Academic Papers - Research

Cyber attacks threaten the security of distribution power grids, such as smart grids. The emerging renewable energy sources such as photovoltaics (PVs) with power electronics controllers introduce new potential vulnerabilities. Based on the electric waveform data measured by waveform sensors in the smart grids, we propose a novel cyber attack detection and identification approach. Firstly, we analyze the cyber attack impacts (including cyber attacks on the solar inverter causing unusual harmonics) on electric waveforms in distribution power grids. Then, we propose a novel deep learning based mechanism including attack detection and attack diagnosis. By leveraging the electric waveform sensor data structure, our approach does not need the training stage for both detection and the root cause diagnosis, which is needed for machine learning/deep learning-based methods. For comparison, we have evaluated classic data-driven methods, including -nearest neighbor (KNN), decision tree (DT), support vector machine (SVM), artificial neural network (ANN), and convolutional neural network (CNN). Comparison results verify the performance of the proposed method for detection and diagnosis of various cyber attacks on PV systems.

Phishing continues to be a significant invasive threat to computer and mobile device users. Cybercriminals continuously develop new phishing schemes using email, and malicious search engine links to gather personal information of unsuspecting users. This information is used for financial gains through identity theft schemes or draining financial accounts of victims. Users are often distracted and fail to fully process the phishing attacks then unknowingly fall victim to the scam until much later. Users operating mobile phones and computers are likely to make judgment errors when making decisions in distracting environments due to cognitive overload. Distracted users can fail to correctly distinguish the differences between legitimate and malicious emails or search engine results. Mobile phone users can have even a harder time identifying malicious content due to the smaller screen size and the limited security features in mobile phone applications. Thus, the main goal of this work-in-progress research study is to design, develop, and validate a set of field experiments to assess users judgment when exposed to two types of simulated social engineering attacks (phishing & possibly malicious search engine results (PMSER)), based on the interaction of the kind of environment (distracting vs. non-distracting) and type of device used (mobile vs. computer). In this paper, we outlines the Delphi methodology phase that this study will take using an expert panel to validate the proposed experimental procedures and recommend further steps for the empirical testing. The conclusions, study limitations and recommendations for future research are discussed.

Keywords: Cybersecurity, social engineering, judgment error in cybersecurity, phishing email mitigation, distracting environments

Social engineering is the technique in which the attacker sends messages to build a relationship with the victim and convinces the victim to take some actions that lead to significant damages and losses. Industry and law enforcement reports indicate that social engineering incidents costs organizations billions of dollars. Phishing is the most pervasive social engineering attack. While email filtering and warning messages have been implemented for over three decades, organizations are constantly falling for phishing attacks. Prior research indicated that attackers use phishing emails to create an urgency and fear response in their victims causing them to use quick heuristics, which leads to human errors. Humans use two types of decision-making processes: a heuristic decision, which is a quick, instinctual decision-making process known as ‘System One’, and a second, known as ‘System Two,’ that is a slow, logical process requiring attention. ‘System Two’ is often triggered by a pause in the decision-making process. Additionally, timers were found in other research fields (medicine, transportation, etc.) to affect users’ judgement and reduce human errors. Therefore, the main goal of this work-in-progress research study is to determine through experimental field study whether requiring email users to pause by displaying a phishing email warning with a timer, has any effect on users falling to simulated phishing attacks. This paper will outline the rationale and the process proposed for the validation of the field experiments with Subject Matter Experts (SMEs). Limitations of the proposed study and recommendation for further research are provided.

This study extends the body of literature concerning security compliance by investigating the antecedents of HIPPA security compliance. A conceptual model, specifying a set of hypothesized relationships between management support, security awareness, security culture; security behavior, and risk of sanctions to address their effect on HIPAA security compliance is presented. This model was developed based on the review of the literature, Protection Motivation Theory, and General Deterrence Theory. Specifically, the aim of the study is to examine the mediating role of risk of sanctions on HIPAA security compliance.

Serious games can challenge users in competitive and entertaining ways. Educators have used serious games to increase student engagement in cybersecurity education. Serious games have been developed to teach students various cybersecurity topics such as safe online behavior, threats and attacks, malware, and more. They have been used in cybersecurity training and education at different levels. Serious games have targeted different audiences such as K-12 students, undergraduate and graduate students in academic institutions, and professionals in the cybersecurity workforce. In this paper, we provide a survey of serious games used in cybersecurity education and training. We categorize these games into four types based on the topics they cover and the purposes of the games: security awareness, network and web security, cryptography, and secure software development. We provide a catalog of games available online. This survey informs educators of available resources for cybersecurity education and training using interactive games.

Keywords: Serious games; Game-based Learning; Cybersecurity;

Throughout the Internet, many chatbots have been deployed by various organizations to answer questions asked by customers. In recent years, we have been running cybersecurity summer camps for youth. Due to COVID-19, our in-person camp has been changed to virtual camps. As a result, we decided to develop a chatbot to reduce the number of emails, phone calls, as well as the human burden for answering the same or similar questions again and again based on questions we received from previous camps. This paper introduces our practical experience to implement an AI-powered chatbot for middle and high school cybersecurity camps using the Google Dialogflow platform.

Proper prior planning prevents pitifully poor performance: The purpose of this research is to address mitigation approaches - disaster recovery, contingency planning, and continuity planning - and their benefits as they relate to university operations during a worldwide pandemic predicated by the Novel Coronavirus (COVID-19). The most relevant approach pertaining to the University’s needs and its response to the Coronavirus pandemic will be determined and evaluated in detail.