Institute for Homeland Security
Permanent URI for this communityhttps://hdl.handle.net/20.500.11875/4231
Browse
Browsing Institute for Homeland Security by Issue Date
Now showing 1 - 20 of 32
- Results Per Page
- Sort Options
Item Convergence of Mission and Moment: Imagining the Emerging Technology Analyst(Institute for Homeland Security, 2023-10-15) Reese, NickThe Department of Homeland Security (DHS) was built to prevent terror attacks in the homeland and its culture and structure reflect its birth in 2002. Unlike the world changing event that created DHS, the gradual fading of the terror threat has left it misaligned to respond to new nation-state sponsored threats. The homeland security mission is at a true inflection point as it looks for new ways to use its capabilities and authorities while the central force driving global competition is being established. Just as the field of cyber was being established in the late 1990s and early 2000s in response to new threats, so too must the field of emerging technology be developed today. Examining the realities of the world today, we see the need for professionals who specialize in how emerging technologies create risks and opportunities in a way that is distinct from how cyber professionals do the same for the cyber domain. This work examines the geopolitical reality and how it reflects on the homeland. It goes a step further by conducting a comparative analysis between current cyber analyst requirements and skills and what would be required for an equivalent emerging technology analyst. This analysis informs governments, academia, and industry by creating a baseline from which emerging technology professionals can be created and evaluated with direct application on practitioners in critical infrastructure.Item Workplace Harassment and Violence: A Primer on Critical Strategies for Small and Medium-Sized Businesses(The Sam Houston State University Institute for Homeland Security, 2023-10-15) Shashidhar, Narasimha KItem DeepGray: A Novel Approach to Malware Classification Using Grayscale Images with Deep Learning(Institute for Homeland Security, 2023-10-15) Polsani, Harshitha; Jiang, HaodiIn the ever-evolving landscape of cybersecurity, the threat posed by malware continues to loom large, necessitating innovative and robust approaches for its effective detection and classification. In this paper, we introduce a novel method, DeepGray, for multi-class malware classification utilizing grayscale images and the power of deep learning. Our dataset combines the malware sample from the BODMAS dataset and the benign sample from the DikeDataset. Our approach involves transforming executable files into a format suitable for deep learning by converting them into grayscale images while retaining the essentialdata characteristics. During the data preprocessing step, applied Principal Component Analysis (PCA) was applied to distill the most significant features. To achieve state-of-the-art results in multi-class malware classification, we harnessed the power of deep learning and transfer learning, employing well-established neural network architectures such as a customized Convolutional Neural (CNN), VGG16, EfficientNet, and Vision Transformers (ViT). The models were meticulously trained and rigorously evaluated using a 5-fold cross-validation methodology. Notably, our approach yielded remarkable results, with ViT achieved an impressive accuracy of 0.95. This research underscores the potential of grayscale image analysis and deep learning within the domain of multi-class malware classification. The insights derived from this study contribute significantly to the field of cybersecurity and pave the way for further advancements in the realm of malware detection and classification.Item Rationale and Process for Continuity of the Economy(Institute for Homeland Security, 2023-10-15) Ruddell, BenjaminA regional economy is a vibrant ecosystem comprising critical infrastructures and economic agents like power and telecommunications, ports and logistics, networks of producers and suppliers, human capital, and government agencies. In the increasingly connected and chaotic global economy, resilient regional economies must implement economic development and regulatory policies that ensure "Continuity of the Economy" (COTE) during major social, economic, or environmental shocks. COTE requires that all providers and operators of critical infrastructures and critical functions establish adequate capacity to self recover after a major disruption and prepare adequate input supply chain buffers so that supplier disruptions do not take down critical services before the economic network can recover itself. Non-critical suppliers support interdependent critical infrastructures, blurring the artificial lines between critical and non-critical sectors and highlighting the need for a cross-cutting whole-of-economy approach instead of a sectoral approach to preparedness. This whole-of-economy planning and preparation is made possible by implementing a recurring community-based participatory process that maps supply chains, measures buffers and recovery requirements, and connects critical infrastructure service providers and recovery responders directly with suppliers to share recovery priorities and plans. This participatory process also screens out non-critical suppliers that are not necessary in the short term to recover or sustain critical infrastructures and critical functions during a major disruption, enabling recovery operations to focus on critical infrastructures and critical suppliers and speed recovery. Establishing adequate supply chain buffer time and inside-out recovery capacity are identified as the key foci for COTE preparedness. COTE is an all-hazard approach to resilience and preparedness that complements existing economic development, five-year emergency planning, cyber preparedness, and emergency management processes.Item Supply Chain Mapping for Emergency Management Decision-Making(Institute for Homeland Security, 2023-10-15) Scott, MarkSupply chain issues are a growing concern for public sector emergency managers because communities rely on these privately-owned and operated systems to deliver goods needed for daily life and survival. Recent events have highlighted the many ways supply chains can be disrupted. Knowing how these systems are configured and how they operate is essential to making more effective operational decisions during emergencies and to support supply chain owners/operators restore flow following a disruption. Mapping the supply chain is a proven private sector practice for gaining visibility into these systems that may have application in the public sector. This paper describes why mapping helps improve emergency preparedness, how mapping has been done, and two case studies of its application for lifeline commodity supply chains in the National Capital Region. The paper concludes with a path forward for emergency managers seeking to use mapping to strengthen supply chain resilience in their communities, regardless of scale.Item Convergence of Mission and Moment: Imagining the Emerging Technology Analyst(Institute for Homeland Security, 2023-10-15) Reese, NickThe Department of Homeland Security (DHS) was built to prevent terror attacks in the homeland and its culture and structure reflect its birth in 2002. Unlike the world changing event that created DHS, the gradual fading of the terror threat has left it misaligned to respond to new nation-state sponsored threats. The homeland security mission is at a true inflection point as it looks for new ways to use its capabilities and authorities while the central force driving global competition is being established. Just as the field of cyber was being established in the late 1990s and early 2000s in response to new threats, so too must the field of emerging technology be developed today. Examining the realities of the world today, we see the need for professionals who specialize in how emerging technologies create risks and opportunities in a way that is distinct from how cyber professionals do the same for the cyber domain. This work examines the geopolitical reality and how it reflects on the homeland. It goes a step further by conducting a comparative analysis between current cyber analyst requirements and skills and what would be required for an equivalent emerging technology analyst. This analysis informs governments, academia, and industry by creating a baseline from which emerging technology professionals can be created and evaluated with direct application on practitioners in critical infrastructure.Item Resilience to High Consequence Cascading Failures of Critical Infrastructure Networks(Institute for Homeland Security, 2023-10-15) Mouco, Arthur; Ruddell, Benjamin L.; Ginsburg, SusanCritical infrastructure networks such as telecommunications, power, water, natural gas, diesel, transportation, and cyber networks are interdependent with one another, forming a vast and dauntingly complex web of institutions and physical systems that must be engineered and secured for reliability. No single utility operator, engineering consultant, emergency management organization, financial institution, or local, regional or other government entity is capable of understanding, monitoring, or managing the whole system. Yet, failures are unavoidable, and when those failures cascade through the network the result may be high-consequence cascading “catastrophes” or Black Swan events. In one recent and tragic example, the February 13–17, 2021 Winter Storm Uri in Texas initiated a failure in the natural gas production system that cascaded first to the natural gas power generation system and then to the wider ERCOT power system, the water distribution system, and the petrochemical industry of Texas. No single system operator was responsible, and yet the consequences – including fatalities, recovery challenges, regulatory attention, and extreme costs – are everyone’s problem. As networked interdependencies grow, the likelihood of cascading failures has increased accordingly, necessitating technical solutions tailored to this problem. This report introduces the basic principles of interdependent critical infrastructure networks and reviews approaches for analyzing and mitigating the vulnerability of the network to make it resilient. Resilience and reliability in critical infrastructures are complementary and orthogonal. In resilient networks, the inevitable failures due to “all hazards” stay small and don’t become catastrophes.Item Countering Workplace Violence in Healthcare: Voices from the Field(Institute for Homeland Security, 2023-10-15) Denham, Magdalena A; Denham, Mark VOverall, the U.S. healthcare system has the highest workplace violence (WPV) rates of any occupational setting in the United States. Specifically, among 25,000 incidents of WPV reported annually, 75% percent occur in the healthcare system. Workers in healthcare are four times more likely to be victimized than workers in other private industries.Item Toward a More Effective Policy Model for Responding to Workplace Violence in the Texas Healthcare System(Institute for Homeland Security, 2023-10-15) Kinney, Alexander B.; Lehmann, Peter S.Workplace violence is a growing social problem that that has caught the attention of public stakeholders and policymakers. Likewise, industry observers have pushed for more attention to be paid to how violence in the workplace uniquely impacts healthcare professionals. Recently, Texas legislators responded to these calls by passing the Workplace Violence Prevention Act. This new law represents a significant milestone in the effort to develop durable protections for employees in the healthcare Texas system and prevent future incidents of workplace violence. The aim of this technical paper is to provide policymakers and corporate stakeholders with an introduction to this issue and to suggest future improvements to this landmark piece of legislation. In what follows, we will provide a brief overview of the background and significance of workplace violence as a challenging issue that uniquely impacts the healthcare system, outline a working definition of workplace violence that respects the healthcare context, and review existing regulatory and corporate policies that have emerged to combat workplace violence in practice. We will then provide an overview of this new legislation and suggest several ways that this law can be strengthened in light of existing research.Item The Role of State and Local Law Enforcement in Critical Infrastructure Protection(Institute for Homeland Security, 2023-10-15) Schafer, Joseph ALocal law enforcement agencies and their personnel are pivotal in helping secure and protect critical infrastructures within their jurisdictions. Critical infrastructure can be highly varied in nature, size, complexity, and needs of local law enforcement. Agencies, their leaders, and their personnel need to understand not only infrastructure in their jurisdiction but also infrastructure that might have implications, despite being located elsewhere. Awareness of critical infrastructure and its prevention, protection, mitigation, response, and recovery needs can be imperative in keeping communities safe, protecting the well-being of public safety personnel, protecting lives and property, avoiding disruptions to vital services, and neutralizing risks of criminal or terrorism events. There may be multiple ways agencies accomplish these objectives, from having a general awareness that a form of infrastructure exists to allocating the fixed deployment of personnel to secure a facility. This report discusses critical infrastructure and its implications for local and state law enforcement agencies. First, it examines the various efforts agencies might engage in to protect critical infrastructure and surrounding communities. Second, it explores some of the challenges and barriers which impede agencies from engaging in appropriate critical infrastructure protection efforts. Third, it examines the major risks that can threaten the security and integrity of critical infrastructure. Finally, it offers a set of recommendations for how Texas law enforcement agencies can seek to protect critical infrastructure and the communities they serve.Item Examining Use Cases for Drones (UAS/RPAS) at the Texas Medical Center(Institute for Homeland Security, 2023-10-15) Allen, Bryce SThe Texas Medical Center (TMC) is the largest medical center in the world, with over 50 million square feet of developed land. With that size and notoriety come unique threats and challenges. As the TMC continues growth in size, and in technological advancement, an emphasis should be placed on how to utilize technologies already being integrated effectively in other critical sectors to support the growth of the TMC. One area of potential is the use of unmanned/un-crewed aircraft systems (UAS), more commonly known as drones, in supporting critical infrastructure inspection, testing, and preventative maintenance. Further, drone use for security of facilities, people, and high-risk areas is examined. This paper focuses on expanding on these potential use cases by exploring drone use in other industries that support the TMC (i.e., energy), and how to effectively integrate drone technologies while mitigating common concerns for safety and privacy.Item Social Network Analysis Using Machine Learning(Institute for Homeland Security, 2023-10-15) ABM Rezbaul Islam, PhD; Islam, Ahsan UlElectronic Mail (Email) has emerged as a widespread technique for exchanging messages through electronic devices, becoming an indispensable and universal communication medium. Its significance cannot be overstated, as an email address is vital for swift interactions in business, government, trade, entertainment, and various other aspacts of daily life. This mode of communication has progressively replaced traditional written methods for important correspondences, including personal and business trans- actions, where an email is given the same weight as a signed document. In social net- work analysis, a significant challenge lies in identifying essential and influential nodes within a network based on its structure. These nodes can be critical in information dissemination, decision-making processes, and network dynamics. Sentiment Analysis (SA) in text mining has emerged as an automated process to discern subjective information from textual data, such as opinions, attitudes, emotions, and feelings. While many existing approaches treat SA as a text classification problem, requiring labeled data for training machine learning models, obtaining such labeled data can be laborious and time-consuming, often requiring manual annotation efforts. Additionally, the need for transferability across different domains hinders using the same labeled data in diverse applications, necessitating the creation of unique labeled datasets for each part. Overcoming these challenges is crucial for sentiment analysis’s wider adoption and effectiveness in various realworld applications. The objective of the research is to analyze the Enron email dataset by creating a directed graph that represents the email communication network. Two important graph theory metrics are used to find out the number of direct connections (emails sent) for each sender and the influence of each sender as a bridge or critical point of communication in the network. On the other hand, we will use sentiment analysis to analyze the Enron email dataset using different type of pre-trained deep learning models to find the communication type for top ten email sender which we will find using graph theory.Item Unseen Threats to Texas Critical Infrastructure: The Risk to Buried Utilities and Targeted Policy Solutions to Protect them(Institute for Homeland Security, 2023-10-15) Dierker, BenjaminExcavation damage to underground infrastructure is a nationwide challenge. Ranging from a local nuisance to both lethal and regional crises, the damage and costs from buried facility strikes are almost entirely preventable. Texas is at unique risk because of its concentrated energy infrastructure, its considerable and growing population, and its competitive economy that ensures constant development activity. Each of these factors correlate to excavation damage and help explain why Texas routinely leads the nation in excavation damage incidents that disrupt critical energy and services. Billions of dollars in economic harm, waste, and inefficiency emanate from this issue and ripple throughout the Lone Star State every year. Solutions include systemic implementation of validated technology, adherence to best practices, and public policy reforms proven to reduce this damage to virtually zero – sparing lives, saving dollars, and protecting critical infrastructure.Item Deep Learning Approaches for Fingerprint Verification(Institute for Homeland Security, 2023-10-15) Dalvi, Nikita; Pham, Van VungFingerprint verification is vital because it provides a unique and permanent way to identify individuals. This technology is widely used in various areas like law enforcement, access control, and identity verification processes. Existing approaches for fingerprint verification tasks suffer from low accuracy due to training directly on low-quality and latent fingerprints. Therefore, this work proposes to utilize recent advancements in deep learning and computer vision to (1) enhance fingerprint image quality; (2) extract and verify that the minutiae are retained after enhancement; and (3) perform fingerprint verification tasks. Specifically, this work experiments with (1) Super-Resolution Convolutional Neural Network (SRCNN), Fast SRCNN, and Very Deep Super Resolution (VDSR) for fingerprint image enhancement; (2) Finger-Flow for minutia extraction; and (3) Siamese neural network for fingerprint verification. The experiment results indicate that among the experimented super resolution approaches, VDSR outperforms the others. Additionally, it can retain minutiae in the enhanced version and shows great potential to enhance latent fingerprints, which are less visible. Most importantly, the verification performances improve on the enhanced fingerprints versus low-resolution counterparts.Item Drones and Port Security at the Port of Brownsville(Institute for Homeland Security, 2023-10-15) Sullivan, John PThis technical paper recounts a geospatial drone security assessment for the Port of Brownsville, Texas (Brownsville Navigation District). The Port of Brownsville is a major intermodal transportation center and is expanding into a major venue for industrial development. The Port of Brownsville is the only deep-water port directly on the US-Mexico Border. The drone assessment will evaluate the threats posed by aerial drones/unmanned or uncrewed aerial systems (UAS) to the port; assess the potential effects of drones on port operations and port security; suggest potential counter measures (counter-UAS); provide an introduction to emerging drone threats, including unmanned/uncrewed vessels and ground vehicles; and drone swarms (or swarming attacks). The impact of various drone threats with port operations is discussed. Mechanisms for enhancing indications and warning, detection, and response to drone threats on the Port of Brownsville, and potential vehicles for sharing these threat data with other ports, port security personnel, law enforcement, and emergency responders will be discussed.Item Mitigating Cybersecurity Threats to Hospitals and Healthcare Facilities(Institute for Homeland Security, 2023-10-15) Lehmann, Peter S; Kinney, Alexander BHealthcare facilities rely heavily on digital information systems to deliver patient care and manage confidential patient information. However, healthcare networks and medical devices are highly vulnerable to attackers, who can use the information to victimize medical facilities as well as the patients themselves. The functioning of healthcare systems can be seriously impeded by cyberattacks, restricting information sharing among hospital personnel and delaying or preventing patient care. Although federal legislation and regulatory guidelines have been put forth to improve responses to cyberattacks and enhance patient information protections, the cybersecurity measures in place in many hospitals can be easily bypassed by motivated offenders via entry points in the facilities’ cybersecurity systems. In response to these threats to critical infrastructure, experts have proposed several risk mitigation strategies that healthcare facilities can employ to improve information technology systems and mitigate vulnerabilities associated with human factors. This report provides a summary of (1) the literature on the types and characteristics of cyberattacks most often perpetrated against healthcare providers, (2) the theory and research from criminology and criminal justice on the factors associated with cybercrime victimization risk, and (3) the best practices proposed by experts to help inform policymakers and healthcare professionals in Texas and nationwide.Item Enhanced Decision-Making Framework for the Southern States to Comply with the New Federal Retroreflectivity Pavement Rule(Institute for Homeland Security, 2023-10-15) Mousa, MomenRetroreflectivity plays a crucial role in pavement markings as it enhances nighttime visibility for drivers. Yet, due to budget constraints, many state U.S agencies including the Texas Department of Transportation (TxDOT) rarely monitor the retroreflectivity of their markings, and instead, restripe their markings based on visual inspection or fixed schedule (every two years). Such a strategy is questionable in terms of safety as markings are usually restriped after the end of their service life. To address this issue, in August 2022, the Federal Highway Administration (FHWA) announced a new final rule that requires state agencies to implement a method within four years for maintaining pavement marking retroreflectivity at or above minimum levels. Hence, the key objective of this study was to develop a simple tool for TxDOT and other Southern state and local agencies to help them comply with the new federal rule. To do so, pavement marking data from the National Transportation Product Evaluation Program (NTPEP) were retrieved and analyzed. Results indicated that the service life of standard water-borne paints varies significantly from 0 to 3.9 years according to the project conditions. Hence, a performance prediction model was developed with superior accuracy to predict the expected service life of standard waterborne paints based on the initial retroreflectivity value, traffic level, and marking color. This model can be used by TxDOT and other southern state agencies to determine the expected restriping time before the retroreflectivity drop below the minimum threshold, and hence, comply with the new federal rule.Item Detecting Deepfakes under Anti-forensics Attacks(Institute for Homeland Security, 2023-10-15) Liu, Qingzhong; Celebi, Naciye; Zhou, BingWhile AI is vastly evolving, wherein deepfake techniques may be used to generate more realistic faces, voices, and videos, many deepfake-based fraudulent cases are increasingly occurring. To combat deepfake-based forgery, several methods have been proposed wherein the most astonishing methods are based on convolution neural network (CNN). However, most intelligent detection systems are underrepresenting in exposing the deepfake images under anti-forensics attacks, e.g., rescaling the image, inserting noises, and compressing the image again. To our knowledge, it still falls short of an intelligent detection system being able to detect deepfake and other advanced image forgery together. Additionally, it falls short of a comprehensive comparison study on the latest deep learning models for the deepfake detection. In this study, we apply the latest deep learning models for deepfake detection under pos anti-forensics processing mixed with seam-carving and copy-move forgery images in JPEG. Our study shows that different deep learning models have different distinction capability. Experimental results show that some latest deep learning models are effective in detecting deepfake images under post anti-forensics processing in JPEG images, they are also performing well in detecting seam-carving and copy-move forgery. Our study also shows that it is relatively easy to detect deepfake compared to the detection of seam carving forgery detection under antiforensics processing in JPEG images.Item The Rise of Workplace Violence: Addressing Healthcare's Greatest Threat(2023-10-15) Clay, EricWorkplace violence (WPV), specifically Patient-Generated Violence (PGV) committed in healthcare facilities represents a significant threat to not only caregivers, but to access to quality healthcare and patient outcomes. PGV is the most common form of violence in the healthcare setting, occurring in emergency departments, inpatient units, behavioral health units, and home health settings. Current research has identified staff, environmental, and patient risk factors as the major precursors of WPV committed by patients. Healthcare workers experience significant physical and psychological consequences as a result of PGV. A review of the evidence, alongside interviews with industry thought leaders, was conducted to identify current evidence-based interventions that can help healthcare organizations eliminate or reduce incidents of PGV.Item A Crowded Sky: New Threats and Opportunities for Homeland Security in the Cislunar Economy(Institute for Homeland Security, 2023-10-15) Reese, NickHomeland security has not traditionally been thought of as a mission area supporting space activities. Homeland security organizations, however, have been long time consumers of space data and services. Today, the space domain has opened for commercial activity and geopolitical competition alike. The security of the homeland is closely tied to the security of the space domain across multiple risk factors. The homeland security field faces an opportunity to pivot to be more involved in government and commercial space activities by bringing its unique capabilities and authorities to bear against challenges that did not exist a decade ago. This paper will study the evolution of the space economy and the role it now plays in the security of the homeland.