Congratulations to the UMBC CyberDawgs team for their first place finish in a field of 105 collegiate teams in the U.S. Department of Energy’s Fifth Annual CyberForce Competition. The distributed event was held at ten of the DOE’s National Laboratories and challenged 105 teams to defend a simulated energy infrastructure from cyber-attacks.
The took place on November 15 and 16 with the goal of bolstering the U.S. cybersecurity workforce by extending skill-building opportunities for students, offering memorable hands-on experiences and highlighting the crucial role this field plays in preserving national energy security. The Cyberdawgs participated at the Argonne National Laboratory site in Illinois.
During the competition, teams competed to defend their simulated infrastructure from attacks by adversarial “red teams” composed of industry professionals, all while maintaining service for their “green team” customers, played by volunteers. The scenarios included simulated industrial control system components, real-world anomalies and constraints, and interaction with users of the systems.
Teams were scored on their success in protecting the infrastructure against attacks while ensuring the usability of the system, with additional points awarded for innovative ideas and defenses.
The team that competed in this year’s competition was chosen from members of the CyberDawgs student group, composed of students from a variety of majors who share a common interest in computer and network security. No prior experience is required to join and any UMBC students who want to learn more about cybersecurity and learn new skills in the field are encouraged to subscribe to its mailing list and attend meetings.
The CyberDawgs group is advised by CSEE faculty Charles Nicholas and Richard Forno.
The ability to guarantee timing properties, and in turn to use assumption about time to guarantee the security of protocols, is important to many of the applications we rely upon. For example, to compute locations, GPS depends on time synchronization between entities. Blockchain protocols require loose time synchronization to guarantee agreement on block timestamps. Distance-bounding protocols use the roundtrip time of an RF signal to enforce constraints on location. To analyze these types protocols formally, it is necessary to reason about time. This talk describes recent research in extending the Maude-NPA cryptographic protocol analysis tool to reason about cryptographic protocols that rely on or enforce timing properties. We describe the timing model we have created for the tool. We show how we we represent timing properties as constraints, whose solution is outsourced to an SMT solver. We also discuss our experimental results.
Catherine Meadows is a senior researcher in computer security at the Center for High Assurance Systems at the Naval Research Laboratory and heads that group’s Formal Methods Section. She was the principal developer of the NRL Protocol Analyzer (NPA), which was one of the first software tools to find previously undiscovered flaws in cryptographic protocols, and was used successfully in the analysis of a number of protocol standards. She is also leading, or has recently led, a number of projects related to the design and analysis of cryptographic protocols, including one focused the development of an analysis tool, Maude-NPA, that takes into account the the complex algebraic properties of cryptosystems, another that is focusing on the automatic generation of secure cryptosystems, and another devoted to formal methods for the design of cyber-physical systems with legacy components.
This work was supported by ONR 321 (*protected email*)
Host: Alan T. Sherman, *protected email* Support for this event was provided in part by the National Science Foundation under SFS grant 175368. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Events:
Maryland Public Television’s Charles Robinson reports on how Baltimore continues to recover after city computers were infected with ransomware in the May 2019 Baltimore ransomware attack and interviews Dr. Rick Forno, associate director of the UMBC Center for Cybersecurity and graduate director of UMBC’s Cybersecurity MPS degree program.
From Wikipedia: On May 7th 2019, most of Baltimore’s government computer systems were infected with a new and aggressive ransomware variant named RobbinHood. All servers, with the exception of essential services, were taken offline. In a ransom note, hackers demanded 13 bitcoin (roughly $76,280) in exchange for keys to restore access. The note also stated that if the demands were not met within four days, the price would increase and within ten days the city would permanently lose all of the data.
As of May 13, 2019 all systems remained down for city employees. It is estimated that it will take weeks to recover. According to Mayor Jack Young, US Federal Law enforcement continue to investigate the attack.
The attack had a negative impact on the real estate market as property transfers could not be completed until the system was restored on May 20th. However, the restoration of all systems was, as of May 20, 2019, estimated to take weeks more.
Baltimore was susceptible to such an attack due to its IT practices, which included decentralized control of its technology budget and a failure to allocate money its information security manager wanted to fund cyberattack insurance. The attack has been compared to a previous ransomware attack on Atlanta the previous year, and was the second major use of the RobbinHood ransomware on an American city in 2019, as Greenville, North Carolina was also impacted in April.
Joint work with Alan Sherman, Richard Chang, Enis Golaszewski, Ryan Wnuk-Fink, Cyrus Bonyadi, Mario Costa, Moses Liskov, and Edward Zieglar
Secure Remote Password (SRP) is a widely deployed password authenticated key exchange (PAKE) protocol used in products such as 1Password and iCloud Keychain. As with other PAKE protocols, the two participants in SRP use knowledge of a pre-shared password to authenticate each other and establish a session key. I will explain the SRP protocol and security goals it seeks to achieve. I will demonstrate how to model the protocol using the Cryptographic Protocol Shapes Analyzer (CPSA) tool and present my analysis of the shapes produced by CPSA.
Erin Lanus earned her Ph.D. in computer science in May 2019 from Arizona State University. Dr. Lanus is currently conducting research with Professor Sherman’s Protocol Analysis Lab at UMBC. Her previous results include how to use state to enable CPSA to reason about time in forced-latency protocols. Her research also explored algorithmic approaches to constructing combinatorial arrays employed in interaction testing and the creation of a new type of array for attribute distribution to achieve anonymous authorization in attribute-based systems. In October she will begin as a research assistant professor at Virginia Tech’s Hume Center in Northern Virginia. email: *protected email*
Support for this research was provided in part by grants to CISA from the Department of Defense, CySP grants H98230-17-1-0387 and H98230-18-0321.
Dr. Behnam Shariati, Assistant Director of the UMBC Graduate Cybersecurity Program, is one of the authors of a new NIST Cybersecurity Practice Guide guide on how organizations can use standards-based, commercially available products to help meet their mobile device security and privacy needs. Dr. Shariati is also a lecturer in Cybersecurity graduate program and oversees its operations at the Universities at Shady Grove in Rockville, MD.
To address the challenge of securing mobile devices while managing risks, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) built a laboratory environment to explore how various mobile security technologies can be integrated within an enterprise’s network.
A draft version of the document is available as NIST SPECIAL PUBLICATION 1800-21A, Mobile Device Security, Corporate-Owned Personally-Enabled (COPE) and NIST solicits comments on it by September 23, 2019.
From the summary:
“The rapid pace at which mobile technologies evolve requires regular reevaluation of a mobility program to ensure it is accomplishing its security, privacy, and workplace functionality. Built-in mobile protections may not be enough to fully mitigate the security challenges associated with mobile information systems. Usability, privacy, and regulatory requirements each influence which mobile security technologies and security controls are going to be well-suited to meet the needs of an organization’s mobility program.
The goal of the Mobile Device Security: Corporate-Owned Personally-Enabled (COPE) project is to provide an example solution demonstrating how organizations can use a standards-based approach and commercially available technologies to meet their security needs for using mobile devices to access enterprise resources.
The sample solution details tools for an enterprise mobility management (EMM) capability located on-premises, mobile threat defense (MTD), mobile threat intelligence (MTI), application vetting, secure boot/image authentication, and virtual private network (VPN) services.”
This NCCoE project is the first in a series on Mobile Device Security for Enterprises. The next one, Mobile Device Security: Bring Your Own Device (BYOD), is under development.
UMBC has partnered to create a global university network dedicated to securing critical systems against cyber threats: the International Cybersecurity Center of Excellence (INCS-CoE).
The INCS-CoE has its foundations in a 2018 cybersecurity collaboration that included UMBC, Keio University in Japan, and Royal Holloway University of London. That initial group has now formally expanded to include Northeastern University, Kyushu University in Japan, and Imperial College London.
The INCS-CoE will support the efforts of the participating universities as they work together to address cybersecurity challenges facing society. The collaboration focuses on cybersecurity for critical national infrastructures including information technology, public transit, and financial services. Additionally, the Center of Excellence will include research, advocacy, and education components.
“Trust is one of the key pillars for a free and interconnected world, for commerce and for exchange of information, be it in the real world or in the digital world,” says Karl V. Steiner, UMBC’s vice president for research. “In order for machines to communicate well with each other, we need to put in place policies and technologies that establish a trust basis.”
He explains, “The INCS-CoE is built on a similar strong layer of trust among six institutions from three different continents. This first-of-its-kind global Center of Excellence will enable us to rapidly exchange ideas and find solutions to developing issues in an increasingly networked world.”
In the future, INCS-CoE may expand to include government and corporate partners, says Steiner.
“The challenges this first-of-its-kind partnership aims to solve span a complex set of cybersecurity issues,” said David Luzzi, senior vice provost for research at Northeastern.
Each academic institution has specific strengths and areas of expertise that they bring to the partnership. UMBC’s Center for Cybersecurity and Center for Accelerated Real Time Analytics will be instrumental in contributing to INCS-CoE’s goals for UMBC.
Learn more about the INCS-CoE.
Adapted from a UMBC News article by Megan Hanks, photo by Marlayna Demond ’11 for UMBC.
Mobile communication is an essential part or modern life, however it is dependent on some fundamental security technologies. Critical amongst these technologies, is mobile authentication, the ability to identify valid users (and networks) and enable their secure usage of communication services. In the GSM standards and the 3GPP standards that evolved from them, the subscriber-side security has been founded on a removable, attack-resistant smart card known as a SIM (or USIM) card. The presentation explains how this situation came about, and how and why the protocols and algorithms have improved over time. It will cover some work by the author on a recent algorithm for 3GPP and then discuss how Machine-to-Machine and IoT considerations have led to new standards, which may herald the demise of the conventional removable SIM, in favour of an embedded eSIM.
Professor Keith Mayes B.Sc. Ph.D. CEng FIET A.Inst.ISP, is a professor of information security within the Information Security Group (ISG) at Royal Holloway University of London. Prior to his sabbatical, he was the Director of the ISG and Head of the School of Mathematics and Information Security. He is an active researcher/author with 100+ publications in numerous conferences, books and journals. His current research interests are diverse, including, mobile communications, smart cards/RFIDS, the Internet of Things, and embedded systems. Keith joined the ISG in 2002, originally as the Founder Director of the ISG Smart Card Centre, following a career in industry working for Pye TVT, Honeywell Aerospace and Defence, Racal Research and Vodafone. Keith is a Chartered Engineer, a Fellow of the Institution of Engineering and Technology, a Founder Associate Member of the Institute of Information Security Professionals, a Member of the Licensing Executives Society and an experienced company director and consultant. He is active in the UK All Party Parliamentary Group (APPG) on Cyber Security and is an adjunct professor at UMBC.
Several cryptographic protocols have been proposed to address the Man-in-the-Middle attack without the prior exchange of keys. This talk will describe a formal analysis of one such protocol proposed by Zooko Wilcox-O’Hearn, the forced-latency defense against the chess grandmaster attack. Using the Cryptographic Protocol Shapes Analyzer (CPSA), we validate the security properties of the protocol through the novel use of CPSA’s state features to represent time. We also describe a small message space attack that highlights how assumptions made in protocol design can affect the security of a protocol in use, even for a protocol with proven security properties.
Edward Zieglar is a security researcher in the Research Directorate of the National Security Agency, where he concentrates on formal analysis and verification of cryptographic protocols and network security. He is also an adjunct professor at UMBC where he teaches courses in networking and network security. He received his master’s and doctoral degrees in computer science from UMBC.
Host: Alan T. Sherman, *protected email*
In this talk, we will introduce the basics of IPv6 and some of the security issues associated with it. Specifically, we discuss the motivations, history and adoption of IPv6, and current status in the global Internet. We then detail the structure of an IPv6 address and the types of addresses used, and the conceptual model for address assignment in IPv6. The modes of deployment of IPv6, and understanding of how dual-stack mode works, is then provided. We then discuss the basic model for IPv6 control protocols, ICMPv6, and how they support low-level network operations. We then identify IPv6’s place in the network stack, and explain how that does, and does not, affect security. Several basic threats to IPv6 devices and networks will be identified as well as how common network security posture/hygiene can be affected by dual stack operation. Lastly, we identify some key concepts in secure use of IPv6, and discuss the concept of NAT and its use in IPv4 and why IPv6 does not use it.
Mr. Neal Ziring is the Technical Director for the National Security Agency’s Capabilities Directorate, serving as a technical advisor to the Capabilities Director, Deputy Director, and other senior leadership. Mr. Ziring is responsible for setting the technical direction across many parts of the capabilities mission space, including in cyber-security. Mr. Ziring tracks technical activities, promotes technical health of the staff, and acts as liaison to various industry, intelligence, academic, and government partners. Prior to the formation of the Capabilities Directorate, Mr. Ziring served five years as Technical Director of the Information Assurance Directorate. His personal expertise areas include security automation, IPv6, cloud computing, cross-domain information exchange, and data access control, and cyber defense. Prior to coming to NSA in 1988, Neal worked at AT&T Bell Labs. He has BS degrees in Computer Science and Electrical Engineering, and an MS degree in Computer Science, all from Washington University in St. Louis.
This site uses functional cookies and external scripts to improve your experience.
Privacy Settings and Information
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. Your choices will not impact your visit.
NOTE: Third-party Google scripts on this website may have access to cross-site third-party cookies under the google.com domain. We, the CSEE Department, do not access, read, or write these third-party cookies, and as a result, we do not control their presence on your browser. You may block them by using a third-party cookie blocker in your browser.
If you click Accept below to accept the general cookie consent, then a “wpgdprc-consent” cookie will be stored on your browser, to record your general consent.
If you click Accept below to accept the general cookie consent, and also have Google Analytics cookies enabled (on the sidebar to the left), the CSEE Department website will store and access Google Analytics cookies on your browser. We use the data from these cookies to collect information on website usage statistics and improve user experience. If you do not wish to allow Google Analytics cookies on your browser, then either do not click Accept on the bottom bar, or disable Google Analytics on the left.
If you log in to this website, then several Wordpress cookies and session variables will be stored on your browser. Accessing the login screen constitutes your consent to have Wordpress cookies and session variables stored on your computer.
The CSEE Department website makes use of several external scripts to improve user experience. These include, but are not necessarily limited to: Google Calendar, Google Analytics, and ReCAPTCHA. If you choose to use this website, then you agree to allow these scripts to be loaded and executed.
NOTE: These settings will only apply to the browser and device you are currently using.
Enables Google Analytics.
©2021 University of Maryland Baltimore County Computer Science and Electrical Engineering Department
1000 Hilltop Circle, ITE 325, Baltimore, Maryland 21250
College of Engineering and Information Technology
| Contact Us
| Equal Opportunity
| Consumer Information