginia Western community colleges. Learning materials from each project are being developed and will be shared through open educational resource options.
6. Title: Security Clearance Ready Certificate (SCRC) Program
PI: Ehren Hill
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY22 Workforce Program
Summary: Security Clearance Ready Certificate (SCRC) is a program that informs undergraduate and graduate students about and prepares them for the security clearance process. The SCRC program is available to all students at CCI SWVA institutions. Students are required to attend four seminars during the academic year to earn the SCRC. There will be many opportunities to participate in seminars via virtual platforms (such as zoom) or in person. This program is designed to demystify the clearance process and streamline pathways between higher education programs and jobs requiring security clearance.
7. Title: Technology Enabled Internships and Mentoring (TEIM)
PI: Bobby Keener
Lead Institution: CivilianCyber
Co-PIs & Institution: none
Funding Program: FY22 Workforce Program
Summary: The Technology Enabled Internships and Mentoring (TEIM) program was developed to build the workforce-ready skills of a select group of SW VA students with a desire to pursue a cybersecurity career. The program combines high-quality education with critical thinking/soft skills and applied knowledge; by delivering an immersive industry-work experience with mentoring relationships. The technology-driven work/experiential self-directed learning curriculum increased the student’s knowledge of key cybersecurity concepts and supported interactions with industry professionals during the weekly mentoring sessions. Students accessed the learning content via the secure online application, Your Career Counselor (YCC), which has been developed by CivilianCyber to help students advance their knowledge of key cybersecurity concepts. Over the course of the eight-week program the students completed a cybersecurity learning module (comprised of both written, video, and interactive lessons), including: 1) Cybersecurity Awareness and Planning, 2) Data Governance, 3) Resilience, Back Up and Recovery, 4) Network and Data Access, 5) Student Driven Topic, 6) Program Conclusion
8. Title: CCI Southwest Cyber Internships - VT
PI: Randy Marchany
Lead Institution: Virginia Tech
Co-PIs & Institution: none
Funding Program: FY22 Workforce Program
Summary: The project consists of hiring Virginia Tech students to work in the central Information Technology (IT) area. The interns will focus on cyber security tasks in the cyber defense, security architecture and risk management areas.
9. Title: Cybersecurity Vertically Integrated Projects (VIPs)
PI: Alan Michaels
Lead Institution: Virginia Tech
Co-PIs & Institution: Kevin Heaslip (VT)
Funding Program: FY22 Workforce Program
Summary: The “Use & Abuse of Personal Information” project is aimed primarily at the multi-disciplinary evaluation of propagation of personal information across the Internet. The project’s general approach is to create false identities, use these identities to sign up for websites, and then evaluate emails, SMS messages, and phone calls received as a result of the signups. Last year’s pilot project involved 15 students from 10 different majors, with their results leading to a presentation at Blackhat USA 2021 and 3 follow-on publications (1 at the ACM-sponsored Data Privacy Management workshop of the ESORICS conference and 2 at the IEEE-sponsored Intelligence and Security Informatics conference), all accepted/presented Fall 2021. This AY’s project team, involving 13 students from 7 majors, was broken into three sub-teams: one focused on the voicemail/SMS collection engine, a second focused on the email server, and the last focused on building the target organization list and specific research questions. The first sub-team completed a trade study Fall 2021 before selecting and ordering an open source (FreePBX) phone server, which is now mostly configured. The second sub-team has finished configuring the email server and is adding additional functionality aimed at simulating repeated interactions to improve the believability of the false identities. The third sub-team located a database of over three million internet organizations and is curating the database to address specific research questions currently under development. In parallel with these CCI teams, (1) Raytheon IIS has funded three additional sub-teams focused on data analytics and post-processing of the content, helping build a larger ecosystem of PII research and (2) OUSD has funded an ECE senior design team focused on developing an account signup acceleration engine. Work continues over the 2022 summer semester to establish a new database to catalogue the signups, develop methods for user authentication and logging, and merge sub-team code repositories.
10. Title: Competition Training to Increase Pathways to Cybersecurity Workforce
PI: Jeff Pittges
Lead Institution: Radford University
Co-PIs & Institution: Prem Uppuluri (RU), B. Bagby (VWCC), Clayton Calvert (Germana CC), Melissa Stange (Lord Fairfax CC)
Funding Program: FY22 Workforce Program
Summary: The project has three main objectives including: 1) Training for competitions led by industry experts, 2) Exercise development by faculty and student to provide competition training and 3) Training with other college teams. The first objective was addressed in the fall of 2021. Two industry experts, Keith McMannon (red Canary) and Dr. Arnab Ray (Abbott Labs), provided training on red -teaming and medical device security respectively. In the Spring of 2022, training was done by Liam Epperly on pen-testing. For the Fall 2022 the team is currently working on training sessions in network security, linux, securing IoT devices and red-teaming. Dr. Art Carter and Dr. Jeff Pittges are in discussions with Sedulous on providing internships and other experiential learning related to cybersecurity (https://sedulous.com) Dr. Uppuluri and Dr. Pittges met with SkyePoint Decisions to provide guest lectures and possibly a workshop and other engagements. Skyepoint may also train students on mock interviews (https://skyepoint.com/about-skyepoint/leadership-team). The second objective will be accomplished through an RFP issued for proposals to develop exercises. The RFP has been released and proposals will be accepted through Summer 2022. Selected exercises will be hosted either on the Virginia Cyber Range or Radford University Range. Dr. David Raymond at Virginia Cyber Range has agreed to post exercises on the Range as feasible. Training between teams from Virginia Western Community College, Germanna Community College, Lord Fairfax Community College and Radford University will be conducted in Fall 2022 and Spring 2023 to address the third objective of training with other college teams.
11. Title: Cybersecurity Careers Video Series
PI: David Raymond
Lead Institution: Virginia Tech
Co-PIs & Institution: none
Funding Program: FY22 Workforce Program
Summary: To fill current open cybersecurity positions and to meet the expected growth in cybersecurity positions, the Virginia Cyber Range plans to develop a cybersecurity careers video series highlighting diversity in cybersecurity to increase interest in cybersecurity as a career. The Cyber Range will interview current cybersecurity students in high schools in Virginia who are interested in pursuing a career in cybersecurity as well as former students pursuing postsecondary education in pursuit of a cybersecurity career. Our goal is to develop a series of 1-minute videos to promote careers in cybersecurity, including among underrepresented groups. In addition to these students, we will seek to interview individuals currently in the cybersecurity workforce demonstrating diversity in race, gender, disability, age, veterans’ status, etc. We will align their work roles with the NICE Cybersecurity Workforce Framework work roles. The videos will also highlight non-technical cybersecurity roles in marketing, business, and leadership. The Virginia Cyber Range will contract with a professional video production company to ensure a professional video is produced.
12. Title: Summer Faculty Boot Camp for Developing Virginia Tech Partnerships in Quantum Information Science and Engineering (QISE) with Historically Black Colleges and Universities (HBCUs)
PI: Wayne Scales
Lead Institution: Virginia Tech
Co-PIs & Institution: none
Funding Program: FY22 Workforce Program
Summary: Quantum Information Science and Engineering (QISE) is a rapidly growing research and educational agenda at Virginia Tech (VT). The Colleges of Science and Engineering, the Innovation Campus, as well as the Commonwealth Cyber Initiative (CCI) are experiencing growth in QISE. The federal government (e.g. NSF, DoD, DoE) and industry (e.g. IBM) expect Historically Black Colleges and Universities (HBCUs) to play an important role in developing the future QISE workforce. However, at most HBCUs, QISE expertise, research, education, and infrastructure is at a nascent state. This project seeks to develop sustainable and equitable partnerships in QISE with HBCUs that are mutually beneficial to VT and HBCU partner institutions. The project will ultimately lead to expanded opportunities for research funding, curriculum development, diversifying the VT graduate student body and ultimately diversifying the QISE workforce.
13. Title: Project Charter Quantum Science and Engineering
PI: Wayne Scales
Lead Institution: Virginia Tech
Co-PIs & Institution: none
Funding Program: FY22 Workforce Program
Summary: Quantum Information Science and Engineering (QISE) is expected to revolutionize society in the coming decades. Virginia Tech has recently recognized QISE as an Virginia Tech Research and Innovation ‘Frontier Research Area’ and set up an ICTAS-level research center. There must be a well-trained QISE workforce in the Commonwealth. This project is a collaboration between Virginia Tech Engineering Online and the Department of Electrical Engineering to meet four related objectives: 1) To develop an online virtual lab (piloted in-person spring 2022; initial online course development complete June 1 2022), 2) To develop modular open educational resources in quantum science and engineering with a focus on security applications. (modules to be determined by partners in August 2022), 3) To develop a strategic partnership with HBCUs, which the federal government, corporate and philanthropic groups acknowledge is critical for the diverse future QISE workforce, beginning with a collaboration with Prairie View A & M and including Virginia State and additional HBCUs in the Commonwealth, utilizing the platform of the Inclusive Engineering Consortium IEC (iec.org). (partnership with VSU, PVAMU initiated with Feb. 2022 visit and series of development meetings; 4 students recruited for summer 2022), 4) To support proposals for additional external funding, e.g. NSF RISE proposal to be submitted by PVAM and VT to develop infrastructure at PVAM to support he course at other HBCUs longer term. (NSF QISE Workforce grant track 2 submitted with partners, June 2022).
14. Title: HackHouse: Open access IoT Lab in a box
PI: Prem Uppuluri
Lead Institution: Radford University
Co-PIs & Institution: Joe Chase (RU), Amr Hillal (VT)
Funding Program: FY22 Workforce Program
Summary: Radford University is collaborating with Virginia Tech to develop an Internet of Things Lab (IoT lab) that can be used to develop hands on lab exercises to teach security and privacy issues on IoT devices. Why is this useful? As IoT devices become ubiquitous, cybersecurity is no longer confined to traditional computing devices such as laptops and desktops. So, most cybersecurity graduates (Associates, Bachelors and Masters) will work in securing IoT devices. This project will help develop a basic lab that promotes a few security experiments. Specifically, the project aims to: (a) Develop and setup the hardware lab such that network traffic monitoring and capturing tools can be deployed at different points on the IoT network, (b) Develop tools to co-relate captured traffic. Results so far: A basic IoT lab has been set up at Radford. The lab supports monitoring of traffic between IoT devices, between the IoT devices and the WiFi router and the traffic from the WiFi router to the Internet. We have deployed and configured a tool called MITMproxy to monitor encrypted web-based traffic. Currently we are working on setting up MITMproxy in a transparent mode – so that the IoT devices need not be made aware of the monitoring tools. A work in progress poster on this lab was presented at the Colloquium on Information Systems Security Education 2021.
1. Title: Center for Advanced Innovation in Agriculture (CAIA) University-Industry Symposium on Agricultural Innovation, Artificial Intelligence, and Opportunities (AIAIO)
PI: Susan Duncan
Lead Institution: Virginia Tech
Co-PIs & Institution: Ford Ramsey (VT)
Funding Program: FY22 Innovation Program
Summary: Technology application and adoption in food and agriculture requires effective translation of data through integration of data science, software tools, and systems models to create information of relevance for decisions, demonstration of efficiencies, consideration of security, and economic value and return. Conversations between university researchers and industry sectors increases awareness of need and understanding of challenges. This project creates opportunities for discussions with VT faculty, industry, and other universities by contributing supporting funding (sponsorship) to three major efforts: (1) USDA NIFA funded workshop on artificial intelligence innovations in agriculture (Auburn University, Alabama; March 9-11, 2022); (2) the 2022 Virginia Agriculture and Natural Resources Summit (Richmond, Virginia; April 12-13, 2022) with the theme ‘expanding the economy and security of Virginia’s agriculture, natural resources, and food systems; and (3) the 2022 Virginia Agricultural Expo (Port Royal, Virginia; August 4, 2022) with the theme of ‘Precision for Profits’. The impact will be greater awareness of needs and priorities for agricultural stakeholders and a more informed university faculty as they are developing interdisciplinary teams, proposals and student training. Through this effort, CCI Southwest is a recognized sponsor to a broad variety of agriculture and life science industries and a number of universities in Virginia and throughout the Southeast US. The estimated reach of promotion and engagement of CCI in agriculture, through partnership with the VT Center for Advanced Innovation in Agriculture and College of Agriculture and Life Sciences, is approximately 1,000 university, industry, and agricultural stakeholders.
2. Title: Student Entrepreneurial Ideation Challenge (SEIC)
PI: Bobby Keener
Lead Institution: CivilianCyber
Co-PIs & Institution: None
Funding Program: FY22 Innovation Program
Summary: The Student Entrepreneurial Ideation Challenge (SEIC) project was developed to provide a robust, guided entrepreneurial ideation experience for students interested in a cybersecurity career by allowing them to develop cybersecurity solutions/business ideas and then present them to a panel of industry and innovation professionals. The 8-week program brought together six teams of university students located in Southwest Virginia and partnered them with a cyber professional to shape and develop a solution to a cyber security challenge currently faced by companies across the Commonwealth. The challenge entitled, “Solutions to Enable Small Business to Prepare for, Identify and Defend Against the Largest Cybersecurity Threat Areas” allowed the teams to work collaboratively to develop a solution that addressed the top five cybersecurity threat areas that face small businesses. The challenge was posted on the CivilianCyber Workforce Innovation Network platform, which is where the students would submit their solutions. A panel of industry professionals then judged the submissions against a standard rubric of five key criteria including creativity, application of new thinking and innovative approaches to the challenge topic. In addition to the ability to win cash prizes the program also allowed them to hone their critical thinking skills and then showcase their talents to potential future employers and development organizations that have the potential to help them to make their ideas reality. The last step in the project included each team virtually presenting their solution to an audience that included representatives from CCI Southwest, CivilianCyber, academia, and industry as well as VA-based startup accelerators.
3. Title: Tech Showcase
PI: Michael Mollenhauer
Lead Institution: Virginia Tech
Co-PIs & Institution: Luke Neurauter, Jean Paul Talledo Vilela, Marty Miller (VT)
Funding Program: FY22 Innovation Program
Summary: This project was tasked with creating a Technology Showcase to demonstrate the work that VTTI has been doing for the past two funding cycles. Researchers from around the commonwealth were invited to take part and present or demo their CCI research as well. This event was designed to enable the sharing of research with the aim of fostering collaboration between CCI nodes moving forward. In total, the event had 14 presenters for research projects. Researchers presented on everything from security research in bitflipping DNNs (Deep Neural Networks) to the use and detection of “Deepfakes” or artificially created photos and videos. The attached itinerary has the full list of speakers and their talk titles. Significant interest in presenting led to the creation of two poster sessions during the day and resulted in presentations by 14 (mostly) students from around the commonwealth. In total, the event had 24 active participants either providing a traditional presentation with slides or a poster presentation, and 32 total external (non-VTTI) attendees. As part of the event we also invited companies to attend and hear about the cyber research being performed through CCI. We were able to attract representatives from two companies (AT&T and Indra) with the intent of demonstrating potential avenues for working together moving forward on small-scale 5G test deployments to prove our use-cases and applications for the technology.
4. Title: Automated Functional Scenario Creation
PI: Miguel Perez
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY22 Innovation Program
Summary: This project intends to advance and formalize the automated creation process of simulated driving events, and corresponding parameters, based on naturalistic driving data (NDD). In turn, these advancements will lead to increased commercialization potential for these technologies, particularly via support of their use in scenario libraries within the automotive sector. The use of scenario-based test cases and scenario selection is an economical alternative to statistical distance-based validation of technology, which requires the onerous, and sometimes impossible, task of driving billions of miles with vehicles equipped with Advanced Driver-Assistance Systems (ADAS) and Automated Driving Systems (ADS) on live public roads. Previous efforts have used real-world crash and near-crash events in simulation environments to develop, evaluate, and specify requirements during ADAS and ADS technology development. However, applying this methodology across large-scale NDD could take years, making the results irrelevant by the time that work is completed. The project will focus on the use of automated methods and processes to minimize human annotation in the creation of these events. The resulting collection of scenarios will enable further development and research into autonomous vehicles and related cybersecurity issues. The scenario collection developed under this investigation will also serve as a catalyst for future cyberthreat projects that utilize simulation, thereby growing the capabilities of the CCI nodes.
5. Title: Cyber RADaR: Cybersecurity Rapid Asymmetric Discovery and Reporting via AI-driven Social Media Crowdsourcing
PI: Jeff Pittges
Lead Institution: Radford University
Co-PIs & Institution: Bobby Keener (CivilianCyber)
Funding Program: FY22 Innovation Program
Summary: The proposed work aims to design and develop an accurate and easy-to-deploy solution for an organization to detect insider threat anomalies. It aims to design and develop a probabilistic programming language-based insider threat reasoning and detection system. The system will provide the ability to sift through a huge amount of multi-dimensional data and logs and recognize outlier user activities by modeling and capturing uncertainties associated with human behaviors. The approach is to observe, learn, and detect abnormalities among inter-dependent events and user-actions within a learnable or customizable duration of time. The main design focuses include high accuracy, plug-and-play deployment, and scalability. The effort is focused on experimentally validating the detection of a multitude of known anomalous scenarios.
6. Title: Market Research for No-train AI in Enterprise Defense-in-depth Applications
PI: Denfeng Yao
Lead Institution: Virginia Tech
Co-PIs & Institution: None
Funding Program: FY22 Innovation Program
Summary: Stealthy or zero-day attacks such as advanced persistent threats (APT), ransomware (e.g., 2021 Colonial Pipeline hack), supply-chain attacks (e.g., 2020 SolarWinds hack), and insider threats are extremely challenging to detect, because there are no clearly defined attack patterns. Rigid rule-based detection would not be effective. Typical general-purpose machine learning AI approaches would not work for cybersecurity detection either, because they require complex manual tuning and customization to build models – a serious roadblock to deployment. The key feature of our no-train AI technology is automation -- automatically compute and detect without supervision. Our solution does not require pre-defined rules and policies or manual supervision. It handles and adjusts to uncertainties in discovering anomalous patterns. The core of this system is the ability to efficiently sift through a huge amount of multi-attribute data and logs and recognize outlier events by modeling and capturing uncertainties associated with human or system behaviors. This new capability is particularly relevant for detecting stealthy or zero-day attacks, including insider threats. To further develop this technology, we first conduct an in-depth survey by interviewing cybersecurity professionals locally and globally and comparing existing commercial solutions (under proper IRB approval). Our user study is centered on several key aspects, e.g., on operational needs, compatibility requirements, detection risks, and real-world human-in-the-loop deployment challenges. We also perform experimental measurement studies to systematically assess and compare the detection capabilities of various cybersecurity solutions (including our no-train AI approach) against stealthy threats and large datasets. If successful, our work will substantially strengthen the defenders’ posture in the ever-changing cybersecurity landscape.