High-impact cybersecurity projects selected for commercialization awards
The Commonwealth Cyber Initiative (CCI) in Southwest Virginia is spearheading a program to drive five cybersecurity research projects one step closer to market.
In its second year, the Innovation: Ideation to Commercialization program creates avenues to commercialize research and technologies to benefit society and address challenges at the intersection of data, autonomy, and security. The program has provided grant funding and early-stage commercialization resources to the Southwest Virginia cyber research community since 2021. It encourages researchers and their teams to think creatively about how their work can impact new audiences beyond the lab.
The innovation program is bolstered by a complementary CCI program, the new Cyber Innovation Scholars program, which supports graduate students and postdoctoral researchers with an interest in commercialization.
“We’re thrilled to support researchers and students as they seek to translate their cybersecurity advances to the marketplace, positioning Virginia as a leader in technology development and implementation,” said Gretchen Matthews, director of CCI in Southwest Virginia and professor of mathematics in the Virginia Tech College of Science.
The selected projects showcased innovative proposals from researchers in institutions throughout Southwest Virginia as well as professionals in private sector organizations and their collaborators from elsewhere in the state.
The following researchers and projects will receive support:
Protecting bystander visual data privacy in augmented reality systems
Brendan David-John, Department of Computer Science, Virginia Tech
Bo Ji, Department of Computer Science, Virginia Tech
Problem: Augmented reality (AR) devices, expected to reach 1.7 billion users by 2024, allow users to interact with a digitally enhanced version of the real world. Mixing natural and virtual worlds requires sensors such as cameras, depth sensors, eye-tracking, and microphones. While essential to the operation, the sensors do not discriminate in the data they collect. The devices capture data required to model the user’s environment as well as visual data about bystanders, which can potentially be used to identify sensitive information for malicious purposes. This threat of bystander data leak is called the bystander privacy problem.
Project: The CCI project will focus on developing BystandAR, a technology that will address the bystander privacy problem by distorting bystander images and voices before integrating the information into the AR device. This will help ensure bystander privacy while maintaining the user experience of the augmented reality system.
Power system-reliant technology for massive interconnection of integrated renewables
Ali Mehrizi-Sani, Department of Electrical and Computer Engineering, Virginia Tech
Problem: To harness the capabilities of renewable energy sources, the power grid must handle power from many sources, such as solar and wind farms. Each new source must be thoroughly tested before it can connect to the grid in a process called generation interconnection studies. Conducting these engineering studies is time-consuming and encumbered by incomplete or out-of-date data and system models as well as inconsistent operational practices. The Federal Energy Regulatory Commission reports a record-high interconnection queue, and federal investments due to the Inflation Reduction Act are only expected to add to this backlog.
Project: This CCI project will focus on creating an automated system for validating data and model consistency while performing the mandated studies and providing additional cybersecurity-related quality analyses. The project aims to create a reliable method to expedite the integration of renewable power sources into the U.S. power grid.
Anti-counterfeiting authentication app using deep-learning-based physically unclonable functions
Emma Meno, Virginia Tech National Security Institute
Problem: Counterfeit devices such as illegitimate pharmaceutical products and medical devices threaten security and cause financial and health repercussions across many industries. Emerging quantum technologies pose a growing threat to the one-way mathematical functions that ensure product legitimacy. New methods are needed to prevent counterfeit products from slipping through regulation checks.
Project: This CCI project will explore a new authentication method that involves a special security label derived from physically unclonable functions. This technique exploits inherent randomness introduced during manufacturing to give a physical entity a unique ‘fingerprint’ that is practically impossible to duplicate. The CCI research team is working on an authentication algorithm and a prototype for a corresponding mobile application.
Cybersecurity rapid asymmetric discovery and reporting (CyberRADaR) phase two: commercially deployed beta product
Jeff Pittges, School of Computing and Information Sciences, Radford University
Bobby F. Keener, CTE Inc./Civilian Cyber
Problem: Zero-day threats are software vulnerabilities discovered by attackers before a vendor can issue patches. Cybersecurity professionals rely on social networking sites to share and learn about zero-day threats and other current cybersecurity vulnerabilities.
Project: This CCI project will build on an automation tool called Cybersecurity Rapid Asymmetric Discovery and Reporting and leverage social networking platforms to help cybersecurity professionals understand and remediate cyberattacks. The research will develop new algorithms, create functional user-experience dashboard enhancements, and incorporate customer feedback to test and recommend product modifications. These developments will use artificial intelligence, machine learning, and natural language processing.
Scalable continuous monitoring solutions for enterprise security
Danfeng "Daphne" Yao, Department of Computer Science, Virginia Tech
Problem: An insider threat is when someone from inside an organization exposes sensitive data. Continuous monitoring is essential for managing security and mitigating threats — both from outside a company as well as from internal sources.
Project: This CCI project will focus on developing a continuous monitoring solution called the SoftAuditor, which will detect stealthy attacks and anomalies in an organization. These attacks include different kinds of advanced persistent threats as well as internal leaks. Two major selling points of the product are its customizability and autonomy. The SoftAuditor will be customized to each client and will require little to no human supervision or monitoring. The software is currently being patented.
Written by Julia Tubridy, science communication intern for the Commonwealth Cyber Initiative Southwest Virginia node