talk: Building Incorruptible Systems in Cloud Environments

Building “Incorruptible” Systems in Cloud Environments

Dr. Haibin Zhang
University of Connecticut

12:00pm Friday, 17 February 2017, ITE 325b, UMBC

In this talk, I will discuss how to design and implement efficient distributed systems in untrusted cloud environments that simultaneously achieve the three most important security goals — integrity, availability, and confidentiality.

Haibin Zhang is a postdoctoral fellow at University of Connecticut advised by Prof. Marten van Dijk. He is working on the MACS project, a cross-institutional collaboration among BU, MIT, Northeastern, and UConn. Previously, he was a postdoctoral research associate at the University of North Carolina at Chapel Hill, advised by Prof. Michael Reiter, working on Project Silver. He received his Ph.D. from University of California at Davis (with Prof. Matthew Franklin), his M.S. from Chinese Academy of Sciences, and his B.S. from Shandong University. He is interested in cloud computing, cryptography, security, privacy, and distributed systems. He received the best paper candidate award at 33rd IEEE International Symposium on Reliable Distributed Systems, proved the security of a NIST standard on ciphertext stealing, and was one of the main inventors of Norton Zone, Symantec’s scalable cloud storage.

talk: Cybersecurity and Cellular Technology, 6pm 2/23 Shady Grove

UMBC Cybersecurity Program Cyber Talk

Cybersecurity and Cellular Technology

Joshua Franklin

6:00-8:00pm Thursday, 23 February 2017

The Universities at Shady Grove
Building III (Camille Kendall Academic Center) Room 3241
9636 Gudelsky Drive, Rockville, MD 20850

​​The UMBC Cybersecurity Program is proud to bring you Cyber Talk, a new speaker series that highlights special topics in Cybersecurity. ​Join us at The Universities at Shady Grove (USG) for an informative and engaging discussion on the operation of cellular networks and the threats posed to mobile technology. Participants will have the opportunity to ask questions and hear about the latest trends in industry.

Cellular technology plays an increasingly large role in society as it has become the primary portal to the internet for a large segment of the population. One of the main drivers making this change possible is the deployment of modern 4G LTE cellular technologies. This talk serves as a guide to the fundamentals of how cellular networks operate and explores the evolution of 2G GSM, 3G UMTS and 4G cellular security architectures. This is followed by an analysis of the threats posed to cellular networks and supporting mitigations. Although the talk discusses older GSM and UMTS technologies – it is heavily focused on LTE.

Joshua Franklin is a Security Engineer at the National Institute of Standards and Technology (NIST) focusing on cellular security, electronic voting, and public safety. Prior to NIST, Joshua worked at the U.S. Election Assistance Commission gathering extensive experience with voting technologies. After graduating from Kennesaw State University with a Bachelors of Science in Information Systems, he received a Masters of Science in Information Security and Assurance from George Mason University.

talk: Accountability and Data Privacy in the Life Cycle of Big Data

Towards End-to-End Security and Privacy: Accountability
and Data Privacy in the Life Cycle of Big Data

Taeho Jung
Department of Computer Science
Illinois Institute of Technology

11:00am Tuesday, 14 February 2017, ITE 325b, UMBC

The advent of big data has given birth to numerous innovative life-enhancing applications, but the big data is often called as a double-edged sword due to the increased privacy and security threats. Such threats, if unaddressed, will become deadly barriers to the achievement of big opportunities and success anticipated in the big data industry because they may arise at any part of the life cycle of the big data.

In this talk, I will describe my research which addressed various privacy and security issues in the big data life cycle: acquisition, storage, provisioning, and consumption. More specifically, I will briefly present how various types of data can be protected in their acquisition and consumption phases of the life cycle, and subsequently, I will introduce the theoretic foundations of the presented research. Finally, I will present how to make large-scale data trading accountable against dishonest users for the provisioning phase of big data, and this talk will be concluded with my future research agenda briefing.

Taeho Jung is a Ph.D. candidate in Computer Science at Illinois Institute of Technology. His research area, in general, includes privacy and security issues in data mining and provisioning in the big data life cycle. His paper has won a best paper award (IEEE IPCCC 2014), and two of his papers were selected as best paper candidate (ACM MobiHoc 2014) and best paper award runner up (BigCom 2015) respectively. He has served many international conferences as a TPC member, including IEEE DCOSS 2016, IEEE MSN 2016, IEEE IPCCC 2016, and BigCom 2016. He received his B.E. in Computer Software in Tsinghua University in 2011, and he will receive his Ph.D. in May 2017.

talk: Bayesianism and the Evidence Problem, 4pm 2/15

Philosophy Department Colloquium

Bayesianism and the Evidence Problem

Lisa Cassell
University of Massachusetts/Amherst

4-6:00pm Wednesday, 15 February 2017, 456 Performing Arts & Humanities

Bayesianism is a theory that gives us norms for how the degrees of belief we have in certain propositions — our “credences” — ought to hang together. For instance, it tells me that if my credence that I will play baseball tomorrow is .3 and my credence that I will play basketball tomorrow is .4, then, if I believe that I will only play one or the other, my credence that I will either play baseball tomorrow or basketball tomorrow is .7. One of Bayesianism’s most attractive features is its updating norm, which gives us a simple and powerful way of revising our beliefs in the light of new evidence. However, Bayesians have an “Evidence Problem”: while their updating norm tells us what to do once we get evidence, it doesn’t tell us what it means to actually have evidence. In this talk, I consider two arguments — one in support of Bayesian’s updating norm and one against it — and show that both of these arguments fail. I go on to consider what these failures teach us about the Evidence Problem. I conclude by considering some different ways of resolving this problem.

UMBC’s Cyber Scholars program stands out as a national model in “Diverse”

 

At a time when just 12 percent of information security analysts are black, Hispanic or Asian, and only 20 percent of information security analysts are women, successful student support programs like UMBC’s Cyber Scholars are poised to make a major impact on the field, suggests a new article in Diverse: Issues in Higher Education. The article focuses on this UMBC program as a model for increasing diversity in cyber-related fields through supporting the success of women and underrepresented minority students in cybersecurity, including providing them with opportunities to expand their professional networks.

The UMBC Cyber Scholars program currently includes 40 scholars and 10 associates, and over 97 percent of the scholars and associates in the program have graduated in their intended major, or are pursuing degrees in computer science, computer engineering or information systems, said Cindy Greenwood, assistant director of the program. Of those participating students, 53 percent are women and 40 percent are underrepresented minorities, in stark contrast to national averages for information security professions.

The Cyber Scholars program stands out in higher education because of the variety of elements offered to students, explained Anupam Joshi, professor and chair of computer science and electrical engineering, and director of the Center for Cybersecurity at UMBC. “Many other programs only focus on imparting technology training in cybersecurity,” he said. “Our program is part of formal degree requirements in computer science, computer engineering and information systems” and students can take a broad range of elective courses, which, Joshi noted, “mix instruction in the theory with hands-on projects.”

Each week, Joshi explained, the students in the Cyber Scholars program hear from industry leaders and government officials on topics such as professional development and technical aspects of the field. “They also conduct peer-led workshops in cybersecurity and work with faculty in research labs,” he added. “They are encouraged to do internships in the industry multiple times and get security clearances in the process.”

Alejandra Diaz ‘17, computer science, has been involved with the Cyber Scholars program since she was a freshman at UMBC, and described how the program has helped her grow and access new opportunities. After she met with UMBC President Freeman Hrabowski and Wes Bush, CEO of Northrop Grumman, Diaz interviewed for an internship with Northrop Grumman. Diaz has now interned twice with Northrop Grumman and plans to return to the company before pursuing her master’s degree.

 

Alejandra Diaz, left, with fellow Cyber Scholars. Photo by Marlayna Demond ’11 for UMBC.

Read “Programs Aim to Open Doors to Diversity in Cybersecurity” in Diverse: Issues in Higher Education.

Adapted from UMBC News; Header Image: The ITE building at UMBC. Photo by Marlayna Demond ’11 for UMBC.

CSEE faculty on securing the president’s smartphone and avoiding “cyber-fatigue”

Professor Anupam Joshi, chair of the CSEE Department and director of the UMBC Center for Cybersecurity

With a new administration in the White House, securing the president’s smartphone is a national security priority, but exactly what steps are taken to secure the phone are not made public. In a new article in The Conversation, Anupam Joshi, professor and chair of computer science and electrical engineering, and director of the Center for Cybersecurity at UMBC, discusses several likely ways President Trump’s security team is building protections into his phone, through everything from hardware to settings to app restrictions.

Limiting the number of people who have the president’s new phone number and keeping the unique International Mobile Equipment Identity number guarded can prevent potential attackers from accessing confidential information stored on the phone. This method is called “security by obscurity,” says Joshi.

Joshi also says the device Trump will use was likely made by a trusted manufacturer with carefully created and checked parts, explaining that this minimizes the “risk that the hardware would have any vulnerabilities that an attacker could exploit.”

Customizing the operating system, and allowing the phone to connect only with predetermined networks that are regularly monitored can also help protect against attacks, says Joshi. “Limiting its contact with the internet would, of course, by key,” he notes, “though that would also significantly limit the phone’s usefulness to a president whose routine involves constant connection.” Joshi says that limiting the number of apps on the phone, reducing the ability for additional apps to be downloaded and installed, and disabling automatic updates to the phone could keep the device even more secure.

While it is not certain which methods have been employed to secure the presidential smartphone, Joshi says that Trump trading in his commercial-grade phone for a government-secured device is an important first step in protecting the U.S. from hacks and attacks.

In another article in The Conversation, Rick Forno, assistant director of the UMBC Center for Cybersecurity and director of the Cybersecurity Graduate Program at UMBC, addresses the importance of addressing both short-term and long-term cybersecurity issues. He explains that ignoring underlying problems and only addressing small, attention-grabbing issues does not lead to lasting progress. “Cyber-fatigue,” explains Forno, is an “inability to think critically about what needs to happen for meaningful, lasting cybersecurity improvements while focusing only on near-term problems.”

He says that while it is important to evaluate the benefits, conveniences and savings that new products and services may offer, the potential risks and problems should be considered, too. “So instead of repeating the same guidelines and recommendations of the past, it’s time to take a new and unconventional look at our approach to technology and how we secure it,” Forno explains. “Unless we’re willing to go beyond our traditional cybersecurity ‘comfort zone’ and explore new solutions, our cyber-fatigue will worsen.”

Read “How to secure a smartphone for the tweeter-in-chief” and Overcoming ‘cyber-fatigue’ requires users to step up for security” in The Conversation. Joshi’s piece also appeared in Mashable and Channel Newsasia, and together the articles have already been read over 36,000 times.

Adapted from UMBC News, photo by Marlayna Demond ’11 for UMBC.

UMBC places 7th at Pan-Am Team Chess Championship

UMBC Chess finished seventh overall at the 2016 Pan-American Intercollegiate Team Chess Championship, held in New Orleans, Louisiana, December 27–30.

The UMBC Chess A team finished in 10th place, with victories over the Texas Tech D team, the University of Oklahoma A team, the Columbia University B team, and the Arizona State University team. The UMBC Chess B team earned wins over the Texas Tech E team, and the University of Minnesota Twin Cities B team, and finished 45th overall.

UMBC’s 2016 A team includes international master Levan Bregadze ‘16, financial economics; grandmaster Tanguy Ringoir ‘19, economics; woman FIDE master Ewa Harazinska ’20, chemistry; and Maor Leker Locker ’20, biological sciences. The UMBC Chess B team includes Dobrynya Konoplev ‘18, computer science and mechanical engineering; Nathan Janus ’20, mathematics; Nathaniel Wong ‘18, Asian studies and political science; Abhilash Puranik ‘17, M.S. computer engineering; and Jeffrey Mich Carr ’19, interdisciplinary studies.

UMBC has participated in the Pan-American Intercollegiate Team Chess Championship for 26 years, and has won or tied for first place at the Pan-Am Championship ten times. UMBC Chess has also continued on to the President’s Cup—known as the Final Four of College Chess—numerous times, but did not qualify for 2017.

At the 2015 Pan-American Intercollegiate Team Chess Championship, the UMBC Chess A team finished in 10th place, and the UMBC Chess B team finished 31st overall. Alan Sherman, professor of computer science and electrical engineering, serves as director for UMBC Chess and Joel DeWyer, interim director of The Commons, is business manager.

UMBC Chess made headlines earlier in 2016 when Nazi Paikidze-Barnes, information systems, an alumna of the team, won the 2016 U.S. Women’s Chess Championship held in St. Louis.

Reposted from UMBC News. Image: Members of the UMBC Chess A team before attending the 2016 Pan-American Intercollegiate Team Chess Championship. Photo by Marlayna Demond ‘11 for UMBC.

In Hour of Code, UMBC students give Baltimore youth hands-on intro to computing careers

At one table, thirteen Lakeland Elementary/Middle School students from Baltimore used tablets to create patterns of colorful shapes through code. At another station, the students composed music and played games on laptops by completing circuits connected to bananas and celery.

The scene in UMBC’s Commons last Thursday was just what Gabrielle Salib ‘17, interdisciplinary studies, had hoped for. “Our world is quickly becoming more automated and by learning how to code, as President Obama has said, we ‘become the creators rather than just the consumers’ of our ever-growing tech society,” shared Salib. She is president of UMBC’s Computer Science Education student organization, which organized the event as part of the international Hour of Code movement

UMBC joined thousands of schools around the world in hosting Hour of Code events to celebrate Computer Science Education Week, drawing both UMBC students and younger area students to learn about circuits, coding, and computing through hands-on activities.

“Hour of Code events are a great way to gain visibility and awareness of the importance of CS for All,” said Marie desJardins, COEIT associate dean and professor of computer science, and faculty advisor of the Computer Science Education student organization. “It’s especially important to reach out to young women and minority students in their critical middle school years, and to connect them with peers and role models they can relate to.”

“The Hour of Code day is especially important for our Technovation Club because two days a week our girls spend two hours learning how to code and how to develop their own apps,” said Acacia Asbell, a project director for UMBC’s Sherman STEM Teacher Scholars Program who works closely with Lakeland Elementary School. “This event really reinforces how important coding is, and how they can have an impact on the world around them.”

The Lakeland Elementary School students were not the only ones to gain valuable experience from the event. “Our student volunteers also benefited by increasing their own confidence in their skills, connecting with other students and faculty, and knowing that they are making a difference in the world around them,” said desJardins.

Dr. Marie desJardins, President Freeman Hrabowski, and Gabrielle Salib ’17, interdisciplinary studies, working with Lakeland Elementary/Middle School students at the Hour of Code.Dr. Marie desJardins, President Freeman Hrabowski, and Gabrielle Salib ’17, interdisciplinary studies, working with Lakeland Elementary/Middle School students at the Hour of Code.

One major challenge with engaging young student in coding is the intimidation factor, UMBC President Freeman Hrabowski told The Baltimore Sun, at the event. He noted that Hour of Code events give hands-on experience that removes that barrier and encourages young students to pursue college degrees and careers in technical fields.

For Salib, that hands-on experience is core to bringing home the point that anyone can code, and that coding can open doors to creative careers.“I had some students tell me that coding was much more fun than they thought it’d be,” she said. “That was precisely the purpose of our event: to show the UMBC community that they, too, can code!”

Read “City students get early exposure to computer careers at UMBC” in The Baltimore Sun.

Adapted from an article on UMBC News by Megan Hanks

Talk: Lexumo Continuous Open Source Code Security

 The UMBC Cyber Defense Lab presents

Lexumo Tech Talk: Continuous Open Source Code Security

Dr. Richard T. Carback III
Lexumo, Inc.

11:15am Friday, 16 December 2016, ITE 237, UMBC

Lexumo is a startup which provides the only automated service that continuously monitors IoT software platforms for the latest public vulnerabilities. Funded in January of 2016 for $4.89M, NetworkWorld recently named Lexumo as a 2016 IoT Company to watch. Join us as UMBC alumnus and Lexumo co-founder Richard Carback discusses some of the hard problems and their technical approaches to monitor all the world’s open source software and assist companies in managing their vulnerabilities. The talk will be followed by an open Q&A session.

Richard T. Carback III is a UMBC Alumnus (CS PhD, 2010) and co-founder of Lexumo. Before Lexumo, Richard led the embedded systems security group at Charles Stark Draper Laboratories and was previously the Chief Scientist at Convergent Technologies, Inc. At UMBC, he worked with Alan Sherman on Scantegrity, a practical end-to-end voter verifiable election system.

Host: Alan T. Sherman ()

The UMBC Cyber Defense Lab (CDL) meets biweekly Fridays 11:15am-12:30pm in ITE 229, for research talks about cybersecurity.

UMBC researchers collaborate with Army Research Laboratory to understand human variability

UMBC’s Mobile Pervasive and Sensor Systems Laboratory is collaborating with researchers at the Army Research Laboratory as part of their Center For Adaptive Soldier Technologies (CAST) laboratory. The UMBC group, led by Prof. Nilanjan Banerjee, is funded to work on the Human Variablility Project. The ARL described and motivates the project as follows.

“While it is understood that significant behavioral and performance variability within Soldiers exists, there is a clear knowledge gap with respect to quantifying and predicting the degree and dynamics of this variability. We posit that this critical scientific gap that has led to inflexible systems designed to mitigate against human variability by simplifying system operations and interfaces to be usable by operators performing at below-average levels. Alternatively, by understanding and predicting human variability across multiple time scales, we will enable adaptive system designs that are dynamic and capable of eliciting the full potential of the humans with which they interact.”

As part of this project, UMBC researchers are developing novel sensors and virtual reality environments to collect human behavioral and physiology data to study the variability of human states in immersive environments.

1 2 3 4 69