[cosc-grad-students-list] Efrén López Morales Dissertation Seminar - SUBJECT: CTI-FOR-CPS: SECURING CYBER-PHYSICAL SYSTEMS VIA ADVANCED CYBER THREAT INTELLIGENCE METHODS

[Eulenfeld, Menda]

Efrén López Morales dissertation seminar.

SUBJECT: CTI-FOR-CPS: SECURING CYBER-PHYSICAL SYSTEMS VIA ADVANCED CYBER THREAT INTELLIGENCE METHODS
SPEAKER: Efrén López-Morales
DATE: Monday June 16, 2025
TIME: 2:00 p.m.
PLACE: CI 109
Zoom: https://tamucc.zoom.us/j/98056870422?pwd=6Mq3aeMrEnDaK8wrbUYK9zgF4FDsuJ.1<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftamucc.zoom.us%2Fj%2F98056870422%3Fpwd%3D6Mq3aeMrEnDaK8wrbUYK9zgF4FDsuJ.1&data=05%7C02%7Ccosc-grad-students-list%40listserv.tamucc.edu%7C01996568419a464c645208dda2ae4946%7C34cbfaf167a64781a9ca514eb2550b66%7C0%7C0%7C638845591609887095%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=1LAV17c0Db6Oc3GzzfF%2BpcLCTbyiOJBWN7uEm9hTp%2Bs%3D&reserved=0>
Meeting ID: 980 5687 0422
Passcode: 015457


Abstract: Many services that make our modern society work are possible thanks to cyber-physical systems (CPS). These services include electricity generation and distribution (Industrial Control Systems (ICS), GPS and remote sensing (satellites), and transportation (connected and autonomous vehicles). Many CPS rely on and buttress Geospatial Data such as GPS location, satellite imagery, and LiDAR point clouds. Due to their importance, CPS have been the target of cyberattacks that aim to disrupt our society. One of the tools that we can leverage to protect CPS is cyber threat intelligence (CTI). CTI is threat information aggregated, transformed, analyzed, interpreted, or enriched to understand a threat actor's motives, targets, and attack behaviors. However, current CTI on CPS is limited as current methods cannot collect and analyze data that can be converted into useful CTI thus leaving CPS exposed to further attacks. This dissertation addresses this problem by developing new methods that advance the state of the art in CTI processing and collection phases, specifically for cyber-physical systems which we call CTI-for-CPS. We close the above research gap by introducing three novel research projects that push the boundaries of CTI-for-CPS, specifically, industrial control systems (ICS), space systems (SS), and connected and autonomous vehicles (CAV). The first contribution is a novel threat taxonomy for programmable logic controllers (PLCs) used in ICS which are well-established CPS, to improve how we categorize and analyze threats in ICS. The second contribution is a satellite honeypot, a novel approach that allows us to gather empirical CTI data on threat actors' techniques targeting satellites. The third and final contribution is a CAV cybersecurity sandbox. This sandbox simulation allows us to test cyberattacks on one or multiple CAVs to collect raw CTI data that can later be analyzed, marking a significant step forward in our understanding of cyber threats targeting CAVs.
These three contributions introduced in this dissertation present novel approaches to collect, aggregate, and analyze data to produce valuable CTI-for-CPS. Failing to advance the state of the art of CTI-for-CPS risks leaving CPS exposed as we will not understand the latest techniques that adversaries use to target CPS, hindering our ability to develop effective countermeasures. Without proper countermeasures in place, the security of our critical infrastructure is at risk of cyberattacks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listserv.tamucc.edu/pipermail/cosc-grad-students-list/attachments/20250603/fc9a3a87/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/calendar
Size: 5619 bytes
Desc: not available
URL: <http://listserv.tamucc.edu/pipermail/cosc-grad-students-list/attachments/20250603/fc9a3a87/attachment.ics>