Description: Cyber-physical systems (CPS), Internet of things (IoT), and Big Data uses a combination of edge, fog and cloud computing platforms for the development of innovative solutions for a wide variety of applications in daily lives, such as smart city, smart transportation, smart energy, smart healthcare, smart agriculture, and so on. The goal is to improve quality of life and experience; and ensure security, privacy and safety of people, assets, and infrastructures [BD21]. For example, congestion or crime reduction solutions in smart transportation [SPW16, SSW17, LDD21], secure communications in the Internet of vehicles [VDD+20, ZCZ+21], or security in vehicular crowdsensing [CDP+21, RBA+21, SD34] are vulnerable to various kinds of attacks which may create havoc. Similarly, energy management of buildings or smart grids via smart meters [BMS+21, TDS+17, ZY16] leveraging human behaviors are typically handled in data-driven manner, making them extremely vulnerable to data integrity attacks and susceptible to selfish or malicious behavior due to incentive gap between individual and social objectives [BGS+20]. Moreover, the sheer volume of data processed in the cloud/fog/edge computing paradigm [KMG+21, SNP+21], makes the data integrity attacks even more likely and reduces the trust in decision quality of CPS, IoT and smart service applications [BMS+21, DY17] owing to network variability and uncertainty in sharing common resources (e.g., fog/cloud). The increasing dependence on dynamic data-driven decision support systems imply that any operational breach in the underlying networks/services due to attacks will have devastating effects [TDS+17], often leading to cascade effects. Such attacks will not only cripple the system operations with desired reliability and dependability, but also escalate user’s privacy concerns influencing the extent to which they are willing to share their data. Thus, IoT-based CPS and smart living applications could be a target of malicious or malevolent adversaries, leading to data falsification attacks and/or compromised user privacy.
Secure and Trustworthy Decision Making in CPS: An important challenge is how to make secure and trustworthy decisions using CPS network data that could be manipulated, omitted, or delayed by adversarial behavior? To this end, we have recently developed a light-weight anomaly detection algorithm, based on trust scoring and belief models, followed by secure and trustworthy decision making that minimizes the associated risks [BD21, BMD21]. The anomaly detection will label the collected data relative to security. A trust model accompanied by a kernel method will compute scores to classify trustworthy and un-trustworthy system components. Finally, component trustworthiness along with contextual information and risk policy will compute dependable decisions at the edge cloud. Additionally, given that dynamic variability and uncertainty are significant challenges in time-series data analytic, the security mechanism leveraging big data must minimize false alarms and improve detection accuracy to handle stealthier attacks. For example, leveraging data from various smart meters in a smart grid CPS infrastructure, our recent research [BD21, BMS+21] proposed new alternatives to dimensionality reduction to understand baseline aggregate behaviors and establish stable invariants under no attacks i despite data variability across various utilities. Such invariants show clear signatures when attacks are launched over real datasets. Following this approach and the one recently proposed by us in [SSC+20], REU students will investigate security forensic mechanisms and failure propagation in interdependent CPS domains (e.g., smart grid and smart transportation, particularly due to the advent of electric vehicles) by designing a family of stable invariants extracted from heterogeneous multi-modal sources and embedding contextual information into the invariants. They will experiment with different alternatives and evaluate the performance.
Sample Design Experiments: Evaluate the performance of proposed light-weight anomaly detection scheme with real traces of smart meter energy consumption and smart transportation data.
Purpose: Train the REU students with emerging security and trustworthiness challenges in smart grid and smart transportation applications in a smart city scenario; the students will gain experience in experimenting with IoT devices executing tasks on the edge/fog/cloud platform.
Method: REU students will work with graduate students and postdocs to develop sample prototype testbed with sensors, IoT devices, Raspberry Pis, and laptops to inject simple attack models and run security experiments. They will become familiar with the sensor cloud and high-performance computing clusters at Missouri S&T. They will run extensive experiments with smart meter and taxi-cab data traces we have access to, with a goal to validate the anomaly detection scheme. They will also explore alternate strategies to improve the system performance including attack detection accuracy.
Input Parameters: Real data traces files, parameters for threat models to inject false data.
Output Parameters: Anomaly detection accuracy and percentage of false alarms; efficiency of algorithm.
Project Deliverables: Experimental results; modification to algorithm and implementation; and a research report, possibly leading to a conference publication.
