The 2022 NSA Codebreaker Challenge is Underway

The annual NSA Codebreaker Challenge consists of a series of tasks that are worth a varying amount of points based on their difficulty. Schools will be ranked according to the total number of points accumulated by their students. Solutions may be submitted at any time for the duration of the Challenge, which will end early in January.

The initial tasks are divided into two sequences, A and B, which can be solved independently. Later tasks may rely on the results of earlier tasks. While not required, we recommend that you solve tasks in order since they flow with the storyline and may, in fact, be unsolvable without the information recovered from previous tasks.

Each task in this year’s challenge will require a range of skills. It starts with easy tasks but advances to harder ones, so it’s a great learning experience even if you are just learning about cybersecurity. To solve all of the tasks, you will need to call upon all of your technical expertise, your intuition, and your common sense.

Getting started is easy. Go to the challenge webpage, and create an account using your UMBC email address. After you’ve verified your email address, you will get an invitation to join the Discord server. Joining will earn you (and UMBC) your first point!

Professors Sherman and Oliva receive NSF award to study cybersecurity education

UMBC Professors Alan T. Sherman (PI, CSEE) and Linda Oliva (CO-PI, Education) recently received more than $260,000 of a $500,000 grant from the National Science Foundation (NSF) to study and improve how cybersecurity is taught at the U.S. Naval Academy and U.S. Military Academy. 

The project, Examining Pedagogy in Cybersecurity (EPIC), is collaborative with the University of Illinois Urbana-Champaign and the University of Minnesota Duluth and is funded through NSF’s Secure and Trustworthy Computing (SaTC) program. Because the academies teach cybersecurity to all first-year students, EPIC offers a large-scale opportunity to investigate how simulation-based teaching and learning affects different student populations.

In the first phase of the research, Sherman and his collaborators—including computer science Ph.D. student Andrew Slack—will study how instructors at the academies structure and teach their cybersecurity courses. In the second phase, they will introduce active simulation-based learning exercises and pedagogies and assess their effectiveness. 

UMBC’s championship-winning Cyberdawgs cyberdefense team will help adapt and improve learning materials. As one quantitative measure of the new pedagogy’s effectiveness, EPIC will assess students’ conceptual understanding using the Cybersecurity Concept Inventory (CCI) developed by Sherman and his team. 

Some material adapted from this UMBC News article

DAX 2022

A one-day data science conference at UMBC

Saturday, 4 June 2022

The DAX 2022 Conference will focus on data science, analytics, and general data exploration. Engineers, data scientists, analytic developers, system architects, and business leaders are encouraged to share their experiences and present a topic that would be of interest to the local data community. Expected attendees include engineers, thought leaders, business leaders, and professionals from local government, government defense and intelligence agencies, start-up companies, large data analytic and data science companies, and local universities.

For more information and to register, see the DAX 2022 site. Special registration rate for students!

A research team that includes UMBC CSEE faculty Naghmeh Karimi and Roberto Yus won the second place prize in the 2022 INCS-CoE Sandpit Challenge on Digital Trust. The International Cyber Security Center of Excellence (INCS-CoE) is an international collaboration of government, industry, and academic organizations that have partnered to explore pioneering efforts to address cybersecurity challenges created by a growing borderless digital society.  UMBC is a charter member of INCS-CoE.

The INCS-COE Sandpit Challenge invited self-assembled teams to compete for seed research funding prizes to pursue their work further. The UMBC faculty teamed up with researchers from Royal Holloway (UK) and Keio University (Japan). They were awarded second prize for their proposal to deal with challenges associated with developing an International Digital Trust Framework. In particular, their project proposal focused on designing an ontology-based interoperability solution amongst the US, UK, and Japan for mutual recognition of trust, capturing private and public sector use cases with different assurance levels.

UMBC CIO Jack Suess interviewed on CyberTalk podcast

UMBC alumnus Mike Shelah (’95) interviewed UMBC’s CIO Jack Seuss on his CyberTalk podcast about how the University addresses evolving cybersecurity issues and how UMBC uses its students to build a talent pipeline.

In this podcast episode, they discussed how Jack Suess got involved with computing as a UMBC student, how the University uses its students to build a talent pipeline, and how it is addressing the ever-evolving cybersecurity issues today.

Shelah’s CyberTalk is a podcast focused on IT, Cyber, Compliance, and technology strategy. 

The UMBC Cyber Defense Lab presents

Model Validation for DARPA DPRIVE

Ian Blumenfeld
UMBC and Two Six Technologies

(joint work with Eric Bond, William Harrison, Chris Hathhorn, Paul Li, Matthew Torrence, and Jared Ziegler)

12–1 pm ET, Friday 6 May 2022, via WebEx

Commodity hardware description languages (HDLs) like VHDL and Verilog present a challenge from a high assurance point of view because they lack formalized semantics: when a team of hardware engineers produces a circuit design in a commodity HDL and claims that it correctly implements a pseudocode algorithm, on what basis can that claim be evaluated? A formalized model of the circuit design may be painstakingly created (e.g., in the logic of a theorem prover), but how are the accuracy and faithfulness of that model then established? The distance between the widely adopted commodity HDLs and formal models of hardware has been a well-recognized and persistent impediment to driving formal methods into hardware development.

This talk presents a technique developed at Two Six Technologies, called model validation, that formally connects hardware design and its formal model via a functional, high-level synthesis language called ReWire. Model validation introduces a “model” program to bridge the gap between the hardware design and algorithm by establishing 1) the equivalence of the algorithm to the model and 2) the equivalence of the model to the circuit design. Equivalence between the algorithm and the ReWire model is verified with a ReWire semantics formalized in Isabelle. Equivalence between the ReWire model and the circuit design is established by producing binary circuits from each (using commodity synthesis tools and the ReWire compiler rwc) and then applying an automated binary equivalence checker.

This talk describes our experience applying model validation as part of the DARPA Data Protection in Virtual Environments (DPRIVE) program. DPRIVE aims to develop a novel hardware accelerator to ease computational challenges preventing widespread use of fully homomorphic encryption (FHE) that began with Gentry’s discovery and was improved upon in the PROCEED program. To this end, DPRIVE’s purpose is to design hardware accelerators to improve upon the existing algorithmic gains to FHE. Model validation through ReWire moves formal methods into the practical world, empowering hardware designers to reason about the correctness, safety, and security properties of their designs. In addition, we expect our pipeline to protect hardware supply chains by allowing for a full formal analysis of RTL implementations before tape out.

Ian Blumenfeld is the Research Director for Mathematics at Two Six Technologies.  In that role, he is a principal investigator on multiple DARPA programs, spanning the areas of formal methods, modern cryptography, and applied category theory.  Prior to his work at Two Six, Ian was a formal verification engineer at Apple, where he verified cryptographic properties of the iPhone secure enclave processor.  Ian has worked in roles in and around the federal research space for more than a decade, including five years as an applied research mathematician at the National Security Agency.  Ian is currently enrolled as a part-time Ph.D. student in the UMBC computer science department, working with Dr. Alan Sherman and Dr. Don Engel. Email:

Host: Alan T. Sherman, . Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1pm. All meetings are open to the public. Upcoming CDL Meeting: May 13, Enka Blanchard (Digitrust Loria, France)

The UMBC Cyberdawgs will host a 48-hour Jeopardy-style Capture The Flag cybersecurity competition, online and in person for UMBC participants.

DawgCTF 2022 will be a Jeopardy-style CTF, so things are pretty simple. Players register online, either in teams or alone. At 1300 EDT on April 29, 2022, the competition will open. Players will have access to a board of challenges, ranging from easy to nigh-impossible, and scored appropriately. Whoever earns the most points by solving challenges wins! The in-person part of the event will take place in room 206 of the Public Policy Building.

The CTF will begin at 1:00 PM EDT on Friday, April 29, 2022, and end at 1:00 PM EDT on Sunday, May 1, 2022, for a total runtime of 48 hours. The maximum team size is four. There will be an in-person component for UMBC participants only.

At 8:00 PM on Friday, April 29^th (7 hours after the start), we will give out some prizes to UMBC competitors, depending on their current position on the scoreboard at 8:00 PM. Only UMBC competitors will be eligible for these prizes. Don’t worry, they’ll be small prizes, mostly just for fun, and the clout and CTFtime credit will go to the “official” winners at competition closing time (1 pm on Sunday).

See the Dawg CTF 2022 site to register, get more information, and join the Discord server.

ArtIAMAS Seminar Series
Co-organized by UMBC, UMCP, and Army Research Lab

Iterative Preconditioning for
Accelerating Machine Learning Problems

Nikhil Chopra
Mechanical Engineering, UMCP

12-1 ET Wed. 27 April 2022, WebEx

We study a new approach to accelerating machine learning problems in this talk. The system comprises multiple agents, each with a set of local data points and an associated local cost function. The agents are connected to a server, and there is no inter-agent communication. The agents’ goal is to learn a parameter vector that optimizes the aggregate of their local costs without revealing their local data points. We propose an iterative preconditioning technique to mitigate the deleterious effects of the cost function’s conditioning on the convergence rate of distributed gradient-descent. Unlike the conventional preconditioning techniques, the pre-conditioner matrix in our proposed technique updates iteratively to facilitate implementation on the distributed network. In the particular case when the minimizer of the aggregate cost is unique, our algorithm converges superlinearly. We demonstrate our algorithm’s superior performance in machine learning, distributed estimation, and beamforming problems, thereby demonstrating the proposed algorithm’s efficiency for distributively solving nonconvex optimization problems.

Dr. Nikhil Chopra is a Professor in the Department of Mechanical Engineering at the University of Maryland, College Park. He received a Bachelor of Technology (Honors) degree in Mechanical Engineering from the Indian Institute of Technology, Kharagpur, India, in 2001, an M.S. degree in General Engineering in 2003, and a Ph.D. degree in Systems and Entrepreneurial Engineering in 2006 from the University of Illinois at Urbana-Champaign. His current research interests are in the areas of nonlinear control, robotics, and machine learning. He is the co-author of the book Passivity-Based Control and Estimation in Networked Robotics. He is currently an Associate Editor of Automatica and was previously an Associate Editor of IEEE Transactions on Control of Network Systems and IEEE Transactions on Automatic Control.

UMBC researchers publish book on
Cybersecurity and Local Government

UMBC researchers Donald Norris, Laura Mateczun, and Richard Forno have published a new book on the the risks of cyberattacks that local governments face and how they are addressing them. Their book Cybersecurity and Local Government published by WIley summarizes several years of research and surveys on the issues and practices of city, county, and state governments.

Some of this is summarised in a recent article by Forno in The Conversation, Local governments are attractive targets for hackers and are ill-prepared.

Donald Norris is Professor Emeritus and former chair of UMBC’s School of Public Policy, Laura Mateczun, JD, is a PhD student in Public Policy, and Richard Forno is a Principal Lecturer and director of UMBC’s Graduate Cybersecurity Program and Assistant Director of UMBC’s Center for Cybersecurity.