Featured Post from VCU College of Engineering

Researchers fight cybercrime with new digital forensic tools and techniques

Irfan Ahmed, Ph.D., leads computer scientists working to protect nuclear plants, dams and other critical infrastructure.

Apr 6, 2023

3 min

Irfan Ahmed, Ph.D.Kostadin Damevski, Ph.D.

Irfan Ahmed, Ph.D., associate professor of computer science, provides digital forensic tools — and the knowledge to use them — to the good guys fighting the never-ending cyber-security war.


Ahmed is director of the Security and Forensics Engineering (SAFE) Lab within the Department of Computer Science and VCU Engineering. He leads a pair of interrelated projects funded by the U.S. Department of Homeland Security (DHS) aimed at keeping important industrial systems safe from the bad guys — and shows the same tools crafted for investigating cyber attacks can be used to probe other crimes.


The goal of cyber attacks on physical infrastructure may be to cause chaos by disrupting systems and/or to hold systems for ransom. The SAFE lab focuses on protecting industrial control systems used in the operation of nuclear plants, dams, electricity delivery systems and a wide range of other elements of critical infrastructure in the U.S. The problem isn’t new: In 2010, the Stuxnet computer worm targeted centrifuges at Iranian nuclear facilities before getting loose and infecting “innocent” computers around the world.


Cyber attacks often target a portion of the software architecture known as the control logic. Control logic is vulnerable in that one of its functions is to receive instructions from the user and hand them off to be executed by a programmable logic controller. For instance, the control logic monitoring a natural gas pipeline might be programmed to open a valve if the system detects pressure getting too high. Programmers can modify the control logic — but so can attackers.


One of Ahmed’s DHS-supported projects, called “Digital Forensic Tools and Techniques for Investigating Control Logic Attacks in Industrial Control Systems,” allows him to craft devices and techniques that cyber detectives can use in their investigations of attacks on sensitive critical infrastructure. Their investigation capabilities, he explains, is an under-researched area, as most of the emphasis to date has been on the prevention and detection of their cyber attacks.


“The best scenario is to prevent the attacks on industrial systems,” Ahmed said. “But if an attack does happen, then what? This is where we try to fill the gap at VCU. And the knowledge that we gain in a cyber attack investigation can further help us to detect or even prevent similar attacks.”


In the cat-and-mouse world of cyber security, the way cybercriminals work is in constant evolution, and Ahmed’s SAFE lab pays close attention to the latest developments by malefactors. For instance, an attacker may go for a more subtle approach than modifying the original control logic. An attack method called return-oriented programming sees the malefactor using the existing control logic code, but artfully switching the execution sequence of the code.


Other attackers might insert their malware into another area of the controller, programmed to run undetected until it can replace the function of the original control logic.


Attackers are always coming up with new methods, but each attack leaves evidence behind. The SAFE lab examines possible attack scenarios through simulations. Scale models of physical systems, including an elevator and a belt conveyor system, are housed at the SAFE lab to help facilitate this. The elevator is a four-floor model with inside and outside buttons feeding into a programmable logic controller. The conveyor belt is more advanced, equipped with inductive, capacitive and photoelectric sensors and able to sort objects.


The tools and methods applied in cybercrime can be useful in tracking down other malefactors. That’s where Ahmed’s second DHS-funded project comes in. It’s called “Data Science-integrated Experiential Digital Forensics Training based-on Real-world Case Studies of Cybercrime Artifacts.”


Ahmed is the principal investigator, working with co-PI Kostadin Damevski, Ph.D., associate professor of computer science. The goal is to keep law enforcement personnel abreast of the latest trends in the field of cybercrime investigation and to equip them with the latest tools and techniques, including those developed in the SAFE lab.


“For example, investigators often have to go through thousands of images, or emails or chats, looking for something very specific,” Ahmed said. “We believe the right data science tools can help them to narrow down that search.”


The FBI and other law enforcement agencies already have dedicated cybersleuthing units; the Virginia State Police have a computer evidence recovery section in Richmond. Ahmed and Damevski are arranging sessions showing investigators how techniques from data science and machine learning can make investigations more efficient by sorting through the mounds of digital evidence that increasingly is a feature of modern crime.

Connect with:
Irfan Ahmed, Ph.D.

Irfan Ahmed, Ph.D.

Engineering Foundation Professor

Dr. Ahmed's research interests are broadly in cybersecurity, currently focusing on digital forensics, malware, and cyber-physical systems.

Digital ForensicsMalwareCyber-physical Systems SecuritySystem SecurityCybersecurity Education
Kostadin Damevski, Ph.D.

Kostadin Damevski, Ph.D.

Professor, Graduate Program Director

Interested in software engineering and in the use of natural language processing techniques to improve software maintenance and evolution.

Software EngineeringSoftware MaintenanceRecommendation SystemsNatural Language Processing
Powered by

You might also like...

Check out some other posts from VCU College of Engineering

2 min

National Science Foundation funds research into quantum material-based computing architecture at the VCU College of Engineering

Supporting the development of advanced computing hardware, the National Science Foundation (NSF) awarded Supriyo Bandyopadhyay, Ph.D., Commonwealth Professor in the Department of Electrical and Computer Engineering at the Virginia Commonwealth University (VCU) College of Engineering with more than $300,000 to develop processor-in-memory architecture using quantum materials. “This is one of the first mainstream applications of quantum materials that have unusual and unique quantum mechanical properties,” Bandyopadhyay said. “Quantum materials have been researched for more than a decade and yet there is not a single mainstream product in the market that utilizes them. We want to change that.” The four-year project, titled “Collaborative Research, Foundations of Emerging Technologies: PRocessor In Memory Architecture based on Topological Electronics (PRIMATE),” aims to advance computing hardware and artificial intelligence by integrating topological insulators and magnetic materials. Topological insulators are a special material with an electrically conductive surface and an insulated interior. They have special quantum mechanical properties like “spin-momentum locking,” which ensures the quantum mechanical spin of an electron-conducting current on the surface of the material is always perpendicular to the direction of motion.This marks the first time such quantum materials will be used in a processor-in-memory system. “We place a magnet on top of a topological insulator,” Bandyopadhyay said. “We then change the magnetization of the magnet by applying mechanical strain on it. That changes the electrical properties of the topological insulator via a quantum mechanical interaction known as exchange interaction. This change in the electrical properties can be exploited to perform the functions of a processor-in-memory computer architecture. The advantage is that this process is fast and extremely energy-efficient.” If successful, this approach could reduce energy use and dramatically speed up computing by moving data processing into the memory itself. It addresses the longstanding “memory bottleneck,” the slowdown caused by computers constantly needing to move data back and forth between processor and memory. These efficiencies could make advanced AI more efficient and accessible, paving the way for the first commercially viable applications of quantum materials.. The research is a collaboration with University of Virginia professors Avik Ghosh and Joseph Poon. A VCU Ph.D. student will work on the project and receive training in fabrication, characterization and measurement techniques, preparing them to lead in the rapidly evolving field of computing hardware.

2 min

American Nuclear Society names Lane Carasik, Ph.D., as one of its “40 Under 40”

Recognized as an emerging leader in the nuclear science and engineering field, Lane Carasik, Ph.D., assistant professor in the Department of Mechanical and Nuclear Engineering, was recently acknowledged by the American Nuclear Society as one of its top “40 Under 40.” “It is a huge honor to receive this acknowledgement from my professional community,” said Carasik. “I feel it is a reflection of the amazing nuclear engineering activities I’ve gotten the opportunity to pursue before and during my time at the VCU College of Engineering.” The list, featured in the most recent issue of Nuclear News magazine, celebrates young professionals who are driving innovation and shaping the future of nuclear science and technology. Created to spotlight a new generation of nuclear professionals, the “40 Under 40” program highlights those who are advancing technical fields, from advanced reactor deployment to AI applications and national security, while actively engaging the public, mentoring peers and advocating for nuclear’s role to achieve energy independence and security. “Dr. Carasik’s research efforts, together with his support for students and their own research goals, exemplifies the best qualities of the VCU College of Engineering,” said Arvind Agarwal, Ph.D., chair of the Department of Mechanical and Nuclear Engineering, “integrating research and teaching at the core of everything he does, from classroom and lab work to community outreach.” Carasik was selected for the “40 Under 40” from hundreds of candidates across the United States. Mentoring his first three Ph.D. graduates, Arturo Cabral, Connor Donlan and James Vulcanoff, is one of Carasik’s proudest achievements. He was also honored by the American Society of Mechanical Engineers (ASME) as a rising star in mechanical engineering in 2024 This builds off Carasik receiving the highly competitive and prestigious Department of Energy (DOE) Early Career Research Award ($875k split over five years) in 2023 to support his work on molten salt based fusion energy systems similar to Commonwealth Fusion Systems’ ARC technology. Carasik’s Fluids in Advanced Systems and Technology (FAST) research group, is a computational and experimental thermal hydraulics group focused on enabling the development of advanced energy systems and critical isotope production methods. Legendary physicist Enrico Fermi was an early inspiration to Carasik during his undergraduate studies. Fermi’s expertise mirrored Carasik’s interests, and the physicist’s impact on the field of nuclear engineering was motivating. As an established nuclear engineering faculty member, Carasik seeks to make a lasting impact on the field and the people in it. His ’s long-term goal is earning membership in the National Academies of Sciences, Engineering and Medicine.

2 min

VCU College of Engineering’s Michael McClure, Ph.D., named chair of Orthopaedic Research Society’s Skeletal Muscle Section

Michael McClure, Ph.D., associate professor from the Department of Biomedical Engineering and affiliate faculty in the Department of Orthopaedic Surgery and in the Institute for Engineering and Medicine, has been named chair of the Orthopaedic Research Society’s (ORS) newly launched Skeletal Muscle Section. The section began in August 2025, building on research interest groups and symposia to create a dedicated home for skeletal muscle studies within ORS. Its mission is to advance collaboration, innovation, education and translation in this field. Skeletal muscle disorders cause disability, chronic pain and high health care costs. Severe injuries and degenerative diseases, such as muscular dystrophies, remain difficult to treat. The section will strengthen research in muscle development, aging, trauma, disuse and disease. This work will expand the basic understanding of and identify therapeutic targets to restore function. In its first year, the section will measure success through increased skeletal muscle abstracts at the 2027 ORS Annual Meeting, growth in ORS membership and active participation in section programs. “We are thrilled to launch the Skeletal Muscle Section,” McClure said. “This home for translational muscle research will build on ORS progress over the past 10 years, help recruit new members and foster an environment that connects multiple areas of orthopaedic science.” McClure’s commitment to this work is shaped by his family’s experience with neuromuscular diseases, witnessing the impact of war-related injuries on patients’ quality of life from the Richmond Veterans Affairs Medical Center, and the momentum of translational discovery. Learn more about the ORS Skeletal Muscle Section.

View all posts
Powered by