Department of Computer Science and Electrical Engineering

Dr. Rick Forno, CSEE’s Cybersecurity Graduate Program Director, was a presenter at the inaugural BSides Charm City technical security conference held at Howard County Community College in Columbia, MD over the weekend of 11-12 April 2015. His talk described what is needed to develop and operate viable high school and college student cyber-competition teams and framed around what he called the ‘POTS process’ — People, Organization, Technology, and Sustainability.

Several lessons learned from his four years overseeing the Maryland Cyber Challenge (MDC3) served as the basis for his presentation remarks, including the need to foster greater diversity and acceptance within cyber-competition teams — and by extension, the cybersecurity industry itself.

PhD Dissertation Defense

Physical- and MAC-Layer Mechanisms for Increasing
Base-Station Anonymity in Wireless Ad-hoc Networks

John Ward

10:00am Monday, 13 April 2015, ITE 325b, UMBC

Wireless ad hoc networks have become valuable assets to both the commercial and military communities with applications ranging from industrial control on a factory floor to reconnaissance of a hostile border. In most applications, data sources forward information over multi-hop paths to a base station (BS). The BS not only serves as the data sink, but also provides other basic control and management features such as protocol synchronization, a gateway to other networks, and operator failure notifications, without which the network becomes dysfunctional. The critical role of the BS makes it a natural target for an adversary that desires to achieve the most impactful attack on the network. Even if an ad-hoc network employs conventional security mechanisms such as encryption and authentication, an adversary may apply traffic analysis techniques to identify the BS. This motivates a significant need for achieving improved BS anonymity to conceal its identity, role, and location. Traffic analysis countermeasures found in the literature have focused on the link and network layers and little attention has been given to the physical-layer (PHY) approaches.

In this dissertation, we address the challenges of BS anonymity by developing PHY and Medium Access Control (MAC) traffic analysis countermeasures. We first consider the limitations associated with evidence theory, the adversary’s primary traffic analysis attack model. We analyze the susceptibility of evidence theory to imperfect received signal strength (RSS) measurements. Next we extend the standard evidence theory approach to consider the contribution of acknowledgements to BS anonymity. We call this approach Acknowledgement Aware Evidence Theory (AAET) and describe the adversary’s initial survey phase which is based on a novel message correlation approach. Accurate synchronization is required by an ad-hoc network to employ PHY countermeasures; however, synchronization represents a fundamental design tradeoff, since the low-cost nodes and conservation of energy limit the achievable accuracy of synchronization within the network. We consider the impact of two popular synchronization protocols, Reference Broadcast Synchronization (RBS) and Timing-Synch Protocol for Sensor Networks (TPSN) on BS anonymity.

We develop a novel PHY BS anonymity-boosting approach based on distributed beamforming, which we call Distributed Beamforming protocol for increased BS ANonymity (DiBAN). DiBAN is a protocol that includes a cross-layer relay selection algorithm that a node employs to determine the most appropriate number of helper relays to participate in distributed beamforming at each hop. While effective at increasing BS anonymity, the overhead associated with DiBAN is in addition to any overhead already associated with existing ad hoc network protocols. We refine DiBAN using cross-layer design methodology to create an integrated distributed beamforming protocol called Link and Physical Cross-layer design for increased Anonymity (LiPCA) that increases BS anonymity with minor additional overhead by taking advantage of the underlying services that the MAC already provides. We use simulation to demonstrate the anonymity performance and energy-efficiency of our approaches and use the popular Sensor MAC (S-MAC) protocol as an exemplar MAC protocol. Results show that the cross-layer design of our LiPCA protocol achieves equivalent anonymity performance to DiBAN, but with an energy savings of approximately 35 percent.

Committee: Drs. Mohamed Younis (Chair), Charles Nicholas, Richard Forno, Ryan Robucci and Pedro Rodriguez (JHU/APL)

This weekend, UMBC’s Cyber Defense Team (the ‘CyberDawgs’) took first place at the 2015 National CyberWatch Mid-Atlantic Collegiate Cyber Defense Competition (CCDC).

UMBC was one of ten teams that advanced to the regional finals held at the Johns Hopkins Applied Physics Lab on March 25-28. As the first place winner, the CyberDawgs will represent UMBC and the Mid-Atlantic region at the National CCDC in San Antonio, Texas April 24-26, 2015.

According to CyberDawgs president Jacob Rust (CMSC ’16), UMBC maintained a strong lead throughout the event, finishing with a raw score of 1674450 — which was 353400 more points than the second place team. Jacob also reported that UMBC ended the first day solidly in first place and remained in the lead for almost the entire competition.

The final standings for this weekend’s action are:

1st: UMBC 1674450
2nd: UMCP 1321050
3rd: Towson 1159925

The CyberDawgs participating in the MA-CCDC finals were Jacob Rust, Tyler Campbell, Anh Ho, John Beers, Joshua Domangue, Chris Gardner, Julio Valcarcel, and David Young.

As a highly motivated and self-directed team, this is the first time the CyberDawgs have won MA-CCDC, but certainly will not be the last. We wish the team luck as they prepare to compete in the National CCDC finals!

Interested in joining the CyberDawgs? Contact Jacob Rust () for more information — they’re always looking for new members! (The team meets weekly on Tuesdays at 7PM in ITE 227.)

The CyberDawg faculty advisors are Dr. Charles Nicholas and Dr. Richard Forno.

CSEE’s Dr. Rick Forno discussed cyber warfare in Ash Hunt’s latest policy paper ‘Cyber Quantifiable Restrictions: The Requirements to Generate Agreed Restrictions on the Use of Cyber Capabilities’ appearing in The Diplomatic Courier. Among other things, Hunt attempts to show that agreed restrictions should not blanket the use of cyber capabilities, but rather the unacceptable use of a range of capabilities that could be used to harm human life.

Recently, it has become apparent that “we’re in a [cyber] arms race” in a largely unregulated domain—the cyber wild west. With the increased diffusion of technology, nations have begun amassing offensive cyber capabilities: utilizing zero-day exploits, distributed denial of server (DDOS) attacks, and weaponized malware technology. Already, “the U.S. has poured billions of dollars into an electronic arsenal,” whilst the “stockpile of exploits runs into the thousands, aimed at every conceivable device.” This exponential growth of cyber arms is particularly dangerous considering the lack of rules and conventions governing the fifth arena of warfare. Dr. Richard Forno from the University of Maryland concedes, “there is no international agreement over what level of cyber warfare is acceptable.” He further recognizes that national systems such as power grids, water treatment plants and medical facilities “do not have adequate protection from hackers.” Clearly, “principles and agreements on cyber warfare must designate sensitive infrastructure as red lines.” It is necessary to afford our critical organizations the same level of protection from cyber hostility as we do from the multitude of other tangible threats.

Source: The Diplomatic Courier Volume 9, Issue 1, January/February 2015

Topic Modeling with Structured Priors for Text-Driven Science

Michael Paul, JHU

12:00pm – 1:00pm, Monday, 2 March 2015, ITE 325

Many scientific disciplines are being revolutionized by the explosion of public data on the web and social media, particularly in health and social sciences. For instance, by analyzing social media messages, we can instantly measure public opinion, understand population behaviors, and monitor events such as disease outbreaks and natural disasters. Taking advantage of these data sources requires tools that can make sense of massive amounts of unstructured and unlabeled text. Topic models, statistical models that describe low-dimensional representations of data, can uncover interesting latent structure in large text datasets and are popular tools for automatically identifying prominent themes in text. However, to be useful in scientific analyses, topic models must learn interpretable patterns that accurately correspond to real-world concepts of interest.

In this talk, I will introduce Sprite, a family of topic models that can encode additional structures such as hierarchies, factorizations, and correlations, and can incorporate supervision and domain knowledge. Sprite extends standard topic models by formulating the Bayesian priors over parameters as functions of underlying components, which can be constrained in various ways to induce different structures. This creates a unifying representation that generalizes several existing topic models, while creating a powerful framework for building new models. I will describe a few specific instantiations of Sprite and show how these models can be used in various scientific applications, including extracting self-reported information about drugs from web forums, analyzing healthcare quality in online reviews, and summarizing public opinion in social media on issues such as gun control.

Michael Paul is a PhD candidate in Computer Science at Johns Hopkins University. He earned an M.S.E. in CS from Johns Hopkins University in 2012 and a B.S. in CS from the University of Illinois at Urbana-Champaign in 2009. He has received PhD fellowships from Microsoft Research, the National Science Foundation, and the Johns Hopkins University Whiting School of Engineering. His research focuses on exploratory machine learning and natural language processing for the web and social media, with applications to computational epidemiology and public health informatics.

— more information and directions: http://bit.ly/UMBCtalks —

Senior Amazon staff members will give two technical talks on next week on Tuesday, March 3, in the UC Ballroom on topics of great practical interest and utility.

• Lydia Fitzpatrick, Senior Technical Program Manager for Amazon Mobile Business will give a talk on “Web Performance Optimization” from 4:00pm to 5:00pm.

• Leo Zhadanovsky, Senior Solutions Architect for Amazon Web Services will present an “Introduction to Amazon Web Services (AWS)” from 5:30pm to 6:30pm. The talk with introduce cloud computing and  discuss the various Networking, Compute, Database, Storage, Application, Deployment and Management services that AWS offers. It will demonstrate how to launch a full three tier LAMP stack in minutes, as well as how to setup a simple web server on AWS.  The presentation will also discuss several use-cases, demonstrating how customers such as Enterprises, Startups, and Government Agencies are using AWS to power their computing needs.

The talks will be preceded and followed by an open networking opportunity with Amazon Human Resource representatives. Amazon is interested in students for internships and full-time position who are majoring in Information Systems, Business Technology Administration, Computer Engineering, Computer Science, and Cybersecurity.

Ph.D. Dissertation Proposal

User Identification in Wireless Networks

Christopher Swartz

9:00-11:00pm Friday, 27 February 2015, ITE 325B

Wireless communication using the 802.11 specifications is almost ubiquitous in daily life through an increasing variety of platforms. Traditional identification and authentication mechanisms employed for wireless communication commonly mimic physically connected devices and do not account for the broadcast nature of the medium. Both stationary and mobile devices that users interact with are regularly authenticated using a passphrase, pre-shared key, or an authentication server. Current research requires unfettered access to the user’s platform or information that is not normally volunteered.

We propose a mechanism to verify and validate the identity of 802.11 device users by applying machine learning algorithms. Existing work substantiates the application of machine learning for device identification using Commercial Off-The-Shelf (COTS) hardware and algorithms. This research seeks the refinement of and investigation of features relevant to identifying users. The approach is segmented into three main areas: a data ingest platform, processing, and classification.

Initial research proved that we can properly classify target devices with high precision, recall, and ROC using a sufficiently large real-world data set and a limited set of features. The primary contribution of this work is exploring the development of user identification through data observation. A combination of identifying new features, creating an online system, and limiting user interaction is the objective. We will create a prototype system and test the effectiveness and accuracy of it’s ability to properly identify users.

Committee: Drs. Joshi (Chair/Advisor), Nicholas, Younis, Finin, Pearce, Banerjee

Ph.D. Dissertation Proposal

MLVFS: A Scalable Storage System For Managing Big Scientific Data

Navid Golpayegani

3:00-5:00pm Tuesday 24 February 2015, ITE 346

Managing peta or exabytes of data with hundreds of millions to billions of files is a necessary first step towards an effective big data computing and collaboration environment for distributed systems. Current file system designs have focused on providing better and faster data distribution. Managing the directory structure for data discovery becomes an essential element of the scalability problems for big data systems. Recent designs are addressing the challenge of exponential growth of files. Still largely unexplored is the research for dealing with the organizational aspect of managing big data systems with hundreds of millions of files. Most file systems organize data into static directory structures making data discovery, when dealing with large data sets, hard and slow.

This thesis will propose a unique Multiview Lightweight Virtual File System (MLVFS) design to primarily deal with the data organizational management problem in big data file systems. MLVFS is capable of the dynamic generation of directory structures to create multiple views of the same data set. With multiple views, the storage system is capable of organizing available data sets by differing criteria such as location or date without the need to replicate data or use symbolic links. In ad- dition, MLVFS addresses scalability issues associated with the growth of the stored files by removing the internal metadata system and replacing it with generally avail- able external metadata information (i.e. data base servers, project compute servers, remote repositories, etc.). This thesis, moreover, proposes to add, plug in capabilities not normally found in file systems that make this system highly flexible, in terms of specifying sources of meta data information, dynamic file format streaming and other file handling features.

The performance of MLVFS will be tested in both simulated environments as well as real world environments. MLVFS will be installed on the BlueWave cluster at UMBC for simulated load testing to measure the performance for various loads. Simultaneously, stable version of MLVFS will run in real world production environ- ments such as those of the NASA MODIS instrument processing system (MODAPS). The MODAPS system will be used to show examples of real world use cases for MLVFS. Additionally, there will be other systems explored for the real world use of MLVFS, such as at NIST for research into Biomedical Image Stitching.

Committee: Drs. Milton Halem (Chair, Advisor), Yelena Yesha, Charles Nicholas, John Dorband, Daniel Duffy

Understanding Social Spammers: A Data Mining Perspective
Xia “Ben” Hu

Computer Science and Engineering
Arizona State University

12:00-1:00 Tuesday, 24 February 2015

With the growing popularity of social media, social spamming has become rampant on all platforms. Many (fake) accounts, known as social spammers, are employed to overwhelm legitimate users with unwanted information. Social spammers are unique due to their coordinated efforts to launch attacks such as distributing ads to generate sales, disseminating pornography and viruses, executing phishing attacks, or simply sabotaging a system’s reputation. In this talk, I will introduce a novel and systematic analysis of social spammers from a data mining perspective to tackle the challenges raised by social media data for spammer detection. Specifically, I will formally define the problem of social spammer detection and discuss the unique properties of social media data that make this problem challenging. By analyzing the two most important types of information, network and content information, I will introduce a unified framework by collectively using heterogeneous information in social media. To tackle the labeling bottleneck in social media, I will show how we can take advantage of the existing information about spam in email, SMS, and on the web for spammer detection in microblogging. I will also present a solution for efficient online processing to handle fast-evolving social spammers.

Xia Hu is a Ph.D. candidate in Computer Science and Engineering at Arizona State University, supervised by Professor Huan Liu. His research interests include data mining, machine learning, social network analysis, etc. As a result of his research work, he has published nearly 40 papers in several major academic venues, including WWW, SIGIR, KDD, WSDM, IJCAI, AAAI, CIKM, SDM, etc. One of his papers was selected for the Best Paper Shortlist in WSDM’13. He is the recipient of IEEE “Atluri Award” Scholarship, 2014 ASU’s President’s Award for Innovation, and Faculty Emeriti Fellowship. He has served on program committees for several major conferences such as WWW, IJCAI, SDM and ICWSM, and reviewed for multiple journals, including IEEE TKDE, ACM TOIS and Neurocomputing. His research attracts wide range of external government and industry sponsors, including NSF, ONR, AFOSR, Yahoo!, and Microsoft.

— more information and directions: http://bit.ly/UMBCtalks —

Last week, health insurance giant Anthem revealed that the personal information of as many as 80 million customers was stolen by hackers. This news came just days before President Obama announced the creation of a new agency to analyze and counter cyber threats. In this hour, we look at Obama’s cybersecurity agenda, and the cyber-security challenges that face users in the coming year.

Joining UMBC’s Cybersecurity Graduate Program Director for this morning’s hour-long discussion were Joseph Marks, Cybersecurity Reporter, Politico Pro (his article on the new cybersecurity center) and Dakota S. Rudesill, Assistant Professor of Law, Moritz College of Law The Ohio State University

(Source)

MP3 Podcast: Download (Duration: 49:57 — 68.6MB)