talk: Shadow IT in Higher Ed: Survey & Case Study for Cybersecurity, 12-1 Fri 12-3

Shadow IT is the use of information technology systems, devices, software, applications, and services without explicit IT department approval.

The UMBC Cyber Defense Lab presents

Shadow IT in Higher Education: Survey and Case Study for Cybersecurity

Selma Gomez Orr, Cyrus Jian Bonyadi, Enis Golaszewski, and Alan T. Sherman
UMBC Cyber Defense Lab

Joint work with Peter A. H. Peterson (University of Minnesota Duluth), Richard Forno, Sydney Johns, and Jimmy Rodriguez

12-1:00 pm, Friday, 3 December 2021, online via WebEx


We explore shadow information technology (IT) at institutions of higher education through a two-tiered approach involving a detailed case study and comprehensive survey of IT professionals. In its many forms, shadow IT is the software or hardware present in a computer system or network that lies outside the typical review process of the responsible IT unit. We carry out a case study of an internally built legacy grants management system at the University of Maryland, Baltimore County that exemplifies the vulnerabilities, including cross-site scripting and SQL injection, typical of such unauthorized and ad-hoc software. We also conduct a survey of IT professionals at universities, colleges, and community colleges that reveals new and actionable information regarding the prevalence, usage patterns, types, benefits, and risks of shadow IT at their respective institutions.

Further, we propose a security-based profile of shadow IT, involving a subset of elements from existing shadow IT taxonomies, that categorizes shadow IT from a security perspective. Based on this profile, survey respondents identified the predominant form of shadow IT at their institutions, revealing close similarities to findings from our case study.

Through this work, we are the first to identify possible susceptibility factors associated with the occurrence of shadow IT-related security incidents within academic institutions. Correlations of significance include the presence of certain graduate schools, the level of decentralization of the IT department, the types of shadow IT present, the percentage of security violations related to shadow IT, and the institution’s overall attitude toward shadow IT. The combined elements of our case study, profile, and survey provide the first comprehensive view of shadow IT security at academic institutions, highlighting the tension between its risks and benefits, and suggesting strategies for managing it successfully.


Dr. Selma Gomez Orr ( ) received her Ph.D. from Harvard University in the field of decision sciences. She also holds Masters degrees in applied mathematics, engineering sciences, and business administration, also from Harvard. She has worked in the private sector in the fields of cybersecurity and data analytics. Most recently, as a CyberCorps Scholarship for Service (SFS) Scholar, Dr. Orr completed a Master’s of Professional Studies in both cybersecurity and data science at UMBC.

Cyrus Jian Bonyadi ( ) is a computer science Ph.D. student and former SFS scholar studying consensus theory at UMBC under the direction of Alan T. Sherman, Sisi Duan, and Haibin Zhang.

Enis Golaszewski ( ) is a Ph.D. student at UMBC under Alan T. Sherman where he studies, researches, and teaches cryptographic protocol analysis. A former SFS scholar, Golaszewski helps lead annual research studies that analyze and break software at UMBC.

Dr. Alan T. Sherman () is a professor of computer science, director of CDL, and associate director of UMBC’s Cybersecurity Center. His main research interest is high-integrity voting systems. Sherman earned the Ph.D. degree in computer science at MIT in 1987 studying under Ronald L. Rivest.


Host: Alan T. Sherman, Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1 pm. All meetings are open to the public. Upcoming CDL Meetings: Feb 4, Filipo Sharevski

Webinar on NSA Codebreaker challenge and student opportunities, Sept 9


NSA Codebreaker challenge and student opportunities Webinar


4-6 pm EDT Thursday, 9 September 2021, Online


Register Here


NSA will hold an NSALive Adobe Webinar on Thursday, September 9, 2021, from 4-6 pm EDT to learn about the National Security Agency and Student Program opportunities, as well as a deep dive into the 2021 Codebreaker Challenge. Register for the online session here.

The Codebreaker Challenge is the NSA’s annual cybersecurity and cryptanalysis challenge with a realistic, NSA mission-centric scenario open to U.S-based academic institutions. The 2021 challenge is open now and runs through December 31, 2021.

While the challenge is intended for students, faculty are encouraged to participate as well. Furthermore, the site was designed to make it easy for those faculty interested in incorporating the challenge into their courses (see the additional FAQ entries below.)

The 2021 Codebreaker Challenge consists of a series of tasks worth a varying amount of points based upon their difficulty. Schools will be ranked according to their students’ total number of points with the current ranking shown on a leaderboard. Solutions may be submitted at any time for the duration of the Challenge.

While not required, it is recommended that participants solve tasks in order since they flow with the storyline. Later tasks may rely on artifacts or inputs from earlier tasks. Each task in the 2021 challenge will require a range of skills. You will need to call upon all of your technical expertise, intuition, and common sense.

UMBC’s Donna Ruginski and bwtech@UMBC finalists for CAMI’s Maryland Cybersecurity Awards


Donna Ruginski and bwtech@UMBC finalists for CAMI’s Maryland Cybersecurity Awards


Congratulations to UMBC’s Donna Ruginski and bwtech@UMBC Research and Technology Park for their selection as finalists in the Cybersecurity Association of Maryland’s Fifth Annual Maryland Cybersecurity Awards.

Donna Ruginski is a finalist for the Cyber Warrior Woman Award, which honors a woman doing extraordinary or exemplary work in Maryland’s cybersecurity industry. She is UMBC’s Executive Director for Cybersecurity Initiatives in the Office of the Vice President for Research. She is responsible for the strategic positioning and growth of UMBC’s cybersecurity partnerships, research, and programs.

The bwtech@UMBC Research and Technology Park is a finalist for the Cybersecurity Industry Resource Award, which celebrates a non-cybersecurity business, organization, academic institution, or government agency that has significantly contributed to Maryland’s cybersecurity industry through its products, services, or mission.

Finalists were selected by an independent panel of judges represented by leaders in a variety of fields. One winner from each category will be announced at the Maryland Cybersecurity Awards Celebration on September 22, 2021, 5 PM – 8 PM at Maryland Live! Casino.

All finalists are automatically entered into the People’s Choice Award category. The public is invited to vote online to determine who will receive the coveted Cybersecurity People’s Choice Award. The winner will be announced during the virtual Awards Celebration on September 22, 2021. Vote for your choice here.

The Cybersecurity Association of Maryland, Inc. (CAMI) is a statewide nonprofit organization established in 2015. It is Maryland’s only organization dedicated 100% to the growth of Maryland’s cybersecurity industry. 

UMBC redesignated a National Center of Academic Excellence in Cyber Defense


UMBC redesignated a National Center of Academic Excellence in Cyber Defense


UMBC has been redesignated as a National Center of Academic Excellence in Cyber Defense (CAE-CD) through the academic year 2028.

The CAE-CD designation indicates that UMBC is helping reduce threats to our national infrastructure by promoting higher education and research in cyber defense and providing the nation with a pipeline of qualified cybersecurity professionals. UMBC is also designated as a Center of Academic Excellence in Cyber Research (CAE-R), which signifies that UMBC increases the understanding of robust cyber defense technology, policy, and practices that will enable our Nation to prevent and respond to a catastrophic event.

The National Centers of Academic Excellence in Cybersecurity (NCAE-C) program is managed by the National Cryptologic School at the National Security Agency. Federal Partners include the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Institute of Standards and Technology (NIST)/National Initiative on Cybersecurity Education (NICE), the National Science Foundation (NSF), the Department of Defense Office of the Chief Information Officer (DoD-CIO), and US Cyber Command (CYBERCOM).

The NCAE-C program’s mission is to create and manage a collaborative cybersecurity educational program with community colleges, colleges, and universities that

  • Establishes standards for cybersecurity curriculum and academic excellence,
  • Includes competency development among students and faculty,
  • Values community outreach and leadership in professional development, 
  • Integrates cybersecurity practice within the institution across academic disciplines,
  • Actively engages in solutions to challenges facing cybersecurity education.

UMBC offers courses, a track, and concentrations focused on cybersecurity in its Computer Science and Information Systems programs at the undergraduate and graduate levels. In addition, UMBC has several major cybersecurity-oriented scholarship programs to prepare the next generation of cybersecurity professionals in an increasingly digital age, focusing on increasing the participation of women and other underrepresented groups in this fast-growing field. These include the UMBC Cyber Scholars program, CyberCorps: Scholarships For Service (SFS) program, and DOD Cyber Scholarship Program (CySP). Applications for SFS cybersecurity scholarships to begin in Fall 2022 are due via Scholarship Retriever by 12noon November 15, 2021.

UMBC also has professional cybersecurity programs that include certificate programs as well as a Master’s of Professional Studies (MPS) degree at its campuses in Catonsville (UMBC main campus) and Rockville (UMBC at the Universities at Shady Grove). UMBC Training Centers offers cybersecurity courses for both individuals and organizations.

Cybersecurity research at UMBC occurs in many of its laboratories and in the UMBC Center for Cybersecurity (UCYBR), which recently merged with UMBC’s original cybersecurity center, the UMBC Center for Information Security and Assurance (CISA).

2021 NSA Codebreaker Challenge Now Open

“The Codebreaker Challenge closely mirrors the real-world scenarios we deal with every day at NSA,” said challenge creator Eric Bryant. “It gives students the opportunity to test their knowledge, build new skills, and develop experience in areas typically not covered by course curricula in cybersecurity.”

NSA Codebreaker Challenge 2021 Now Open


NSA’s annual Codebreaker Challenge offers students a closer look at the type of work done at NSA and provides the opportunity to develop skills needed to achieve the Agency’s national security mission. The problems touch on skills like software reverse engineering, cryptanalysis, exploit development, blockchain analysis, and more. It gives students a hands-on opportunity to develop their reverse-engineering/low-level code analysis skills while working on a realistic problem set centered around the NSA’s mission.

The Challenge is open now and will run until a date late in December. Anyone with an email address from a recognized U.S. school or university may participate. While the challenge is intended for students, faculty are encouraged to participate as well. Furthermore, the site was designed to make it easy for those faculty interested in incorporating the challenge into their courses to do so (see the additional FAQ entries below.)

The 2021 Codebreaker Challenge consists of a series of tasks that are worth a varying amount of points based upon their difficulty. Schools will be ranked according to the total number of points accumulated by their students with the current ranking shown on a leaderboard. Solutions may be submitted at any time for the duration of the Challenge.

While not required, it is recommend that you solve tasks in order, since they flow with the storyline. Later tasks may rely on artifacts / inputs from earlier tasks. Each task in the 2021 challenge will require a range of skills. You will need to call upon all of your technical expertise, your intuition, and your common sense.

NSA provides some helpful resources to get you on the right track with the 2021 Challenge. The list as a starting point. It’s not exhaustive, and you’ll definitely need to do additional research on your own. There are things in this list that aren’t actually part of this year’s challenge. Once you register, you will be able to join the Community of Practice Discord server for the 2021 Codebreaker Challenge. NSA will also hold two technical talks this Fall, giving you a chance to hear from some of NSA’s experts.

National Cybersecurity Virtual Career Fair, Friday 9/17


5th annual National Cybersecurity Virtual Career Fair

1pm-4pm Friday, September 17, 2021


The 5th annual National Cybersecurity Virtual Career Fair, sponsored by National Cybersecurity Training and Education (NCyTE) Center and the CAE in Cybersecurity Community, is right around the corner! The career fair brings together students and alumni from over 300 institutions across the Nation designated as Centers of Academic Excellence in Cybersecurity with employers offering internships, temporary, part-time, and full-time employment. This year, the National Cybersecurity Virtual Career Fair will take place on Friday, September 17th, 2021, from 1 pm to 4 pm ET.

Students, alumni, and faculty – Register here to set up an account for live-day access on September 17, 2021

Each year, the number of undergraduate and graduate students and alumni participating in this event continues to grow. Participants come from a variety of disciplines, including cybersecurity, security studies, computer science, engineering, math, physics, and project management. Students from CAEs in Research (CAE-R), Cyber Defense (CAE-CD), and Cyber Operations (CAE-CO) are invited to participate for FREE.

Students and alumni can submit resumes before the virtual career fair begins to allow employers to view resumes before the career fair. Students can participate in workshops leading up to the National Cybersecurity Virtual Career Fair to help them build their resume and interview skills. 

This event is facilitated by the organization and open to the general public. It is not hosted or organized by UMBC.

talk: Thinking Like an Attacker: Towards a Definition and Non-Technical Assessment of Adversarial Thinking, 12-1pm ET 4/30


The UMBC Cyber Defense Lab presents


Thinking Like an Attacker:
Towards a Definition and Non-Technical Assessment of Adversarial Thinking


Prof. Peter A. H. Peterson
Department of Computer Science
University of Minnesota Duluth


12:00–1:00 pm ET,  Friday, 30 April 2021
via WebEx


“Adversarial thinking” (AT), sometimes called the “security mindset” or described as the ability to “think like an attacker,” is widely accepted in the computer security community as an essential ability for successful cybersecurity practice. Supported by intuition and anecdotes, many in the community stress the importance of AT, and multiple projects have produced interventions explicitly intended to strengthen individual AT skills to improve security in general. However, there is no agreed-upon definition of “adversarial thinking” or its components, and accordingly, no test for it. Because of this absence, it is impossible to meaningfully quantify AT in subjects, AT’s importance for cybersecurity practitioners, or the effectiveness of interventions designed to improve AT. Working towards the goal of a characterization of AT in cybersecurity and a non-technical test for AT that anyone can take, I will discuss existing conceptions of AT from the security community, as well as ideas about AT in other fields with adversarial aspects including war, politics, law, critical thinking, and games. I will also describe some of the unique difficulties of creating a non-technical test for AT, compare and contrast this effort to our work on the CATS and Security Misconceptions projects, and describe some potential solutions. I will explore potential uses for such an instrument, including measuring a student’s change in AT over time, measuring the effectiveness of interventions meant to improve AT, comparing AT in different populations (e.g., security professionals vs. software engineers), and identifying individuals from all walks of life with strong AT skills—people who might help meet our world’s pressing need for skilled and insightful security professionals and researchers. Along the way, I will give some sample non-technical adversarial thinking challenges and describe how they might be graded and validated.


 Peter A. H. Peterson is an assistant professor of computer science at the University of Minnesota Duluth, where he teaches and directs the Laboratory for Advanced Research in Systems (LARS), a group dedicated to research in operating systems and security, with a special focus on research and development to make security education more effective and accessible. He is an active member of the Cybersecurity Assessment Tools (CATS) project working to create and validate two concept inventories for cybersecurity, is working on an NSF-funded grant to identify and remediate commonsense misconceptions about cybersecurity, and is also the author of several hands-on security exercises for Deterlab that have been used at many institutions around the world. He earned his Ph.D. from the University of California, Los Angeles for work on “adaptive compression”—systems that make compression decisions dynamically to improve efficiency. He can be reached at .


Host: Alan T. Sherman,  Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681The UMBC Cyber Defense Lab meets biweekly Fridays.  All meetings are open to the public. Upcoming CDL Meetings: May 7, Farid Javani (UMBC), Anonymization by oblivious transfer

talk: MeetingMayhem: Teaching Adversarial Thinking through a Web-Based Game, 12-1 ET 4/9

The UMBC Cyber Defense Lab presents

MeetingMayhem:  Teaching Adversarial Thinking through a Web-Based Game


Akriti Anand, Richard Baldwin, Sudha, Kosuri, Julie Nau, and Ryan Wunk-Fink
UMBC Cyber Defense Lab

joint work with Alan Sherman, Marc Olano, Linda Oliva, Edward Zieglar, and Enis Golazewski

12:00 noon–1 pm ET, Friday, 9 April 2021
online via WebEx


We present our progress and plans in developing MeetingMayhem, a new web-based educational exercise that helps students learn adversarial thinking in communication networks. The goal of the exercise is to arrange a meeting time and place by sending and receiving messages through an insecure network that is under the control of a malicious adversary.  Players can assume the role of participants or an adversary.  The adversary can disrupt the efforts of the participants by intercepting, modifying, blocking, replaying, and injecting messages.  Through this engaging authentic challenge, students learn the dangers of the network, and in particular, the Dolev-Yao network intruder model. They also learn the value and subtleties of using cryptography (including encryption, digital signatures, and hashing), and protocols to mitigate these dangers.  Our team is developing the exercise in spring 2021 and will evaluate its educational effectiveness.


Akriti Anand () is an MS student in computer science working with Alan Sherman.  She is the lead software engineer and focuses on the web frontend. Richard Baldwin () is a BS student in computer science, a member of Cyberdawgs, and lab manager for the Cyber Defense Lab. Sudha Kosuri () is a MS student in computer science.  She is working on the frontend (using React and Flask) and its integration with the backend. Julie Nau () is a BS student in computer science.  She is working on the backend and on visualizations. Ryan Wunk-Fink () is a PhD student in computer science working with Alan Sherman. He is developing the backend.


Host: Alan T. Sherman,  Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays.  All meetings are open to the public.

 Upcoming CDL Meetings: April 23, Peter Peterson (Univ. of Minnesota Duluth), Adversarial thinking; May 7, Farid Javani (UMBC), Anonymization by oblivious transfer

UMBC Cyber Dawgs win 2021 Mid-Atlantic Collegiate Cyber Defense Competition

Photo by Marlayna Demond ’11 for UMBC

Congratulation to the UMBC Cyber Dawgs team, which took first place in the 2021 Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) finals. UMBC’s team was one of eight teams out of an initial 23 that qualified for the final competition. UMBC’s Cyber Dawgs will move on to compete in the National Collegiate Cyber Defense Competition (NCCDC), which will be held April 23-25, 2021.

The 2021 MACCDC regional final took place online April 1-3 and had teams fighting to protect their networks efficiently and effectively from simulated cyber threats and attacks using a scenario based on the COVID-19 global pandemic for its competition events.

The National Emergency Response Division (N.E.R.D.) is a data science-focused group within the Big Time Health Organization (BTHO), a multinational entity headquartered in Bethesda, Maryland. N.E.R.D. employees have been exceptionally busy dealing with the global health pandemic. As such, they have had to not only shift to work from home, but also expand the number of employees to support the inordinate amounts of data that is flooding each of its eight geographic locations throughout the U.S. Protecting the integrity of the data is critical, but when the data affects the delivery of health services to the public, the job of N.E.R.D. becomes even more mission critical.

The student teams will stand on the front lines of technology, alongside various healthcare providers. The main task at hand will be to ensure that pandemic-related data from state departments of health are accurate and delivered quickly. Information on outbreak locations, promising interventions, efficacy of testing, mortality rates, and other related statistics are critical so physicians, public health officials, and government entities can make informed decisions about resource allocations. Loss or inaccurate information can lead to tragic consequences. Vigilance is a must – be smart, be strong, be safe.

These regional and national competitions attract leading collegiate cybersecurity teams from across the nation. They put teams in situations that mimic scenarios they might encounter working to secure and protect online systems for government agencies and companies. Throughout each challenge, teammates work together to protect their systems from hackers and cyber attacks. At the same time, they keep their networks accessible to the users relying on them. 

The UMBC Cyber Dawgs team won the MACCDC regionals last year and were national champions in 2017. In this year’s MACCDC, George Mason placed second and Liberty University third. Good luck to the Cyber Dawgs as they compete with the winners of nine other regional competitions in the National Collegiate Cyber Defense Competition later this month.

talk: Transparent Dishonesty: Front-Running Attacks on Blockchain, 12-1 pm ET 3/26


The UMBC Cyber Defense Lab presents

Transparent Dishonesty: Front-Running Attacks on Blockchain


Professor Jeremy Clark
Concordia Institute for Information Systems Engineering
Concordia University, Montreal, Canada


12–1 pm ET Friday, March 26, 2021
online via WebEx


We consider front-running to be a course of action where an entity benefits from prior access to privileged market information about upcoming transactions and trades. Front-running has been an issue in financial instrument markets since the 1970s. With the advent of blockchain technology, front-running has resurfaced in new forms we explore here, instigated by blockchain’s decentralized and transparent nature. I will discuss our “systemization of knowledge” paper which draws from a scattered body of knowledge and instances of front-running across the top 25 most active decentral applications (DApps) deployed on Ethereum blockchain. Additionally, we carry out a detailed analysis of Status.im initial coin offering (ICO) and show evidence of abnormal miner’s behavior indicative of front-running token purchases. Finally, we map the proposed solutions to front-running into useful categories.


Jeremy Clark is an associate professor at the Concordia Institute for Information Systems Engineering. At Concordia, he holds the NSERC/Raymond Chabot Grant Thornton/Catallaxy Industrial Research Chair in Blockchain Technologies. He earned his Ph.D. from the University of Waterloo, where his gold medal dissertation was on designing and deploying secure voting systems including Scantegrity—the first cryptographically verifiable system used in a public sector election. He wrote one of the earliest academic papers on Bitcoin, completed several research projects in the area, and contributed to the first textbook. Beyond research, he has worked with several municipalities on voting technology and testified to both the Canadian Senate and House finance committees on Bitcoin. email:


Host: Alan T. Sherman, Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings: April 9, (UMBC), MeetingMayhem: A network adversarial thinking game; April 23, Peter Peterson (University of Minnesota Duluth), Adversarial thinking;
May 7, Farid Javani (UMBC), Anonymization by oblivious transfer.

1 2 3 41