The future of cybersecurity will depend a great deal on today's STEM students. ORNL is preparing the next generation of cyber researchers to tackle the emerging, myriad threats. Two such students, originally from Puerto Rico and now attending West Virginia University, are working side by side with Laboratory staff to enhance U.S. cybersecurity.
Jarilyn Marie Hernandez Jimenez, an ORISE post-master's student in the Cyber and Information Security Research Group and a Ph.D. candidate in the Lane Department of Computer Science and Electrical Engineering at West Virginia University, is part of a team proposing a novel solution to the detection of malware: consumption of electrical power.
The objective of her research is to determine whether malware generates a detectable signal in the power consumption of a general-purpose computer. Using unsupervised methods to analyze CPU and motherboard power consumption data, her team has been able to distinguish between normal and malicious behavior.
"By measuring the power consumption of a general purpose computer, we can develop novel techniques that help detect the presence of malware," Jarilyn says.
Her colleague Raymond Charles Borges, an ORISE post-master's student in the Power and Energy Systems group and Ph.D. student at West Virginia University, is working on a microgrid security testbed that includes the necessary set of control and communication system components to provide an accurate cybersecurity exploration environment.
His team plans to introduce several attack scenarios to the testbed, measuring and evaluating each scenario's impact to demonstrate its capabilities. They will later perform cyber forensics on the collected experiment data in an effort to develop mitigation strategies.
Borges and his team are working toward developing a framework that facilitates study in research areas such as vulnerability research, impact analysis, mitigation research, cyber-physical metric development, security validation, cyber forensics, and operator training.
"By testing out security concepts on a small-scale testbed, we can safely and efficiently develop novel techniques and systems to safeguard the future smart grid," Raymond says