Two winners announced for the ACSC Cybersecurity Poster Session

November 15, 2015

Hosted by Dr. Howard Shrobe, Principal Research Scientist at MIT CSAIL, the ACSC Cybersecurity Poster Session was sponsored by Allied Minds and .406 Ventures to promote the talent and innovation in cybersecurity being developed in New England's institutions of higher education.

Attendees of the ACSC Annual Conference on November 4 voted for the “next best thing” in cybersecurity at the annual Student Poster Session. Cybersecurity student projects represented New England colleges and universities including:

• Boston University
• Dartmouth College
• Northeastern University
• University of Massachusetts, Amherst
• University of Massachusetts, Dartmouth
• University of Massachusetts, Lowell
• University of Connecticut

During the event, students presented a brief project synopsis and answered questions at their individual poster display. Upon completion, attendees voted by secret ballot and the two posters with the most votes received $1000 prize each. The winners are:

TEDDI: Tamper Detection on Distributed Infrastructure
 Jason Reeves, Graduate Student, Dartmouth College
 Chris Frangieh, Undergraduate Student, Dartmouth College

As part of the push towards a smarter electric grid, utilities have installed a number of low-powered devices (for example, smart meters) along the periphery of their SCADA networks. These devices pose a security risk for utilities, as they are easy to find and access, have little physical security, and often have a connection directly to a utility’s SCADA network. Thus, an attacker could potentially compromise one of these devices and use it as a launchpad for attacks on other targets on the network, such as generating plants or control centers.
    
Despite the large amount of prior tamper protection research, however, traditional tamper solutions are not feasible for deployment in this environment. This is for several reasons:

  • These solutions are often geared towards securing the network at all costs, when in fact availability is the most crucial property of the grid. This means that many of the classic responses to tampering (such as destroying data or devices) are worse outcomes than the actual attack.
  • These solutions are not powerful enough to detect all of the different tamper events that affect critical infrastructure, which range from malicious attacks to routine maintenance to large natural disasters.
  • These solutions have either a single response to any tampering (which is geared towards a worst-case scenario, and thus not always appropriate for an availability-focused industry) or are detection-only (which means an attacker is already on the network by the time the utility reacts).
  • Finally, these solutions require far more time and resources to configure than a grid operator can reasonably provide.

To fill this gap, we developed TEDDI (Tamper Event Detection on Distributed Infrastructure), a sensor-based tamper protection system that fuses together data from a number of embedded devices to determine the tamper state of both the individual devices and the overall network. We use factor graphs to provide a data fusion tool for operators that is both easy to configure and powerful enough to handle a wide range of events, and we also include a flexible response mechanism that can be configured to perform different tasks for different events. We have also built the TEDDI Generation Tool, which can automatically produce the necessary code for deployment on arbitrary networks. Currently, we are working on evaluating the speed, accuracy, and usability of TEDDI within a realistic grid simulation.

Security Analysis of USB Technology
Daniel R. Noyes, Graduate Student, University of Massachusetts Dartmouth

One of the most commonly used standards in the computer industry today is the Universal Serial Bus (USB). Through the use of a common bus, USB allows numerous peripheral devices the ability to communicate with each other. Several leading companies in the industry have adopted the USB standard, designing interfaces to better transmit data between devices. The usage of this technology spans from printers and storage media to user input devices, such as distributed power sources for cell phones. Since these devices are ubiquitous in our everyday lives, ensuring their security is essential. USB devices are notorious for exposing unnecessary security vulnerabilities in computer systems. Due to these systematic and widespread insecurities, methods to protect critical devices are vital. With confidential and sensitive data on the line, how can these devices maintain their integrity?

This project aims to analyze the USB protocol regarding vulnerabilities as well as experimenting with security mechanics to protect the USB from both passive and active attacks. The project looks at various security incidents, and provides a basis to show the potential threat of any information communication using the USB protocol. This information which is transmitted between devices can be ambiguous, and is susceptible. The work then examines the state-of-the-art security measures deployed in current USB technology. It will also will look at various possible methods to improve the security.

In today's time we witness numerous incidences involving security. These incidences affect both
consumers and businesses alike. For example if a common device is infected with malicious software, what are the chances that this infected devices will capture data from a user? What are the chances that this device will be able to relay the data to someone else? With the common idea of the “Internet of Things” (IoT) we can see this idea as a potential threat for malicious intrusion upon users. The results of this project will help provide consumers with guidelines to assist in product selection, and direct future efforts to strengthen USB security. This will also open the door for further development towards building a resilient system for today’s technology.