HUI LIN, assistant professor of engineering at the University of Rhode Island, was recently awarded a $500,000 grant from the National Science Foundation to help develop programs designed to disrupt cyberattacks. He and his team received the five-year grant for their “CAREER: PARP: Mislead Physical-Disruption Attacks by Preemptive Anti-Reconnaissance for Power Grids’ Cyber-Physical Infrastructures” project. Lin and his team will develop programs that are designed to essentially disrupt the disruptors.
What initially interested you in doing research on solving cyberattacks?
After I started my graduate studies, my Ph.D. adviser introduced to me a project related to network security of power systems. I found it interesting because we would study a computer from a very different perspective, and also not many people had researched in this interdisciplinary area at that time.
What areas of cyberattacks will you research with this $500,000 grant?
I mainly look at increasing the resilience of power grids against cyberattacks. This type of cyberattack, which we usually call a cyber-physical security problem, starts with a general computer system but with an objective to disrupt the normal operations of critical infrastructure such as power grids.
Can you explain your proposal on disrupting and even misleading some of the reconnaissance that potential attackers perform as a means to fight cyberattacks?
Cyber-physical attacks can be very complicated. Attackers usually perform intelligent reconnaissance to make sure that physical damage can be caused. This requires attackers to have an in-depth understanding of the target system. Instead of performing passive detection and responses after the attack, I proposed to disrupt and mislead this reconnaissance. The general idea is that if we can add some existing network traffic that delivers some decoy information, attackers can result in an attack strategy that is easy to detect and introduces no damage to the target system. Consequently, we can detect the attack and avoid the damage at the same time. Meanwhile, the proposal will also overcome a challenge on how to make sure the decoy information does not affect normal operations in the existing power grid.
If your project is successful in stopping cyberattacks, what next steps do you plan to take to make this publicly available?
I will first perform research experiments in a lab environment to see the effectiveness and efficiency of the proposed idea. Then according to the data management plan of the proposal, the research findings, including source codes, will be made available to existing industries and other research institutions. I hope to get some feedback from them to move forward so that the approaches can become applicable in real utility environments.