WCC / en Vijay Shah joins $2M NTIA-funded project on 5G cybersecurity /news/2024-02/vijay-shah-joins-2m-ntia-funded-project-5g-cybersecurity <span>Vijay Shah joins $2M NTIA-funded project on 5G cybersecurity</span> <span><span lang="" about="/user/1441" typeof="schema:Person" property="schema:name" datatype="" xml:lang="">Teresa Donnellan</span></span> <span>Thu, 02/08/2024 - 16:06</span> <div class="layout layout--gmu layout--twocol-section layout--twocol-section--30-70"> <div class="layout__region region-first"> </div> <div class="layout__region region-second"> <div data-block-plugin-id="field_block:node:news_release:body" class="block block-layout-builder block-field-blocknodenews-releasebody"> <div class="field field--name-body field--type-text-with-summary field--label-visually_hidden"> <div class="field__label visually-hidden">Body</div> <div class="field__item"><p><span class="intro-text">AV researcher <a href="/profiles/vshah22" target="_blank">Vijay Shah</a> has joined a $2 million project to develop a system to secure 5G Open Radio Access Network (O-RAN) architecture.</span></p> <p><span><span>Funded by the <a href="https://www.ntia.gov/press-release/2024/biden-harris-administration-awards-nearly-80m-wireless-innovation" target="_blank">National Telecommunications and Information Administration (NTIA)</a>, the project "A Holistic Cybersecurity Testing Framework for 5G Radio Access Networks" is a collaboration with Virginia Tech, Penn State University, and Worcester Polytechnic Institute.</span></span></p> <p><span><span>Shah, who leads <a href="https://www.nextgwirelesslab.org/" target="_blank">Mason’s NextG Wireless Lab</a>, will be allocated nearly a quarter of the project’s budget and be working with Nishith Tripathi and Jeff Reed from Virginia Tech, Syed Rafiul Hussain from Penn State University, and Bo Tang from Worcester Polytechnic Institute.</span></span></p> <figure role="group" class="align-left"><div> <div class="field field--name-image field--type-image field--label-hidden field__item"> <img src="/sites/g/files/yyqcgq291/files/styles/small_content_image/public/2024-02/vijay_shah_insta.png?itok=UBR9iUrM" width="350" height="350" alt="Vijay Shah" loading="lazy" typeof="foaf:Image" /></div> </div> <figcaption>Vijay Shah</figcaption></figure><p lang="EN-US" xml:lang="EN-US" xml:lang="EN-US">Security vulnerabilities in O-RAN present a critical cybersecurity challenge in the era of 5G. The team aims to create “a holistic and automated cybersecurity testing framework for O-RAN,” per the project’s executive summary.  </p> <p lang="EN-US" xml:lang="EN-US" xml:lang="EN-US">Shah will also receive funding from the Commonwealth Cyber Initiative (CCI) to investigate fingerprinting technology for 5G/NextG O-RAN supply chain risk management, additional funding that highlights the multifaceted approach taken by the NextG Wireless Lab to address 5G networks cybersecurity challenges. </p> <p lang="EN-US" xml:lang="EN-US" xml:lang="EN-US">As part of these initiatives, the NextG Wireless Lab is actively growing its research team, with opportunities for postdoctoral researchers and PhD students interested in O-RAN cybersecurity, testing, and supply chain management.</p> <p lang="EN-US" xml:lang="EN-US" xml:lang="EN-US">Those interested in contributing to cutting-edge research in this field should <a href="mailto:vshah22@gmu.edu" target="_blank">email Shah</a>.</p> </div> </div> </div> <div data-block-plugin-id="field_block:node:news_release:field_content_topics" class="block block-layout-builder block-field-blocknodenews-releasefield-content-topics"> <h2>Topics</h2> <div class="field field--name-field-content-topics field--type-entity-reference field--label-visually_hidden"> <div class="field__label visually-hidden">Topics</div> <div class="field__items"> <div class="field__item"><a href="/taxonomy/term/6886" hreflang="en">Department of Cyber Security Engineering</a></div> <div class="field__item"><a href="/taxonomy/term/7181" hreflang="en">Department of Cyber Security Engineering faculty</a></div> <div class="field__item"><a href="/taxonomy/term/4186" hreflang="en">Commonwealth Cyber Initiative (CCI)</a></div> <div class="field__item"><a href="/taxonomy/term/8241" hreflang="en">5G/6G Wireless Communications</a></div> <div class="field__item"><a href="/taxonomy/term/3056" hreflang="en">Cybersecurity</a></div> <div class="field__item"><a href="/taxonomy/term/3776" hreflang="en">cyber infrastructure</a></div> <div class="field__item"><a href="/taxonomy/term/271" hreflang="en">Research</a></div> <div class="field__item"><a href="/taxonomy/term/19211" hreflang="en">WCC</a></div> </div> </div> </div> </div> </div> Thu, 08 Feb 2024 21:06:24 +0000 Teresa Donnellan 110681 at Researchers receive over $1.5 million from DARPA to optimize security and energy tradeoff /news/2021-02/researchers-receive-over-15-million-darpa-optimize-security-and-energy-tradeoff <span>Researchers receive over $1.5 million from DARPA to optimize security and energy tradeoff</span> <span><span lang="" typeof="schema:Person" property="schema:name" datatype="" xml:lang="">Anonymous (not verified)</span></span> <span>Tue, 02/02/2021 - 12:47</span> <div class="layout layout--gmu layout--twocol-section layout--twocol-section--30-70"> <div class="layout__region region-first"> <div data-block-plugin-id="field_block:node:news_release:field_content_topics" class="block block-layout-builder block-field-blocknodenews-releasefield-content-topics"> <h2>Topics</h2> <div class="field field--name-field-content-topics field--type-entity-reference field--label-visually_hidden"> <div class="field__label visually-hidden">Topics</div> <div class="field__items"> <div class="field__item"><a href="/taxonomy/term/3051" hreflang="en">Cyber Security Research</a></div> <div class="field__item"><a href="/taxonomy/term/3056" hreflang="en">Cybersecurity</a></div> <div class="field__item"><a href="/taxonomy/term/6861" hreflang="en">Department of Electrical and Computer Engineering</a></div> <div class="field__item"><a href="/taxonomy/term/7011" hreflang="en">5G</a></div> <div class="field__item"><a href="/taxonomy/term/2076" hreflang="en">Military</a></div> <div class="field__item"><a href="/taxonomy/term/19046" hreflang="en">C-TASC</a></div> <div class="field__item"><a href="/taxonomy/term/19211" hreflang="en">WCC</a></div> <div class="field__item"><a href="/taxonomy/term/19146" hreflang="en">CEC faculty research</a></div> <div class="field__item"><a href="/taxonomy/term/20421" hreflang="en">CEC High Impact</a></div> </div> </div> </div> <div data-block-plugin-id="field_block:node:news_release:field_associated_people" class="block block-layout-builder block-field-blocknodenews-releasefield-associated-people"> <h2>In This Story</h2> <div class="field field--name-field-associated-people field--type-entity-reference field--label-visually_hidden"> <div class="field__label visually-hidden">People Mentioned in This Story</div> <div class="field__items"> <div class="field__item"><a href="/profiles/bmark" hreflang="und">Brian Mark</a></div> <div class="field__item"><a href="/profiles/kkhasawn" hreflang="und">Khaled Khasawneh</a></div> <div class="field__item"><a href="/profiles/kzeng2" hreflang="und">Kai Zeng</a></div> <div class="field__item"><a href="/profiles/spudukot" hreflang="und">Sai Manoj Pudukotai Dinakarrao</a></div> </div> </div> </div> </div> <div class="layout__region region-second"> <div data-block-plugin-id="inline_block:feature_image" data-inline-block-uuid="5bc55496-6015-4a54-bcca-baf67f3c4bbc" class="block block-feature-image block-layout-builder block-inline-blockfeature-image caption-below"> <div class="feature-image"> <div class="narrow-overlaid-image"> <img src="/sites/g/files/yyqcgq291/files/styles/feature_image_medium/public/2021-02/Copy%20of%20Untitled.png?itok=Kw_L3Vcg" srcset="/sites/g/files/yyqcgq291/files/styles/feature_image_small/public/2021-02/Copy%20of%20Untitled.png?itok=kt5g-r7o 768w, /sites/g/files/yyqcgq291/files/styles/feature_image_medium/public/2021-02/Copy%20of%20Untitled.png?itok=Kw_L3Vcg 1024w, /sites/g/files/yyqcgq291/files/styles/feature_image_large/public/2021-02/Copy%20of%20Untitled.png?itok=Tz-GhR5X 1280w, " sizes="(min-width: 1024px) 80vw,100vw" alt="Collage of four professors, Sai, Kai, Khaled and Brian. " /></div> </div> <div class="feature-image-caption"> <div class="field field--name-field-feature-image-caption field--type-text-long field--label-hidden field__item"><p>Sai Manoj Pudukotai Dinakarrao, Kai Zeng, Khaled Khasawneh, and Brian Mark are collaborating with researchers at Virginia Tech to optimize the safety and energy-efficient tradeoff.  </p></div> </div> </div><div data-block-plugin-id="field_block:node:news_release:body" class="block block-layout-builder block-field-blocknodenews-releasebody"> <div class="field field--name-body field--type-text-with-summary field--label-visually_hidden"> <div class="field__label visually-hidden">Body</div> <div class="field__item"><p>The capabilities and reach of 5G are expanding, but with new capabilities come new security challenges. Four Mason Engineering researchers received a $1.6 million grant from DARPA to tackle one of the many security issues that 5G poses as part of a larger <a href="https://www.darpa.mil/">DARPA</a> initiative called <a href="https://www.darpa.mil/program/open-programmable-secure-5g">Open, Programmable, Secure 5G (OPS-5G)</a>. </p> <p>The <a href="https://volgenau.gmu.edu/research/grants">grant</a>, entitled EPIC SWaPD: Energy Preserving Internet of Things (IoT) Cryptography for Small Weight and Power Devices, aims to optimize the security and energy efficiency tradeoff by creating a low-energy security architecture for various types of IoT devices.  </p> <p>“In a network, there are many different devices of different sizes and capabilities. Many of these devices don’t have much computing power or battery life, and a common cybersecurity attack on these devices is to drain their battery life,” says <a href="https://volgenau.gmu.edu/profiles/bmark">Brian Mark</a>, co-principal investigator on the grant.  </p> <p>Mark, <a href="https://volgenau.gmu.edu/profiles/kkhasawn">Khaled Khasawneh</a>, <a href="https://volgenau.gmu.edu/profiles/kzeng2">Kai Zeng,</a> and <a href="https://volgenau.gmu.edu/profiles/spudukot">Sai Manoj Pudukotai Dinakarrao</a> in the <a href="https://ece.gmu.edu/">Department of Electrical and Computer Engineering</a> are collaborating with the company Kryptowire and Assistant Professor Matthew Hicks from <a href="https://vt.edu/">Virginia Tech</a> for the project.  </p> <p>These small IoT devices could be as simple as a thermometer or humidity sensor that is part of a larger smart home system. “These sensors can be very tiny, and they have limited computation and communication capabilities. The first step for each of these types of sensors would be to bootstrap, or link, a secure connection to the network, which requires authentication without pre-shared secrets. This is where the vulnerabilities lie,” says Kai Zeng.  </p> <p>When sensors or other types of small IoT devices must automatically authenticate themselves, attackers have many paths of attack. They can drain the device's battery, rendering it useless, or steal sensitive information or data from the device. Because of the many pathways that attackers could use to harm these devices, the team is combining cryptography, network protocol design, and machine learning to assure the success and scalability of their efforts.  </p> <p>“Something really important for this effort is that the security architecture operates on the principles of zero trust and least privilege,” says Mark. “Zero trust means that when a device comes in and wants to join the network, the assumption is that there is no prior trust or information shared between the devices, while least privilege implies the minimum permissions are granted to the entity to perform its task. So, we needed to bootstrap the security association and grant an entity just enough authority to access the devices or data that it needs but no more than that.”  </p> <p>One way they are looking at securing the connection is through gait-inspired authentication, which leverages the kinetic energy generated by a human user. “Every device harvests energy in a different way, and we use the harvesting pattern for authentication of the device, which preserves energy and accomplishes a security task at the same time,” says Dinakarrao.  </p> <p>Another approach is to exploit the “always-on” sensors in some devices like smartphones. “We plan to employ always-on sensing to perform the exchange of device identification and cryptographic material,” says Khasawneh. </p> <p>They are also using machine learning to ensure both authentication and authorization of different devices. “We not only have to authenticate the devices and entities that are allowed on a network, but we have to verify their different roles and privileges. I might be granted access to the information that tells me the temperature of a room, but perhaps I might not have the authorization to change the thermostat setting,” says Mark. “Using graph-based models, we can verify the trust relationships of different devices or entities and this process can be accelerated using machine learning techniques,” adds Dinakarrao.  </p> <p>Long-term, the team aspires for their security architecture to easily be applied to other devices. “When we talk about the energy and security tradeoff, we have to think about how we can do things in a smart way to conserve energy while enhancing security. But we also need to think about how to make our architecture scalable to larger, more geographically distributed networks. Right now, this work is with smaller devices, but the hope is that our overall security architecture can apply to a variety of devices with different capabilities,” says Mark. </p> </div> </div> </div> </div> </div> Tue, 02 Feb 2021 17:47:20 +0000 Anonymous 97806 at