Bacterial Carrier for DNA encoded data and Detection Approaches for Bio-cyber attack

Siblee Islam, Mohd (2023) Bacterial Carrier for DNA encoded data and Detection Approaches for Bio-cyber attack. Doctoral thesis, SETU Waterford.

[thumbnail of Siblee_PhD_thesis_final_submission.pdf] Text

Download (9MB)


Internet of Bio-nano Things is the idea of using various bio-compatible nano and micro scale devices in the body that create networks and can connect to the existing cyber world. In recent research, bacteria are proposed as nano scale devices for such communication utilizing various existing characteristics of them or by introducing new properties with the help of genetics engineering. Therefore, in the future, bacteria can be used as information carriers, transmitters, receivers, nano devices, sensors, etc. The major advantage of using such devices is that the devices will be bio-compatible and no external conventional energy sources will be required to operate them. Bacterial traits such as mobility and conjugations have been proposed for data transmission in the recent past. But most of the techniques involve sending one bit at a time using diffusion of bacteria. The first contribution of this PhD research is to propose a novel data transmission technique using bacterial mobility and bioluminescent properties, where we can send two bits at a time. A common technique for bacterial data transmission is encoding the message in bacterial DNA, especially plasmid DNA, so that the bacteria will reach the receiver and offload the information into another bacteria by conjugation. We can assume that to read this information, a DNA sequence will be required. Moreover, many research studies have been performed on storing data in DNA as it shows immense promise of data storage without requiring any external energy. Sequencing pipelines are used in the decoding process of such stored data. In recent years, due to various needs (e.g., COVID-19), DNA sequencing has become quite common, and the number of applications that require DNA sequence is also growing day by day. Unfortunately, very little attention has been given to the possibility of vulnerabilities and the exploitation in the DNA sequencing pipelines. This doctoral research also contributes towards securing the DNA sequencing pipeline so that we can ensure secure data transmission in bio-nano communication. In a recent research, the buffer overflow vulnerability in a tool in a DNA sequencing pipeline can be exploited using specially designed DNA. An attacker can attempt to insert malicious payload inside the DNA sequence in order to compromise the DNA sequencing pipeline. Further investigation is necessary to validate whether in a real world scenario, the malicious payload encoded into DNA can reach a sequencer after placing them into live bacterial plasmids. It is also very important to create countermeasures to detect such a sequence and use that detection mechanism as a safeguard for the DNA sequencing pipeline. So, in our research, we have conducted an end to end evaluation of detecting malicious input for the buffer overflow exploit in the DNA sequencing pipeline. A machine learning based input control is proposed to classify every read of the sequencer machine to check if it contains any part of the encoded malicious payload. If detected, further processing can be terminated to protect the pipeline downstream from being hacked. For the machine learning solution, a Case Based Reasoning (CBR) approach is proposed. We achieved promising results where the performance improved with the increase in the number of cases in the case library. Furthermore, wet lab experiments were conducted to verify whether the encoded malicious payload can be sustained after sequencing if they are inserted into living bacteria. The experiment involved bacteria with malicious payload inserted in plasmid DNA to be sprayed over different materials, which were then collected for sequencing. These experimental results demonstrated that such malicious payload can successfully reach the sequencing pipeline. For the buffer overflow exploit scenario, simple detection techniques, such as CBR, can be sufficient where natural DNA sequences are expected, as the insertion of malicious input can make the DNA sequence quite unnatural. However, to make the detection harder, we came up with a novel scenario of Trojan based attack in the DNA sequencing pipeline where the DNA sequence with malicious data will remain very natural. The assumption is that, the DNA sequence pipeline tool will already be affected by a Trojan and remain dormant. The Trojan will only be triggered with a specific input signal and the same signal is then used to compromise the target. The benefit of this scenario is that fragmentation, encryption and steganography can be applied to the malicious input signal and inserted into a natural DNA. A stateof- the-art bio-informatics algorithm was used to estimate the difference between sequence with malicious input and the original DNA sequence for various size of fragmentation, retention positions for steganography and various encryption keys. In order to keep the DNA close to original, The best possible locations for fragment insertions is chosen to control mutations. An end-to-end evaluation is also performed for Trojan attack scenario, where deep learning based technique is proposed as a detection method for input control mechanism. We achieved up to 100 percent accuracy in detection using the proposed technique. Even after applying smaller fragment size, encryption, and higher retention to make detection much harder, the accuracy remained very high. For scenarios with encrypted malicious input, the accuracy was higher with the knowledge of the encryption key the accuracy compared to having no prior knowledge about the key.

Item Type: Thesis (Doctoral)
Uncontrolled Keywords: DNA encoded data, Bio-cyber attacks
Departments or Groups: *NONE OF THESE*
Divisions: School of Science > Department of Computing, Maths and Physics
Depositing User: Derek Langford
Date Deposited: 27 Sep 2023 13:01
Last Modified: 27 Sep 2023 13:01

Actions (login required)

View Item View Item