"VCU Researchers Fight Cybercrime With New Digital Tools and Techniques"
Irfan Ahmed, Ph.D., provides defenders with digital forensic tools and the knowledge to use them in cybersecurity. Ahmed is an associate professor of computer science and the director of the Virginia Commonwealth University (VCU) Engineering Department of Computer Science's Security and Forensics Engineering (SAFE) Lab. In the SAFE Lab, he leads two projects funded by the US Department of Homeland Security (DHS) that aim to keep industrial systems secure from criminals and demonstrate how the same tools developed for investigating cyberattacks can be used to investigate other crimes. Cyberattacks on physical infrastructure could be launched to disrupt systems or hold them for ransom. The focus of Ahmed's SAFE Lab is the protection of Industrial Control Systems (ICS) used in the operation of nuclear plants, dams, electricity systems, and more. Cyberattacks often target the control logic of software architecture, which receives instructions from the user and passes them to a Programmable Logic Controller (PLC) for execution. For example, the control logic monitoring a natural gas pipeline could be programmed to open a valve if the system detects high pressure. Programmers and attackers can modify the control logic. One of Ahmed's DHS-funded projects, titled "Digital Forensic Tools and Techniques for Investigating Control Logic Attacks in Industrial Control Systems," supports the development of devices and techniques that cyber detectives can use to conduct investigations. This article continues to discuss Ahmed's work to protect nuclear plants and other critical infrastructure from cybercrime.