Aidin Ferdowsi

AbdelRahman Eldosouky, Aidin Ferdowsi, Walid Saad

One prominent security threat that targets unmanned aerial vehicles (UAVs) is the capture via GPS spoofing in which an attacker manipulates a UAV's global positioning system (GPS) signals in order to capture it. Given the anticipated widespread deployment of UAVs for various purposes, it is imperative to develop new security solutions against such attacks. In this paper, a mathematical framework is introduced for analyzing and mitigating the effects of GPS spoofing attacks on UAVs. In particular, system dynamics are used to model the optimal routes that the UAVs will adopt to reach their destinations. The GPS spoofer's effect on each UAV's route is also captured by the model. To this end, the spoofer's optimal imposed locations on the UAVs, are analytically derived; allowing the UAVs to predict their traveling routes under attack. Then, a countermeasure mechanism is developed to mitigate the effect of the GPS spoofing attack. The countermeasure is built on the premise of cooperative localization, in which a UAV can determine its location using nearby UAVs instead of the possibly compromised GPS locations. To better utilize the proposed defense mechanism, a dynamic Stackelberg game is formulated to model the interactions between a GPS spoofer and a drone operator. In particular, the drone operator acts as the leader that determines its optimal strategy in light of the spoofer's expected response strategy. The equilibrium strategies of the game are then analytically characterized and studied through a novel proposed algorithm. Simulation results show that, when combined with the Stackelberg strategies, the proposed defense mechanism will outperform baseline strategy selection techniques in terms of reducing the possibility of UAV capture

Aidin Ferdowsi, Anibal Sanjab, Walid Saad et al.

Competitive resource allocation between adversarial decision makers arises in a wide spectrum of real-world applications such as in communication systems, cyber-physical systems security, as well as financial, political, and electoral competition. As such, developing analytical tools to model and analyze competitive resource allocation is crucial for devising optimal allocation strategies and anticipating the potential outcomes of the competition. To this end, the Colonel Blotto game is one of the most popular game-theoretic frameworks for modeling and analyzing such competitive resource allocation problems. However, in many real-world competitive situations, the Colonel Blotto game does not admit solutions in deterministic strategies and, hence, one must rely on analytically complex mixed-strategies with their associated tractability, applicability, and practicality challenges. In this paper, a generalization of the Colonel Blotto game which enables the derivation of deterministic, practical, and implementable equilibrium strategies is proposed while accounting for the heterogeneity of the battlefields. In addition, the proposed generalized game enables accounting for the consumed resources in each battlefield, a feature that is not considered in the classical Blotto game. For the generalized game, the existence of a Nash equilibrium in pure-strategies is shown. Then, closed-form analytical expressions of the equilibrium strategies, are derived and the outcome of the game is characterized; based on the number of resources of each player as well as the valuation of each battlefield. The generated results provide invaluable insights on the outcome of the competition. For example, the results show that, when both players are fully rational, the more resourceful player can achieve a better total payoff at the Nash equilibrium, a result that is not mimicked in the classical Blotto game.

Aidin Ferdowsi, Walid Saad, Narayan B. Mandayam

Securing the physical components of a city's interdependent critical infrastructure (ICI) such as power, natural gas, and water systems is a challenging task due to their interdependence and a large number of involved sensors. In this paper, using a novel integrated state-space model that captures the interdependence, a two-stage cyber attack on an ICI is studied in which the attacker first compromises the ICI's sensors by decoding their messages, and, subsequently, it alters the compromised sensors' data to cause state estimation errors. To thwart such attacks, the administrator of each critical infrastructure (CI) must assign protection levels to the sensors based on their importance in the state estimation process. To capture the interdependence between the attacker and the ICI administrator's actions and analyze their interactions, a Colonel Blotto game framework is proposed. The mixed-strategy Nash equilibrium of this game is derived analytically. At this equilibrium, it is shown that the administrator can strategically randomize between the protection levels of the sensors to deceive the attacker. Simulation results coupled with theoretical analysis show that, using the proposed game, the administrator can reduce the state estimation error by at least $ 50\% $ compared to a non-strategic approach that assigns protection levels proportional to sensor values.

Tengchan Zeng, Aidin Ferdowsi, Omid Semiari et al.

Connected and autonomous vehicles (CAVs) can reduce human errors in traffic accidents, increase road efficiency, and execute various tasks ranging from delivery to smart city surveillance. Reaping these benefits requires CAVs to autonomously navigate to target destinations. To this end, each CAV's navigation controller must leverage the information collected by sensors and wireless systems for decision-making on longitudinal and lateral movements. However, enabling autonomous navigation for CAVs requires a convergent integration of communication, control, and learning systems. The goal of this article is to explicitly expose the challenges related to this convergence and propose solutions to address them in two major use cases: Uncoordinated and coordinated CAVs. In particular, challenges related to the navigation of uncoordinated CAVs include stable path tracking, robust control against cyber-physical attacks, and adaptive navigation controller design. Meanwhile, when multiple CAVs coordinate their movements during navigation, fundamental problems such as stable formation, fast collaborative learning, and distributed intrusion detection are analyzed. For both cases, solutions using the convergence of communication theory, control theory, and machine learning are proposed to enable effective and secure CAV navigation. Preliminary simulation results are provided to show the merits of proposed solutions.

Mohammad Aghapour, Aidin Ferdowsi, Walid Saad

In federated learning (FL), a machine learning model is trained on multiple nodes in a decentralized manner, while keeping the data local and not shared with other nodes. However, FL requires the nodes to also send information on the model parameters to a central server for aggregation. However, the information sent from the nodes to the server may reveal some details about each node's local data, thus raising privacy concerns. Furthermore, the repetitive uplink transmission from the nodes to the server may result in a communication overhead and network congestion. To address these two challenges, in this paper, a novel two-bit aggregation algorithm is proposed with guaranteed differential privacy and reduced uplink communication overhead. Extensive experiments demonstrate that the proposed aggregation algorithm can achieve the same performance as state-of-the-art approaches on datasets such as MNIST, Fashion MNIST, CIFAR-10, and CIFAR-100, while ensuring differential privacy and improving communication efficiency.

Aidin Ferdowsi, David Whitefield

Line of sight satellite systems, unmanned aerial vehicles, high-altitude platforms, and microwave links that operate on frequency bands such as Ka-band or higher are extremely susceptible to rain. Thus, rain fade forecasting for these systems is critical because it allows the system to switch between ground gateways proactively before a rain fade event to maintain seamless service. Although empirical, statistical, and fade slope models can predict rain fade to some extent, they typically require statistical measurements of rain characteristics in a given area and cannot be generalized to a large scale system. Furthermore, such models typically predict near-future rain fade events but are incapable of forecasting far into the future, making proactive resource management more difficult. In this paper, a deep learning (DL)-based architecture is proposed that forecasts future rain fade using satellite and radar imagery data as well as link power measurements. Furthermore, the data preprocessing and architectural design have been thoroughly explained and multiple experiments have been conducted. Experiments show that the proposed DL architecture outperforms current state-of-the-art machine learning-based algorithms in rain fade forecasting in the near and long term. Moreover, the results indicate that radar data with weather condition information is more effective for short-term prediction, while satellite data with cloud movement information is more effective for long-term predictions.

Biplav Choudhury, Vijay K. Shah, Aidin Ferdowsi et al.

Due to flexibility, autonomy and low operational cost, unmanned aerial vehicles (UAVs), as fixed aerial base stations, are increasingly being used as \textit{relays} to collect time-sensitive information (i.e., status updates) from IoT devices and deliver it to the nearby terrestrial base station (TBS), where the information gets processed. In order to ensure timely delivery of information to the TBS (from all IoT devices), optimal scheduling of time-sensitive information over two hop UAV-relayed IoT networks (i.e., IoT device to the UAV [hop 1], and UAV to the TBS [hop 2]) becomes a critical challenge. To address this, we propose scheduling policies for Age of Information (AoI) minimization in such two-hop UAV-relayed IoT networks. To this end, we present a low-complexity MAF-MAD scheduler, that employs Maximum AoI First (MAF) policy for sampling of IoT devices at UAV (hop 1) and Maximum AoI Difference (MAD) policy for updating sampled packets from UAV to the TBS (hop 2). We show that MAF-MAD is the optimal scheduler under ideal conditions, i.e., error-free channels and generate-at-will traffic generation at IoT devices. On the contrary, for realistic conditions, we propose a Deep-Q-Networks (DQN) based scheduler. Our simulation results show that DQN-based scheduler outperforms MAF-MAD scheduler and three other baseline schedulers, i.e., Maximal AoI First (MAF), Round Robin (RR) and Random, employed at both hops under general conditions when the network is small (with 10's of IoT devices). However, it does not scale well with network size whereas MAF-MAD outperforms all other schedulers under all considered scenarios for larger networks.

Ali Pourranjbar, Georges Kaddoum, Aidin Ferdowsi et al.

Conventional anti-jamming method mostly rely on frequency hopping to hide or escape from jammer. These approaches are not efficient in terms of bandwidth usage and can also result in a high probability of jamming. Different from existing works, in this paper, a novel anti-jamming strategy is proposed based on the idea of deceiving the jammer into attacking a victim channel while maintaining the communications of legitimate users in safe channels. Since the jammer's channel information is not known to the users, an optimal channel selection scheme and a sub optimal power allocation are proposed using reinforcement learning (RL). The performance of the proposed anti-jamming technique is evaluated by deriving the statistical lower bound of the total received power (TRP). Analytical results show that, for a given access point, over 50 % of the highest achievable TRP, i.e. in the absence of jammers, is achieved for the case of a single user and three frequency channels. Moreover, this value increases with the number of users and available channels. The obtained results are compared with two existing RL based anti-jamming techniques, and random channel allocation strategy without any jamming attacks. Simulation results show that the proposed anti-jamming method outperforms the compared RL based anti-jamming methods and random search method, and yields near optimal achievable TRP.

Qianqian Zhang, Aidin Ferdowsi, Walid Saad et al.

In this paper, a novel framework is proposed to perform data-driven air-to-ground (A2G) channel estimation for millimeter wave (mmWave) communications in an unmanned aerial vehicle (UAV) wireless network. First, an effective channel estimation approach is developed to collect mmWave channel information, allowing each UAV to train a stand-alone channel model via a conditional generative adversarial network (CGAN) along each beamforming direction. Next, in order to expand the application scenarios of the trained channel model into a broader spatial-temporal domain, a cooperative framework, based on a distributed CGAN architecture, is developed, allowing each UAV to collaboratively learn the mmWave channel distribution in a fully-distributed manner. To guarantee an efficient learning process, necessary and sufficient conditions for the optimal UAV network topology that maximizes the learning rate for cooperative channel modeling are derived, and the optimal CGAN learning solution per UAV is subsequently characterized, based on the distributed network structure. Simulation results show that the proposed distributed CGAN approach is robust to the local training error at each UAV. Meanwhile, a larger airborne network size requires more communication resources per UAV to guarantee an efficient learning rate. The results also show that, compared with a stand-alone CGAN without information sharing and two other distributed schemes, namely: A multi-discriminator CGAN and a federated CGAN method, the proposed distributed CGAN approach yields a higher modeling accuracy while learning the environment, and it achieves a larger average data rate in the online performance of UAV downlink mmWave communications.

Aidin Ferdowsi, Walid Saad

To achieve a high learning accuracy, generative adversarial networks (GANs) must be fed by large datasets that adequately represent the data space. However, in many scenarios, the available datasets may be limited and distributed across multiple agents, each of which is seeking to learn the distribution of the data on its own. In such scenarios, the agents often do not wish to share their local data as it can cause communication overhead for large datasets. In this paper, to address this multi-agent GAN problem, a novel brainstorming GAN (BGAN) architecture is proposed using which multiple agents can generate real-like data samples while operating in a fully distributed manner. BGAN allows the agents to gain information from other agents without sharing their real datasets but by ``brainstorming'' via the sharing of their generated data samples. In contrast to existing distributed GAN solutions, the proposed BGAN architecture is designed to be fully distributed, and it does not need any centralized controller. Moreover, BGANs are shown to be scalable and not dependent on the hyperparameters of the agents' deep neural networks (DNNs) thus enabling the agents to have different DNN architectures. Theoretically, the interactions between BGAN agents are analyzed as a game whose unique Nash equilibrium is derived. Experimental results show that BGAN can generate real-like data samples with higher quality and lower Jensen-Shannon divergence (JSD) and Frèchet Inception distance (FID) compared to other distributed GAN architectures.

Aidin Ferdowsi, Walid Saad

To reap the benefits of the Internet of Things (IoT), it is imperative to secure the system against cyber attacks in order to enable mission critical and real-time applications. To this end, intrusion detection systems (IDSs) have been widely used to detect anomalies caused by a cyber attacker in IoT systems. However, due to the large-scale nature of the IoT, an IDS must operate in a distributed manner with minimum dependence on a central controller. Moreover, in many scenarios such as health and financial applications, the datasets are private and IoTDs may not intend to share such data. To this end, in this paper, a distributed generative adversarial network (GAN) is proposed to provide a fully distributed IDS for the IoT so as to detect anomalous behavior without reliance on any centralized controller. In this architecture, every IoTD can monitor its own data as well as neighbor IoTDs to detect internal and external attacks. In addition, the proposed distributed IDS does not require sharing the datasets between the IoTDs, thus, it can be implemented in IoTs that preserve the privacy of user data such as health monitoring systems or financial applications. It is shown analytically that the proposed distributed GAN has higher accuracy of detecting intrusion compared to a standalone IDS that has access to only a single IoTD dataset. Simulation results show that, the proposed distributed GAN-based IDS has up to 20% higher accuracy, 25% higher precision, and 60% lower false positive rate compared to a standalone GAN-based IDS.

Aidin Ferdowsi, Samad Ali, Walid Saad et al.

Autonomous connected vehicles (ACVs) rely on intra-vehicle sensors such as camera and radar as well as inter-vehicle communication to operate effectively. This reliance on cyber components exposes ACVs to cyber and physical attacks in which an adversary can manipulate sensor readings and physically take control of an ACV. In this paper, a comprehensive framework is proposed to thwart cyber and physical attacks on ACV networks. First, an optimal safe controller for ACVs is derived to maximize the street traffic flow while minimizing the risk of accidents by optimizing ACV speed and inter-ACV spacing. It is proven that the proposed controller is robust to physical attacks which aim at making ACV systems instable. To improve the cyber-physical security of ACV systems, next, data injection attack (DIA) detection approaches are proposed to address cyber attacks on sensors and their physical impact on the ACV system. To comprehensively design the DIA detection approaches, ACV sensors are characterized in two subsets based on the availability of a-priori information about their data. For sensors having a prior information, a DIA detection approach is proposed and an optimal threshold level is derived for the difference between the actual and estimated values of sensors data which enables ACV to stay robust against cyber attacks. For sensors having no prior information, a novel multi-armed bandit (MAB) algorithm is proposed to enable ACV to securely control its motion. Simulation results show that the proposed optimal safe controller outperforms current state of the art controllers by maximizing the robustness of ACVs to physical attacks. The results also show that the proposed DIA detection approaches, compared to Kalman filtering, can improve the security of ACV sensors against cyber attacks and ultimately improve the physical robustness of an ACV system.

Aidin Ferdowsi, Ursula Challita, Walid Saad et al.

To operate effectively in tomorrow's smart cities, autonomous vehicles (AVs) must rely on intra-vehicle sensors such as camera and radar as well as inter-vehicle communication. Such dependence on sensors and communication links exposes AVs to cyber-physical (CP) attacks by adversaries that seek to take control of the AVs by manipulating their data. Thus, to ensure safe and optimal AV dynamics control, the data processing functions at AVs must be robust to such CP attacks. To this end, in this paper, the state estimation process for monitoring AV dynamics, in presence of CP attacks, is analyzed and a novel adversarial deep reinforcement learning (RL) algorithm is proposed to maximize the robustness of AV dynamics control to CP attacks. The attacker's action and the AV's reaction to CP attacks are studied in a game-theoretic framework. In the formulated game, the attacker seeks to inject faulty data to AV sensor readings so as to manipulate the inter-vehicle optimal safe spacing and potentially increase the risk of AV accidents or reduce the vehicle flow on the roads. Meanwhile, the AV, acting as a defender, seeks to minimize the deviations of spacing so as to ensure robustness to the attacker's actions. Since the AV has no information about the attacker's action and due to the infinite possibilities for data value manipulations, the outcome of the players' past interactions are fed to long-short term memory (LSTM) blocks. Each player's LSTM block learns the expected spacing deviation resulting from its own action and feeds it to its RL algorithm. Then, the the attacker's RL algorithm chooses the action which maximizes the spacing deviation, while the AV's RL algorithm tries to find the optimal action that minimizes such deviation.

Ursula Challita, Aidin Ferdowsi, Mingzhe Chen et al.

Cellular-connected unmanned aerial vehicles (UAVs) will inevitably be integrated into future cellular networks as new aerial mobile users. Providing cellular connectivity to UAVs will enable a myriad of applications ranging from online video streaming to medical delivery. However, to enable a reliable wireless connectivity for the UAVs as well as a secure operation, various challenges need to be addressed such as interference management, mobility management and handover, cyber-physical attacks, and authentication. In this paper, the goal is to expose the wireless and security challenges that arise in the context of UAV-based delivery systems, UAV-based real-time multimedia streaming, and UAV-enabled intelligent transportation systems. To address such challenges, artificial neural network (ANN) based solution schemes are introduced. The introduced approaches enable the UAVs to adaptively exploit the wireless system resources while guaranteeing a secure operation, in real-time. Preliminary simulation results show the benefits of the introduced solutions for each of the aforementioned cellular-connected UAV application use case.

Aidin Ferdowsi, Walid Saad

Secure signal authentication is arguably one of the most challenging problems in the Internet of Things (IoT) environment, due to the large-scale nature of the system and its susceptibility to man-in-the-middle and eavesdropping attacks. In this paper, a novel deep learning method is proposed for dynamic authentication of IoT signals to detect cyber attacks. The proposed learning framework, based on a long short-term memory (LSTM) structure, enables the IoT devices (IoTDs) to extract a set of stochastic features from their generated signal and dynamically watermark these features into the signal. This method enables the cloud, which collects signals from the IoT devices, to effectively authenticate the reliability of the signals. Moreover, in massive IoT scenarios, since the cloud cannot authenticate all the IoTDs simultaneously due to computational limitations, a game-theoretic framework is proposed to improve the cloud's decision making process by predicting vulnerable IoTDs. The mixed-strategy Nash equilibrium (MSNE) for this game is derived and the uniqueness of the expected utility at the equilibrium is proven. In the massive IoT system, due to a large set of available actions for the cloud, it is shown that analytically deriving the MSNE is challenging and, thus, a learning algorithm proposed that converges to the MSNE. Moreover, in order to cope with the incomplete information case in which the cloud cannot access the state of the unauthenticated IoTDs, a deep reinforcement learning algorithm is proposed to dynamically predict the state of unauthenticated IoTDs and allow the cloud to decide on which IoTDs to authenticate. Simulation results show that, with an attack detection delay of under 1 second the messages can be transmitted from IoT devices with an almost 100% reliability.

Aidin Ferdowsi, Ursula Challita, Walid Saad

Intelligent transportation systems (ITSs) will be a major component of tomorrow's smart cities. However, realizing the true potential of ITSs requires ultra-low latency and reliable data analytics solutions that can combine, in real-time, a heterogeneous mix of data stemming from the ITS network and its environment. Such data analytics capabilities cannot be provided by conventional cloud-centric data processing techniques whose communication and computing latency can be high. Instead, edge-centric solutions that are tailored to the unique ITS environment must be developed. In this paper, an edge analytics architecture for ITSs is introduced in which data is processed at the vehicle or roadside smart sensor level in order to overcome the ITS latency and reliability challenges. With a higher capability of passengers' mobile devices and intra-vehicle processors, such a distributed edge computing architecture can leverage deep learning techniques for reliable mobile sensing in ITSs. In this context, the ITS mobile edge analytics challenges pertaining to heterogeneous data, autonomous control, vehicular platoon control, and cyber-physical security are investigated. Then, different deep learning solutions for such challenges are proposed. The proposed deep learning solutions will enable ITS edge analytics by endowing the ITS devices with powerful computer vision and signal processing functions. Preliminary results show that the proposed edge analytics architecture, coupled with the power of deep learning algorithms, can provide a reliable, secure, and truly smart transportation environment.

Aidin Ferdowsi, Walid Saad

Securing the Internet of Things (IoT) is a necessary milestone toward expediting the deployment of its applications and services. In particular, the functionality of the IoT devices is extremely dependent on the reliability of their message transmission. Cyber attacks such as data injection, eavesdropping, and man-in-the-middle threats can lead to security challenges. Securing IoT devices against such attacks requires accounting for their stringent computational power and need for low-latency operations. In this paper, a novel deep learning method is proposed for dynamic watermarking of IoT signals to detect cyber attacks. The proposed learning framework, based on a long short-term memory (LSTM) structure, enables the IoT devices to extract a set of stochastic features from their generated signal and dynamically watermark these features into the signal. This method enables the IoT's cloud center, which collects signals from the IoT devices, to effectively authenticate the reliability of the signals. Furthermore, the proposed method prevents complicated attack scenarios such as eavesdropping in which the cyber attacker collects the data from the IoT devices and aims to break the watermarking algorithm. Simulation results show that, with an attack detection delay of under 1 second the messages can be transmitted from IoT devices with an almost 100% reliability.

Aidin Ferdowsi, Anibal Sanjab, Walid Saad et al.

A city's critical infrastructure such as gas, water, and power systems, are largely interdependent since they share energy, computing, and communication resources. This, in turn, makes it challenging to endow them with fool-proof security solutions. In this paper, a unified model for interdependent gas-power-water infrastructure is presented and the security of this model is studied using a novel game-theoretic framework. In particular, a zero-sum noncooperative game is formulated between a malicious attacker who seeks to simultaneously alter the states of the gas-power-water critical infrastructure to increase the power generation cost and a defender who allocates communication resources over its attack detection filters in local areas to monitor the infrastructure. At the mixed strategy Nash equilibrium of this game, numerical results show that the expected power generation cost deviation is 35\% lower than the one resulting from an equal allocation of resources over the local filters. The results also show that, at equilibrium, the interdependence of the power system on the natural gas and water systems can motivate the attacker to target the states of the water and natural gas systems to change the operational states of the power grid. Conversely, the defender allocates a portion of its resources to the water and natural gas states of the interdependent system to protect the grid from state deviations.

Aidin Ferdowsi, Walid Saad, Behrouz Maham et al.

Smart cities must integrate a number of interdependent cyber-physical systems that operate in a coordinated manner to improve the well-being of the city's residents. A cyber-physical system (CPS) is a system of computational elements controlling physical entities. Large-scale CPSs are more vulnerable to attacks due to the cyber-physical interdependencies that can lead to cascading failures which can have a significant detrimental effect on a city. In this paper, a novel approach is proposed for analyzing the problem of allocating security resources, such as firewalls and anti-malware, over the various cyber components of an interdependent CPS to protect the system against imminent attacks. The problem is formulated as a Colonel Blotto game in which the attacker seeks to allocate its resources to compromise the CPS, while the defender chooses how to distribute its resources to defend against potential attacks. To evaluate the effects of defense and attack, various CPS factors are considered including human-CPS interactions as well as physical and topological characteristics of a CPS such as flow and capacity of interconnections and minimum path algorithms. Results show that, for the case in which the attacker is not aware of the CPS interdependencies, the defender can have a higher payoff, compared to the case in which the attacker has complete information. The results also show that, in the case of more symmetric nodes, due to interdependencies, the defender achieves its highest payoff at the equilibrium compared to the case with independent, asymmetric nodes.