Featured Post from VCU College of Engineering

Researchers fight cybercrime with new digital forensic tools and techniques

Irfan Ahmed, Ph.D., leads computer scientists working to protect nuclear plants, dams and other critical infrastructure.

Apr 6, 2023

3 min

Irfan Ahmed, Ph.D.Kostadin Damevski, Ph.D.

Irfan Ahmed, Ph.D., associate professor of computer science, provides digital forensic tools — and the knowledge to use them — to the good guys fighting the never-ending cyber-security war.


Ahmed is director of the Security and Forensics Engineering (SAFE) Lab within the Department of Computer Science and VCU Engineering. He leads a pair of interrelated projects funded by the U.S. Department of Homeland Security (DHS) aimed at keeping important industrial systems safe from the bad guys — and shows the same tools crafted for investigating cyber attacks can be used to probe other crimes.


The goal of cyber attacks on physical infrastructure may be to cause chaos by disrupting systems and/or to hold systems for ransom. The SAFE lab focuses on protecting industrial control systems used in the operation of nuclear plants, dams, electricity delivery systems and a wide range of other elements of critical infrastructure in the U.S. The problem isn’t new: In 2010, the Stuxnet computer worm targeted centrifuges at Iranian nuclear facilities before getting loose and infecting “innocent” computers around the world.


Cyber attacks often target a portion of the software architecture known as the control logic. Control logic is vulnerable in that one of its functions is to receive instructions from the user and hand them off to be executed by a programmable logic controller. For instance, the control logic monitoring a natural gas pipeline might be programmed to open a valve if the system detects pressure getting too high. Programmers can modify the control logic — but so can attackers.


One of Ahmed’s DHS-supported projects, called “Digital Forensic Tools and Techniques for Investigating Control Logic Attacks in Industrial Control Systems,” allows him to craft devices and techniques that cyber detectives can use in their investigations of attacks on sensitive critical infrastructure. Their investigation capabilities, he explains, is an under-researched area, as most of the emphasis to date has been on the prevention and detection of their cyber attacks.


“The best scenario is to prevent the attacks on industrial systems,” Ahmed said. “But if an attack does happen, then what? This is where we try to fill the gap at VCU. And the knowledge that we gain in a cyber attack investigation can further help us to detect or even prevent similar attacks.”


In the cat-and-mouse world of cyber security, the way cybercriminals work is in constant evolution, and Ahmed’s SAFE lab pays close attention to the latest developments by malefactors. For instance, an attacker may go for a more subtle approach than modifying the original control logic. An attack method called return-oriented programming sees the malefactor using the existing control logic code, but artfully switching the execution sequence of the code.


Other attackers might insert their malware into another area of the controller, programmed to run undetected until it can replace the function of the original control logic.


Attackers are always coming up with new methods, but each attack leaves evidence behind. The SAFE lab examines possible attack scenarios through simulations. Scale models of physical systems, including an elevator and a belt conveyor system, are housed at the SAFE lab to help facilitate this. The elevator is a four-floor model with inside and outside buttons feeding into a programmable logic controller. The conveyor belt is more advanced, equipped with inductive, capacitive and photoelectric sensors and able to sort objects.


The tools and methods applied in cybercrime can be useful in tracking down other malefactors. That’s where Ahmed’s second DHS-funded project comes in. It’s called “Data Science-integrated Experiential Digital Forensics Training based-on Real-world Case Studies of Cybercrime Artifacts.”


Ahmed is the principal investigator, working with co-PI Kostadin Damevski, Ph.D., associate professor of computer science. The goal is to keep law enforcement personnel abreast of the latest trends in the field of cybercrime investigation and to equip them with the latest tools and techniques, including those developed in the SAFE lab.


“For example, investigators often have to go through thousands of images, or emails or chats, looking for something very specific,” Ahmed said. “We believe the right data science tools can help them to narrow down that search.”


The FBI and other law enforcement agencies already have dedicated cybersleuthing units; the Virginia State Police have a computer evidence recovery section in Richmond. Ahmed and Damevski are arranging sessions showing investigators how techniques from data science and machine learning can make investigations more efficient by sorting through the mounds of digital evidence that increasingly is a feature of modern crime.

Connect with:
Irfan Ahmed, Ph.D.

Irfan Ahmed, Ph.D.

Professor

Dr. Ahmed's research interests are broadly in cybersecurity, currently focusing on digital forensics, malware, and cyber-physical systems.

Digital ForensicsMalwareCyber-physical Systems SecuritySystem SecurityCybersecurity Education
Kostadin Damevski, Ph.D.

Kostadin Damevski, Ph.D.

Professor, Graduate Program Director

Interested in software engineering and in the use of natural language processing techniques to improve software maintenance and evolution.

Software EngineeringSoftware MaintenanceRecommendation SystemsNatural Language Processing

You might also like...

Check out some other posts from VCU College of Engineering

1 min

Engineering professor develops eco-friendly method of creating semiconductor materials for electronics

A Virginia Commonwealth University researcher has developed an alternative method of producing semiconductor materials that is environmentally friendly. Semiconductors are crucial to modern electronics and displays, but they are constructed from toxic solvents. They also are created at high temperatures and pressures, resulting in both environmental damage and high production costs. The new technique has been introduced by Leah Spangler, Ph.D., assistant professor in the VCU College of Engineering’s Department of Chemical and Life Science Engineering, and Michael Hecht, a professor of chemistry at Princeton University. It demonstrates an alternative method to produce semiconductor materials called quantum dots using proteins at room temperature in water, resulting in a more environmentally friendly synthesis method. “This research uses de novo proteins, which are not taken from natural organisms but instead made by design for specific purposes,” Spangler said. “Therefore, this work shows that protein design can be leveraged to control material properties, creating an exciting new direction to explore for future research.” This work builds on natural examples of proteins creating materials, known as biomineralization. But this is the first example that uses de novo proteins made by design to control the synthesis of quantum dots. The study, “De Novo Proteins Template the Formation of Semiconductor Quantum Dots,” was published in the journal ACS Central Science. The work is related to a recent Department of Defense grant to Spangler to test an eco-friendly approach for separating rare earth elements into a refined final product using de novo proteins.

1 min

Department of Electrical and Computer Engineering professor Nibir Dhar, Ph.D., elevated to Virginia Microelectronics Center endowed chair

Nibir Dhar, Ph.D., director of the Convergence Lab Initiative and professor in the Department of Electrical and Computer Engineering, was recently appointed to the Virginia Microelectronics Center endowed chair. This position gives Dhar the opportunity to shape future scientists and engineers, as well as pursue breakthrough research at the College of Engineering. “It’s more than an academic role,” said Dhar. “It’s about preparing students for complex problems they’ll solve in industry and defense.” Dhar teaches semiconductor and infrared device courses while researching next-generation materials for real-world applications. He also explores AI’s ability to improve human-machine interactions. With his accomplished background and experience at national defense labs, Dhar bridges classroom theory with practical engineering challenges his students will face in their careers. “It feels incredible to be recognized this way. Virginia Commonwealth University truly values faculty who pour themselves into student success and university growth. What really drives me is knowing I’m helping build the next generation of problem-solvers. That’s where the real satisfaction comes from.” said Dhar. This promotion encourages Dhar to make bigger strides for research development that will transform both teaching methods and how technology advances in military and commercial sectors.

2 min

Secure communication technology research at VCU College of Engineering receives Commonwealth Cyber Initiative support

The Commonwealth Cyber Initiative’s (CCI) Northern Virginia Node recently awarded a $75,000 grant to Supriyo Bandyopadhyay, Ph.D., professor in the Department of Electrical and Computer Engineering at the Virginia Commonwealth University (VCU) College of Engineering, to develop an ultra-subwavelength microwave polarization switch for secure communication. The one-year grant comes through the Cyber Acceleration, Translation and Advanced Prototyping for University Linked Technology (CATAPULT) Fund. It supports Bandyopadhyay’s project, “An ultra-subwavelength microwave polarization switch for secure communication,” which develops a nanomagnet-based antenna integrated with a piezoelectric component. This system can switch the polarization of electromagnetic beams at specific microwave frequencies to enable secret communication between two points without traditional encryption methods. “Secret communication sheds the need for encryption,” Bandyopadhyay said. “Any cryptography can be broken, but this scheme does not use cryptography for secret communication and does not suffer from this vulnerability. It is also entirely based on hardware and cannot be hacked.” The technology offers significant benefits for banking, healthcare and government communications where data security is critical because a hardware-based approach makes it immune to software hacking. Another result of the research is antenna miniaturization, with antenna sizes several orders of magnitude smaller than the radiated wavelength. This addresses limitations in algorithms, physical size and power requirements that current secure communication systems face. Bandyopadhyay is collaborating with two researchers from the Department of Electrical and Computer Engineering at Virginia Tech and Erdem Topsakal, Ph.D., senior associate dean for strategic initiatives and professor in the Department of Electrical and Computer Engineering at VCU. Students involved in the project will be trained in antenna engineering, microwaves and communication engineering, gaining skills increasingly vital in today’s connected world.

View all posts
Powered by