SaTC: CORE: Small: Privacy, Preserving, Decentralized, Trustworthy Cyber Attack Detection on Critical Infrastructure Network

Critical infrastructure networks (such as gas, water, and power) are large-scale cyber-physical systems comprising multiple stakeholder entities that manage and operate different sections of the network. As a result, data-driven cyberattacks lead to cascading impacts across the entire network on account of physical and operational interdependence among stakeholders.

Unfortunately, the majority of approaches for detecting such network-wide attacks require centralized data aggregation and computation leading to privacy and security concerns, high decision latency and significant hardware and software upgrade costs. The project novelties pertain to the decentralized detection of network-wide, data-driven cyberattacks without the need to move sensitive operational data from the stakeholders.

The project broader significance and importance are in the development of a diverse, globally competitive STEM workforce geared towards bolstering national industrial cybersecurity; and enhanced STEM participation of undergraduate students especially from underrepresented groups through a series of workshops and hackathons targeting industrial cybersecurity preparedness.

This project serves as a key enabler for new research directions pertaining to decentralized algorithmic and computational frameworks for cyberattack detection that deliver publicly verifiable detection outcomes. These frameworks are further complemented by a differential privacy driven, decentralized machine learning paradigm that captures subsystem interdependencies.

The project uses blockchains and decentralized file systems to provide a computational framework that can help ensure the integrity of model parameters and proofs. The primary expected outcome from this project lies in the realization of trustworthy and private industrial cyberattack detection schemes driven by publicly verifiable outcomes especially in multi-stakeholder environments.

Additionally, this project is also expected to bolster situational awareness of local stakeholders through its focus on learning subsystem interdependencies with strong privacy guarantees. Lastly, use of blockchain based decentralization is expected to provide fundamental design insights for implementation of scalable, low-overhead compute frameworks with minimal disruption to prevailing Information Technology (IT) & Operational Technology (OT) systems.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.