Industry Expertise (3)
Areas of Expertise (5)
IEEE IES 2012 J. David Irwin Early Career Award (professional)
for “Outstanding research contribution in computational intelligence and its applications in energy related problems, network security and infrastructure protection, and robotics”.
Best Young Faculty Award (professional)
University of Idaho, 2008 – 2009 Academic Year
Fellow of the Outstanding Foreign Scholar Program (professional)
The Brain Korea 21 Chungbuk Information Technology Center at Chungbuk National University, 2008
University of Idaho: Ph.D., Computer Science 2003
University of Nis: M.Sc., Computer Science 1996
Media Appearances (9)
Cybersecurity system evolves as it watches and learns from would-be hackers
Milos Manic, Ph.D., professor of computer science in the Virginia Commonwealth University College of Engineering and director of VCU's Cybersecurity Center, along with colleagues at the Idaho National Laboratory, has developed a protection system that improves its own effectiveness as it watches and learns from those trying to break into the grid.
Manic calls ongoing attempts to infiltrate the power grid—and efforts to thwart them—"an underground war of many years."
With high stakes and increasingly sophisticated attackers, artificial intelligence and machine learning are key to respond to the challenges of protecting the grid's interconnected systems, Manic said.
"Hackers are much smarter than in the past. They don't necessarily look at one particular component of the system," Manic said. "Often, they can fool the system by taking control of the behavior of two different components to mask their attack on a third."
"Honeypots can make a hacker think he has broken into a real system," Manic said. "But if the hacker sees that the 'system' is not adequately responding, he knows it's a honeypot." For this reason, the system's honeypots are also intelligently updating themselves.
Manic developed AICS with his Idaho National Laboratory colleagues Todd Vollmer, Ph.D., and Craig Rieger, Ph.D. The AICS team formed eight years ago, and Manic continued to work on the project when he came to VCU in 2014. He holds a joint appointment with Idaho National Laboratory.
INL takes four R&D 100 Awards at annual banquet
East Idaho News.com online
Researchers Todd Vollmer, Craig Rieger and Milos Manic won with Autonomic Intelligent Cyber Sensor (AICS), an artificial intelligence breakthrough that can protect the nation’s critical infrastructure from devastating cyberattack.
VCU Professor shares Facebook security tips following data scandal
WRIC Channel 8 online
The new "Access Your Information" button will let you delete anything from your timelines or profile, but VCU Computer Science Professor Milos Manic says that doesn't necessarily mean the information is erased.
"Everything that we do is being collected and recorded," Manic said.
"It's just a matter of policy or how it's going to be regulated, how it's going to be used," Manic said. "Do we really know who friends of friends are and what access will be allowed in the future?"
How can you keep your information safe? Manic says first you can go to your privacy settings on your social media account. If you want to protect your entire home network, you could go as far as buying a VPN router. That will encrypt the connection to your internet provider.
"For all of your traffic, everything that you do. It's all gone digital," Manic added.
But what it comes down to, is what ou actually share with your friends. Manic says your posts will live forever, even if you delete your social media account.
"On the phone and on the computer there are settings," Manic said. "But at the end of the day, There's a very simple rule. If you don't want information to propagate further. Just never post it."
Manic says people are using social media so much that the amount of data is "exploding" and it's getting harder for current algorithms to keep up. He's hopeful new ways to analyze the data wil be developed in the next few years.
VCU virtual reality lab opens to awe of crowd
Richmond Times-Dispatch print
The fact that virtual reality appeals to senses helps humanize software, said Milos Manic, a computer science professor at VCU.
“People react better to visualization. Something they can feel, something they can see,” he said. “We can learn from the data and apply it to different areas.”
Shooting for the moon: VCU joins state higher ed push in cybersecurity
Richmond Times-Dispatch print
The opportunity is huge for Topsakal and his colleagues at VCU, which has already established a cybersecurity center under the direction of Milos Manic, a computer science professor. It is preparing to create the VCU Center for Analytics and Smart Technologies under the direction of Sherif Abdelwahed, a professor of electrical and computer engineering.
AI advancements raise questions
Virginia Business online
Milos Manic, a Virginia Commonwealth University computer scientist, raised questions about the future of mankind’s relationship with artificial intelligence at the 2018 International Conference on e-Society, e-Learning and e-Technologies (ICSLT 2018) in London earlier this year.
“How do you teach a computer to feel, love, or dream, or forget?“ Manic asked.
To Relieve Holiday Stress, Techies Trot Out Artificial Intelligence
Style Weekly print
By now the journey to 2018 can feel more like a crawl than a mad dash.
There's pressure to entertain family, reconnect with old friends and take that special someone on a memorable date. But a Richmond startup says artificial intelligence can solve the indecision over where to go and what to do. While some experts caution against placing exaggerated faith in artificial intelligence, early adopters are hoping for a more perfect holiday experience.
Funny things happen when people look to have their desires affirmed, says Milos Manic, a Virginia Commonwealth University professor who specializes in machine-human interactions.
If artificial intelligence is promoted as an authority, people tend to place more trust in its recommendations, even if the same suggestions are made by a friendly stranger.
"There are many definitions, and this field is changing continually," he says of artificial intelligence. "But one common denominator is the ability [for machines] to learn."
Bull’s-eye on small business Experts say hackers are preying on unprotected targets
Virginia Business print
"We are not thinking enough [about threats] until something forces us to. Why? Because it costs. End of story … There’s something called fault tolerance. It’s a fixed algorithm: If this happens, I’ll do this. The problem is the approach is reactive. You’re talking about something you know has happened, which has no value tomorrow, because tomorrow is going to be a new day. So here we come to resilience, which is the idea of intelligent response or getting up after you fell down. It cannot be treated with the same algorithm because it’s going to be a different fall. That brings another facet … in this game, which is some kind of machine-learning. Trying to figure out how proactively what can go wrong, and if something goes wrong, trying to stay one, two, three, five steps ahead of the bad guys. So machine learning, artificial intelligence, call it any which way you like, I’ve been teaching and preaching about it for the last 15 years," Manic said.
Milos Manic, Ph.D., Strengthens Computer Science Department with over $300K Funding
Virginia Commonwealth University
Since joining Virginia Commonwealth University School of Engineering in August 2014, Milos Manic, Ph.D., has secured $310K to fund his Modern Heuristics Research Group. Only nine months into his time as Professor in the Department of Computer Science, Manic has big plans for his research that will lead to the establishment of a Virtual Reality Laboratory at VCU.
Selected Articles (5)
Building automation systems (BAS), or building control systems (BCS), typically consist of building energy management systems (BEMSs), physical security and access control, fire/life safety, and other systems (elevators, public announcements, and closed-circuit television). BEMSs control heating, ventilation, and air conditioning (HVAC) and lighting systems in buildings; more specifically, they control HVAC's primary components such as air handling units (AHUs), chillers, and heating elements. BEMSs are essential components of modern buildings, tasked with seemingly contradicting requirements?minimizing energy consumption while maintaining occupants? comfort . In the United States, about 40% of total energy consumption and 70% of electricity consumption are spent on buildings every year. These numbers are comparable to global statistics that about 30% of total energy consumption and 60% of electricity consumption are spent on buildings. Buildings are an integral part of global cyber-physical systems (smart cities) and evolve and interact with their surroundings. As buildings undergo years of exploitation, their thermal characteristics deteriorate, indoor spaces (especially in commercial buildings) get rearranged, and usage patterns change. In time, their inner (and outer) microclimates adjust to changes in surrounding buildings, overshadowing patterns, and city climates, not to mention building retrofitting. Thus, even in cases of ideally designed BEMS/HVAC systems, because of ever-changing and uncertain indoor and outdoor environments, their performance frequently falls short of expectations. Unfortunately, the complexity of BEMSs, large amounts of constantly changing data, and evolving interrelations among sensor feeds make identifying these suboptimal behaviors difficult. Therefore, traditional data-mining algorithms and data-analysis tools are often inadequate.This article provides an overview of issues related to modern BEMSs with a multitude of (often conflicting) requirements. Because of massive and often incomplete data sets, control, sensing, and the evolving nature of these complex systems, computational intelligence (CI) techniques present a natural solution to optimal energy efficiency, energy security, and occupant comfort in buildings. The article further presents an overall architecture where CI can be used in BEMSs and concludes with a case study of the practical applications of using CI techniques in the BEMS domain.
Building Energy Management Systems (BEMSs) are essential components of modern buildings that are responsible for minimizing energy consumption while maintaining occupant comfort. However, since indoor environment is dependent on many uncertain criteria, performance of BEMS can be suboptimal at times. Unfortunately, complexity of BEMSs, large amount of data, and interrelations between data can make identifying these suboptimal behaviors difficult. This paper proposes a novel Fuzzy Anomaly Detection and Linguistic Description (Fuzzy-ADLD)-based method for improving the understandability of BEMS behavior for improved state-awareness. The presented method is composed of two main parts: 1) detection of anomalous BEMS behavior; and 2) linguistic representation of BEMS behavior. The first part utilizes modified nearest neighbor clustering algorithm and fuzzy logic rule extraction technique to build a model of normal BEMS behavior. The second part of the presented method computes the most relevant linguistic description of the identified anomalies. The presented Fuzzy-ADLD method was applied to real-world BEMS system and compared against a traditional alarm-based BEMS. Six different scenarios were tested, and the presented Fuzzy-ADLD method identified anomalous behavior either as fast as or faster (an hour or more) than the alarm based BEMS. Furthermore, the Fuzzy-ADLD method identified cases that were missed by the alarm-based system, thus demonstrating potential for increased state-awareness of abnormal building behavior.
Resiliency and improved state-awareness of modern critical infrastructures, such as energy production and industrial systems, is becoming increasingly important. As control systems become increasingly complex, the number of inputs and outputs increase. Therefore, in order to maintain sufficient levels of state-awareness, a robust system state monitoring must be implemented that correctly identifies system behavior even when one or more sensors are faulty. Furthermore, as intelligent cyber adversaries become more capable, incorrect values may be fed to the operators. To address these needs, this paper proposes a fuzzyneural data fusion engine (FN-DFE) for resilient state-awareness of control systems. The designed FN-DFE is composed of a three-layered system consisting of: 1) traditional threshold based alarms; 2) anomalous behavior detector using self-organizing fuzzy logic system; and 3) artificial neural network-based system modeling and prediction. The improved control system stateawareness is achieved via fusing input data from multiple sources and combining them into robust anomaly indicators. In addition, the neural network-based signal predictions are used to augment the resiliency of the system and provide coherent state-awareness despite temporary unavailability of sensory data. The proposed system was integrated and tested with a model of the Idaho National Laboratory's hybrid energy system facility known as HYTEST. Experiment results demonstrate that the proposed FNDFE provides timely plant performance monitoring and anomaly detection capabilities. It was shown that the system is capable of identifying intrusive behavior significantly earlier than conventional threshold-based alarm systems.
A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices.
The proliferation of digital devices in a networked industrial ecosystem, along with an exponential growth in complexity and scope, has resulted in elevated security concerns and management complexity issues. This paper describes a novel architecture utilizing concepts of autonomic computing and a simple object access protocol (SOAP)-based interface to metadata access points (IF-MAP) external communication layer to create a network security sensor. This approach simplifies integration of legacy software and supports a secure, scalable, and self-managed framework. The contribution of this paper is twofold: 1) A flexible two-level communication layer based on autonomic computing and service oriented architecture is detailed and 2) three complementary modules that dynamically reconfigure in response to a changing environment are presented. One module utilizes clustering and fuzzy logic to monitor traffic for abnormal behavior. Another module passively monitors network traffic and deploys deceptive virtual network hosts. These components of the sensor system were implemented in C++ and PERL and utilize a common internal D-Bus communication mechanism. A proof of concept prototype was deployed on a mixed-use test network showing the possible real-world applicability. In testing, 45 of the 46 network attached devices were recognized and 10 of the 12 emulated devices were created with specific operating system and port configurations. In addition, the anomaly detection algorithm achieved a 99.9% recognition rate. All output from the modules were correctly distributed using the common communication structure.