Rick Forno, Graduate Program Director for Cybersecurity and Assistant Director of UMBC's Center for Cybersecurity spoke with the Baltimore Sun and Technical.ly Baltimore recently about hacktivism in the Baltimore riots and a recent ZeroFox report that analyzed social media to identify prominent activists, potential threats, and/or agitators during the riots.
The Humbolt Research Award award is given to recognize the lifetime research achievments of academics "whose fundamental discoveries, new theories, or insights have had a significant impact on their own discipline and who are expected to continue producing cutting-edge achievements in the future."
Dr. Menyuk's research is in the field of nonlinear optics and its applications. His expertise is in theoretical and computational modeling, although much of his work has been in collaboration with experimental groups. One major reearch achievement is the development of the basic equations that govern light propagation in optical fibers in the presence of nonlinearity, birefringence, and chromatic dispersion. These equations are the basis for the physical layer modeling of optical fiber communication systems and are used extensively in the telecommunications and photonics industry.
A second achievment is the development of models for determining the stability and noise response of modelocked lasers and other resonators. This work is ongoing, but has already had a significant on the design of short-pulse lasers and other resonators.
A third body of work has been fundamental studies of nonlinear processes in gases and optical fibers. This theoretical work led to scientifically important experimental work and may lead to new methods for high-energy pulse generation and time transfer in optical fibers.
Dr. Menyuk has authored or co-authored more than 250 archival journal publications, edited three books and he is a co-inventor of six patents. He is a fellow of the American Physical Society, the Optical Society of America, and the IEEE. He is a former UMBC Presidential Research Professor.
Here is what Dr. Menyuk has to say about winning the award:
“I was pleased and honored to receive the Humboldt Research Award, which is one of the world's most prestigious academic awards. Most Nobel prize winners in my field and many members of the national academies have won this award. I have been at UMBC for 30 years, and this award is really a recognition of the collective efforts of my research group and colleagues here at UMBC. I am grateful for Dr. Philip Russell of the Max Planck Institute for Light for nominating me and — what is even more important — for giving my research group at UMBC the opportunity to collaborate with one of the world's great research institutes.”
This fall Professor Alan Sherman will teach the second UMBC edition of the NSF INSuRE project's Cybersecurity Research course as a special topics course (CMSC 491/691). The course will be limited to 24 students — 18 graduate and six undergraduate. SFS cyber scholars are strongly encouraged to take the course. BS, MS, MPS, and PhD students from any appropriate degree program who are able to carry out research in any relevant cybersecurity area are welcome.
Undergraduates will require permission to enroll. To obtain permission, please email to with an unofficial transcript and a brief statement describing why you want to take the course, what you bring to the course, and what project you wish to work on. Students taking the course are encouraged to form teams and select research problems before the course begins. NSA promises to provide an updated suggested unclassified problem list later in Summer 2015. Contact Dr. Sherman to explore possible topic ideas.
CMSC-491/691 Special Topics in Computer Science: Cybersecurity Research, Fall 2015, Instructor: Dr. Alan T. Sherman, Credits: 3
Meeting Times and Places: Fridays 1:30-3:30pm (ITE 238), and Wednesdays 11:00-11:50am (MEYR/CHEM 256). Some of the Friday meetings will be held in synchronized distance fashion using WebEx and a telephone bridge.
Working in small groups (ideally three students) under the mentorship of technical clients from government, each student will formulate, carry out, and present original research on current cybersecurity problems of interest to the nation. Clients will provide a list of unclassified research problems, and students may also suggest their own problems. This course will engage students in important challenging cybersecurity problems. Students will learn how to apply research techniques, think clearly about cybersecurity issues, formulate and analyze potential solutions, and communicate their results.
The course will be run in a synchronized distance fashion from special classrooms coordinating with our partner schools (Mississippi State, Purdue, UC Davis, Univ. Alabama Huntsville, Univ. of South Dakota, Northeastern University, Stevens Institute of Technology, UMBC) and our technical clients (from NSA and Sandia National Labs). Research groups will collaborate using an appropriate file-sharing technology (e.g., Purdue’s instance Purr of HUBzero). Support for this course is provided in part by the National Science Foundation under grant 1344369.
Required Work. Working in small teams, each student will carry out an original research project. The main deliverables are a written technical report, poster, and an oral presentation describing the team's new and significant findings (similar in form and length to those from technical research conferences such as USENIX Security). Each student is expected to participate actively in class.
Expected Outcomes. By the end of the course, students will be expected to: (1) be familiar with important current cybersecurity challenges, (2) think clearly about cybersecurity issues, (3) formulate and analyze potential solutions, (4) work cooperatively in groups, and (5) communicate results effectively in a technical report and oral presentation.
Grading Policy. Grades will be assigned as measures of performance on required activities. The project will be evaluated on the basis of scientific merit and effective presentation. The project report will count for 45% of the semester grade. Late work will not be accepted. For more details on the grading policy, including the weight of each required activity, and separate expectations for undergraduate and graduate students, see the separate document on assessment policy.
Prerequisites. Each student must have the ability, background, and motivation to carry out original research in cybersecurity. Students are expected to have completed most of the requirements for admission into the MS or PhD program in computer science at UMBC. Students may come from computer science, computer engineering, or any related technical field (e.g., electrical engineering, information systems, math). Each student is expected to bring significant expertise, interest, and experience in at least one relevant technical area. This course targets primarily MS and PhD students interested in doing research in cybersecurity; qualified undergraduates, MPS (cybersecurity), and special students are also welcome with permission of the instructor. Ideally, each student would have completed each of the core courses (or equivalents) in a computer science major (e.g., architecture, operating systems, algorithms, and networks), and at least one course in security. We recognize, however, that many qualified students will not yet have completed all of these courses. Each student must come with sufficient knowledge and skills to be able to contribute to a successful research team in solving some cybersecurity research problem. For school specific detailed information about prerequisites, see the separate document on prerequisites.
Clients. Each team will interact with a technical client from a participating organization. Partners include National Security Agency (NSA) and Sandia National Labs.
CSEE faculty Alan Sherman and Dhananjay Phatak and Education Professor Linda Oliva received a research grant from the Department of Defense to create educational assessment tools to improve the teaching of cybersecurity. The one-year funded project is a collaboration with Geoffrey Herman at the University of Illinois at Urbana-Champaign. The research is being carried out at the UMBC Cyber Defense Laboratory.
The project will create infrastructure for a rigorous evidence-based improvement of cybersecurity education by developing Cybersecurity Assessment Tools (CATs) targeted at measuring the quality of instruction. The first CAT will be a Cybersecurity Concept Inventory that measures how well students understand basic concepts in cybersecurity after a first course in the field. The second CAT will be a Cybersecurity Curriculum Assessment that measures how well curricula prepared students graduating from college on fundamentals needed for careers in cybersecurity. Each CAT will be a multiple-choice test with approximately thirty questions.
Inspired by the highly influential Force Concept Inventory from physics, the investigators are following a three-step process. In fall 2014, with MS student Geet Parekh, they carried out two Delphi processes to identify an initial set of important and difficult concepts in cybersecurity. The second step will involve interviews with students to uncover their misconceptions about these concepts. In the final step, the team will draft and psychometrically evaluate questions whose incorrect answers are driven by the uncovered misconceptions. Information on the work and its results will be available on the Cybersecurity Assessment Tools web site.
Computer Science and Electrical Engineering
University Of Maryland, Baltimore County
M.S. Thesis Defense
Assessing Confidence in Relation Extraction Systems
2:00ppm Thursday, 27 July 2015, ITE 325b, UMBC
In information extraction, a central and challenging task is extraction of relations. Systems that extract relations from text tend to be very productive, so it is important to quantify confidence or certainty in what is extracted. In this thesis we introduce a framework to assess confidence in relation extraction systems. We trained our system using a logistic regression model based on manually tagged sentences from the New York Times Annotated Corpora. Empirical results based on ROC curves show that our system performs better at computing confidence than previous systems such as Reverb. We conclude with a detailed analysis of the features used in our system and explain how these features might be tailored for use in other relation extraction systems.
Committee: Drs. Tim Oates (chair), Charles Nicholas and Matt Schmill
CSEE professor Jian Chen recently received an award from Department of Defense to to develop new techniques to visualize health informatics data. The award will support two UMBC research students for two years and be done in collaboration with Jesus Caban, Gerard Reidy and Joseph Bleiberg from the Walter Reed National Military Medical Center's National Intrepid Center of Excellence.
The research will the support temporal exploration and analysis of traumatic brain injury and post traumatic stress disorder from patient cohorts. The group will design interactive visualization to move beyond using a small subset of data from the wealth and breadth of clinical information to improve diagnostic accuracy.
The project will help clinicians obtain new insights about the underlying conditions of patients, analyze complex hidden clinical patterns, and visually explore the correlations between many assessment techniques and imaging modalities including neuroimaging, neuropsychiatric measures, patient history, demographic information, and clinical tests).
Last week, Rick Forno, CSEE's Cybersecurity Graduate Program Director and Assistant Director of UMBC's Center for Cybersecurity, joined Australian security journalist Pat Gray for a lengthy discussion on the Risky Business podcast about the OPM data breach, local reactions, and possible US cybersecurity responses to this significant and far-reaching security incident.
This talk was accepted for DEFCON 2015 in Las Vegas later this month. However, for those interested here in the UMBC community, John will conduct an informal preview of his talk on Friday 7/17 at 3:00PM in ITE 366 (DREAM Lab).
"Quantum" Classification of Malware
John Seymour, UMBC
3:00pm Friday 17 July 2015, ITE 366
Quantum computation has recently become an important area for security research, with its applications to factoring large numbers and secure communication. In practice, only one company (D-Wave) has claimed to create a quantum computer which can solve relatively hard problems, and that claim has been met with much skepticism. Regardless of whether it is using quantum effects for computation or not, the D-Wave architecture cannot run the standard quantum algorithms, such as Grover’s and Shor’s. The D-Wave architecture is instead purported to be useful for machine learning and for heuristically solving NP-Complete problems.
We'll show why the D-Wave and the machine learning problem for malware classification seem especially suited for each other. We also explain how to translate the classification problem for malicious executables into an optimization problem which a D-Wave machine can solve. Specifically, using a 512-qubit D-Wave Two processor, we show that a minimalist malware classifier, with cross-validation accuracy comparable to standard machine learning algorithms, can be created. However, even such a minimalist classifier incurs a surprising level of overhead.
John Seymour is a Ph.D. student at the University of Maryland, Baltimore County, where he performs research at the intersection of machine learning and information security. He's mostly interested in avoiding and helping others avoid some of the major pitfalls in machine learning, especially in dataset preparation (seriously, do people still use malware datasets from 1998?) In 2014, he completed his Master’s thesis on the subject of quantum computation applied to malware analysis. He currently works at CyberPoint International, a company which performs network and host-based machine learning, located in Baltimore, MD.
CSEE Ph.D. student Kavita Krishnaswamy is interviewed by Dr. Renetta Tull, UMBC Associate Vice Provost for Graduate Student Development and Postdoctoral Affairs. The taped interview includes several graduate students from UMBC, UMBC's Graduate Dean, Dr. Janet G. Rutledge and Kavita’s parents. Kavita discussed her research and answered questions from the audience regarding graduate school tips, information about research by and for people with disabilities, and motivation to work toward the goal of the PhD. A transcript is available.
Nielsen Audio, a consumer research company that collects and analyzes listener data on radio broadcasting audiences, invites UMBC faculty and students to attend events focused on data science from 11:00am-2:30pm on Thursday June 25 at its headquarters in Columbia MD.
In the past few years, data science has become one of the top career opportunities for students with a background in computing or mathematics, offering interesting challenges and top salaries. Nielsen has been actively recruiting on campus and has hired three graduating UMBC students into its leadership rotational program, as well as several summer interns. They will be recruiting for full-time positions in the Fall.
The Nielsen Data Science Day event will take place in lobby and auditorium of Nielsen Audio's headquarters at 9705 Patuxent Woods Dr #200, Columbia, MD 21046 (map). Activities will include presentations, data science themed games and group discussions.
Between 11:00 and 12:00 participants can engage with interactive games with a Math/Data Science/Audio theme, including Data Science Jeopardy, Name that Tune, and Sampling Marbles. In the auditorium, a short video on data science produced by Nielsen will play continuously.
Lunch is available at Noon, followed by an introduction to data science at Nielsen Audio and presentations from managers of Nielsen's data science groups.
In the afternoon there will be a chance to meet with data scientists and find out what they do and opportunities for internships and positions.
If you have questions, contact the Columbia Data Science Day Committee leads: Kelly Dixon () or Freddie Navarro ()