Wikileaks hack highlights importance of cyberdefense basics, UMBC experts write

The Central Intelligence Agency’s latest leak is the most recent major hack exposing information that could possibly compromise national security. In The Conversation, Anupam Joshi and Rick Forno, explain that this hack is a reminder of how cyberdefense strategies must be continually improved to ensure sensitive information is protected.

Joshi is a professor and chair of the department of computer science and electrical engineering and director of UMBC’s Center for Cybersecurity, and Forno is the assistant director of the UMBC Center for Cybersecurity and director of UMBC’s graduate program in cybersecurity. Their latest article has been republished by media across the globe and has been read more than 20,000 times.

“This round of leaks, of documents dating from 2013 to 2016,…reinforces perhaps the most troubling piece of information we already know: Individuals and the government itself must step up cyberdefense efforts to protect sensitive information,” write Joshi and Forno.

They ask readers to consider the risk to security and privacy compared with the benefits and convenience of modern technologies. “As citizens, we must decide what level of risk we — as a nation, a society and as individuals — are willing to face when using internet-connected products.”

Any electronic device connected to the internet is susceptible to a cyber attack, Joshi and Forno go on to explain, noting, “It’s not necessarily a good idea to have always-on and network-enabled microphones or cameras in every room of the house.”

Joshi also spoke with CBS Baltimore about how hacks can impact technologies consumers use every day, such as cars that now feature high tech navigation and entertainment systems. “The more electronic gizmos you have in your car, the newer the car you have, the more you’re connected to the network with your car, the greater the probability something can be done to your car,” he explained. Still, he noted, a hacker would need to have advanced technical knowledge and, likely, close proximity to the car to carry out such an attack.

To ensure that sensitive information is protected, Joshi and Forno say that focusing on “the mundane tasks of cyberdefense” is essential to maintaining security for everyone, from government to individuals, although they emphasize that no internet-connected technologies are immune to cyber hacks. Ultimately, they write, “Keeping others out of key systems is crucial to American national security, and to the proper function of our government, military and civilian systems.”

Read the full article in The Conversation, and watch the complete interview on CBS Baltimore.  Adapted from an article in UMBC News.

Prof. Gymama Slaughter on the body as a battery at Baltimore’s Light City festival

How can we begin to use our body as a power source? The same way we use a battery: by harnessing its chemical energy. As part of the annual Baltimore Light City Festival: A Festival of Light, Music and Innovations, Dr. Gymama Slaughter will present her research work on “The body as a battery – harnessing its chemical energy to power wearable and implantable sensors that diagnose and monitor diseases.” Dr. Slaughter will show how her team is converting the biochemical energy in blood sugar into electrical power, and how it is used to power wearable and implantable sensors.

The HealthLab@LightCity conference brings together innovators and leaders from Baltimore and across the nation to explore emerging technologies and innovative practices that have the potential to improve the quality of life and health outcomes for all people, here and around the world.

HealthLab@lightcity is presented by Kaiser Permanente and will be held 8:00am-6:00pm on Monday, 3 April 2017 at the IMET Columbus Center (701 E Pratt St, Baltimore, MD 21202) as part of Baltimore’s annual Light City Festival.

talk: Semantic Approach to Automating Big Data and Cloud, 12pm Mon 2/20

A Semantically Rich Approach to Automating Big Data and Cloud

Dr. Karuna Joshi
University of Maryland, Baltimore County

12:00pm Monday, 20 February 2017, ITE 325b, UMBC

With the explosion of Big Data and the growth of data science, there is an urgent need to automate the data lifecycle of generation, ingestion, analytics, knowledge extraction, and archival and deletion. With a promise of rapid provisioning, scalability and high computing capability, cloud based services are being adopted as the default computing environment for Big Data analytics.

To effectively manage their data on cloud, organizations need to continuously monitor the rules/constraints and performance metrics listed in a variety of legal contracts. However, these documents, like Service Level Agreements (SLA), privacy policy, regulatory documents, etc., are currently managed as plain text files meant principally for human consumption. Additionally, providers often define their own performance metrics for their services. These factors hinder the automation of steps of the data lifecycle, leading to inefficiencies in using the dynamic and elastic elements of the Data+Cloud ecosystem and require manual effort to monitor the service performance. Moreover, Cloud-based service providers are collecting large amounts of data about their consumers including Personally Identifiable Information (PII) like contact addresses, credit card details, bank account details, etc. They are offering customized service level agreements which indicate how such data will be handled. To see whether these agreements meet individual or corporate requirements, or comply with statutory constraints, currently involves significant human effort.

In this talk, we present the semantically rich approach that we have developed to automatically extract knowledge from large textual datasets, specially legal documents, using text analytics and Semantic Web technologies. We describe the OWL ontologies that we have developed, and the techniques to extract key terms and rules from textual legal documents. We will also illustrate application of our work in domains such as education, healthcare and cybersecurity.

Karuna P. Joshi is a Research Assistant Professor of Computer Science and Electrical Engineering at the University of Maryland, Baltimore County. Her research focuses on Data Science and Big Data Analytics, especially legal text analytics; knowledge representation and reasoning; privacy and security of Big Data and Cloud; and cloud enabled Health IT services. She has published over 30 papers, including in journals like IEEE Transactions on Service Computing and conferences like IEEE Big Data and IEEE CLOUD. Her research is supported by organizations like DoD, ONR, NIST, NSF, GE and IBM. She was also awarded the TEDCO MII award for exploring the commercialization of her research. She has been awarded the prestigious IBM PhD Fellowship. She also has over 15 years of industrial experience, primarily as an IT project manager. She worked at the International Monetary Fund for nearly a decade. Her managerial experience includes portfolio/program/project management across various domains. She received the MS and PhD degrees in Computer Science from UMBC and bachelor’s degree in Computer Engineering from the University of Mumbai, India.

CSEE faculty on securing the president’s smartphone and avoiding “cyber-fatigue”

Professor Anupam Joshi, chair of the CSEE Department and director of the UMBC Center for Cybersecurity

With a new administration in the White House, securing the president’s smartphone is a national security priority, but exactly what steps are taken to secure the phone are not made public. In a new article in The Conversation, Anupam Joshi, professor and chair of computer science and electrical engineering, and director of the Center for Cybersecurity at UMBC, discusses several likely ways President Trump’s security team is building protections into his phone, through everything from hardware to settings to app restrictions.

Limiting the number of people who have the president’s new phone number and keeping the unique International Mobile Equipment Identity number guarded can prevent potential attackers from accessing confidential information stored on the phone. This method is called “security by obscurity,” says Joshi.

Joshi also says the device Trump will use was likely made by a trusted manufacturer with carefully created and checked parts, explaining that this minimizes the “risk that the hardware would have any vulnerabilities that an attacker could exploit.”

Customizing the operating system, and allowing the phone to connect only with predetermined networks that are regularly monitored can also help protect against attacks, says Joshi. “Limiting its contact with the internet would, of course, by key,” he notes, “though that would also significantly limit the phone’s usefulness to a president whose routine involves constant connection.” Joshi says that limiting the number of apps on the phone, reducing the ability for additional apps to be downloaded and installed, and disabling automatic updates to the phone could keep the device even more secure.

While it is not certain which methods have been employed to secure the presidential smartphone, Joshi says that Trump trading in his commercial-grade phone for a government-secured device is an important first step in protecting the U.S. from hacks and attacks.

In another article in The Conversation, Rick Forno, assistant director of the UMBC Center for Cybersecurity and director of the Cybersecurity Graduate Program at UMBC, addresses the importance of addressing both short-term and long-term cybersecurity issues. He explains that ignoring underlying problems and only addressing small, attention-grabbing issues does not lead to lasting progress. “Cyber-fatigue,” explains Forno, is an “inability to think critically about what needs to happen for meaningful, lasting cybersecurity improvements while focusing only on near-term problems.”

He says that while it is important to evaluate the benefits, conveniences and savings that new products and services may offer, the potential risks and problems should be considered, too. “So instead of repeating the same guidelines and recommendations of the past, it’s time to take a new and unconventional look at our approach to technology and how we secure it,” Forno explains. “Unless we’re willing to go beyond our traditional cybersecurity ‘comfort zone’ and explore new solutions, our cyber-fatigue will worsen.”

Read “How to secure a smartphone for the tweeter-in-chief” and Overcoming ‘cyber-fatigue’ requires users to step up for security” in The Conversation. Joshi’s piece also appeared in Mashable and Channel Newsasia, and together the articles have already been read over 36,000 times.

Adapted from UMBC News, photo by Marlayna Demond ’11 for UMBC.

UMBC places 7th at Pan-Am Team Chess Championship

UMBC Chess finished seventh overall at the 2016 Pan-American Intercollegiate Team Chess Championship, held in New Orleans, Louisiana, December 27–30.

The UMBC Chess A team finished in 10th place, with victories over the Texas Tech D team, the University of Oklahoma A team, the Columbia University B team, and the Arizona State University team. The UMBC Chess B team earned wins over the Texas Tech E team, and the University of Minnesota Twin Cities B team, and finished 45th overall.

UMBC’s 2016 A team includes international master Levan Bregadze ‘16, financial economics; grandmaster Tanguy Ringoir ‘19, economics; woman FIDE master Ewa Harazinska ’20, chemistry; and Maor Leker Locker ’20, biological sciences. The UMBC Chess B team includes Dobrynya Konoplev ‘18, computer science and mechanical engineering; Nathan Janus ’20, mathematics; Nathaniel Wong ‘18, Asian studies and political science; Abhilash Puranik ‘17, M.S. computer engineering; and Jeffrey Mich Carr ’19, interdisciplinary studies.

UMBC has participated in the Pan-American Intercollegiate Team Chess Championship for 26 years, and has won or tied for first place at the Pan-Am Championship ten times. UMBC Chess has also continued on to the President’s Cup—known as the Final Four of College Chess—numerous times, but did not qualify for 2017.

At the 2015 Pan-American Intercollegiate Team Chess Championship, the UMBC Chess A team finished in 10th place, and the UMBC Chess B team finished 31st overall. Alan Sherman, professor of computer science and electrical engineering, serves as director for UMBC Chess and Joel DeWyer, interim director of The Commons, is business manager.

UMBC Chess made headlines earlier in 2016 when Nazi Paikidze-Barnes, information systems, an alumna of the team, won the 2016 U.S. Women’s Chess Championship held in St. Louis.

Reposted from UMBC News. Image: Members of the UMBC Chess A team before attending the 2016 Pan-American Intercollegiate Team Chess Championship. Photo by Marlayna Demond ‘11 for UMBC.

Prof. Marie desJardins elected a Member-at-large of the American Association for the Advancement of Science

UMBC CSEE Professor Marie desJardins was elected as a as Member-at-Large of the American Association for the Advancement of Science (AAAS). Professor desJardins will serve a four-year term as one of four AAAS members representing the field of Information, Computing, and Communication. AAAS members-at large are charged with assessing the performance and role of their section in the Association and working to involve its members in AAAS activities and professional interactions.

The American Association for the Advancement of Science is an international non-profit organization dedicated to advancing advance science, engineering, and innovation throughout the world for the benefit of all people. Established in 1848, the AAAS is the world’s largest general scientific society, with more than 120,000 members.

UMBC cybersecurity instructor selected for prestigious Brookings Legis Congressional Fellows Program

Diana Parr, adjunct instructor in UMBC’s Cybersecurity Graduate Program, has been selected to participate in the highly competitive Brookings Legis Congressional Fellows Program. The year-long program allows professionals in the public and private sectors to work on Capitol Hill alongside individual members of the U.S. Congress or on a congressional committee to understand the policy-making side of government.

Diana Parr. “I am most excited about the opportunity to work for a member of Congress and to learn how the legislative process flows. It will be a huge time for change on Capitol Hill—a new president and many newly elected officials. I would like to bring my technical knowledge to the Hill as those new officials discuss legislation relating to cybersecurity,” she said.

In addition to her role at UMBC, Parr is a cybersecurity technical leader for the National Security Agency. She anticipates that her work in Congress will focus on cybersecurity education.

“There are many opportunities for new legislation this year to make our nation stronger and safer,” Parr said. “My biggest hope is to build awareness of the need to grow educational opportunities for young people, especially young women, in the growing field of cybersecurity.”

More information about the Brookings Legis Congressional Fellows Program can be found on the Brookings Institution website.

Republished from UMBC News, header image by Robert Lyle Bolton (CC by 2.0), headshot by Marlayna Demond ’11 for UMBC.

talk: Learning to Predict the Future from Unlabeled Data, 1pm Fri 10/28, ITE229, UMBC

The UMBC CSEE Seminar Series Presents

Learning to Predict the Future from Unlabeled Data

Hamed Pirsiavash, CSEE Department, UMBC

1-2pm Friday, 28 October 2016, ITE 229

Anticipating actions and objects before they start or appear is a difficult problem in computer vision with several real-world applications. This task is challenging partly because it requires leveraging extensive knowledge of the world that is difficult to write down. We believe that a promising resource for efficiently learning this knowledge is through readily available unlabeled video. I will talk about our framework that capitalizes on temporal structure in unlabeled video to learn to anticipate human actions and objects. The key idea behind our approach is that we can train deep networks to predict the visual representation of images in the future. I will also talk about our recent work on a Generative Adversarial learNing (GAN) architecture that generates a novel video given the first frame.

Hamed Pirsiavash is an assistant professor at the University of Maryland, Baltimore County (UMBC) since August 2015. Prior to that, he was a postdoctoral research associate at MIT working with Antonio Torralba. He earned his PhD at the University of California Irvine under the supervision of Deva Ramanan (now at CMU). He performs research in the intersection of computer vision and machine learning.

Organizers: Professors Tulay Adali () and Alan T. Sherman ()

About the CSEE Seminar Series: The UMBC Department of Computer Science and Electrical Engineering presents technical talks on current significant research projects of broad interest to the Department and the research community. Each talk is free and open to the public. We welcome your feedback and suggestions for future talks.

Prof. Anupam Joshi comments on recent DDoS attack on MPT show

CSEE Prof. Anupam Joshi was interviewed on MPT’s Direct Connection about the recent massive distributed denial of service attack that was launched from a botnet from compromised IoT devices. The attack disrupted access to many popular Internet sites, including Twitter, Netflix, Amazon and PayPal. Dr. Joshi discussed the mechanism that used and what can be done to reduce the risks of similar attacks. He also pointed out that Mirai, the name of one of the software systems used by the attackers, is a Japanese word that means “future” and that this may be a harbinger of things to come.

UMBC’s Anthony Johnson appointed to IEEE Corporate Innovation Award Committee

CSEE Professor Anthony Johnson has been appointed by the IEEE to its Corporate Innovation Award Committee. The IEEE Corporate Innovation Award was established in 1985 to recognize outstanding innovation by an organization in an IEEE field of interest. The recipient must be a corporate, governmental, or academic entity working within the fields of interest to IEEE. Recent recipients include Intel, SanDisk, DARPA, and Applied Materials, Inc.

Dr. Johnson is the director of UMBC’s Center for Advanced Studies in Photonics Research. His research is in the area of ultrafast optics and optoelectronics- the ultrafast photophysics and nonlinear optical properties of bulk, nanoclustered, and quantum well semiconductor structures, untrashort pulse propagation in fibers and high-speed lightwave systems. He is a fellow of IEEE, the Optical Society of America, the American Physical Society, AAAS and the National Society of Black Physicists.

1 2 3 4 12