Assistant Director, UMBC Center for Cybersecurity
Director, UMBC Cybersecurity Graduate Program
1-2pm, Friday, 31 March 2017, ITE 231
Public portrayals of the digital landscape, particularly through the entertainment mass media and product marketing, can have a profound influence on how the general public perceives the strengths and limitations of technology. Over time, these images, stereotypes and dramatized capabilities are replicated across texts and repeated until, rightly or wrongly, they become the default paradigm for mass understanding of the complex and ever-changing modern technological environment.
For example, one only needs to observe legislative bodies or watch mainstream news media trying to come to understand issues such as encryption, cybersecurity, or even pluralistic applications of the term “to hack” to see just how deeply the stereotype of the god-like yet overweight and socially maladjusted (often male) ‘hacker’ have penetrated popular perceptions. Metaphors like this that act as a useful shorthand in fictional storytelling do not make a good reference basis for policy statements or national decision-making — however, when such sensationalized and/or fictional depictions overshadow more sophisticated or nuanced descriptions of those capabilities in actual practice, it is understandable why unrealistic expectations and unworkable proposals for technology – like “good-guys only” encryption backdoors – continue being proposed.
Drawing on examples from the media and politics, this presentation explores the connections between decades-old media tropes around technology/technologists and current technology debates, especially those related to cybersecurity and cyberwarfare. This interpretively analyzed presentation argues that perception is just as important as performance in terms of outcomes and acknowledges that the models used by mass society, including policy makers, to understand early digital innovations are part of a wider set of mass cultural messages have served a purpose — but now need to be either dispelled or updated. Addressing the assumptions and inaccuracies of these shared media-fueled perceptions of the emerging digital society is an important part of understanding and then working to overcome conflicts between technology and policy.
(This presentation, and its related paper, are part of ongoing research collaborations between Dr. Forno (security) at UMBC and Dr. Erika Pearson (media/comms) of Massey University in Wellington, NZ)
Dr. Richard Forno is a Senior Lecturer in the UMBC Department of Computer Science and Electrical Engineering, where he directs the UMBC Graduate Cybersecurity Program and serves as the Assistant Director of UMBC’s Center for Cybersecurity. His twenty-year career spans the government, military, and private sector, including helping to build the first formal cybersecurity program for the U.S. House of Representatives, serving as the first Chief Security Officer for Network Solutions (operator of the InterNIC), and co-founding the CyberMaryland conference. Dr. Forno was also one of the early thought leaders on the subject of “information warfare” and he remains a longtime commentator on the influence of Internet technology upon society.
About the CSEE Seminar Series: The UMBC Department of Computer Science and Electrical Engineering presents technical talks on current significant research projects of broad interest to the Department and the research community. Each talk is free and open to the public. We welcome your feedback and suggestions for future talks.
Wikileaks hack highlights importance of cyberdefense basics, UMBC experts write
The Central Intelligence Agency’s latest leak is the most recent major hack exposing information that could possibly compromise national security. In The Conversation, Anupam Joshi and Rick Forno, explain that this hack is a reminder of how cyberdefense strategies must be continually improved to ensure sensitive information is protected.
Joshi is a professor and chair of the department of computer science and electrical engineering and director of UMBC’s Center for Cybersecurity, and Forno is the assistant director of the UMBC Center for Cybersecurity and director of UMBC’s graduate program in cybersecurity. Their latest article has been republished by media across the globe and has been read more than 20,000 times.
“This round of leaks, of documents dating from 2013 to 2016,…reinforces perhaps the most troubling piece of information we already know: Individuals and the government itself must step up cyberdefense efforts to protect sensitive information,” write Joshi and Forno.
They ask readers to consider the risk to security and privacy compared with the benefits and convenience of modern technologies. “As citizens, we must decide what level of risk we — as a nation, a society and as individuals — are willing to face when using internet-connected products.”
Any electronic device connected to the internet is susceptible to a cyber attack, Joshi and Forno go on to explain, noting, “It’s not necessarily a good idea to have always-on and network-enabled microphones or cameras in every room of the house.”
Joshi also spoke with CBS Baltimore about how hacks can impact technologies consumers use every day, such as cars that now feature high tech navigation and entertainment systems. “The more electronic gizmos you have in your car, the newer the car you have, the more you’re connected to the network with your car, the greater the probability something can be done to your car,” he explained. Still, he noted, a hacker would need to have advanced technical knowledge and, likely, close proximity to the car to carry out such an attack.
To ensure that sensitive information is protected, Joshi and Forno say that focusing on “the mundane tasks of cyberdefense” is essential to maintaining security for everyone, from government to individuals, although they emphasize that no internet-connected technologies are immune to cyber hacks. Ultimately, they write, “Keeping others out of key systems is crucial to American national security, and to the proper function of our government, military and civilian systems.”
Join the UMBC Computer Science Education Club and the Center for Women in Technology for a free screening of the award winning film, CODE: Debugging the Gender Gap. The documentary exposes the dearth of American female and minority software engineers and explores the reasons for this gender gap. CODE raises the question: what would society gain from having more women and minorities code?
CODE will be screened on Friday March 31 at 3:00-5:00pm in ITE 104. A discussion about the film will immediately follow the screening. Snacks will be provided! RSVP via myUMBC to let the organizers know you will be there on Friday 3/31!.
Here’s a trailer for the film:
talk: Phase synchrony in heart-brain interactions predicts personality and emotions, 1pm 3/17
UMBC CSEE Seminar Series
Phase synchrony in heart-brain interactions predicts personality and emotions
Ehsan Shokri Kojori NIH, National Institute on Alcoloh Abuse and Alcoholism
1:00-2:00pm Friday, 17 March 2017, ITE 231
Despite the historical interest in the link between brain and heart, it is unknown whether brain and heart interactions provide meaningful information about emotions and personality. Here we studied the phase and amplitude of coherence between cardiac pulse and resting state fMRI signals in 203 subjects. We show low-frequency (LF, < 0.1 Hz) components of the resting-state networks (RSN) share significant content with corresponding components in physiological recordings. We found LF cardiovascular components precede those in RSNs, and LF respiratory components follow those in RSNs. Phase dispersion (in LF) between cardiac (but not respiratory) and RSN signals predicted a main positivity-negativity dimension of personality (r = 0.31, p < 0.0001) and emotions (r = 0.24, p = 0.001). Specifically, higher phase dispersion between cardiac and brain RSNs predicted higher tendency toward negative inclinations. In summary, these results provide evidence that brain-wide sensitivity to cardiovascular signaling predicts a main dimension of personality and emotions. Finally, our analysis of phase dispersion may have diagnostic value in specific neuropsychiatric disorders.
Dr. Ehsan Shokri Kojori joined the Laboratory of Neuroimaging at the NIH National Institute on Alcohol Abuse and Alcoholism as a postdoctoral IRTA fellow in August 2014 and became a Research Fellow in May 2016. He earned a PhD degree in cognitive neuroscience from the University of Texas at Dallas in Spring 2014. Ehsan also has a background in electrical engineering and signal processing. His interests include combining brain imaging modalities (e.g., fMRI, DTI, and PET) and behavioral measurements to understand the neurocognitive underpinnings of goal directed behavior. His current work involves studying how addiction and alcohol abuse affect efficiency and energetic cost of the brain networks. He is also working on developing novel methodologies to better characterize anatomical and functional brain connectivity indices.
Drs. Joshi and Forno assess CIA Wikileaks ‘Vault7’
As cybersecurity researchers conducting a preliminary review of the data released in what WikiLeaks calls “Vault 7,” we find the documents mostly confirm existing knowledge about how common hacking is and how many potential targets there are in the world.
This round of leaks, of documents dating from 2013 to 2016, also reinforces perhaps the most troubling piece of information we already knew: Individuals and the government itself must step up cyberdefense efforts to protect sensitive information.
The fact that the CIA specifically targeted smart televisions should serve as yet another a wake-up call to the general public and technology manufacturers about cybersecurity issues inherent in modern devices. Specifically, “smart home” and Internet of Things devices represent a massive vulnerability. They are open to attack not only by government organizations seeking intelligence on national security information, but terrorists, criminals or other adversaries.
Ultimately, as a society, we must continue to debate the trade-offs between the conveniences of modern technologies and security/privacy. There are definite benefits and conveniences from pervasive and wearable computing, smart cars and televisions, internet-enabled refrigerators and thermostats, and the like. But there are very real security and privacy concerns associated with installing and using them in our personal environments and private spaces. Additional problems can come from how our governments address these issues while respecting popular opinion and acknowledging the capabilities of modern technology.
As citizens, we must decide what level of risk we – as a nation, a society and as individuals – are willing to face when using internet-connected products.
We’re frequent attackers – but bad defenders
The WikiLeaks release also reconfirms a reality the U.S. might prefer to keep quiet: While the government objects to others’ offensive cyberattacks against the United States, we launch them too. This isn’t news, but it hurts America’s reputation as a fair and aboveboard player on the international stage. It also also reduces American officials’ credibility when they object to other countries’ electronic activities.
Leaks like this reveal America’s methods to the world, providing plenty of direction for adversaries who want to replicate what government agents do – or even potentially launch attacks that appear to come from American agencies to conceal their own involvement or deflect attribution.
But perhaps the most disturbing message the WikiLeaks disclosure represents is in the leak itself: It’s another high-profile, high-volume breach of information from a major U.S. government agency – and at least the third significant one from the secretive intelligence community.
Our government needs to focus more on the mundane tasks of cyberdefense. Keeping others out of key systems is crucial to American national security, and to the proper function of our government, military and civilian systems.
Achieving this is no easy task. In the wake of this latest WikiLeaks release, it’s certain that the CIA and other agencies will further step up their insider-threat protections and other defenses. But part of the problem is the amount of data the country is trying to keep secret in the first place.
We recommend the federal government review its classification policies to determine, frankly, if too much information is needlessly declared secret. Reportedly, as many as 4.2 million people – federal employees and contractors – have security clearances. If so many people need or are given access to handle classified material, is there just too much of it to begin with? In any case, the information our government declares secret is available to a very large group of people.
If the U.S. is going to be successful at securing its crucial government information, it must do a better job managing the volume of information generated and controlling access to it, both authorized and otherwise. Granted, neither is an easy task. However, absent fundamental changes that fix the proverbial cult of classification, there likely will be many more WikiLeaks-type disclosures in the future.
Do you want to help solve important problems facing society? Would you like to join and be part of a vibrant interdisciplinary community? Do you want to be recognized by the National Academy of Engineering for your contributions? Apply to the GCSP program and become a Grand Challenge Scholar! Open to all UMBC majors.
What are the NAE Grand Challenges?
✔ Fourteen broad problems facing society in sustainability, health, security, and knowledge ✔ Solutions will require interdisciplinary teams and years of sustained effort
What does a UMBC Grand Challenge Scholar do?
✔ Design a personalized program ✔ Explore a selected Grand Challenge through five program areas: research, interdisciplinarity, entrepreneurship, global perspectives and service
✔ Receive formal designation as an NAE Grand Challenge Scholar at graduation
What are the program requirements?
✔ Three one-credit GCSP seminars (GCSP 301, 302, 401)
✔ GC-related experiences in the five program areas, such as coursework, study abroad, internships and mentored research
How and when do I apply?
✔ Apply online at the GCSP website. Applications after April 1 are subject to program capacity ✔ Submit your transcript, short essay answers, two references and optionally a letter of support ✔ Designed for students completing their sophomore year, but all students may apply ✔ Contact GCSP Director Professor Marie desJardins at with any questions
Prof. Gymama Slaughter on the body as a battery at Baltimore’s Light City festival
How can we begin to use our body as a power source? The same way we use a battery: by harnessing its chemical energy. As part of the annual Baltimore Light City Festival: A Festival of Light, Music and Innovations, Dr. Gymama Slaughter will present her research work on “The body as a battery – harnessing its chemical energy to power wearable and implantable sensors that diagnose and monitor diseases.” Dr. Slaughter will show how her team is converting the biochemical energy in blood sugar into electrical power, and how it is used to power wearable and implantable sensors.
The HealthLab@LightCity conference brings together innovators and leaders from Baltimore and across the nation to explore emerging technologies and innovative practices that have the potential to improve the quality of life and health outcomes for all people, here and around the world.
HealthLab@lightcity is presented by Kaiser Permanente and will be held 8:00am-6:00pm on Monday, 3 April 2017 at the IMET Columbus Center (701 E Pratt St, Baltimore, MD 21202) as part of Baltimore’s annual Light City Festival.
UMBC Cyber Dawgs to hold student cybersecurity competition on Saturday, March 11
The UMBC Cyber Dawgs will hold a cybersecurity Capture the Flag competition on Saturday, March 11th from 9am-5pm in the Public Policy building. The event will be a jeopardy-style competition where individual competitors answer questions about aspects of cybersecurity, including network forensics, reverse engineering, reconnaissance, and cryptography.
The competition is open to all current UMBC students, both beginners and experts alike. Participants will learn and execute both offensive and defensive security practices that are relevant in today’s computing environments using their laptops to access a system that provides hints and guidance on completing the challenges.
Top performers will receive prizes, including a new ChromeBook, a Wireless Pineapple Nano and a YARD Stick One. There will also be door prizes for a few randomly selected, lucky participants, including some Raspberry PIs. Breakfast and lunch will be provided. Some of the Cyber Dawg club’s sponsors will be at the event for students to network with, so bring your resumes.
Students who are interested must register online in advance and bring a laptop to the event. Registration and participation is free but space is limited.
Accelerating Technology Disruption: The Cognitive Revolution
Dr. Arvind Krishna
Senior Vice President, Hybrid Cloud and Director, IBM Research
1:00-2:00pm, Friday, 24 February 2017, PAHB 132
Digital disruption is changing the world around us, breaking down traditional barriers to market entry, creating new business models, and leading to new solutions to global challenges. Dr. Arvind Krishna will examine some of the core emerging technologies driving this phenomenon today, with an emphasis on artificial intelligence/cognitive computing. He will also share his perspectives on what it takes to build a successful, high-impact technical career in an era of disruptive innovation.
Arvind Krishna is senior vice president, Hybrid Cloud, and director of IBM Research. In this role, he leads the company’s hybrid cloud business, including strategy, product design, offering development, marketing, sales and service. He also helps guide IBM’s overall technical strategy in core and emerging technologies including cognitive computing, quantum computing, cloud platform services, data-driven solutions and blockchain. Previously, Arvind was general manager of IBM Systems and Technology Group’s development and manufacturing organization, responsible for developing and engineering everything from advanced semiconductor materials to leading-edge microprocessors, servers and storage systems.
Earlier in his career, he was general manager of IBM Information Management, which included database, information integration and big data software solutions. Prior to that, he was vice president of strategy for IBM Software. He has held several key technical roles in IBM Software and IBM Research, where he pioneered IBM’s security software business. Arvind has an undergraduate degree from the Indian Institute of Technology, Kanpur and a Ph.D. from the University of Illinois at Urbana-Champaign. He is the recipient of a distinguished alumni award from the University of Illinois, is the co-author of 15 patents, has been the editor of IEEE and ACM journals, and has published extensively in technical conferences and journals.
UMBC CSEE alumnus Josiah Dykstra receives PECASE award for cybercrime work
While he was a graduate student at UMBC, Dykstra worked full-time at the National Security Agency, where he remains a cybersecurity researcher, but for his dissertation took a fresh path and selected an area of research very different from his projects at the agency. Dykstra worked in UMBC’s Cyber Defense Lab with Alan Sherman, professor of computer science and electrical engineering, and studied how crimes using computers are tracked through information stored on the computers themselves and in email accounts.
To determine whether and how a crime occurred, Dykstra explains, a law enforcement official may need to extract data from a phone or computer using a third party vendor. He looked at whether law enforcement could trust that the data they are having analyzed to have not been manipulated. The legal and trust issues associated with accessing such data, and the technical and legal challenges associated with information stored on electronics, formed the central focus of Dykstra’s graduate work.
Reflecting on his PECASE award, Dykstra shares, “I didn’t know when I was doing the work at UMBC that it was a possibility” to receive this kind of recognition. He hopes his achievement offers encouragement for students currently working through their dissertations, tackling challenging research questions. “It’s helpful for students to see people who have done work like this,” he says.
The PECASE is one of the highest honors the federal government can bestow on early-stage science and engineering researchers. PECASE award recipients are presented with their awards during a ceremony at the White House, which will be held in the coming months.
Other recent PECASE recipients from UMBC include Kafui Dzirasa ‘01, chemical engineering, now an assistant assistant professor of psychiatry and behavioral sciences at Duke University, who received the award in spring 2016, and Justin Jacobs ‘14 Ph.D., statistics, who was recognized in spring 2014.