Current CCISS Research Projects
Context-Aware Data Security for the Internet of Things (IoT)
The University of South Carolina (UofSC) and The Citadel are working on a joint research project addressing the data protection needs of the Internet of Things (IoT). Computing is becoming more-and-more pervasive, transparent, and independent from human control. IoT networks, often supporting heterogeneous devices and network protocols, increase the risk of security breaches. Current security technologies are insufficient to support this complex, highly automated environment. Most security technologies focus on specific products or context but they are not able to fully incorporate the extended environment. Moreover, security needs of the vast amount of data generated by IoT networks are not studied sufficiently. In this project we address protection needs of data generated and shared by IoT devices and end-users.
This project is funded by NCAE-C Cyber Curriculum and Research 2020 Program (NSA)
Faculty: Dr. Csilla Farkas (UofSC), Dr. Shankar Banik (The Citadel), Dr. Cory Nance (The Citadel)
Students: Theppatorn Rhujittawiwat (UofSC), Shiloh Smiles (The Citadel), Noah Wells (The Citadel)
Training Environment for Design of Resilient Systems (TENSILITY)
In this project, we are testing a software for training & vulnerability assessment by designing functional models of cars and quadcopters, performing threat analysis of these models, and providing feedback on vulnerability assessment of training capabilities of the application.
This project is funded through a Sub-contract from Knowledge Based Systems Incorporated (KBSI) and Wright Patterson Air Force Base, OH.
Faculty: Dr. Shankar Banik, Dr. Cory Nance, Dr. Melissa Graves, Dr. Michael Hendrix, Mr. Kyle Herron
Students: Jared Johnson, Robert Roser, John Delpizzo, Bradley Szparaga.
Efficient Detection of Phishing Emails using Email DNA of a User
Social Engineering Attacks are getting more common for public and private domains. Spear Phishing is one type of social engineering attack where an attacker poses as a legitimate entity to influence the actions of a user in an organization by sending phishing emails. Usually spear phishing emails contain links that are intended to compromise user information for malicious purposes. Current tools detect phishing emails by scanning for embedded links or attachments. But they fail to detect a phishing email that does not contain any links or attachments. In our research we propose to develop an email-DNA for each user that will uniquely identify the user through their writing features, habits, styles, and composition. After we develop the email-DNA, we will deploy our model on a real dataset to test its efficiency and effectivity. We will use Python tools and Enron and Monkey.org Phishing Datasets.
This project is funded by The Citadel Foundation
Students: Jared Jonson, Eric Lilling
Faculty: Dr. Shankar Banik. Dr. Deepti Joshi
Past Projects
Mapping and Security User Requirements on an IoT Network
The number of IoT (Internet of Things) devices connected in the Internet has been increasing rapidly. Each of these devices are manufactured by different vendors and provide multiple options for connections. When these devices are connected with default settings to create a user centric IoT network, it exposes a lot of vulnerabilities. In this research we propose a framework that will create a 3-layered abstraction in the IoT network to identify the user requirements on the IoT devices and explore all possible connections in an IoT network. Our goal is to provide a mapping of the user requirements on the IoT network and ensure that the mapping is secured.
This project was funded by The Citadel Foundation.
Students: John Delpizzo, Elizabeth Spoehel, Richard Honeycutt
Faculty: Dr. Shankar Banik
Ranking Privacy of the Users in the Cyberspace
When websites are accessed, online shopping is done, or social media is used, a user’s privacy is assumed to be protected. However, the Internet provides a widely available and easily accessible way to discover a vast amount of personal data. If this information is aggregated to create a digital footprint for the user, there are many security concerns that arise with this to include identity theft and other malicious intents. In our research, we build a user profile based on the personal information of a user through Twitter, and additional information collected using a web crawler. The web crawler keeps track of the websites that contain user attributes. Using the web ranks of these websites, and the number of counts of the attributes, we propose a formal and novel model to rank the privacy of a user in the cyberspace. Our proposed model of privacy assigns privacy ranking of each user between 0 and 1 with 0 being more private.
This project was funded by The Citadel Foundation
Student: Adrian Beaput
Faculty: Dr. Shankar Banik, Dr. Deepti Joshi
Cyber-as-a-Service: Automating First Responders’ Service in the Cyberspace
Due to increasing number of attacks in the cyberspace that deals with different types of users, it is imperative that an automated responder service will be efficient to help the users detect and mitigate different types of attacks in their systems. In this research, we propose to replicate the framework of emergency responder service (911) of the physical space to the cyberspace. Towards this we propose a framework for Cyber-as-a-Service for end-users. In our proposed model, we have three entities: the Dispatch Center, the Guard, and the Client Software. These entities will communicate with each other to detect and extinguish any malicious activity on the host computer. The host machine will run a software that scans and detects any abnormal or malicious activity and communicates this activity to the Guard, which then replies with an executable resolution back to the host. Meanwhile, the Dispatch Center manages connections between hosts and Guards to ensure that hosts are connected to the optimal Guard. We propose algorithms that will place and distribute the Dispatch Center and the Guards. These algorithms allow for fair distribution of Guards, as well as balance the workload among the Guards. We propose the communication protocol that will take place between the Client software, Guards and the Dispatch Center. Our goal is to design the framework for Cyber-as-a-Service for everyday users in the cyberspace who do not have sufficient technical skills to manage tools to detect different attacks.
This project was funded by The Citadel Foundation
Student: Matthew Blair, Jeffords Davis
Faculty: Dr. Shankar Banik