School of Computing faculty publish new paper on cyberbiosecurity using digitally encoded DNA

Witawas Srisa-an and Sasitharan Balasubramaniam
Witawas Srisa-an and Sasitharan Balasubramaniam

Two School of Computing faculty have co-authored a newly published paper that examines the emerging and expanding interdisciplinary field of cyberbiosecurity.

The paper, “Using Deep Learning to Detect Digitally Encoded DNA Trigger for Trojan Malware in Bio-Cyber Attacks,” was co-authored by senior associate director and professor Witawas Srisa-an and associate professor Sasitharan Balasubramaniam. Other co-authors included Srivatsan Kidambi of the University of Nebraska–Lincoln’s Department of Chemical and Biomolecular Engineering, and researchers from the South East Technological University, Ireland, and Munster Technological University in Cork, Ireland.

The paper explores the concept of "biohacking,” in which an attack is conducted both from the cyber and biological domain. The paper also examines the use of deep learning technologies to safeguard DNA sequencing against such attacks.

“The aim here is that we will encode certain information into the DNA, and this will be analyzed by a sequencer that is connected to a computer infected with trojan software in order to act as a trigger that can allow multiple external hackers to gain access to genetic data,” Balasubramaniam said.

The scenario considered in the paper involves perpetrators submitting synthetically engineered DNA samples embedded with the digitally encoded IP address and port number of the perpetrator’s machine. Genetic analysis of the DNA would decode the address used by the trojan malware, which would trigger and activate a remote connection. This method could allow multiple perpetrators to create connections and ultimately hijack the DNA sequencing pipeline.

“A hacker could come in and manipulate any genetic data that is being sequenced,” Balasubramaniam said. “You can imagine the massive consequences if such a thing happened.”

Such massive consequences could even be achieved through very small and concealed messages.

“There is increased connectivity of genetic analysis systems connected to the cyber-infrastructure, which could open new opportunities for hackers to make use of it to perform cyber-attacks” said Srisa-an. “In our work, we showed that a very short message, such as the IP address and port number, can be encoded and hidden quite efficiently into a DNA strand using steganography techniques.”

In addition to bio-hacking techniques, the paper also studies how deep learning can be used to protect the DNA sequencing pipeline from such trojan attacks. Results showed nearly 100 percent accuracy in detection this type of scenario.

Congratulations to Dr. Srisa-an and Dr. Balasubramaniam on this outstanding publication!