Browsing Institute for Homeland Security by Title
Now showing 1 - 20 of 32
Results Per Page
ItemA Crowded Sky: New Threats and Opportunities for Homeland Security in the Cislunar Economy(Institute for Homeland Security, 2023-10-15) Reese, NickHomeland security has not traditionally been thought of as a mission area supporting space activities. Homeland security organizations, however, have been long time consumers of space data and services. Today, the space domain has opened for commercial activity and geopolitical competition alike. The security of the homeland is closely tied to the security of the space domain across multiple risk factors. The homeland security field faces an opportunity to pivot to be more involved in government and commercial space activities by bringing its unique capabilities and authorities to bear against challenges that did not exist a decade ago. This paper will study the evolution of the space economy and the role it now plays in the security of the homeland. ItemAssessing Critical Energy Infrastructure Using Geo-Spatial Technologies(Institute for Homeland Security, 2023-10-15) Leipnik, MarkThis paper discusses the use of Geographic Information Systems (GIS) in mapping and analysis of incidents related to security and integrity of critical energy infrastructure. It includes a discussion of what GIS and related geospatial technologies involve; sources of energy infrastructure related geo-spatial data. As the leading energy producing state, Texas has a major economic reliance on the energy sector and the energy sector uses GIS and related technologies. The energy sector uses GIS extensively for its ongoing needs, but it also faces a range of threats such as floods, winter storms, cyber-attacks, sabotage, vandalism, and physical attacks that can be mapped and analyzed with GIS. This paper shows the use of GIS to map examples of all these threats and analyzes their spatial distribution throughout the United States, but with a central focus on Texas. ItemComparative Analysis of NLP Model for Detecting Depression on Twitter(Institute for Homeland Security, 2023-10-15) Gupta, Khushi; Jinad, Razaq; Liu, QingzhongDepression is a serious mental health issue affecting a significant portion of the world’s population. With the widespread use of social media platforms, researchers have explored the possibility of utilizing natural language processing (NLP) techniques to detect signs of depression in users’ posts. In this paper, we present a comparative analysis of six different NLP models, namely BERT, RoBERTa, DistilBERT, ALBERT, Electra, and XLNet, for depression detection on Twitter data. The experiments compare the performance of different models, and the results reveal that the highest-performing models include XLNet, DistilBERT, and RoBERTa with accuracies of over 99%. ItemConvergence of Mission and Moment: Imagining the Emerging Technology Analyst(Institute for Homeland Security, 2023-10-15) Reese, NickThe Department of Homeland Security (DHS) was built to prevent terror attacks in the homeland and its culture and structure reflect its birth in 2002. Unlike the world changing event that created DHS, the gradual fading of the terror threat has left it misaligned to respond to new nation-state sponsored threats. The homeland security mission is at a true inflection point as it looks for new ways to use its capabilities and authorities while the central force driving global competition is being established. Just as the field of cyber was being established in the late 1990s and early 2000s in response to new threats, so too must the field of emerging technology be developed today. Examining the realities of the world today, we see the need for professionals who specialize in how emerging technologies create risks and opportunities in a way that is distinct from how cyber professionals do the same for the cyber domain. This work examines the geopolitical reality and how it reflects on the homeland. It goes a step further by conducting a comparative analysis between current cyber analyst requirements and skills and what would be required for an equivalent emerging technology analyst. This analysis informs governments, academia, and industry by creating a baseline from which emerging technology professionals can be created and evaluated with direct application on practitioners in critical infrastructure. ItemConvergence of Mission and Moment: Imagining the Emerging Technology Analyst(Institute for Homeland Security, 2023-10-15) Reese, NickThe Department of Homeland Security (DHS) was built to prevent terror attacks in the homeland and its culture and structure reflect its birth in 2002. Unlike the world changing event that created DHS, the gradual fading of the terror threat has left it misaligned to respond to new nation-state sponsored threats. The homeland security mission is at a true inflection point as it looks for new ways to use its capabilities and authorities while the central force driving global competition is being established. Just as the field of cyber was being established in the late 1990s and early 2000s in response to new threats, so too must the field of emerging technology be developed today. Examining the realities of the world today, we see the need for professionals who specialize in how emerging technologies create risks and opportunities in a way that is distinct from how cyber professionals do the same for the cyber domain. This work examines the geopolitical reality and how it reflects on the homeland. It goes a step further by conducting a comparative analysis between current cyber analyst requirements and skills and what would be required for an equivalent emerging technology analyst. This analysis informs governments, academia, and industry by creating a baseline from which emerging technology professionals can be created and evaluated with direct application on practitioners in critical infrastructure. ItemCountering Workplace Violence in Healthcare: Voices from the Field(Institute for Homeland Security, 2023-10-15) Denham, Magdalena A; Denham, Mark VOverall, the U.S. healthcare system has the highest workplace violence (WPV) rates of any occupational setting in the United States. Specifically, among 25,000 incidents of WPV reported annually, 75% percent occur in the healthcare system. Workers in healthcare are four times more likely to be victimized than workers in other private industries. ItemCyber-Security Threat: Benchmarking Cybersecurity Response Procedure for Hospitals in Texas(Institute for Homeland Security, 2023-10-15) Shashidhar, Narasimha K; Varol, Cihan; Gupta, Khushi ItemDeep Learning Approaches for Fingerprint Verification(Institute for Homeland Security, 2023-10-15) Dalvi, Nikita; Pham, Van VungFingerprint verification is vital because it provides a unique and permanent way to identify individuals. This technology is widely used in various areas like law enforcement, access control, and identity verification processes. Existing approaches for fingerprint verification tasks suffer from low accuracy due to training directly on low-quality and latent fingerprints. Therefore, this work proposes to utilize recent advancements in deep learning and computer vision to (1) enhance fingerprint image quality; (2) extract and verify that the minutiae are retained after enhancement; and (3) perform fingerprint verification tasks. Specifically, this work experiments with (1) Super-Resolution Convolutional Neural Network (SRCNN), Fast SRCNN, and Very Deep Super Resolution (VDSR) for fingerprint image enhancement; (2) Finger-Flow for minutia extraction; and (3) Siamese neural network for fingerprint verification. The experiment results indicate that among the experimented super resolution approaches, VDSR outperforms the others. Additionally, it can retain minutiae in the enhanced version and shows great potential to enhance latent fingerprints, which are less visible. Most importantly, the verification performances improve on the enhanced fingerprints versus low-resolution counterparts. ItemDeepGray: A Novel Approach to Malware Classification Using Grayscale Images with Deep Learning(Institute for Homeland Security, 2023-10-15) Polsani, Harshitha; Jiang, HaodiIn the ever-evolving landscape of cybersecurity, the threat posed by malware continues to loom large, necessitating innovative and robust approaches for its effective detection and classification. In this paper, we introduce a novel method, DeepGray, for multi-class malware classification utilizing grayscale images and the power of deep learning. Our dataset combines the malware sample from the BODMAS dataset and the benign sample from the DikeDataset. Our approach involves transforming executable files into a format suitable for deep learning by converting them into grayscale images while retaining the essentialdata characteristics. During the data preprocessing step, applied Principal Component Analysis (PCA) was applied to distill the most significant features. To achieve state-of-the-art results in multi-class malware classification, we harnessed the power of deep learning and transfer learning, employing well-established neural network architectures such as a customized Convolutional Neural (CNN), VGG16, EfficientNet, and Vision Transformers (ViT). The models were meticulously trained and rigorously evaluated using a 5-fold cross-validation methodology. Notably, our approach yielded remarkable results, with ViT achieved an impressive accuracy of 0.95. This research underscores the potential of grayscale image analysis and deep learning within the domain of multi-class malware classification. The insights derived from this study contribute significantly to the field of cybersecurity and pave the way for further advancements in the realm of malware detection and classification. ItemDetecting Deepfakes under Anti-forensics Attacks(Institute for Homeland Security, 2023-10-15) Liu, Qingzhong; Celebi, Naciye; Zhou, BingWhile AI is vastly evolving, wherein deepfake techniques may be used to generate more realistic faces, voices, and videos, many deepfake-based fraudulent cases are increasingly occurring. To combat deepfake-based forgery, several methods have been proposed wherein the most astonishing methods are based on convolution neural network (CNN). However, most intelligent detection systems are underrepresenting in exposing the deepfake images under anti-forensics attacks, e.g., rescaling the image, inserting noises, and compressing the image again. To our knowledge, it still falls short of an intelligent detection system being able to detect deepfake and other advanced image forgery together. Additionally, it falls short of a comprehensive comparison study on the latest deep learning models for the deepfake detection. In this study, we apply the latest deep learning models for deepfake detection under pos anti-forensics processing mixed with seam-carving and copy-move forgery images in JPEG. Our study shows that different deep learning models have different distinction capability. Experimental results show that some latest deep learning models are effective in detecting deepfake images under post anti-forensics processing in JPEG images, they are also performing well in detecting seam-carving and copy-move forgery. Our study also shows that it is relatively easy to detect deepfake compared to the detection of seam carving forgery detection under antiforensics processing in JPEG images. ItemDrones and Port Security at the Port of Brownsville(Institute for Homeland Security, 2023-10-15) Sullivan, John PThis technical paper recounts a geospatial drone security assessment for the Port of Brownsville, Texas (Brownsville Navigation District). The Port of Brownsville is a major intermodal transportation center and is expanding into a major venue for industrial development. The Port of Brownsville is the only deep-water port directly on the US-Mexico Border. The drone assessment will evaluate the threats posed by aerial drones/unmanned or uncrewed aerial systems (UAS) to the port; assess the potential effects of drones on port operations and port security; suggest potential counter measures (counter-UAS); provide an introduction to emerging drone threats, including unmanned/uncrewed vessels and ground vehicles; and drone swarms (or swarming attacks). The impact of various drone threats with port operations is discussed. Mechanisms for enhancing indications and warning, detection, and response to drone threats on the Port of Brownsville, and potential vehicles for sharing these threat data with other ports, port security personnel, law enforcement, and emergency responders will be discussed. ItemEnhanced Decision-Making Framework for the Southern States to Comply with the New Federal Retroreflectivity Pavement Rule(Institute for Homeland Security, 2023-10-15) Mousa, MomenRetroreflectivity plays a crucial role in pavement markings as it enhances nighttime visibility for drivers. Yet, due to budget constraints, many state U.S agencies including the Texas Department of Transportation (TxDOT) rarely monitor the retroreflectivity of their markings, and instead, restripe their markings based on visual inspection or fixed schedule (every two years). Such a strategy is questionable in terms of safety as markings are usually restriped after the end of their service life. To address this issue, in August 2022, the Federal Highway Administration (FHWA) announced a new final rule that requires state agencies to implement a method within four years for maintaining pavement marking retroreflectivity at or above minimum levels. Hence, the key objective of this study was to develop a simple tool for TxDOT and other Southern state and local agencies to help them comply with the new federal rule. To do so, pavement marking data from the National Transportation Product Evaluation Program (NTPEP) were retrieved and analyzed. Results indicated that the service life of standard water-borne paints varies significantly from 0 to 3.9 years according to the project conditions. Hence, a performance prediction model was developed with superior accuracy to predict the expected service life of standard waterborne paints based on the initial retroreflectivity value, traffic level, and marking color. This model can be used by TxDOT and other southern state agencies to determine the expected restriping time before the retroreflectivity drop below the minimum threshold, and hence, comply with the new federal rule. ItemEnsuring the Cybersecurity of Texas’ Critical Infrastructures(Institute for Homeland Security, 2023-10-15) Nodeland, BrookeThe daily threat of cyber-attacks on Texas’ critical infrastructure present significant challenges for public and private critical infrastructure providers. COVID-19 related supply chain issues provided insight into the catastrophic effects that could be caused by a cyber-attack on the transportation sector. These disruptions effect our ability to distribute products and medical necessities as well as essential personnel in times of crisis. Protecting the state’s transportation, energy, and chemical cyber networks is imperative in ensuring the sustainability of daily life and business continuity in the event of a cyber-attack. Of additional concern is a growing reliance on cyber-based control, navigation, tracking, positioning, and communications systems creating ample opportunities for exploitation of the transportation cyber systems on which industry have become dependent (Transportation Systems Sector-Specific Plan, 2015). The cyber security of the energy sector ensures the health and welfare of Texans by ensuring steady energy is supplied via electricity, oil and other natural gas resources. The energy infrastructure is primarily owned in the private sector, supplies fuel to the transportation industry, and electricity to businesses and households. Recent ransomware attacks aimed at Western targets, including the energy sector, continue to pose challenges in cybersecurity (Montague, 2023). The recent accidental chemical spill in Ohio also provides insight into the possible outcomes of an intentional cyber-attack against this infrastructure. The regular operations of the chemical sector are imperative to the economic and manufacturing health of state and often involves transporting dangerous chemicals on which other critical infrastructures are dependent (Introduction to the Chemical Sector Risk Management Agency, n.d.). Cyber threats are of particular concern in Texas, where large corporations continue to relocate, and the population continues to climb. It is imperative industry leaders are able to recognize and identify their cyber risks to develop prevention strategies and respond to cyberattacks more quickly and effectively. Disruptions to critical infrastructures could lead to theft of intellectual property; supply chain disruption; electricity disruption; loss of operations capacity; or chemical theft, diversion, or release (Introduction to the Chemical Sector Risk Management Agency, n.d.). Texas’ industrial vulnerability to cyber-attacks through phishing, ransomware, and malware pose significant threats to the security of critical infrastructures. Securing networks against internal and external cyber-attacks requires industry leaders to be proactive and reactive in their approach. The proposed paper seeks to present a translational synthesis of the existing literature regarding best cybersecurity practices for securing critical infrastructure in Texas. In doing so, agencies will be able to better align and prioritize cybersecurity initiatives with industry missions, risk tolerance, and resources (Cybersecurity, C.I., 2018). This review will also include recommendations for improving risk readiness for the transportation, energy, and chemical industry in the state moving forward. ItemExamining Use Cases for Drones (UAS/RPAS) at the Texas Medical Center(Institute for Homeland Security, 2023-10-15) Allen, Bryce SThe Texas Medical Center (TMC) is the largest medical center in the world, with over 50 million square feet of developed land. With that size and notoriety come unique threats and challenges. As the TMC continues growth in size, and in technological advancement, an emphasis should be placed on how to utilize technologies already being integrated effectively in other critical sectors to support the growth of the TMC. One area of potential is the use of unmanned/un-crewed aircraft systems (UAS), more commonly known as drones, in supporting critical infrastructure inspection, testing, and preventative maintenance. Further, drone use for security of facilities, people, and high-risk areas is examined. This paper focuses on expanding on these potential use cases by exploring drone use in other industries that support the TMC (i.e., energy), and how to effectively integrate drone technologies while mitigating common concerns for safety and privacy. ItemForensic Digital Data Sanitization: A Guide for Small and Medium-Sized Businesses(Institute for Homeland Security, 2023-10-15) Shashidhar, Narasimha K ItemImproving Texas Homeland Security: A Practical Framework for Joint Hospital-Chemical Industry Emergency Planning(Institute for Homeland Security, 2023-10-15) Mastrangelo, MikeGiven the high concentration of petroleum and chemical industry in Texas, a new approach to joint industry/hospital planning for the healthcare response to chemical accidents is needed. The novel aspect of this framework is that it applies the concepts of a chemical risk assessment – and a risk prioritization to readiness - and adds to the risk assessment process the need and availability of medical countermeasures. In treating chemical incidents, it is imperative that the patient get to the right hospital as quickly as possible. The right hospital means that the hospital has conducted joint planning and exercises with the industry. The hospital knows what chemicals are used at the plant, they know how to treat the injuries, and they have the correct medical countermeasures for the chemicals involved. To illustrate the importance of this concept, in a 1986 incident a plant worker was exposed to hydrogen fluoride gas. He was first transported to a nearby nursing home for oxygen. When this was not effective, he was transported to a small community hospital. When they realized they could not care for him he was again transported to a regional hospital that had the ability to treat the patient, but unfortunately too much time had passed, and the patient died shortly after arrival. If taken to the right hospital first, he would have survived. The proposed framework for joint industry/hospital planning will be described and can be used in a practical way for planning, training, and exercise development at any Texas location that includes chemical industry and a nearby hospital. The basic process is: • Conduct an inventory of toxic industrial chemicals in use and do a risk prioritization of those chemicals (based on volume and toxicity) • Determine if specific medical countermeasures (MCM) are required for medical treatment for priority risk chemicals • Model release scenarios to estimate the volume of medical countermeasures that might be needed • Inventory the volume of that MCMs available in the region, if sufficient supplies are not available – work with Industry on contingencies • Conduct joint planning and exercises with industry for occupational exposures and community exposures guided by modeled scenarios The work presented is based on work done with a gasoline refinery in Texas. The plant uses large volumes of Hydrogen Fluoride in their process. Calcium Gluconate is the medical countermeasure needed for treatment, but it had been on the National Pharmaceutical Shortage list and generally is not held by hospitals in large volumes. Joint readiness would benefit workers at the plant that might suffer occupational exposure, but it would also be applicable to a larger release that could affect the fence-line community. An incentive to the Chemical Sector to collaborate with the Healthcare Public Health Sector would be the potential for better healthcare treatment for either occupational or community exposures and therefore the possible mitigation of damage from a release incident. While cross-sector planning and exercises between the 6 Chemical Sector and Healthcare Public Health Sector would make sense, a search for examples provides no specific examples. ItemMitigating Cybersecurity Threats to Hospitals and Healthcare Facilities(Institute for Homeland Security, 2023-10-15) Lehmann, Peter S; Kinney, Alexander BHealthcare facilities rely heavily on digital information systems to deliver patient care and manage confidential patient information. However, healthcare networks and medical devices are highly vulnerable to attackers, who can use the information to victimize medical facilities as well as the patients themselves. The functioning of healthcare systems can be seriously impeded by cyberattacks, restricting information sharing among hospital personnel and delaying or preventing patient care. Although federal legislation and regulatory guidelines have been put forth to improve responses to cyberattacks and enhance patient information protections, the cybersecurity measures in place in many hospitals can be easily bypassed by motivated offenders via entry points in the facilities’ cybersecurity systems. In response to these threats to critical infrastructure, experts have proposed several risk mitigation strategies that healthcare facilities can employ to improve information technology systems and mitigate vulnerabilities associated with human factors. This report provides a summary of (1) the literature on the types and characteristics of cyberattacks most often perpetrated against healthcare providers, (2) the theory and research from criminology and criminal justice on the factors associated with cybercrime victimization risk, and (3) the best practices proposed by experts to help inform policymakers and healthcare professionals in Texas and nationwide. ItemMobile Emergency Power During and After Natural Disasters and Shortages(Institute for Homeland Security, 2023-10-15) Karan, EbrahimThis study explores the potential utilization of electric school buses as an alternative emergency power source during power outages. With the increasing adoption of electric vehicles and advancements in energy storage technologies, repurposing electric school buses for emergency power generation presents a novel approach to addressing critical energy needs in times of crisis. This research investigates the technical feasibility, economic viability, and operational effectiveness of integrating electric school buses into emergency power systems. Through simulations and scenario analyses, the study examines the capacity of electric school buses to provide backup power over various durations, considering factors such as battery degradation, energy demand, and vehicle availability. Furthermore, the research evaluates the economic implications, including the cost-effectiveness of retrofitting and upgrading existing school bus fleets, and the potential revenue streams from participating in demand response programs and grid services. The findings of this study reveal that electric school buses have the potential to significantly enhance emergency preparedness and response capabilities. Although this alternative is technically feasible, it may not be financially justifiable for several reasons such as higher upfront costs, charging infrastructures, operational complexity, and the complexity of the policies and regulations involved in running the grid. ItemRationale and Process for Continuity of the Economy(Institute for Homeland Security, 2023-10-15) Ruddell, BenjaminA regional economy is a vibrant ecosystem comprising critical infrastructures and economic agents like power and telecommunications, ports and logistics, networks of producers and suppliers, human capital, and government agencies. In the increasingly connected and chaotic global economy, resilient regional economies must implement economic development and regulatory policies that ensure "Continuity of the Economy" (COTE) during major social, economic, or environmental shocks. COTE requires that all providers and operators of critical infrastructures and critical functions establish adequate capacity to self recover after a major disruption and prepare adequate input supply chain buffers so that supplier disruptions do not take down critical services before the economic network can recover itself. Non-critical suppliers support interdependent critical infrastructures, blurring the artificial lines between critical and non-critical sectors and highlighting the need for a cross-cutting whole-of-economy approach instead of a sectoral approach to preparedness. This whole-of-economy planning and preparation is made possible by implementing a recurring community-based participatory process that maps supply chains, measures buffers and recovery requirements, and connects critical infrastructure service providers and recovery responders directly with suppliers to share recovery priorities and plans. This participatory process also screens out non-critical suppliers that are not necessary in the short term to recover or sustain critical infrastructures and critical functions during a major disruption, enabling recovery operations to focus on critical infrastructures and critical suppliers and speed recovery. Establishing adequate supply chain buffer time and inside-out recovery capacity are identified as the key foci for COTE preparedness. COTE is an all-hazard approach to resilience and preparedness that complements existing economic development, five-year emergency planning, cyber preparedness, and emergency management processes. ItemResilience to High Consequence Cascading Failures of Critical Infrastructure Networks(Institute for Homeland Security, 2023-10-15) Mouco, Arthur; Ruddell, Benjamin L.; Ginsburg, SusanCritical infrastructure networks such as telecommunications, power, water, natural gas, diesel, transportation, and cyber networks are interdependent with one another, forming a vast and dauntingly complex web of institutions and physical systems that must be engineered and secured for reliability. No single utility operator, engineering consultant, emergency management organization, financial institution, or local, regional or other government entity is capable of understanding, monitoring, or managing the whole system. Yet, failures are unavoidable, and when those failures cascade through the network the result may be high-consequence cascading “catastrophes” or Black Swan events. In one recent and tragic example, the February 13–17, 2021 Winter Storm Uri in Texas initiated a failure in the natural gas production system that cascaded first to the natural gas power generation system and then to the wider ERCOT power system, the water distribution system, and the petrochemical industry of Texas. No single system operator was responsible, and yet the consequences – including fatalities, recovery challenges, regulatory attention, and extreme costs – are everyone’s problem. As networked interdependencies grow, the likelihood of cascading failures has increased accordingly, necessitating technical solutions tailored to this problem. This report introduces the basic principles of interdependent critical infrastructure networks and reviews approaches for analyzing and mitigating the vulnerability of the network to make it resilient. Resilience and reliability in critical infrastructures are complementary and orthogonal. In resilient networks, the inevitable failures due to “all hazards” stay small and don’t become catastrophes.