CSEE faculty Ben Shariati co-author of NIST guide on mobile device security and privacy

Dr. Ben Shariati co-author of NIST guide on mobile device security and privacy

Dr. Behnam Shariati, Assistant Director of the UMBC Graduate Cybersecurity Program, is one of the authors of a new NIST Cybersecurity Practice Guide guide on how organizations can use standards-based, commercially available products to help meet their mobile device security and privacy needs. Dr. Shariati is also a lecturer in Cybersecurity graduate program and oversees its operations at the Universities at Shady Grove in Rockville, MD.

To address the challenge of securing mobile devices while managing risks, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) built a laboratory environment to explore how various mobile security technologies can be integrated within an enterprise’s network.

A draft version of the document is available as NIST SPECIAL PUBLICATION 1800-21A, Mobile Device Security, Corporate-Owned Personally-Enabled (COPE) and NIST solicits comments on it by September 23, 2019.

From the summary:

“The rapid pace at which mobile technologies evolve requires regular reevaluation of a mobility program to ensure it is accomplishing its security, privacy, and workplace functionality. Built-in mobile protections may not be enough to fully mitigate the security challenges associated with mobile information systems. Usability, privacy, and regulatory requirements each influence which mobile security technologies and security controls are going to be well-suited to meet the needs of an organization’s mobility program.

The goal of the Mobile Device Security: Corporate-Owned Personally-Enabled (COPE) project is to provide an example solution demonstrating how organizations can use a standards-based approach and commercially available technologies to meet their security needs for using mobile devices to access enterprise resources.

The sample solution details tools for an enterprise mobility management (EMM) capability located on-premises, mobile threat defense (MTD), mobile threat intelligence (MTI), application vetting, secure boot/image authentication, and virtual private network (VPN) services.”

This NCCoE project is the first in a series on Mobile Device Security for Enterprises. The next one, Mobile Device Security: Bring Your Own Device (BYOD), is under development.

UMBC partners with five universities in the US, UK, and Japan to launch International Cybersecurity Center of Excellence

Representatives from the partnering institutions at UMBC.
image: Representatives from the partnering institutions at UMBC. Photo by Marlayna Demond ’11 for UMBC.

UMBC partners with five universities in the US, UK, and Japan to launch International Cybersecurity Center of Excellence

UMBC has partnered to create a global university network dedicated to securing critical systems against cyber threats: the International Cybersecurity Center of Excellence (INCS-CoE).

The INCS-CoE has its foundations in a 2018 cybersecurity collaboration that included UMBC, Keio University in Japan, and Royal Holloway University of London. That initial group has now formally expanded to include Northeastern University, Kyushu University in Japan, and Imperial College London.

The INCS-CoE will support the efforts of the participating universities as they work together to address cybersecurity challenges facing society. The collaboration focuses on cybersecurity for critical national infrastructures including information technology, public transit, and financial services. Additionally, the Center of Excellence will include research, advocacy, and education components.

“Trust is one of the key pillars for a free and interconnected world, for commerce and for exchange of information, be it in the real world or in the digital world,” says Karl V. Steiner, UMBC’s vice president for research. “In order for machines to communicate well with each other, we need to put in place policies and technologies that establish a trust basis.”

He explains, “The INCS-CoE is built on a similar strong layer of trust among six institutions from three different continents. This first-of-its-kind global Center of Excellence will enable us to rapidly exchange ideas and find solutions to developing issues in an increasingly networked world.”

In the future, INCS-CoE may expand to include government and corporate partners, says Steiner.

“The challenges this first-of-its-kind partnership aims to solve span a complex set of cybersecurity issues,” said David Luzzi, senior vice provost for research at Northeastern.

Each academic institution has specific strengths and areas of expertise that they bring to the partnership. UMBC’s Center for Cybersecurity and Center for Accelerated Real Time Analytics will be instrumental in contributing to INCS-CoE’s goals for UMBC.

Learn more about the INCS-CoE.

Adapted from a UMBC News article by Megan Hanks, photo by Marlayna Demond ’11 for UMBC.

talk: Correlation analysis with small sample sizes, 2pm Tue 6/18, UMBC

Correlation analysis with small sample sizes

Peter Schreier, Univ. of Paderborn, Germany

2:00-3:00 Tuesday, 18 June 2019, ITE 325B, UMBC

Most common techniques for correlation analysis (e.g., canonical correlation analysis) require sufficiently large sample support, but in many applications only a limited number of samples are available. Correlation analysis with small sample sizes poses some unique challenges. In this talk, I will focus on the problem of determining the correlated components between two or more data sets when the number of samples from these data sets is extremely small. Applications are plentiful, and among them I will discuss the identification of weather patterns in climate science and analyzing the effects of extensive physical exercise on the autonomic nervous system.

Peter Schreier was born in Munich, Germany, in 1975. He received a Master of Science from the University of Notre Dame, IN, USA, in 1999, and a Ph.D. from the University of Colorado at Boulder, CO, USA, in 2003, both in electrical engineering. From 2004 until 2011, he was on the faculty of the School of Electrical Engineering and Computer Science at the University of Newcastle, NSW, Australia. Since 2011, he has been Chaired Professor of Signal and System Theory at Paderborn University, Germany. He has spent sabbatical semesters at the University of Hawaii at Manoa, Honolulu, HI, and Colorado State University, Ft. Collins, CO.

From 2008 until 2012, he was an Associate Editor of the IEEE Transactions on Signal Processing, from 2010 until 2014 a Senior Area Editor for the same Transactions, and from 2015 to 2018 an Associate Editor for the IEEE Signal Processing Letters. From 2009 until 2014, he was a member of the IEEE Technical Committee on Machine Learning for Signal Processing, and he currently serves on the IEEE Technical Committee on Signal Processing Theory and Methods. He is the Chair of the Steering Committee of the IEEE Signal Processing Society’s Data Science Initiative, and he serves on the IEEE SPS Regional Committee for Region 8. He was the General Chair of the 2018 IEEE Statistical Signal Processing Workshop in Freiburg, Germany.

talk: Tensor Decomposition of ND data arrays, 2pm 6/13 ITE325

Tensor Decomposition of ND data arrays

Prof. David Brie, University of Lorraine

2:00pm Thursday, 13 June 2019, ITE 325B, UMBC

The goal of this talk is to give an introduction to tensor decompositions for the analysis of multidimensional data. First, we recall some basic notions and operations on tensors. Then two tensor decompositions are presented: the Tucker decomposition (TD) and the Candecomp/Parafac decomposition (CPD). A particular focus is placed on the identifiability conditions of the CPD. Finally, various applications in biology are presented.

David Brie received the Ph.D. degree in 1992 and the Habilitation à Diriger des Recherches degree in 2000, both from Université de Lorraine, France. He is currently full professor at the Department of Telecommunications and Networking of the Institut Universitaire de Technologie, Université de Lorraine, France. He is editor-in-chief of the French journal “Traitement du Signal” since 2013 and will be co-general chair of the next IEEE CAMSAP 2019. His current research interests include vector-sensor-array processing, spectroscopy and hyperspectral image processing, non-negative matrix factorization, multidimensional signal processing, and tensor decompositions.

Intro computing courses available to students in any major through X + Computing pilot

Intro computing courses for students in any major through X + Computing pilot

Computing and coding skills are becoming integral to many jobs and industries, but students outside of computing disciplines are not always exposed to these fundamentals. UMBC is working to change that with new learning pathways for non-computer science majors.

The pilot “X + Computing” program — named for the way it combines computer science with other fields — is funded by a nearly $300,000 award from the National Science Foundation. Leading the initiative are UMBC President Freeman Hrabowski; Katharine Cole, vice provost and dean of dean of undergraduate academic affairs; and Anupam Joshi, professor and chair of computer science and electrical engineering. Susan Mitchell, lecturer of computer science and electrical engineering, and David Chapman, assistant professor of computer science and electrical engineering, are also part of the grant.

Demystifying computer science

The first course in the series was piloted in spring 2018, teaching computer science fundamentals through projects on real-world topics of interest to students from a broad range of majors. The second course (launching in fall 2019) will enable students to gain a deeper understanding of the Python programming language through examples that are relevant for non-majors.

Mitchell is the instructor of the first course, which is now in its third semester. She shares that the course has gained traction, with 18-22 students enrolling each semester, half of whom identify as women. Mitchell notes that students in the computer science for non-majors course have also demonstrated the same mastery of the material as those in the traditional introductory computer science course.

“I love to see when I have demystified computer programming for non-majors,” says Mitchell. “We assume that all students somehow know what programming is, but that’s certainly not true. What I have seen is that non-majors are just as motivated and succeed at the same rate as majors.”

Gaining traction

Jeremy Keaton ‘19, music, was curious about the computer science for non-majors course because he had an interest in computing but had not explored the topic. “I enjoyed the amount of hands-on programming the course had, and the large projects gave us valuable experience designing functional programs,” he says. “I found it interesting and useful, so I am continuing to take computer science courses and I added a minor in computer science.”

Keaton shares, “I find that what I’ve learned in computer science classes often relates to things in everyday life, from big ideas like logic to specifics like noticing structures and data types while using programs like Excel or browsing the internet.”

Expand computing education at UMBC

Joshi is excited about the opportunity reach a broader set of students through the X + Computing program. He notes that some students in other majors can feel deterred by the math and science prerequisites for traditional computer science courses. “The current design of most computer science classes thus misses out on this more diverse set of students interested in computing,” Joshi explains.

Increasing access to computing skills is an important priority for Joshi and for his department. He hopes X + Computing will appeal to both students who want to add a computer science or computing minor to their non-computing major, and students who want to shape a major around interests rooted in computing. In the future, it’s possible that existing courses will be combined to create a minor in computing that would be open to students in majors across campus.

This program is one of several initiatives the College of Engineering and Information Technology and UMBC more broadly are exploring to expand opportunities for students from all backgrounds to grow their technical knowledge and experience.

“Finding ways to enable expertise in digital proficiency and experience in engineering design for all students, including students in any UMBC major, is essential for our college to help fulfill Maryland’s goals for its future workforce,” explains Keith J Bowman, dean of UMBC’s College of Engineering and Information Technology.

Adapted from a UMBC News article written by Megan Hanks. Banner image: UMBC’s Information Technology and Engineering building. Photo by Marlayna Demond ’11 for UMBC.

CMSC 291: Continued Computer Science for Non-Majors

New for Fall 2019!

CMSC 291
Continued Computer Science for Non-Majors

This fall, Dr. Susan Mitchell will teach a special topics course designed for all non-computer science, non-computer engineering majors. The 3-credit course will be a continuation and extension of CMSC 201 Computer Science I and taught in the popular Python programming language. The catalog description is:

A continuation of problem solving and programming in the Python language. Emphasis is placed on the solution to more complex programming problems, expanding on the topics of modularity, abstraction, program design, testing, and debugging. The use of Python libraries relevant to non-CS major fields are presented.

Assignments and projects will emphasize topics applicable to many non-CS disciplines, such as data visualization, working with large data sets, and database usage.

The course will be held on Tuesdays and Thursdays from 11:30am to 12:30pm (Course catalog number 291-01).

Prerequisites:  Completed CMSC 201 with a C or better; completed MATH 150, 151 or 152 with a C or better, OR have MATH test placement into MATH 151, OR have completed MATH 155 with a C or better

This course is restricted to non-computer science, non-computer engineering majors. It does not satisfy any requirement for computer science or computer engineering majors and may not be substituted for CMSC 202 Computer Science II.

For questions, please email Dr. Susan Mitchell at

CMSC 201: Computer Science I for Non-Majors — Fall 2019

Fall 2019
CMSC 201 Computer Science I
Section for Non-Majors

This fall, Dr. Susan Mitchell will teach a special section of CMSC 201 Computer Science I designed for all non-computer science, non-computer engineering majors. The course will cover the same content and have the same rigor as all other CMSC 201 sections and prepare students to continue on to CMSC 202 if they wish.  As with other sections, it fulfills any major’s requirement for CMSC 201. The key difference will be that the assignments and projects will emphasize topics applicable to many non-CS disciplines, such as statistical analysis, working with large data sets, and data visualization. The course will be taught in the popular Python programming language. The catalog description is:

An introduction to computer science through problem solving and computer programming. Programming techniques covered by this course include modularity, abstraction, top-down design, specifications documentation, debugging and testing. The core material for this course includes control structures, functions, lists, strings, abstract data types, file I/O, and recursion.

The 4-credit course will include a lecture from 2:30pm to 3:45pm on Mondays and Wednesdays (Section 60-LEC) and a one-hour lab on either Monday (Section 61-DIS) or Wednesday (Section 62-DIS) from 11:00-11:50am.

No prior programming experience is required. The only prerequisite is that students must have completed MATH 150, 151 or 152 with a C or better; OR have MATH test placement into MATH 151; OR have completed MATH 155 with a C or better.

This course is restricted to non-computer science, non-computer engineering majors.

For questions, please email Dr. Susan Mitchell at

UMBC’s 15th Digital Entertainment Conference, 11-5, Sat May 11

UMBC’s 15th Digital Entertainment Conference

11:00am-5:00pm, Saturday, May 11, 2019

Commons Sports Zone, UMBC

The Digital Entertainment Conference (DEC) is an annual student-organized event that brings professional game developers from the area to UMBC to talk about their experience in the game industry. DEC’19 will be held 11-5 on Saturday, May 11 in the Sports Zone of the UMBC Commons building. Attend to meet professions from the local game industry, see games made by UMBC students, and network with game developers.

DEC’19 is free to attend and open to UMBC students, high school students, UMBC alumni and anyone interested in game development. A free catered lunch is provided and parking on campus is free on weekends on any lot marked A, B, or C.

This year’s speakers include: Greg Lane, Community Manager at Big Huge Games; Dorian Newcomb, Co-founder and Art Director at Mohawk Games; Andrei Shulgach, Composer for games and short films and UI Implementer at UX is Fine; Rebecca Bushko: Software Engineer at Big Huge Games; Eric Jordan, Senior Software Engineer at Firaxis Games and the first president of the UMBC Game Developers Club.

The DEC’19 is co-sponsored by the UMBC Game Developers club and Computer Science Education Club and funded by the COEIT Dean’s Office’s Collaborative Student Funding Program.

UMBC welcomes Donna Ruginski as executive director for cybersecurity initiatives

“Cybersecurity research is important because we live in a connected world. As a society, we have an expectation to conduct professional business in a safe and secure technology environment,” says Donna Ruginski, UMBC’s new executive director for cybersecurity initiatives. “Research is thriving at UMBC, and some of the nation’s leading cybersecurity research is being conducted at UMBC.”

Ruginski joins the Office of the Vice President for Research as the first campus leader to hold this partnership-focused cybersecurity role.

“I am delighted to join the UMBC community and to work with its visionary leadership and extraordinary faculty and staff,” she says. “UMBC’s capabilities and resources in cybersecurity contribute to the region’s economic development through a comprehensive cybersecurity focus on academic education, research, workforce development, technology incubators, and entrepreneurship. UMBC truly offers the complete package, making it an exciting place to be.”

Ruginski brings significant experience in cybersecurity to her new role at UMBC. She holds a master’s degree in computer science from Johns Hopkins University and has founded and served as a senior technology executive at software companies over the course of her career.

Karl V. Steiner, vice president for research at UMBC, says Ruginski’s role is important for UMBC, for Maryland, and for the United States. “UMBC is already recognized for its strength in the growing field of cybersecurity and through our strong relationships with federal agencies and the private sector,” Steiner explains. “Ruginski comes to us with an exceptional background and strong skill set that will enable our community to thrive and successfully pursue exciting new opportunities in the years to come.”

In her new role, Ruginski will work to enhance awareness of UMBC’s broad portfolio of cybersecurity initiatives and expand research partnerships with public and private organizations, says Steiner.

“Expanding cybersecurity research at UMBC will offer additional opportunities for faculty and students at all levels,” says Ruginski. “I’m excited to supportUMBC’s growing reputation as a leading research institution.”

Adapted from a UMBC News story by Megan Hanks. Photo of Donna Ruginski by Marlayna Demond ’11 for UMBC.

talk: Security for Smart Cyber-Physical Systems, 12-1 5/3, ITE 227

UMBC Cyber Defense Lab

Security for Smart Cyber-Physical Systems

Prof. Anupam Joshi, UMBC

12:00–1:00pm, Friday, 3 May 2019, ITE 227

Smart Cyber-Physical Systems (CPS) are increasingly embedded in our everyday life. Security incidents involving them are often high-profile because of their ability to control critical infrastructure. Stuxnet and the Ukrainian power-grid attack are some notorious attacks reported against CPS which impacted governmental programs to ordinary users. In addition to the deliberate attacks, device malfunction and human error can also result in incidents with grave consequences. Hence the detection and mitigation of abnormal behaviors resulting from security incidents is imperative for the trustworthiness and broader acceptance of smart cyber-physical systems. We propose an automatic behavioral abstraction technique, ABATe, which automatically learns their typical behavior by finding the latent “context” space using available operational data and is used to discern anomalies. We evaluate our technique using two real-world datasets (a sewage water treatment plant dataset and an automotive dataset) to demonstrate the multi-domain adaptability and efficacy of our approach.

Anupam Joshi is the Oros Family Professor and Chair of Computer Science and Electrical Engineering Department at the University of Maryland, Baltimore County(UMBC). He is the Director of UMBC’s Center for Cybersecurity, and one of the USM leads for the National Cybersecurity FFRDC. He is a Fellow of IEEE. Dr. Joshi obtained a B.Tech degree from IIT Delhi in 1989, and a Masters and Ph.D. from Purdue University in 1991 and 1993 respectively. His research interests are in the broad area of networked computing and intelligent systems. His primary focus has been on data management and security/privacy in mobile/pervasive computing environments, and policy driven approaches to security and privacy. He is also interested in Semantic Web and Data/Text/Web Analytics, especially their applications to (cyber) security. He has published over 250 technical papers with an h-index of 79 and over 23,250 citations (per Google scholar), filed and been granted several patents, and has obtained research support from National Science Foundation (NSF), NASA, Defense Advanced Research Projects Agency (DARPA), US Dept of Defense (DoD), NIST, IBM, Microsoft, Qualcom, Northrop Grumman, and Lockheed Martin amongst others

1 2 3 132