CSEE
Victoria Lentz ’15 Wins HP/SWISS Cybersecurity Scholarship

Earlier this year HP and the Scholarship for Women Studying Information Security (SWSIS) selected UMBC undergraduate Victoria Lentz (Computer Science, 2015) and ten other female cybersecurity students from across the U.S. to receive scholarships.

Lentz was in the first cohort of students to be accepted into the UMBC Cyber Scholars Program, which began in Fall 2013. The program prides itself on influencing minorities and women to become involved in the cyber security and computing industries.

With particular interests in malware and digital forensics, Lentz plans to work in the cybersecurity industry after finishing her undergraduate education to gain experience before returning to school for a Master’s degree.

More from Lentz appears in Technically Baltimore.

from a post by Achsah Joseph on UMBC Insights

UMBC researchers developing textile-based sensors to control devices



CSEE professor Nilanjan Banerjee was interviewed at the Microsoft Faculty Summit on UMBC research that is developing sensors that can be sewn into textiles such as clothing or bedding and used control devices though gestures. Professor Banerjee is working with colleagues Ryan Robucci, Chintan Patel and Sandy McCombe-Waller (UMB) and students to prototype the hardware sensors and software components that can be part of an Internet of Things environment.

With support from Microsoft, their experimental systems are using Microsoft’s Lab of Things platform for research on connected devices in homes and other spaces. One of the use cases driving the research is helping people with limited mobility lead more independent lives by enabling them to control the environment. Buz Chmielewski, who became a quadriplegic after a surfing accident, is helping the team test and refine the system and its usability.

Marie desJardins discusses CS education on the Kojo Nnamdi show, Noon Tue June 17

 

UMBC CSEE Professor Marie desJardins will be a guest on WAMU’s Kojo Nnamdi show from 12:00 to 1:00pm tomorrow, Tuesday, June 17, 2014. She will be one of three experts discussing Coding and the Computer Science Conundrum with Kojo and callers. Listen live over the air on WAMU (88.5 mhz) or online.  After she broadcast, you can hear it on the segment’s page or download it from their podcast archives.

The program’s description is:

“For years following the dot-com bust, computer science enrollment plunged steadily, prompting hand wringing over America’s competitiveness in technology and innovation. But a nationwide push to bring coding to classrooms, plus rapid innovation in apps and communications, has prompted a 13.4% jump in computer science majors in the 2012-13 academic year alone. But retaining those budding programmers — especially females and minorities — remains a significant challenge. Kojo explores local and national efforts to boost computer science competency, and learns how educators are revamping computational learning to give it relevance far beyond the classroom.”

The expert guests are:

Listeners can ask questions or make comments during the show via Twitter (@kojoshow) or phone (800-433-8850).

Innovations in Cybersecurity Education Workshop, Tue 24 June 2014
Home   ·   Schedule   ·   Location   ·   Organizers   ·   Register   ·   Resources

icew

Innovations in Cybersecurity Education Workshop

University of Maryland, Baltimore County
9:30 – 4:30 Tuesday, 24 June 2014

Innovations in Cybersecurity Education is a regional workshop on cybersecurity education at all levels, from Kindergarden through post-graduate. It will include discussions about cyber competitions, hands-on exercises, educational games, and integrating cybersecurity throughout the curriculum. There will be an opportunity to experience hands-on cyber defense exercises and to play new computer security education games, including SecurityEmpire developed at UMBC.

The workshop is free and open to the public — all are welcome to attend. This workshop will to be of interest to educators, school administrators, undergraduate and graduate students, and government officials.

Please see the links above for the schedule and location and register to help us plan for the number of participants.

The workshop is organized by Dr. Alan T. Sherman with support provided in part by the National Science Foundation under SFS grant 1241576.

Phd proposal: Lisa Mathews, Creating a Collaborative Situational-Aware IDPS, 11am Tue 6/10

Switch-and-nest, wikipedia commons

Ph.D. Dissertation proposal

Creating a Collaborative Situational-Aware IDPS

Lisa Mathews

11:00am Tuesday, 10 June 2014, ITE 346

Traditional intrusion detection and prevention systems (IDPSs) have well known limitations that decrease their utility against many kinds of attacks. Current state-of-the-art IDPSs are point based solutions that perform a simple analysis of host or network data and then flag an alert. Only known attacks whose signatures have been identified and stored in some form can be discovered by most of these systems. They cannot detect “zero day” type attacks or attacks that use “low-and-slow” vectors. Many times an attack is only revealed by post facto forensics after some damage has already been done.

To address these issues, we are developing a semantic approach to intrusion detection that uses traditional as well non-traditional sensors collaboratively. Traditional sensors include hardware or software such as network scanners, host scanners, and IDPSs like Snort. Potential non-traditional sensors include open sources or information such as online forums, blogs, and vulnerability databases which contain textual descriptions of proposed attacks or discovered exploits. After analyzing the data streams from these sensors, the information extracted is added as facts to a knowledge base using a W3C standards based ontology that our group has developed. We have also developed rules/policies that can reason over the facts to identify the situation or context in which an attack can occur. By having different sources collaborate to discover potential security threats and create additional rules/policies, the resulting situational-aware IDPS is better equipped to stop creative attacks such as those that follow a low-and-slow intrusion pattern. Leveraging information from these heterogeneous sources leads to a more robust, situational-aware IDPS that is better equipped to detect complicated attacks. This will allow for detection in soft real time. We will create a prototype of this system and test the efficiency and accuracy of its ability to detect complex malware.

Committee: Drs. Anupam Joshi (Chair), Tim Finin, John Pinkston, Charles Nicholas, Claudia Pearce, Yul Williams

UMBC designated a Center of Academic Excellence in Information Assurance

UMBC has been redesignated as a National Center of Academic Excellence in Information Assurance by the National Security Agency and Department of Homeland Security for both Cyber Defense Research (CAE-R) and Education (CAE-IA/CD) for the academic years 2014-2021. UMBC is one of only 38 institutions in the US. that have recognized by NSA and DHS for both education and research.

The CAE educational designation includes (among other elements) a certification that our curriculum satisfies focus areas and knowledge units (KUs) as outlined in the NICE Framework. This framework aims to establish a common lexicon for students, universities, and employers for describing knoweldge and skills needed for various cybersecurity jobs. The CAE research designation signifies UMBC’s demonstrated excellence in conducting quality research activities pertaining to cybersecurity.

The CAE certification process was coordinated by Dr. Alan Sherman through the Center for Information Security and Assurance (CISA). Among other things, CISA oversees UMBC’s Federal CyberCorps Scholarship For Service program and is actively involved with cybersecurity education and research activities at UMBC, to include the upcoming Innovations in Cybersecurity Education Workshop on June 24.

Dr. Rick Forno discusses cyberwar on NPR

In recent days, the United States and China have traded accusations about each nation’s alleged (or actual) espionage activities in cyberspace. Moreover, high-profile events like Stuxnet and recurring high-profile cyber-attacks such as the Target data breach continue to keep ‘cyber’ and cybersecurity issues in the news.

Today, CSEE’s Dr. Rick Forno, Cybersecurity GPD and Assistant Director of the UMBC Center for Cybersecurity, was a guest on PRI’s ‘The World’ where he discussed issues related to cyberwarfare, cybersecurity and the international application of cyberpower.

Innovations in Cybersecurity Education Workshop, Tue 24 June 2014
Home   ·   Schedule   ·   Location   ·   Organizers   ·   Register   ·   Resources

icew

Innovations in Cybersecurity Education Workshop

University of Maryland, Baltimore County
9:30 – 4:30 Tuesday, 24 June 2014

Innovations in Cybersecurity Education is a regional workshop on cybersecurity education at all levels, from Kindergarden through post-graduate. It will include discussions about cyber competitions, hands-on exercises, educational games, and integrating cybersecurity throughout the curriculum. There will be an opportunity to experience hands-on cyber defense exercises and to play new computer security education games, including SecurityEmpire developed at UMBC.

The workshop is free and open to the public — all are welcome to attend. This workshop will to be of interest to educators, school administrators, undergraduate and graduate students, and government officials. Lunch will be provided and there is ample free parking for participants.

Please see the links above for the schedule and location and register to help us plan for the number of participants.

The workshop is organized by Dr. Alan T. Sherman with support provided in part by the National Science Foundation under SFS grant 1241576.

Maryland Cybersecurity Roundtable, 1:30pm Thr. May 29

mcsrt

The Maryland Cybersecurity Roundtable will be launched at an open meeting at the Hotel at Arundel Mills Preserve from 1:30-2:30 on Thursday, May 29. Attend to learn about the Roundtable, hear about the organization’s goals and initiatives and discover ways to get involved. RSVP online by May 27.

The Maryland Cybersecurity Roundtable is a premiere forum for the discussion of cybersecurity challenges and solution development, advancement of cyber-related business innovation and growth, programs, policies, and education within Maryland and the region. The Roundtable is dedicated to creating connections and building relationships among current cyber professionals and businesses and fostering the development of the next generation of cyber thought leaders.

Primer on cybersecurity and public policy for nonspecialists

The Computer Science and Telecommunications Board (CSTB) of the National Academies has released of a report entitled At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues in prepublication form. The final book version of the report will be available around end of May, and a PDF of that final version will also be available for free at this web site.

According to the study director and CSTB chief scientist Dr. Herb Lin, “This report is a first for CSTB in that it seeks to distill the cybersecurity wisdom and insight of this entire body of Academy work in a form that is easily accessible to nonspecialists. It provides the essential technical background for understanding cyber threats and the basic principles of cybersecurity, and is pretty much self-contained in this regard. At the same time, it underscores the point that improvements in cybersecurity depend at least as much on non-technical factors, based in fields such as economics and psychology, as on secure code or tamper-resistant hardware.”


 

National Research Council. At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues. Washington, DC: The National Academies Press, 2014.   ( Download )

We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, inventory and sales, and research and development. Modern military forces use weapons that are increasingly coordinated through computer-based networks. Cybersecurity is vital to protecting all of these functions. Cyberspace is vulnerable to a broad spectrum of hackers, criminals, terrorists, and state actors. Working in cyberspace, these malevolent actors can steal money, intellectual property, or classified information; impersonate law-abiding parties for their own purposes; damage important data; or deny the availability of normally accessible services. Cybersecurity issues arise because of three factors taken together – the presence of malevolent actors in cyberspace, societal reliance on IT for many important functions, and the presence of vulnerabilities in IT systems. What steps can policy makers take to protect our government, businesses, and the public from those would take advantage of system vulnerabilities?

At the Nexus of Cybersecurity and Public Policy offers a wealth of information on practical measures, technical and nontechnical challenges, and potential policy responses. According to this report, cybersecurity is a never-ending battle; threats will evolve as adversaries adopt new tools and techniques to compromise security. Cybersecurity is therefore an ongoing process that needs to evolve as new threats are identified. At the Nexus of Cybersecurity and Public Policy is a call for action to make cybersecurity a public safety priority. For a number of years, the cybersecurity issue has received increasing public attention; however, most policy focus has been on the short-term costs of improving systems. In its explanation of the fundamentals of cybersecurity and the discussion of potential policy responses, this book will be a resource for policy makers, cybersecurity and IT professionals, and anyone who wants to understand threats to cyberspace.