2017 Digital Entertainment Conference, 11-5 Sat. April 8, UMBC

UMBC’s Game Developers Club will hold its twelfth annual Digital Entertainment Conference from 11:00-5:00 on Saturday April 11 in the UMBC Commons. Come learn about the game industry from local game developing companies. High school students, college students, aspiring game developers, and game developers are all welcome.

  • Meet professionals in the game industry
  • Learn the latest in game art, code and technology
  • Network with local game developers

Lunch will be provided. If you have any questions, send email to

Parking: You can park in any A, B, or C lot on UMBC Campus. The closest parking garage is the Commons Parking garage on Commons Drive inside the UMBC Hilltop Circle.

If you have any questions, send email to

talk: Hacking, Security, and Technology In Public Consciousness: The Effects of Myth, 1pm 3/31

Hackers is a 1995 American film that follows a group of high school hackers and their involvement in a corporate extortion conspiracy.
An image from Hackers, a 1995 film that followed a group of high school hackers and their involvement in a corporate extortion conspiracy

 

UMBC CSEE Seminar Series

Hacking, Security and Technology In Public Consciousness:
The Effects of Myth

Dr. Richard Forno

Assistant Director, UMBC Center for Cybersecurity
Director, UMBC Cybersecurity Graduate Program

1-2pm, Friday, 31 March 2017, ITE 231

Public portrayals of the digital landscape, particularly through the entertainment mass media and product marketing, can have a profound influence on how the general public perceives the strengths and limitations of technology. Over time, these images, stereotypes and dramatized capabilities are replicated across texts and repeated until, rightly or wrongly, they become the default paradigm for mass understanding of the complex and ever-changing modern technological environment.

For example, one only needs to observe legislative bodies or watch mainstream news media trying to come to understand issues such as encryption, cybersecurity, or even pluralistic applications of the term “to hack” to see just how deeply the stereotype of the god-like yet overweight and socially maladjusted (often male) ‘hacker’ have penetrated popular perceptions. Metaphors like this that act as a useful shorthand in fictional storytelling do not make a good reference basis for policy statements or national decision-making — however, when such sensationalized and/or fictional depictions overshadow more sophisticated or nuanced descriptions of those capabilities in actual practice, it is understandable why unrealistic expectations and unworkable proposals for technology – like “good-guys only” encryption backdoors – continue being proposed.

Drawing on examples from the media and politics, this presentation explores the connections between decades-old media tropes around technology/technologists and current technology debates, especially those related to cybersecurity and cyberwarfare. This interpretively analyzed presentation argues that perception is just as important as performance in terms of outcomes and acknowledges that the models used by mass society, including policy makers, to understand early digital innovations are part of a wider set of mass cultural messages have served a purpose — but now need to be either dispelled or updated. Addressing the assumptions and inaccuracies of these shared media-fueled perceptions of the emerging digital society is an important part of understanding and then working to overcome conflicts between technology and policy.

(This presentation, and its related paper, are part of ongoing research collaborations between Dr. Forno (security) at UMBC and Dr. Erika Pearson (media/comms) of Massey University in Wellington, NZ)

 

Dr. Richard Forno is a Senior Lecturer in the UMBC Department of Computer Science and Electrical Engineering, where he directs the UMBC Graduate Cybersecurity Program and serves as the Assistant Director of UMBC’s Center for Cybersecurity. His twenty-year career spans the government, military, and private sector, including helping to build the first formal cybersecurity program for the U.S. House of Representatives, serving as the first Chief Security Officer for Network Solutions (operator of the InterNIC), and co-founding the CyberMaryland conference. Dr. Forno was also one of the early thought leaders on the subject of “information warfare” and he remains a longtime commentator on the influence of Internet technology upon society.

Organizer: Tulay Adali, Host: Alan Sherman

About the CSEE Seminar Series: The UMBC Department of Computer Science and Electrical Engineering presents technical talks on current significant research projects of broad interest to the Department and the research community. Each talk is free and open to the public. We welcome your feedback and suggestions for future talks.

Wikileaks hack highlights importance of cyberdefense basics, UMBC experts write

The Central Intelligence Agency’s latest leak is the most recent major hack exposing information that could possibly compromise national security. In The Conversation, Anupam Joshi and Rick Forno, explain that this hack is a reminder of how cyberdefense strategies must be continually improved to ensure sensitive information is protected.

Joshi is a professor and chair of the department of computer science and electrical engineering and director of UMBC’s Center for Cybersecurity, and Forno is the assistant director of the UMBC Center for Cybersecurity and director of UMBC’s graduate program in cybersecurity. Their latest article has been republished by media across the globe and has been read more than 20,000 times.

“This round of leaks, of documents dating from 2013 to 2016,…reinforces perhaps the most troubling piece of information we already know: Individuals and the government itself must step up cyberdefense efforts to protect sensitive information,” write Joshi and Forno.

They ask readers to consider the risk to security and privacy compared with the benefits and convenience of modern technologies. “As citizens, we must decide what level of risk we — as a nation, a society and as individuals — are willing to face when using internet-connected products.”

Any electronic device connected to the internet is susceptible to a cyber attack, Joshi and Forno go on to explain, noting, “It’s not necessarily a good idea to have always-on and network-enabled microphones or cameras in every room of the house.”

Joshi also spoke with CBS Baltimore about how hacks can impact technologies consumers use every day, such as cars that now feature high tech navigation and entertainment systems. “The more electronic gizmos you have in your car, the newer the car you have, the more you’re connected to the network with your car, the greater the probability something can be done to your car,” he explained. Still, he noted, a hacker would need to have advanced technical knowledge and, likely, close proximity to the car to carry out such an attack.

To ensure that sensitive information is protected, Joshi and Forno say that focusing on “the mundane tasks of cyberdefense” is essential to maintaining security for everyone, from government to individuals, although they emphasize that no internet-connected technologies are immune to cyber hacks. Ultimately, they write, “Keeping others out of key systems is crucial to American national security, and to the proper function of our government, military and civilian systems.”

Read the full article in The Conversation, and watch the complete interview on CBS Baltimore.  Adapted from an article in UMBC News.

Microsoft launches competition to create collaborative AI system to play Minecraft

 

A Microsoft Research team challenged PhD students to craft an advanced AI-based system that can collaborate with people in playing the popular Minecraft game, offering three $20K prizes. Minecraft was chosen because it offers an environment that, which relatively simple in some ways, it requires advances in areas that are still difficult for artificial computer agents to handle. The challenge asks questions like the following.

“How can we develop artificial intelligence that learns to make sense of complex environments? That learns from others, including humans, how to interact with the world? That learns transferable skills throughout its existence, and applies them to solve new, challenging problems?”

Microsoft’s Project Malmo addresses them by integrating deep reinforcement learning, cognitive science, and many AI ideas. The Malmo platform a sophisticated AI experimentation system built on top of Minecraft that is designed to support fundamental research in artificial intelligence.

A recentTechRepublic article, Microsoft competition asks PhD students to create advanced AI to play Minecraft, describes the competition and quotes UMBC Professor Marie desJardins on the project.

“Marie desJardins, AI professor at the University of Maryland, Baltimore County, sees Minecraft as an ‘interesting and challenging problem for AI systems, because of the fundamental complexity of the game environment, the open-ended nature of the scoring system, and the opportunity to collaborate with other game players (AIs or humans).’

But desJardins also raises concerns when it comes to these competitions. ‘Who owns the resulting intellectual property?” she asked. “Are these kinds of contests the best way for grad students to spend their time? Do these competitions foster or decrease diversity? Who ultimately profits from the contests?'”

The Malmo challenge is open to PhD students who register by April 14, 2017. After registration, teams of one to three members are given a task that consists of one or more mini-games. The goal is to develop an AI solution that learns how to work with other, randomly assigned players to achieve a high score in the game. Participants submit their solutions to GitHub by May 15, including a one-minute video that shows off the AI agent and summarizes what is interesting about their approach.

 


Microsoft’s Katja Hofmann discusses Project Malmo

Free screening: CODE: Debugging the Gender Gap, 3-5 Fri 3/31, UMBC

Join the UMBC Computer Science Education Club and the Center for Women in Technology for a free screening of the award winning film, CODE: Debugging the Gender Gap. The documentary exposes the dearth of American female and minority software engineers and explores the reasons for this gender gap. CODE raises the question: what would society gain from having more women and minorities code?

CODE will be screened on Friday March 31 at 3:00-5:00pm in ITE 104.  A discussion about the film will immediately follow the screening. Snacks will be provided!  RSVP via myUMBC to let the organizers know you will be there on Friday 3/31!.

Here’s a trailer for the film:

talk: Phase synchrony in heart-brain interactions predicts personality and emotions, 1pm 3/17

UMBC CSEE Seminar Series

Phase synchrony in heart-brain interactions predicts personality and emotions

Ehsan Shokri Kojori
NIH, National Institute on Alcoloh Abuse and Alcoholism

1:00-2:00pm Friday, 17 March 2017, ITE 231

Despite the historical interest in the link between brain and heart, it is unknown whether brain and heart interactions provide meaningful information about emotions and personality. Here we studied the phase and amplitude of coherence between cardiac pulse and resting state fMRI signals in 203 subjects. We show low-frequency (LF, < 0.1 Hz) components of the resting-state networks (RSN) share significant content with corresponding components in physiological recordings. We found LF cardiovascular components precede those in RSNs, and LF respiratory components follow those in RSNs. Phase dispersion (in LF) between cardiac (but not respiratory) and RSN signals predicted a main positivity-negativity dimension of personality (r = 0.31, p < 0.0001) and emotions (r = 0.24, p = 0.001). Specifically, higher phase dispersion between cardiac and brain RSNs predicted higher tendency toward negative inclinations. In summary, these results provide evidence that brain-wide sensitivity to cardiovascular signaling predicts a main dimension of personality and emotions. Finally, our analysis of phase dispersion may have diagnostic value in specific neuropsychiatric disorders.

Dr. Ehsan Shokri Kojori joined the Laboratory of Neuroimaging at the NIH National Institute on Alcohol Abuse and Alcoholism
 as a postdoctoral IRTA fellow in August 2014 and became a Research Fellow in May 2016. He earned a PhD degree in cognitive neuroscience from the University of Texas at Dallas in Spring 2014. Ehsan also has a background in electrical engineering and signal processing. His interests include combining brain imaging modalities (e.g., fMRI, DTI, and PET) and behavioral measurements to understand the neurocognitive underpinnings of goal directed behavior. His current work involves studying how addiction and alcohol abuse affect efficiency and energetic cost of the brain networks. He is also working on developing novel methodologies to better characterize anatomical and functional brain connectivity indices.

Drs. Joshi and Forno assess CIA Wikileaks ‘Vault7’


Image 20170309 21018 1gx6ex


Graphic via shutterstock.com

This week’s WikiLeaks release of what is apparently a trove of Central Intelligence Agency information related to its computer hacking should surprise no one: Despite its complaints of being targeted by cyberattackers from other countries, the U.S. does a fair amount of its own hacking. Multiple federal agencies are involved, including the CIA and the National Security Agency, and even friendly nations. These latest disclosures also remind us of the cybersecurity truism that any electronic device connected to a network can be hacked. The Conversation

As cybersecurity researchers conducting a preliminary review of the data released in what WikiLeaks calls “Vault 7,” we find the documents mostly confirm existing knowledge about how common hacking is and how many potential targets there are in the world.

This round of leaks, of documents dating from 2013 to 2016, also reinforces perhaps the most troubling piece of information we already knew: Individuals and the government itself must step up cyberdefense efforts to protect sensitive information.

Almost everything is hackable

For years, security experts and researchers have warned that if something is connected to the internet it is vulnerable to attack. And spies around the world routinely gather intelligence electronically for diplomatic, economic and national security purposes.

As a result, we and others in the cybersecurity community were not surprised by the 2013 revelations from former NSA contractor Edward Snowden. We knew that the spying programs he disclosed were possible if not likely. By contrast, the general public and many politicians were astounded and worried by the Snowden documents, just as many citizens are surprised by this week’s WikiLeaks disclosure.

One element of the new WikiLeaks “Vault 7” release provides more insight into the scope of government spying. In a project called “Weeping Angel,” CIA hackers and their U.K. counterparts worked to turn Samsung F8000 smart television sets into remote surveillance tools. Hacked TV’s could record what their owners said nearby, even when they appeared to be turned off.

The fact that the CIA specifically targeted smart televisions should serve as yet another a wake-up call to the general public and technology manufacturers about cybersecurity issues inherent in modern devices. Specifically, “smart home” and Internet of Things devices represent a massive vulnerability. They are open to attack not only by government organizations seeking intelligence on national security information, but terrorists, criminals or other adversaries.

It’s not necessarily a good idea to have always-on and network-enabled microphones or cameras in every room of the house. Despite many of these devices being sold with insecure default settings, the market is growing very rapidly. More and more people are buying Google Home or Amazon Echo devices, Wi-Fi enabled baby monitors and even internet-connected home-security equipment.

These have already caused problems for families whose devices overheard a TV newscaster and ordered dollhouses or whose kids were tracked by a teddy bear. And large parts of the internet were disrupted when many “smart” devices were hijacked and used to attack other networked systems.

Phones were a key target

The CIA also explored ways to take control of smartphone operating systems, allowing the agency to monitor everything a phone’s user did, said or typed on the device. Doing so would provide a way around post-Snowden encrypted communications apps like WhatsApp and Signal. However, some of the CIA’s methods of attack have already been blocked by technology vendors’ security updates.

The CIA’s apparent ability to hack smartphones casts doubt on the need for officials’ repeated calls to weaken mobile phone encryption features. It also weakens the government’s claim that it must strengthen surveillance by not telling tech companies when it learns of security weaknesses in everyday products. Just like the door to your house, technological vulnerabilities work equally well in providing access to both “good guys” and “bad guys.”

Ultimately, as a society, we must continue to debate the trade-offs between the conveniences of modern technologies and security/privacy. There are definite benefits and conveniences from pervasive and wearable computing, smart cars and televisions, internet-enabled refrigerators and thermostats, and the like. But there are very real security and privacy concerns associated with installing and using them in our personal environments and private spaces. Additional problems can come from how our governments address these issues while respecting popular opinion and acknowledging the capabilities of modern technology.

As citizens, we must decide what level of risk we – as a nation, a society and as individuals – are willing to face when using internet-connected products.

We’re frequent attackers – but bad defenders

The WikiLeaks release also reconfirms a reality the U.S. might prefer to keep quiet: While the government objects to others’ offensive cyberattacks against the United States, we launch them too. This isn’t news, but it hurts America’s reputation as a fair and aboveboard player on the international stage. It also also reduces American officials’ credibility when they object to other countries’ electronic activities.

Leaks like this reveal America’s methods to the world, providing plenty of direction for adversaries who want to replicate what government agents do – or even potentially launch attacks that appear to come from American agencies to conceal their own involvement or deflect attribution.

But perhaps the most disturbing message the WikiLeaks disclosure represents is in the leak itself: It’s another high-profile, high-volume breach of information from a major U.S. government agency – and at least the third significant one from the secretive intelligence community.

Perhaps the largest U.S. government data loss incident was the 2014 Office of Personnel Management breach that affected more than 20 million current and former federal workers and their families (including this article’s authors). But the U.S. has never truly secured its digital data against cyberattackers. In the 1990s there was Moonlight Maze; in the 2000s there was Titan Rain. And that’s just for starters.

Our government needs to focus more on the mundane tasks of cyberdefense. Keeping others out of key systems is crucial to American national security, and to the proper function of our government, military and civilian systems.

Achieving this is no easy task. In the wake of this latest WikiLeaks release, it’s certain that the CIA and other agencies will further step up their insider-threat protections and other defenses. But part of the problem is the amount of data the country is trying to keep secret in the first place.

We recommend the federal government review its classification policies to determine, frankly, if too much information is needlessly declared secret. Reportedly, as many as 4.2 million people – federal employees and contractors – have security clearances. If so many people need or are given access to handle classified material, is there just too much of it to begin with? In any case, the information our government declares secret is available to a very large group of people.

If the U.S. is going to be successful at securing its crucial government information, it must do a better job managing the volume of information generated and controlling access to it, both authorized and otherwise. Granted, neither is an easy task. However, absent fundamental changes that fix the proverbial cult of classification, there likely will be many more WikiLeaks-type disclosures in the future.

Richard Forno, Senior Lecturer, Cybersecurity & Internet Researcher, University of Maryland, Baltimore County and Anupam Joshi, Oros Family Professor and Chair, Department of Computer Science & Electrical Engineering, University of Maryland, Baltimore County

This article was originally published on The Conversation. Read the original article.

The Conversation

Prof. Gymama Slaughter on the body as a battery at Baltimore’s Light City festival

How can we begin to use our body as a power source? The same way we use a battery: by harnessing its chemical energy. As part of the annual Baltimore Light City Festival: A Festival of Light, Music and Innovations, Dr. Gymama Slaughter will present her research work on “The body as a battery – harnessing its chemical energy to power wearable and implantable sensors that diagnose and monitor diseases.” Dr. Slaughter will show how her team is converting the biochemical energy in blood sugar into electrical power, and how it is used to power wearable and implantable sensors.

The HealthLab@LightCity conference brings together innovators and leaders from Baltimore and across the nation to explore emerging technologies and innovative practices that have the potential to improve the quality of life and health outcomes for all people, here and around the world.

HealthLab@lightcity is presented by Kaiser Permanente and will be held 8:00am-6:00pm on Monday, 3 April 2017 at the IMET Columbus Center (701 E Pratt St, Baltimore, MD 21202) as part of Baltimore’s annual Light City Festival.

UMBC Cyber Dawgs to hold student cybersecurity competition on Saturday, March 11

The UMBC Cyber Dawgs will hold a cybersecurity Capture the Flag competition on Saturday, March 11th from 9am-5pm in the Public Policy building. The event will be a jeopardy-style competition where individual competitors answer questions about aspects of cybersecurity, including network forensics, reverse engineering, reconnaissance, and cryptography.

The competition is open to all current UMBC students, both beginners and experts alike. Participants will learn and execute both offensive and defensive security practices that are relevant in today’s computing environments using their laptops to access a system that provides hints and guidance on completing the challenges.

Top performers will receive prizes, including a new ChromeBook, a Wireless Pineapple Nano and a YARD Stick One. There will also be door prizes for a few randomly selected, lucky participants, including some Raspberry PIs. Breakfast and lunch will be provided. Some of the Cyber Dawg club’s sponsors will be at the event for students to network with, so bring your resumes.

Students who are interested must register online in advance and bring a laptop to the event. Registration and participation is free but space is limited.

UMBC CSEE alumnus Josiah Dykstra receives PECASE award for cybercrime work

Josiah Dykstra, Ph.D. ‘13, computer science, has received the prominent Presidential Early Career Award in Science and Engineering (PECASE) for his work on digital forensics cloud computing, with applications in tackling cybercrime.

While he was a graduate student at UMBC, Dykstra worked full-time at the National Security Agency, where he remains a cybersecurity researcher, but for his dissertation took a fresh path and selected an area of research very different from his projects at the agency. Dykstra worked in UMBC’s Cyber Defense Lab with Alan Sherman, professor of computer science and electrical engineering, and studied how crimes using computers are tracked through information stored on the computers themselves and in email accounts.

To determine whether and how a crime occurred, Dykstra explains, a law enforcement official may need to extract data from a phone or computer using a third party vendor. He looked at whether law enforcement could trust that the data they are having analyzed to have not been manipulated. The legal and trust issues associated with accessing such data, and the technical and legal challenges associated with information stored on electronics, formed the central focus of Dykstra’s graduate work.

Reflecting on his PECASE award, Dykstra shares, “I didn’t know when I was doing the work at UMBC that it was a possibility” to receive this kind of recognition. He hopes his achievement offers encouragement for students currently working through their dissertations, tackling challenging research questions. “It’s helpful for students to see people who have done work like this,” he says.

The PECASE is one of the highest honors the federal government can bestow on early-stage science and engineering researchers. PECASE award recipients are presented with their awards during a ceremony at the White House, which will be held in the coming months.

Other recent PECASE recipients from UMBC include Kafui Dzirasa ‘01, chemical engineering, now an assistant assistant professor of psychiatry and behavioral sciences at Duke University, who received the award in spring 2016, and Justin Jacobs ‘14 Ph.D., statistics, who was recognized in spring 2014.

Adapted from a UMBC News post. Header image by Geoff Livingston, CC by 2.0.  

1 2 3 4 70