talk: Hacking, Security, and Technology In Public Consciousness: The Effects of Myth, 1pm 3/31

Hackers is a 1995 American film that follows a group of high school hackers and their involvement in a corporate extortion conspiracy.
An image from Hackers, a 1995 film that followed a group of high school hackers and their involvement in a corporate extortion conspiracy


UMBC CSEE Seminar Series

Hacking, Security and Technology In Public Consciousness:
The Effects of Myth

Dr. Richard Forno

Assistant Director, UMBC Center for Cybersecurity
Director, UMBC Cybersecurity Graduate Program

1-2pm, Friday, 31 March 2017, ITE 231

Public portrayals of the digital landscape, particularly through the entertainment mass media and product marketing, can have a profound influence on how the general public perceives the strengths and limitations of technology. Over time, these images, stereotypes and dramatized capabilities are replicated across texts and repeated until, rightly or wrongly, they become the default paradigm for mass understanding of the complex and ever-changing modern technological environment.

For example, one only needs to observe legislative bodies or watch mainstream news media trying to come to understand issues such as encryption, cybersecurity, or even pluralistic applications of the term “to hack” to see just how deeply the stereotype of the god-like yet overweight and socially maladjusted (often male) ‘hacker’ have penetrated popular perceptions. Metaphors like this that act as a useful shorthand in fictional storytelling do not make a good reference basis for policy statements or national decision-making — however, when such sensationalized and/or fictional depictions overshadow more sophisticated or nuanced descriptions of those capabilities in actual practice, it is understandable why unrealistic expectations and unworkable proposals for technology – like “good-guys only” encryption backdoors – continue being proposed.

Drawing on examples from the media and politics, this presentation explores the connections between decades-old media tropes around technology/technologists and current technology debates, especially those related to cybersecurity and cyberwarfare. This interpretively analyzed presentation argues that perception is just as important as performance in terms of outcomes and acknowledges that the models used by mass society, including policy makers, to understand early digital innovations are part of a wider set of mass cultural messages have served a purpose — but now need to be either dispelled or updated. Addressing the assumptions and inaccuracies of these shared media-fueled perceptions of the emerging digital society is an important part of understanding and then working to overcome conflicts between technology and policy.

(This presentation, and its related paper, are part of ongoing research collaborations between Dr. Forno (security) at UMBC and Dr. Erika Pearson (media/comms) of Massey University in Wellington, NZ)


Dr. Richard Forno is a Senior Lecturer in the UMBC Department of Computer Science and Electrical Engineering, where he directs the UMBC Graduate Cybersecurity Program and serves as the Assistant Director of UMBC’s Center for Cybersecurity. His twenty-year career spans the government, military, and private sector, including helping to build the first formal cybersecurity program for the U.S. House of Representatives, serving as the first Chief Security Officer for Network Solutions (operator of the InterNIC), and co-founding the CyberMaryland conference. Dr. Forno was also one of the early thought leaders on the subject of “information warfare” and he remains a longtime commentator on the influence of Internet technology upon society.

Organizer: Tulay Adali, Host: Alan Sherman

About the CSEE Seminar Series: The UMBC Department of Computer Science and Electrical Engineering presents technical talks on current significant research projects of broad interest to the Department and the research community. Each talk is free and open to the public. We welcome your feedback and suggestions for future talks.

talk: Phase synchrony in heart-brain interactions predicts personality and emotions, 1pm 3/17

UMBC CSEE Seminar Series

Phase synchrony in heart-brain interactions predicts personality and emotions

Ehsan Shokri Kojori
NIH, National Institute on Alcoloh Abuse and Alcoholism

1:00-2:00pm Friday, 17 March 2017, ITE 231

Despite the historical interest in the link between brain and heart, it is unknown whether brain and heart interactions provide meaningful information about emotions and personality. Here we studied the phase and amplitude of coherence between cardiac pulse and resting state fMRI signals in 203 subjects. We show low-frequency (LF, < 0.1 Hz) components of the resting-state networks (RSN) share significant content with corresponding components in physiological recordings. We found LF cardiovascular components precede those in RSNs, and LF respiratory components follow those in RSNs. Phase dispersion (in LF) between cardiac (but not respiratory) and RSN signals predicted a main positivity-negativity dimension of personality (r = 0.31, p < 0.0001) and emotions (r = 0.24, p = 0.001). Specifically, higher phase dispersion between cardiac and brain RSNs predicted higher tendency toward negative inclinations. In summary, these results provide evidence that brain-wide sensitivity to cardiovascular signaling predicts a main dimension of personality and emotions. Finally, our analysis of phase dispersion may have diagnostic value in specific neuropsychiatric disorders.

Dr. Ehsan Shokri Kojori joined the Laboratory of Neuroimaging at the NIH National Institute on Alcohol Abuse and Alcoholism
 as a postdoctoral IRTA fellow in August 2014 and became a Research Fellow in May 2016. He earned a PhD degree in cognitive neuroscience from the University of Texas at Dallas in Spring 2014. Ehsan also has a background in electrical engineering and signal processing. His interests include combining brain imaging modalities (e.g., fMRI, DTI, and PET) and behavioral measurements to understand the neurocognitive underpinnings of goal directed behavior. His current work involves studying how addiction and alcohol abuse affect efficiency and energetic cost of the brain networks. He is also working on developing novel methodologies to better characterize anatomical and functional brain connectivity indices.

IBM’s Arvind Krishna, Accelerating Technology Disruption: the Cognitive Revolution, 1pm Fri 2/24, UMBC

CSEE Department Distinguished Seminar

Accelerating Technology Disruption: The Cognitive Revolution

Dr. Arvind Krishna
Senior Vice President, Hybrid Cloud and Director, IBM Research

1:00-2:00pm, Friday, 24 February 2017, PAHB 132

Digital disruption is changing the world around us, breaking down traditional barriers to market entry, creating new business models, and leading to new solutions to global challenges. Dr. Arvind Krishna will examine some of the core emerging technologies driving this phenomenon today, with an emphasis on artificial intelligence/cognitive computing. He will also share his perspectives on what it takes to build a successful, high-impact technical career in an era of disruptive innovation.

Arvind Krishna is senior vice president, Hybrid Cloud, and director of IBM Research. In this role, he leads the company’s hybrid cloud business, including strategy, product design, offering development, marketing, sales and service. He also helps guide IBM’s overall technical strategy in core and emerging technologies including cognitive computing, quantum computing, cloud platform services, data-driven solutions and blockchain. Previously, Arvind was general manager of IBM Systems and Technology Group’s development and manufacturing organization, responsible for developing and engineering everything from advanced semiconductor materials to leading-edge microprocessors, servers and storage systems.

Earlier in his career, he was general manager of IBM Information Management, which included database, information integration and big data software solutions. Prior to that, he was vice president of strategy for IBM Software. He has held several key technical roles in IBM Software and IBM Research, where he pioneered IBM’s security software business. Arvind has an undergraduate degree from the Indian Institute of Technology, Kanpur and a Ph.D. from the University of Illinois at Urbana-Champaign. He is the recipient of a distinguished alumni award from the University of Illinois, is the co-author of 15 patents, has been the editor of IEEE and ACM journals, and has published extensively in technical conferences and journals.

talk: Securing Networks by Detecting Logical Flaws in Protocol Implementations

Securing Networks by Detecting Logical Flaws in Protocol Implementations

Dr. Endadul Hoque
Postdoctoral Research Associate, Northeastern University

12:00pm Wednesday, 22 February 2017, ITE 325b, UMBC

Implementations of network protocols are integral components of various networked computing systems, spanning from Internet-of-Things (IoT) to enormous data centers. Research efforts to defend these implementations by introducing new designs for security and advocating best practices in secure programming are not always feasible, nor effective. Even rigorous analysis of the design of a protocol is not sufficient, as indicated by the frequent reports of bugs discovered in protocol implementations after deployment. Hence, it is crucial to develop automated techniques and tools to help programmers detect logical flaws in actual implementations of protocols.

In this talk, I will first present an automated compliance checker to analyze operational behavior of a protocol implementation for detecting semantic bugs, which cause the implementation fail to comply with its specifications. Next, I will present an automated testing tool to analyze robustness of a protocol implementation against malicious attacks mounted to degrade its runtime performance (e.g., throughput). Finally, I will conclude with several directions for future research to aid the development of secure networked systems.

Endadul Hoque is a Postdoctoral Research Associate in the College of Computer and Information Science at Northeastern University. He received his PhD in Computer Science from Purdue University in 2015. His research revolves around practical cybersecurity problems in the networking domain. His current research focuses on leveraging program analysis and formal verification techniques to create automated analysis tools for ensuring secure and reliable operations of networked systems. During his PhD, he received the Graduate Teaching Fellowship award in 2014 and the Bilsland Dissertation Fellowship award in 2015. His research on automated adversarial testing has also been integrated into course curriculum at Purdue University for teaching secure distributed systems programming.

talk: Semantic Approach to Automating Big Data and Cloud, 12pm Mon 2/20

A Semantically Rich Approach to Automating Big Data and Cloud

Dr. Karuna Joshi
University of Maryland, Baltimore County

12:00pm Monday, 20 February 2017, ITE 325b, UMBC

With the explosion of Big Data and the growth of data science, there is an urgent need to automate the data lifecycle of generation, ingestion, analytics, knowledge extraction, and archival and deletion. With a promise of rapid provisioning, scalability and high computing capability, cloud based services are being adopted as the default computing environment for Big Data analytics.

To effectively manage their data on cloud, organizations need to continuously monitor the rules/constraints and performance metrics listed in a variety of legal contracts. However, these documents, like Service Level Agreements (SLA), privacy policy, regulatory documents, etc., are currently managed as plain text files meant principally for human consumption. Additionally, providers often define their own performance metrics for their services. These factors hinder the automation of steps of the data lifecycle, leading to inefficiencies in using the dynamic and elastic elements of the Data+Cloud ecosystem and require manual effort to monitor the service performance. Moreover, Cloud-based service providers are collecting large amounts of data about their consumers including Personally Identifiable Information (PII) like contact addresses, credit card details, bank account details, etc. They are offering customized service level agreements which indicate how such data will be handled. To see whether these agreements meet individual or corporate requirements, or comply with statutory constraints, currently involves significant human effort.

In this talk, we present the semantically rich approach that we have developed to automatically extract knowledge from large textual datasets, specially legal documents, using text analytics and Semantic Web technologies. We describe the OWL ontologies that we have developed, and the techniques to extract key terms and rules from textual legal documents. We will also illustrate application of our work in domains such as education, healthcare and cybersecurity.

Karuna P. Joshi is a Research Assistant Professor of Computer Science and Electrical Engineering at the University of Maryland, Baltimore County. Her research focuses on Data Science and Big Data Analytics, especially legal text analytics; knowledge representation and reasoning; privacy and security of Big Data and Cloud; and cloud enabled Health IT services. She has published over 30 papers, including in journals like IEEE Transactions on Service Computing and conferences like IEEE Big Data and IEEE CLOUD. Her research is supported by organizations like DoD, ONR, NIST, NSF, GE and IBM. She was also awarded the TEDCO MII award for exploring the commercialization of her research. She has been awarded the prestigious IBM PhD Fellowship. She also has over 15 years of industrial experience, primarily as an IT project manager. She worked at the International Monetary Fund for nearly a decade. Her managerial experience includes portfolio/program/project management across various domains. She received the MS and PhD degrees in Computer Science from UMBC and bachelor’s degree in Computer Engineering from the University of Mumbai, India.

talk: Building Incorruptible Systems in Cloud Environments

Building “Incorruptible” Systems in Cloud Environments

Dr. Haibin Zhang
University of Connecticut

12:00pm Friday, 17 February 2017, ITE 325b, UMBC

In this talk, I will discuss how to design and implement efficient distributed systems in untrusted cloud environments that simultaneously achieve the three most important security goals — integrity, availability, and confidentiality.

Haibin Zhang is a postdoctoral fellow at University of Connecticut advised by Prof. Marten van Dijk. He is working on the MACS project, a cross-institutional collaboration among BU, MIT, Northeastern, and UConn. Previously, he was a postdoctoral research associate at the University of North Carolina at Chapel Hill, advised by Prof. Michael Reiter, working on Project Silver. He received his Ph.D. from University of California at Davis (with Prof. Matthew Franklin), his M.S. from Chinese Academy of Sciences, and his B.S. from Shandong University. He is interested in cloud computing, cryptography, security, privacy, and distributed systems. He received the best paper candidate award at 33rd IEEE International Symposium on Reliable Distributed Systems, proved the security of a NIST standard on ciphertext stealing, and was one of the main inventors of Norton Zone, Symantec’s scalable cloud storage.

talk: Cybersecurity and Cellular Technology, 6pm 2/23 Shady Grove

UMBC Cybersecurity Program Cyber Talk

Cybersecurity and Cellular Technology

Joshua Franklin

6:00-8:00pm Thursday, 23 February 2017

The Universities at Shady Grove
Building III (Camille Kendall Academic Center) Room 3241
9636 Gudelsky Drive, Rockville, MD 20850

​​The UMBC Cybersecurity Program is proud to bring you Cyber Talk, a new speaker series that highlights special topics in Cybersecurity. ​Join us at The Universities at Shady Grove (USG) for an informative and engaging discussion on the operation of cellular networks and the threats posed to mobile technology. Participants will have the opportunity to ask questions and hear about the latest trends in industry.

Cellular technology plays an increasingly large role in society as it has become the primary portal to the internet for a large segment of the population. One of the main drivers making this change possible is the deployment of modern 4G LTE cellular technologies. This talk serves as a guide to the fundamentals of how cellular networks operate and explores the evolution of 2G GSM, 3G UMTS and 4G cellular security architectures. This is followed by an analysis of the threats posed to cellular networks and supporting mitigations. Although the talk discusses older GSM and UMTS technologies – it is heavily focused on LTE.

Joshua Franklin is a Security Engineer at the National Institute of Standards and Technology (NIST) focusing on cellular security, electronic voting, and public safety. Prior to NIST, Joshua worked at the U.S. Election Assistance Commission gathering extensive experience with voting technologies. After graduating from Kennesaw State University with a Bachelors of Science in Information Systems, he received a Masters of Science in Information Security and Assurance from George Mason University.

talk: Accountability and Data Privacy in the Life Cycle of Big Data

Towards End-to-End Security and Privacy: Accountability
and Data Privacy in the Life Cycle of Big Data

Taeho Jung
Department of Computer Science
Illinois Institute of Technology

11:00am Tuesday, 14 February 2017, ITE 325b, UMBC

The advent of big data has given birth to numerous innovative life-enhancing applications, but the big data is often called as a double-edged sword due to the increased privacy and security threats. Such threats, if unaddressed, will become deadly barriers to the achievement of big opportunities and success anticipated in the big data industry because they may arise at any part of the life cycle of the big data.

In this talk, I will describe my research which addressed various privacy and security issues in the big data life cycle: acquisition, storage, provisioning, and consumption. More specifically, I will briefly present how various types of data can be protected in their acquisition and consumption phases of the life cycle, and subsequently, I will introduce the theoretic foundations of the presented research. Finally, I will present how to make large-scale data trading accountable against dishonest users for the provisioning phase of big data, and this talk will be concluded with my future research agenda briefing.

Taeho Jung is a Ph.D. candidate in Computer Science at Illinois Institute of Technology. His research area, in general, includes privacy and security issues in data mining and provisioning in the big data life cycle. His paper has won a best paper award (IEEE IPCCC 2014), and two of his papers were selected as best paper candidate (ACM MobiHoc 2014) and best paper award runner up (BigCom 2015) respectively. He has served many international conferences as a TPC member, including IEEE DCOSS 2016, IEEE MSN 2016, IEEE IPCCC 2016, and BigCom 2016. He received his B.E. in Computer Software in Tsinghua University in 2011, and he will receive his Ph.D. in May 2017.

talk: Bayesianism and the Evidence Problem, 4pm 2/15

Philosophy Department Colloquium

Bayesianism and the Evidence Problem

Lisa Cassell
University of Massachusetts/Amherst

4-6:00pm Wednesday, 15 February 2017, 456 Performing Arts & Humanities

Bayesianism is a theory that gives us norms for how the degrees of belief we have in certain propositions — our “credences” — ought to hang together. For instance, it tells me that if my credence that I will play baseball tomorrow is .3 and my credence that I will play basketball tomorrow is .4, then, if I believe that I will only play one or the other, my credence that I will either play baseball tomorrow or basketball tomorrow is .7. One of Bayesianism’s most attractive features is its updating norm, which gives us a simple and powerful way of revising our beliefs in the light of new evidence. However, Bayesians have an “Evidence Problem”: while their updating norm tells us what to do once we get evidence, it doesn’t tell us what it means to actually have evidence. In this talk, I consider two arguments — one in support of Bayesian’s updating norm and one against it — and show that both of these arguments fail. I go on to consider what these failures teach us about the Evidence Problem. I conclude by considering some different ways of resolving this problem.

Talk: Lexumo Continuous Open Source Code Security

 The UMBC Cyber Defense Lab presents

Lexumo Tech Talk: Continuous Open Source Code Security

Dr. Richard T. Carback III
Lexumo, Inc.

11:15am Friday, 16 December 2016, ITE 237, UMBC

Lexumo is a startup which provides the only automated service that continuously monitors IoT software platforms for the latest public vulnerabilities. Funded in January of 2016 for $4.89M, NetworkWorld recently named Lexumo as a 2016 IoT Company to watch. Join us as UMBC alumnus and Lexumo co-founder Richard Carback discusses some of the hard problems and their technical approaches to monitor all the world’s open source software and assist companies in managing their vulnerabilities. The talk will be followed by an open Q&A session.

Richard T. Carback III is a UMBC Alumnus (CS PhD, 2010) and co-founder of Lexumo. Before Lexumo, Richard led the embedded systems security group at Charles Stark Draper Laboratories and was previously the Chief Scientist at Convergent Technologies, Inc. At UMBC, he worked with Alan Sherman on Scantegrity, a practical end-to-end voter verifiable election system.

Host: Alan T. Sherman ()

The UMBC Cyber Defense Lab (CDL) meets biweekly Fridays 11:15am-12:30pm in ITE 229, for research talks about cybersecurity.

1 2 3 44