Initial Self Assessments

Smart Hack Smasher

Achyut Anand

Smart Hack Smasher is a project about security and protection from machine errors, malwares and malicious actors. We have chosen security issues in autonomous vehicles to present our case. Today, every major automaker and even tech companies like Google and Uber are working towards creating a high level of autonomy in cars with varied success. One of the major issues that companies are facing is security. As a computer science major, I understand what type of problems can arise from lack of a secure framework in a software application, especially when that application is heavily dependent on sensor data that are exposed to tampering. This project and the associated research paper aims to solve this issue in autonomous vehicles.

Over the course of the next 2 semesters, we will be going over existing research papers, analyzing algorithms, finding or creating datasets that fit our needs well, and creating a demonstration based on our findings to showcase that our solution is practical. To execute the aforementioned, we need to have a decent understanding of software development, machine learning, and analysis of data and algorithms. Fortunately for me, in the past 4 years at University of Cincinnati, I have taken a wide range of classes that would be relevant for this project. The knowledge that I gained from classes such as Data Structures (2028C), Python (CS 2011) Design and Analysis of Algorithms (CS 4071), and AI: Principles and Applications (CS 4033) would help theorize and design a solution that would help us achieve our goals. In addition, I am currently taking Data Security and Privacy (CS 5158) and Cloud Computing (5165) that would give me a clear idea of how to design and implement a secure framework on the edge cloud.

University of Cincinnati has a great cooperative education program that helps students apply what they learn in classes in a professional environment and gain real world experience. A typical student graduates with at least 18 months of work experience. During my first co-op rotation, I worked at Axiom Product Development, a small consulting business in Blue Ash, where I was first introduced to Cloud and I learned how some of the fortune 50 clients that the company had collect and analyze data. I moved on to Siemens PLM Software in 2018 for my 2nd rotation where I was able to get hands-on experience with migrating a desktop application onto Cloud and offer it as a SaaS product and build some basic classification data science components into it. The third and last employer that I worked for 3 consecutive co-op rotations was Cummins and this is where I really got to work on several tasks that directly correlates to this project. These tasks included market research, analyzing products, analyzing algorithms, finding the best datasets for specific problems, creating complex machine learning algorithms to match specific business needs, creating anomaly detection programs, creating data profiling and data validation platforms and last but not the least edge computing using low power processors. All of the aforementioned tasks will be performed by us on this project at one point or another and I am glad that I am familiar with how to proceed with them.

There are primarily 2 motivational factors for me as far as this project is concerned. First, I have always been driven by the thought of creating something unique that can help solve a problem that exists in the real world. This project gave me an opportunity to design, develop, and innovate to solve a practical problem that multiple businesses are facing today. Second, as mentioned in the last paragraph, I did my last 3 co-ops at Cummins, the world's largest diesel engine manufacturer and one of the largest hydrogen fuel cell manufacturer as well. At Cummins, I truly got to see how an automobile company functions and the security concerns that arise even with minimal automation either at plants or in vehicles. Coming up with a solution that can solve the security concerns that come with automation is something that I have been looking forward to ever since I started working there.

We identified this project during our first conversation with our advisor Professor Rashmi Jha in the first week of August. In the same meeting, we chose our use case to display a modularized machine learning based security solution for automated vehicles. Since then, we have looked at various other research papers that aim to solve the same problem. We have evaluated multiple different datasets available on the web to see which one of them could be the best fit for our demonstration. We are planning on using Docker, Tensorflow, scikit-learn and possibly some other module that would help us create both supervised and unsupervised machine learning models for each of the modules. The expected result would be to have a research paper that successfully theorizes a way to solve the security issues in automated vehicles using our ML based approach. In addition, we would like to have a simulated demonstration so we can showcase that the solution is practical as well. I will know that we have done a good job if we get published in a reputed peer-reviewed journal.

Mathew Lucy

Smart Hack Smasher is a new way of looking at security and vulnerability testing from the perspective of machine learning using the test case of a self-driving car. There are many things that can go wrong with the modules in a self-driving car from a bug or error in the input to a malicious cyber-attack. General approaches to this include mostly prevention with some rudimentary monitoring. But what if we could do better? Smart Hack Smasher is a research and development project that seeks to use machine learning algorithms to identify unexpected states in the modules of self-driving cars and prevent them from causing harm to the car and driver. The end goal of this project is a research paper that seeks to answer whether this can be performed in the field and a test-case example of this software.

Many aspects of my college experience have prepared me uniquely for this type of project. Obviously, my prior work in coding disciplines, especially python, here at the University of Cincinnati have refined my skills as a computer scientist for this type of research and development. Additionally, classes like Software Engineering (CS 3093C) and Python Programming (CS 2021) have given me many academic experiences of group project work. Both of these skills will obviously be immensely helpful in a senior design project that is both computer science and team based. Additionally, this semester will also provide me with many classes that are machine learning and high-power computing focused. These include Intelligent Data Analysis (CS 5152), Machine Learning (CS 5137) and Parallel Computing (CS 5168).

On the co-op side of the house I have also been prepared both as a Computer Scientist and a Teammate. My work at both the Department of Defense and General Electric Digital as a Software Engineer have provided me with the necessary skills to tackle such a large-form project. They have given me the opportunity to refine my personal work ethic and skills by working on individual projects. They have provided me group-based work that included intense performance reviews and tight deliverable deadlines. They have also given me the opportunity to touch aspects of machine learning and cloud computing using systems such as Predix and algorithms including Random Forest. I expect to apply all of these skills from both the academic and work experiences I have had in order to provide unique insights to my team, work on code as a software developer, and to be useful as a team member.

There are so many exciting things about this project. Being a research project I am being given the opportunity to explore the cutting edge of security and machine learning. Self-driving cars are also a technology that is still in its infancy and this project provides me the opportunity to do research that may direct its future. It also allows me to explore machine learning, a passion area of mine in the field of computer science. Finally, and most importantly to me, it allows me to create something that is deliverable in the form of code and a research paper that I will be able to use on resumes and in interviews. Together, this project serves as a culmination and proof of all of the work, learning, and improvement I have done in my five years here at the University of Cincinnati.

Our deliverable can be split into two sections, a software prototype and a research paper. The software prototype is more of a biproduct of the research than our final product, but it will serve to prove or disprove our hypothesis. I expect this to take the form of an algorithm or set of algorithms and code that take an input from a module such as a GPS or 3d Object Tracker and performs computations on it after being trained on a separate dataset. It will then show confidence in error detection when we feed it modified or incorrect data. Secondly, we will have a research paper detailing our findings, our process, and whether we were ultimately successful or failed in creating such a security module. We will thus know our completion of Smart Hack Smasher when we have determined an answer to whether modularized security via machine learning is the way to go.

Zach Hammitt

Smart Hack Smasher is a project that revolves around stopping malicious behavior. Specifically, this is being framed around detecting abnormalities in driverless cars. This is a fast-upcoming real world issue that is not exactly solved. By doing research and undertaking this project, it may be that a viable method for stopping dangerous behavior in driverless cars can be found. In such case, it would be great to publish a paper of this and disseminate this to the world.
Naturally being a complex issue, there is no one solution to knowing that a car is having a malicious anomaly. So in order to develop a wide ranging system that can learn over time, some form of AI system will need to be developed. Looking back there are a few courses that are rather relevant here. One thing that needs to be done is algorithm analysis. This is needed for developing, training, and optimizing the AI. Courses relevant to this are Design and Analysis of Algorithms (CS 4071) for actually designing the algorithms, AI: Principles and Applications (CS 4033) for teaching the basic concepts of how AI works, and Data Structures (CS 2028C) which did a really fine job at explaining time complexity of different operations. I will also say Data Encoding (CS 5125) really explained the root of the issue in that it showed several exploits that hackers can use to get into systems and ways you can defeat those attacks.
Classes did a pretty good job at teaching the theory side of things, but when it comes to actually doing the implementation, the work place was a very large help. What I mean by this is that the workplace taught me about a lot of the tools that exist out there that will be very useful for actually making a functional piece of software. Being a process control engineer co-op at AK Steel was largely the source of these for myself. For one I learned about using Python and within that Tensorflow. At AK, these were used to do some data analysis related to quality control issues in steel. But those same two systems are rather useful for analyzing any type of dataset and is what we will be going with for Smart Hack Smasher. Another tool that I learned about at AK that will prove to be useful is Docker. Docker was used there for modularization, the goal being keep failures as limited as possible and make them as easy as possible to recover from. This is not exactly the use case of Smart Hack Smasher, but the modularization idea is still a great one as it keeps attack vectors more limited.

As alluded to in the introduction, the primary motivation behind this project is to design something with real world applicability that can help people. Driverless cars are the future but so will be attacking them. Manipulating a driverless car could be used to commit all sorts of crimes on the passengers so doing some research into how this can be avoided could alleviate much suffering in the world. Another motivation behind the project is the desire to create an AI model. Personally, I have never made a complex AI model before. No class has had me do in depth training on one that would take months to develop. So along these lines, I am excited to learn something new and just try out something that I often hear about in the tech world.

So far Smart Hack Smasher is mostly in the preliminary phase. A problem has been identified, as has the general solution. We know that cars can be hacked and an AI model could be trained to detect and stop these attacks. The how is mostly where the problem comes in. We looked at the issue and decided a modular approach using a docker and tensorflow stack would be best after doing some research. This is mainly because how portable these systems are. Not every car manufacturer is going to use the same computer to run their systems so whatever solution cannot be bound to a single operating system. We also know that data is needed to train an AI so much work has been spent on looking at various datasets to see which one will fulfill our desire. Personally I will think that the work is done when there exists a workable simulated driving system that we can try and mess with as much as we want but the car just keeps on driving as normal. As far as if the work was quality, I suppose that comes down to if we can get our research paper to pass a peer review and get published as that would be the ultimate goal.