JMU receives funding through state-wide cybersecurity initiative
Research and Scholarship
By Ben Delp (‘05), JMU Research & Scholarship
Virtually all elements of the U.S. economy depend on secure networks, systems, and devices to function, which places cybersecurity as a top priority for every state in the country. Cybersecurity preparedness includes both the protection of data and resources in critical infrastructure sectors like financial services, communications, and public health, as well as expanding the pipeline of talent to fill the thousands of cybersecurity jobs that open up each year.
In Virginia, working with higher education and industry leaders, state agencies and lawmakers launched the Commonwealth Cyber Initiative (CCI) in 2018. As one of the original seven National Centers of Academic Excellence in Cyber Defense, James Madison University jumped at the opportunity to assist state leaders chart a course for cybersecurity, culminating in “a Commonwealth-wide ecosystem of innovation and excellence in cyberphysical systems…[that] seeks to ensure Virginia is recognized as a global leader in secure CPS and in the digital economy more broadly for decades to come by supporting world-class research at the intersection of data, autonomy, and security; promoting technology commercialization and entrepreneurship; and preparing future generations of innovators and research leaders.”
The “Blueprint” for the CCI developed from a December 2018 report consisting of four working groups with 54 stakeholders from across the Commonwealth. JMU was well represented during this integral planning stage, with Keith Holland, interim vice provost for research and scholarship serving on the Research and Technology Commercialization working group; Sharon Simmons, computer science department head serving on the Partnerships and Investment working group; Benjamin Delp, director of research development and promotion serving on the Finance and Government Relations working group; and Samy El-Tawab, associate professor of integrated science and technology serving on the Educational Programs and Experiential Learning working group.
The structure of the Commonwealth Cyber Initiative developed over the first half of 2019, and consists of a “hub” operating out of Arlington, VA with four regional “nodes” -- Central Virginia, Southeast Virginia, Southwest Virginia, and Northern Virginia (or NoVa Node, of which JMU is a member institution).
Asked about JMU’s participation in this effort, interim vice provost Keith Holland commented, “JMU is excited to partner with our sister institutions of higher education and state and local agencies through the CCI Northern Virginia Regional Node. Our faculty have an established track record of developing and growing information security programs and our alumni occupy key positions focused on securing data, devices, and networks in both the public and private sectors. JMU’s extensive cyber security portfolio -- academic programs, industry partnerships, community outreach, and K-12 boot camps -- positions us well to continue to advance cyber research, education, and economic development to the benefit of our nation, Commonwealth, and students.”
While the focus areas for each node are sure to evolve as opportunities and threats arise, the current foundational objectives for the NoVa Node include:
- To grow workforce-ready cybersecurity and cyberphysical system security talent to meet today’s demands and tomorrow’s economy;
- To build world-leading cyber-physical systems security (CPSS) research capabilities; and
- To accelerate cyber security startups creation and promote cyber technology commercialization, while supporting entrepreneurship by providing access to venture capital and resources.
In support of these goals, JMU researchers successfully proposed four projects during the first round of CCI funding, awarded in March 2020:
Building Capacity for Cyber-Capable Workforce - $12,921
Samy El-Tawab and Ahmad Salman (School of Integrated Sciences)
Summary: The objective of this proposal is to (a) enhance and align the existing academic curricula of the NoVa Node partners with industry-identified skills, the NICE workforce framework, as well as existing and projected practices, in order to create pathways that bridge the gap between education and jobs; (b) explore and align industry certification if possible with credit bearing coursework and ensure dual enrollment and transfer between community colleges and 4-year institutions; and (c) explore and develop, where possible, ways to enable credits for prior work and ensure credit transfer between institutions. Objectives (b) and (c) will reduce the cost of cyber education and training and time to degree completion.
Cyber Security of Transportation Networks - $74,318
Ahmad Salman (School of Integrated Sciences), Samy El-Tawab (School of Integrated Sciences), and Nathan Sprague (Department of Computer Science)
Summary: The primary objective of this combined research proposal is to build an in-lab, in-field experimental system to investigate the viability of these proposals and their safety and cyber security implications under realistic conditions. There are a number of open research problems introduced by autonomous vehicle communications which our research intends to address. They include: (1) Does the Cellular V2X (C-V2X) system have sufficient capacity within operating environments under varying conditions to transmit and receive information? (2) What are the related security and safety concerns and limitations in C-V2X systems and possible mitigations to these issues? (3) What cellular capacities are required in different areas with physical obstructions to transmission (big buildings vs. hills) and environmental conditions (snow, rain, sleet and dust)? (4) In cases of insufficient capacity, what kind of traffic back-off schemes should be implemented on vehicle-based and infrastructure-based radios? (5) How should wireless misuse or misbehaviors within the C-V2X system be detected or prevented? (6) Are the proposed Security Credential Management System (SCMS) architectures sufficient under observable traffic conditions and emerging cyber threats and, if not, what mitigations can be proposed to alleviate the deficiencies?
Fast, Automatic, and Accurate Code-Based Attack Attribution Through Deep Learning - $67,233
Steve Wang and Nathan Sprague (Department of Computer Science)
Summary: In cyber security, attack attribution aims to find the real IP address of the hacker(s) involved in an attack or identify the group(s) to which the hacker(s) belongs. Reliable attack attribution has been a hard problem. The team proposes to use the most recent results of deep machine learning for automatic, fast, and more accurate code-based attack attribution. By leveraging unprecedented computational power and statistical methods, deep machine learning has achieved tremendous success in computer vision, speech recognition, chess/Go playing, and fraud detection in credit card transactions. Several open-source deep learning tools have been available. This proposed research will extend this success to the information security domain for automatic, fast, and more accurate code-based attack attribution.
Accelerating Cybersecurity Technology Commercialization - $5,000
Mary Lou Bourne (Office of Technology Innovation and Economic Development)
Summary: JMU’s Office of Technology Innovation and Economic Development, a unit of the Office of Research and Scholarship, will work with George Mason University’s Office of Technology Transfer to connect university intellectual property (IP) and faculty and student ideas with collaborators and societal challenges. This will be accomplished through an “Innovation and Commercialization Collider Series” where potential commercial partners and entrepreneurs will be introduced to commercially valuable research from all universities participating in the Northern Virginia Node. Partner institutions in the NoVa Node will also join and represent at events such as a technology exhibition hosted by the Northern Virginia Technology Council to showcase their intellectual property portfolio and to engage with potential licensees. Fostering greater research collaboration connections with other NoVa Node academic institutions and regional businesses promotes the importance of IP (in cyber and beyond) and helps bolster economic development in the Commonwealth, bringing innovations to market to improve and positively impact society.
