Department of Computer Science and Electrical Engineering

UMBC Cyber Defense Lab Research Meeting

Using data visualization techniques to support digital forensics

Tim Leschke

11:00am-12:15pm, Friday, Feb 3, 2012
ITE Room 228

Digital forensic examiners explore large datasets in search of evidence of a crime. In order to keep pace with the growing amount of data that is subject to a forensic examination, digital forensic examiners need to be more selective about the data they examine. One way to be selective about data is to focus attention at data that has changed-over-time. We present Change-Link, a data exploration tool which allows the user to see directories that have changed within an operating system. Our novel contributions are 1) the development of a segmented-box-and-whisker icon for representing change to individual directories, and 2) the first data visualization tool developed specifically for the domain of digital forensic data. We show that by using Change-Link to view change to a directory-tree structure, digital forensic examiners can enhance their ability to perform forensic examinations.

Tim Leschke is a Ph.D. student in the Computer Science program at UMBC.

Host: Professor Alan Sherman

Tyler Campbell, Nick Ducq, Ryan King, Andrew Nguyen and Tim Spillman walked out of the Baltimore Convention Center elated. Their team, the Sherwood Cyber Warriors, had just won the high school division of the inaugural Maryland Cyber Challenge. Their success netted them each a $5,000 scholarship from the National Security Agency.

The entire experience was rewarding for both the students and their parents, says Steve Weiss, one of the team’s advisers. “Winning first place was the icing on the cake.”

In a conference with over 800 attendees, the excitement over the cyber competition was palpable. With scoreboards changing in real time, onlookers crowded around to see who was in the lead.

Following the competition, held October 21 and 22, eight teams from each division — professional, college and high school — walked away with scholarships and cash prizes. The scholarships for students, put up by the National Security Agency (NSA), totaled more than $84,000.

Members of first place high school and college teams took home $5,000 scholarships each. Members of second place high school and college teams took home $2,000 scholarships. Each member of the first place professional teams won $2,000 and each second place member won $1,000.

First place winners in the college and high school categories were from, respectively, the University of Maryland, College Park and Sherwood High School. Second place winners were Towson University and Poolesville High School. In the professional category Team ICF came in first, with Team Pr3tty coming in second.

The Sherwood Cyber Warriors, four seniors and a junior, are mostly undecided in their future careers, although one does plan to work cybersecurity. Jim Kirk, the team’s senior advisor, says that regardless of the their ultimate career choices, the students learned valuable skills from the competition — such as how to communicate effectively and work as a team.

The Cyber Warriors began practicing for the competition in May, often meeting twice a week. The team developed strategies to pick the low hanging fruit — what hackers go for first. That, says Kirk, includes developing strong passwords and removing unnecessary software from servers.

The challenge for the high school teams, says Rick Forno, Director of UMBC's Graduate Cybersecurity Program and an organizer of the Cyber Challenge, was purely defensive. “They were being attacked and their job was to keep services open.”

The challenge was run using CyberNEXS, a software system developed by SAIC for cybersecurity training and exercises.The system is self-contained and runs both Windows and UNIX systems.

But, more than just the chance to compete, the event gave college and high school students a taste of what cybersecurity work is like. And that, involves more than technical skills say professionals in the field.

“The cyber challenge is especially interesting to me, since all the students participating are passionate about cyber security and the teams will only excel if every member is doing their job,” says Neil Furukawa, vice president of CyberPoint International. “We’re looking for people who can lead, but who can also roll up their sleeves and get the work done.”

Phyllis Villani, Director of Talent acquisition at Northrop Grumman says that to get a job, “networking is key.” Besides honing “soft skills” like communication, Furukawa says, people should never stop their education because cybersecurity is a rapidly evolving field.

Fittingly, education is what the Maryland Cyber Challenge is all about.

Originally posted by Nicole Ruediger at November 18, 2011 1:02 PM

Just over a month ago, DARPA announced The Shredder Challenge competition to develop a system to solve puzzles by reassembling images of shredded documents with a $50,000 prize for the winning entry. Yesterday the prize was won by All Your Shreds Are Belong to U.S., a San Francisco-based team that was the first to correctly reconstructed each of the five challenge documents.

UMBC Assistant VP for
Research Don Engel

It's unfortunate that there was no prize for second place, because that honor was won by Schroddon, a two-person effort including UMBC Assistant Vice President for Research Don Engel. While most of the top teams had a handful of software engineers and used commercial crowdsourcing services, Schroddon was a part-time effort by Dr. Engel and his wife, Dr. Marianne Engel.

Both Don and Marianne have Ph.D.s in Physics, but Don also has an undergraduate degree in Computer Science, did graduate work in computational linguistics, and develops software in his spare time for fun. Two of his active software development projects are ShowMe3D, an application for Mac and iOS that can be used to take and view 3D photos, and When2meet, a free web-based tool for finding the best time for a group to meet.

The Shredder Challenge was the latest competition run by DARPA as a low cost way to spur research on new problems. The press release describes it this way.

"The Shredder Challenge represents a preliminary investigation into the area of information security to identify and assess potential capabilities that could be used by war fighters operating in war zones to more quickly obtain valuable information from confiscated, shredded documents and gain a quantitative understanding of potential vulnerabilities inherent to the shredding of sensitive U.S. National security documents."

"Lots of experts were skeptical that a solution could be produced at all let alone within the short time frame,” said Dan Kaufman, director, DARPA Information Innovation Office. “The most effective approaches were not purely computational or crowd-sourced, but used a combination blended with some clever detective work. We are impressed by the ingenuity this type of competition elicits."

Over 9,000 teams registered for the Shredder Challenge and it is quite an achievement for the Engles to have placed second, especially against many much larger teams. If you are interested in seeing what the data is like, you can download it from the DARPA site.

These challenge competitions are becoming more common and are a great way for students to get involved in independent research and maybe win fame and fortune.

The Team for Research in Ubiquitous Secure Technology (TRUST) will sponsor 20 undergraduate students from diverse backgrounds and cultures, to participate in the Summer Undergraduate Research Experience located at TRUST partner campuses: UC Berkeley, Cornell University, Stanford University, Vanderbilt University. These students will work with graduate student and faculty mentors throughout the summer performing research and supporting activities in the area of information technology and TRUST related topics. The program will run from June 3 to July 27, 2012 and provide room and board, a travel allowance and a $4,000 stipend. Apply by February 17. See the flyer for more information and the Trust REU site for details and to apply.

Cyber Security Situation Awareness and Impact Assessment:
Issues, Models and Applications

Dr. Gabriel Jakobson
Altusys Corporation, Princeton NJ

10:30-11:30am 8 November 2011, ITE 325

Cyber attacks committed against IT networks and services have profound impact both on ongoing mission and future missions, whose operations are based on these networks and services. The attacks, by exploiting the vulnerabilities of the software assets can push their impact through Cyber Terrain – a dependency network of structural, spatial, functional and other domain-specific dependencies that exist among software assets and services, and reach the missions. In this presentation we will introduce a novel approach of assessing impact of cyber attacks on missions (business process) and describe the basic models and algorithms of the approach.

Dr. Gabriel Jakobson is the VP and Chief Scientist at Altusys Corp., a consulting firm specializing in the development of intelligent situation management technologies for defence and cyber security applications. During his more than 20 years tenure at Verizon he had increasing responsibilities of leading advanced database, expert systems, artificial intelligence, and telecommunication network management programs. He has authored (and co-authored) more than 100 technical papers and is principal author of 5 US patents in situation management and event correlation. He received PhD degree in Computer Science from the Institute of Cybernetics, Estonia. Dr. Jakobson holds the honorary degree of Doctor Honorius Causa from the Tallinn Technical University, Estonia, and is Distinguished IEEE Lecturer. Dr. Jakobson is the member of the Board of Governors of IEEE Communications Society, Director, IEEE ComSoc North America Region, co-chair of the Tactical Communications and Operations Technical Committee of IEEE ComSoc, chair of the IEEE ComSoc Sub-Committee on Situation Management.

Host: Anupam Joshi

This October is the the eighth annual National Cyber Security Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center.

According to the DHS, cyber threats present some of the most serious economic and national security challenges we face, not just in the United States, but throughout the world. Everyone who uses the Internet has a role to play in helping to secure it and thus enhance the safety for themselves and their families online.

See the DHS National Cyber Security Awareness Month site for more information, including suggestions for what you can do.

The Maryland Cyber Challenge & Conference (MDC3) will be held on Friday and Saturday, October 21-22 at the Baltimore Convention Center. See the Web site for the schedule and to register.

The MDC3 is open to anyone who’s interested in advancing, studying or working in the field of cybersecurity, including IT and cybersecurity professionals, corporate and government leaders, college and high school students, teachers, administrators and parents and cyber enthusiasts.

The MDC3 cyber challenge gives teams of high school students, college and university students, and professionals the opportunity to learn more about cybersecurity and develop practical skills for defending computers while competing for scholarships in a fun environment. The MDC3 conference features government and industry leaders, breakout sessions and cyber innovation exhibits for an audience of students, parents and professionals from academia, industry and government.

MDC3 was founded by Science Applications International Corporation and the University of Maryland, Baltimore County in partnership with the Department of Business & Economic Development, the Tech Council of Maryland and the National Cyber Security Alliance with the goal of encouraging Maryland students and young professionals to pursue education and careers in cybersecurity.

Cybersecurity Guest Lecture

An Evening With General Michael Hayden, USAF (Ret.)

6:00-8:00pm Thursday, 27 Oct. 2011
Room 102, Information Technology and Engineering

UMBC is proud to announce this opportunity for students and faculty to meet with General Hayden to hear his perspectives and discuss current issues regarding cybersecurity. The evening is sponsored by Next Century Corporation.

Former NSA and CIA director General Michael Hayden will discuss the evolution of technology from World War II to the present and outline the challenges this evolution presents to national security organizations. He will address the timely issues of cybersecurity and cyberwarfare, stress the role of education in preparing the intelligence community workforce to deal with cyber concerns, and share anecdotal stories of his time as Director of both the CIA and NSA in meeting these challenges facing the nation. General Hayden is happy to answer questions and make this an engaging, informative, and interactive evening.

Refreshments will be furnished by Next Century Corporation.

RSVP REQUIRED: Space is limited, with preference given to graduate CYBR, CSEE, and IS students and faculty. Please RSVP to Allison Jones () by October 25th if you plan to attend.

General Michael Hayden, USAF (Ret.), served as Director of the Central Intelligence Agency and the National Security Agency and was the nation’s first Principal Deputy Director of National Intelligence. He retired from the CIA in February 2009, and is now a Principal in the Chertoff Group, a security consultancy co-founded by former Secretary of Homeland Security, Michael Chertoff. General Hayden also serves as a Distinguished Visiting Professor at George Mason University School of Public Policy and in an advisory capacity to several organizations focused on national security.

General Hayden retired from a distinguished thirty-nine year career in the United States Air Force on July 1, 2008. In addition to his senior intelligence community assignments, he served as Commander of the Air Intelligence Agency, Director of the Joint Command and Control Warfare Center, and Chief of the Central Security Service.

General Hayden graduated from Duquesne University with a Bachelor’s degree in history in 1967 and a Master’s degree in modern American history in 1969.

NSA will be at the Commons for this year's CryptoChallenge competition. Stop by and test your skills against their cryptographic brain teasers and maybe score some great giveaways. Join them for some friendly competition from 11:00am to 5:00pm on Friday 30 September at the Commons Outside Terrace or Main Street if it rains.

Bring your resume — NSA recruiters will be on hand to discuss career opportunities for the best codemakers and codebreakers in the business. You can hone your cryptographic skills before the event by downloading the free NSA CryptoChallenge from the Apple App Store for iPhone, iPod touch and iPad.

NSA CryptoChallenge is a game that tests your pattern recognition skills through a series of cryptographs. Your mission is to decipher encrypted quotes, factoids, historical events and more. It’s you against the clock to see how fast you can crack the code. Or, you can challenge a friend with the multiplayer interface. In that instance, it's a one-on-one race to see who can correctly solve the puzzle first.

NSA executes some of the nation’s most important and sensitive intelligence operations. To help us accomplish our mission, we’re looking for the best and the brightest problem solvers to join our team. If you can solve these puzzles, you just might have what it takes to help NSA keep America safe.