talk: Cybersecurity & Local Government: Findings from a Nationwide Survey, 12-12 EST 11/19


Cybersecurity and Local Government: Findings from a Nationwide Survey

Donald Norris & Laura Mateczun

11:00-12:00 EST, Thursday, Nov 19, 2020

register to get the webinar link


This talk will discuss data and results from the first nationwide survey of cybersecurity among local or grassroots governments in the United States, examines how these governments manage this important function. As we have shown elsewhere, cybersecurity among local governments is increasingly important because these governments are under constant or nearly constant cyberattack. Due to the frequency of cyberattacks, as well as the probability that at least some attacks will succeed and cause damage to local government information systems, these governments have a great responsibility to protect their information assets. This, in turn, requires these governments to manage cybersecurity effectively, something our data show is largely absent at the American grassroots. That is, on average, local governments fail to manage cybersecurity well. After discussing our findings, we conclude and make recommendations for ways of improving local government cybersecurity management.

Donald F. Norris is Professor Emeritus, School of Public Policy, University of Maryland, Baltimore County. His principal field of study is public management, specifically information technology in governmental organizations, including electronic government and cybersecurity. He has published extensively in refereed journals in these areas. He received a B.S. in history from the University of Memphis and an M.A. and a Ph. D. in political science from the University of Virginia.

Laura Mateczun is a graduate of the University of Maryland Francis King Carey School of Law, and a member of the Maryland Bar. She is currently a Ph.D. student at the University of Maryland, Baltimore County School of Public Policy studying public management. Her research interests involve local government cybersecurity, criminal justice, and the importance of equity in

talk: BVOT, Self-Tallying Boardroom Voting with Oblivious Transfer; 12-1pm 11/6

 BVOT is a self-tallying boardroom voting protocol with ballot secrecy, fairness (no tally info. available before polls close), and dispute-freeness (voters can see that all voters followed the protocol).

UMBC Cyber Defense Lab

BVOT: Self-Tallying Boardroom Voting with Oblivious Transfer

Farid Javani, CSEE, UMBC

12:00–1:00pm, Friday, 6 November 2020

http://umbc.webex.com/meet/sherman

(Joint work with Alan T. Sherman)


A boardroom election is an election with a small number of voters carried out with public communications. We present BVOT, a self-tallying boardroom voting protocol with ballot secrecy, fairness (no tally information is available before the polls close), and dispute-freeness (voters can observe that all voters correctly followed the protocol).

BVOT works by using a multiparty threshold homomorphic encryption system in which each candidate is associated with a masked unique prime. Each voter engages in an oblivious transfer with an untrusted distributor: the voter selects the index of a prime associated with a candidate and receives the selected prime in a masked form. The voter then casts their vote by encrypting their masked prime and broadcasting it to everyone. The distributor does not learn the voter’s choice, and no one learns the mapping between primes and candidates until the audit phase. By hiding the mapping between primes and candidates, BVOT provides voters with insufficient information to carry out effective cheating. The threshold feature prevents anyone from computing any partial tally—until everyone has voted. Multiplying all votes, their decryption shares, and the unmasking factor yields a product of the primes each raised to the number of votes received.

In contrast to some existing boardroom voting protocols, BVOT does not rely on any zero-knowledge proof; instead, it uses oblivious transfer to assure ballot secrecy and correct vote casting. Also, BVOT can handle multiple candidates in one election. BVOT prevents cheating by hiding crucial information: an attempt to increase the tally of one candidate might increase the tally of another candidate. After all votes are cast, any party can tally the votes.

Farid Javani is a Ph.D. candidate in computer science at UMBC, working with Alan Sherman. His research interests include algorithms, security, applied cryptography, and distributed systems. He is the manager of the Enterprise Architecture team at CCC Information Services in Chicago. email:


Host: Alan T. Sherman, Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1:00 pm. All meetings are open to the public. Upcoming CDL Meetings: Oct. 30, Jonathan Katz (UMCP), [possibly on secure distributed computation]; Nov. 13, TBA, [possibly: David R Imbordino (NSA), Security of the 2020 presidential election]; and Dec. 11, TBA, [possibly: Peter A. H. Peterson (Univ. of Minnesota Duluth), Adversarial Thinking]

CSEE URM WORKSHOP & SOCIAL EVENT

Where: https://umbc.webex.com/

This is the second in a series of events that aim to build community among students from groups traditionally underrepresented in the field of computing.

Join us for an opportunity to meet, chat with, and engage fellow CSEE students, faculty, staff, and alumni.

Panelists will discuss life beyond the undergraduate years.

Let’s Do This! Be Social- Virtually

Welcome Remarks– Dr. Freeman Hrabowski

Alumni Speakers

Dr. Jeff Avery, Northrup Grumman

Federico Cifuentes-Urtubey, Ph.D. student, UIUC

Dr. Patti Ordóñez, Associate Prof., UP-RP

Dr. Nwokedi Idika, Google

Kerry Luke, Northrop Grumman

CSEE Faculty Speakers

Mr. Ivan Sekyonda                          Dr. Marcella Wilson

Dr. Dmitri Perkins                             Dr. David Chapman

talk: Secure Computation: From Theory to Practice, 12-1pm Oct 30


UMBC Cyber Defense Lab presents

Secure Computation: From Theory to Practice

Jonathan Katz

Computer Science Department
University of Maryland, College Park

12:00–1:00 pm EDT, Friday, 30 October 2020
Online via Webex


Protocols for secure multi-party computation (MPC) allow a collection of mutually distrusting parties to compute a function of their private inputs without revealing anything else about their inputs to each other. Secure computation was shown to be feasible 35 years ago, but only in the past decade has its efficiency been improved to the point where it has been implemented and, more recently, begun to be used. This real-world deployment of secure computation suggests new applications and raises new questions.

This talk will survey some recent work at the intersection of the theory and practice of MPC, focusing on a surprising application to the construction of Picnic, a “post-quantum” signature scheme currently under consideration by NIST for standardization.

Jonathan Katz is a faculty member in the department of computer science at the University of Maryland, College Park, where he formerly served as director of the Maryland Cybersecurity Center for over five years. He is an IACR Fellow, was named a University of Maryland distinguished scholar-teacher in 2017-2018, and received the ACM SIGSAC Outstanding Contribution Award in 2019.


Host: Alan T. Sherman, Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1pm. All meetings are open to the public.

Upcoming CDL Meetings: Nov. 13, TBA, [possibly: David R Imbordino (NSA), Security of the 2020 presidential election]; Dec. 11, TBA, [possibly: Peter A. H. Peterson (Univ. of Minnesota Duluth), Adversarial Thinking]

talk: Tracking Hacking: The Disturbing Proliferation of Commercial Spyware, 1pm Oct. 23


Distinguished Speaker Series
The UMBC Center for Cybersecurity and
Dept. of Computer Science & Electrical Engineering

Tracking Hacking: The Disturbing Proliferation of Commercial Spyware

Ronald J. Deibert, Ph.D.
Prof. of Political Science, Director of Citizen Lab
Munk School of Global Affairs and Public Policy, University of Toronto


1–2:00 pm Friday, 23 October 2020

Webex, Mtg. #: 120 360 5372 Password: 4ExV8dCM3J2


Political struggles in and through the global Internet and related technologies are entering into a particularly dangerous phase for openness, security, and human rights. A growing number of governments and private companies have turned to “offensive” operations, with means ranging from sophisticated and expensive to homegrown and cheap. A large and largely unregulated market for commercial surveillance technology is finding willing clientele among the world’s least accountable regimes. Powerful spyware tools are used to infiltrate civil society networks, targeting the devices of journalists, human rights defenders, minority movements, and political opposition, often with lethal consequences. Drawing from the last decade of research at the University of Toronto’s Citizen Lab, I will provide an overview of these disturbing trends and discuss some pathways to repairing and restoring the Internet as a sphere that supports, rather than diminishes, human rights.

Ronald J. Deibert is Professor of Political Science and Director of the Citizen Lab at the Munk School of Global Affairs and Public Policy, University of Toronto. The Citizen Lab undertakes interdisciplinary research at the intersection of global security, ICTs, and human rights. The research outputs of the Citizen Lab are routinely covered in global media, including over two dozen reports receiving front-page coverage in the New York Times, Washington Post, and other media over the last decade. Deibert is the author of Black Code: Surveillance, Privacy, and the Dark Side of the Internet (Random House: 2013) Reset: Reclaiming the Internet for Civil Society (House of Anansi: 2020) as well as numerous books, chapters, articles, and reports on Internet censorship, surveillance, and cybersecurity. In 2013, he was appointed to the Order of Ontario and awarded the Queen Elizabeth II Diamond Jubilee medal, for being “among the first to recognize and take measures to mitigate growing threats to communications rights, openness and security worldwide.”

talk: Exploding Blockchain Myths, 5:30pm Tue 10/13


UMBC Data Science Meetup Talk

Exploding Blockchain Myths

Maria Vachino and Dr. James P. Howard

5:30-7:00pm Tuesday, 13 October 2020


In this talk, Maria Vachino from Easy Dynamics and Dr. James P. Howard from APL will provide an overview of what blockchain is and isn’t, focusing on non-cryptocurrency use cases, will explain the results of their research for the DHS S&T Cybersecurity Directorate, and will provide insight into the value (or lack therefore) of the technology.

References:
https://ieeexplore.ieee.org/document/8965252/
http://jitm.ubalt.edu/XXX-3/article3.pdf

Maria Vachino is the Director of Digital Identity at Easy Dynamics where she is focused on Identity Credential & Access Management (ICAM) technologies, policies, & standards, Cybersecurity, and IT modernization for the US Federal Government. She started investigating applications for blockchain technology in 2015 as the Technical and Government Engagement Lead for the DHS S&T Cyber Security Directorate’s Identity Management Research & Development Program while a member of the Senior Professional Staff at the Johns Hopkins Applied Physics Lab. Maria has a BS in Computer Science from UMBC and an MS in Cybersecurity.

Dr. James P. Howard, II (UMBC Ph.D. ’14) is a scientist at the Johns Hopkins Applied Physics Laboratory. Previously, he was a consultant to numerous government agencies, including the Securities and Exchange Commission, the Executive Office of the President, and the United States Department of Homeland Security, and worked for the Board of Governors of the Federal Reserve System as an internal consultant on scientific computing. He is a passionate educator, teaching mathematics and statistics at the University of Maryland Global Campus since 2010 and has taught public management at Central Michigan University, Penn State, and the University of Baltimore. His most recent work has modeled the spread of infectious respiratory diseases and Ebolavirus, predicted global disruptive events, researched using blockchain for government services, and created devices for rescuing victims of building collapse. He is the author of two books.

talk: From UMBC to CEO


The Alex. Brown Center For Entrepreneurship
The Raymond V. Haysbert, Sr. Entrepreneurship Lecture Series
presents


From UMBC to CEO

Delali Dzirasa, Fearless
UMBC ‘04, BS Computer Engineering


12:00-1:00 pm Wednesday, 30 September 2020
online via Webex


Come listen to Delali, CEO and Founder of Fearless, talk about his entrepreneurial journey after he left UMBC. Every day Delali strives to make a difference in technology and in his surrounding community. He is passionate about increasing the rate of city youth heading into STEM fields and works closely with city nonprofits to provide funding and mentorship programs in city schools, as well as other educator initiatives. Fearless is a full stack digital services firm in Baltimore, Maryland with a mission to create software with a soul – tools that empower communities and make a difference. Fearless delivers sleek, modern, and user-friendly software designed to push the boundaries of possibility, to create a world where good software powers the things that matter.

Every day Delali strives to make a difference in technology and in his surrounding community. He is passionate about increasing the rate of city youth heading into STEM fields and works closely with city nonprofits to provide funding and mentorship programs in city schools, as well as other educator initiatives.

Delali Dzirasa ‘04 is the CEO and Founder, of Fearless. He received a B.S. in computer engineering from UMBC in 2004. His awards and affiliations include UMBC Outstanding Young Alumni of the Year, 2011; Board Member, Downtown Partnership of Baltimore; Board Member, UMBC College of Engineering & Information Technology; Co-Founder / Chair DevOpsDays, Baltimore; BBJ’s 40 under 40, 2017; Co-Founder, Digital Services Coalition, 2018; Co-Founder, Hack Baltimore, 2018; GBC LEADERship class of 2018; BBJ’s National List of Influential 100; Young Executives, 2018; and BBJ’s Tech 10, 2019.

For more information, see this flyer


The Raymond V. Haysbert, Sr. Entrepreneurship Lecture Series provides a platform for successful entrepreneurs to candidly share their experiences and insights with UMBC students, faculty, alumni and the Baltimore business community. The series highlights experiences, lessons learned and unique issues and challenges faced by entrepreneurs in the creation of a new enterprise.

talk: Psychometric Evaluation of the Cybersecurity Concept Inventory, 12-1 Fri 9/18


The UMBC Cyber Defense Lab presents


Psychometric Evaluation of the Cybersecurity Concept Inventory


Seth Poulsen

Computer Science
University of Illinois at Urbana-Champaign

12:00noon–1pm, Friday, September 18, 2020

https://umbc.webex.com/meet/sherman

Joint work with Geoffrey Herman, Alan Sherman, Linda Oliva, Peter Peterson, Enis Golaszewski, Travis Scheponik, and Akshita Gorti.

We present a psychometric evaluation of a revised version of the Cybersecurity Concept Inventory (CCI) completed by 355 students from 29 colleges and universities. The CCI is a conceptual test of understanding created to enable research on instruction quality in cybersecurity education. This work extends previous expert review and small-scale pilot testing of the CCI. Results show that the CCI aligns with a curriculum many instructors expect from an introductory cybersecurity course, and that it is a valid and reliable tool for assessing what cybersecurity conceptual knowledge students learned.

Seth Poulsen is a PhD candidate in computer science at the University of Illinois at Urbana-Champaign. I’m interested in Computing Education, Programming Language design and implementation, Math Education, and any interesting intersections of the above. Previously, he was a Software Engineer at Amazon.com, working on Kindle Web Rendering and the Kindle Lite Android app. email: ,

Support for this research was provided in part by the U.S. Department of Defense under CAE-R grants H98230-15-1-0294, H98230-15-1-0273, H98230-17-1-0349, H98230-17-1-0347; and by the National Science Foundation under UMBC SFS grants DGE-1241576, 1753681, and SFS Capacity Grants DGE-1819521, 1820531. For more on the educational Cybersecurity Assessment Tools (CATS) Project: https://arxiv.org/pdf/2004.05248.pdf

Host: Alan T. Sherman,

The UMBC Cyber Defense Lab meets biweekly Fridays 12-1pm. All meetings are open to the public. Upcoming CDL Meetings:

  • Oct. 2, TBA [possibly: security of payment infrastructure]
  • Oct. 16, TBA [possibly: Jonathan Katz (GMU)]
  • Oct. 30, TBA
  • Nov. 13, TBA, [possibly: David R Imbordino (NSA), Security of the 2020 presidential election]
  • Dec. 11, TBA, [possibly: Peter A. H. Peterson (Univ. of Minnesota Duluth), Adversarial Thinking]

UMBC Data Science Meetup: Data Analytics Challenges in Healthcare


Best Practices for Handling Data Analytics Challenges in Healthcare


Aaron Wilkowitz
Customer Engineer, Healthcare & Life Sciences, Google

5:30 – 7:00 pm EDT, Tuesday, 15 September 2020
free and online; register here to get the link


Aaron specializes in Healthcare & Federal and has worked with numerous private companies & federal agencies around reaching better healthcare outcomes and minimizing fraud through smarter data. Previously Aaron worked at a predictive analytics firm APT helping Fortune 200 companies drive to better data-driven decisions.

Agenda
5:30 – 5:35 Welcome
5:35 – 6:30 Aaron Wilkowitz Talk
6:30 – 6:45 Q&A

talk: Matt Green on Privacy-Preserving Cryptographic Protocols, 12-1 EDT Fri. 9/4, online

 

The UMBC Cyber Defense Lab presents


Privacy-Preserving Cryptographic Protocols 


Professor Matthew Green
Johns Hopkins University

12:00-1:00 pm Friday, 4 September 2020
WebEx: http://umbc.webex.com/meet/sherman
  


We investigate the problem of automating the development of adaptive chosen-ciphertext attacks on systems that contain vulnerable format oracles. Rather than simply automate the execution of known attacks, we consider a more challenging problem: to programmatically derive a novel attack strategy, given only a machine-readable description of the plaintext verification function and the malleability characteristics of the encryption scheme. We present a new set of algorithms that use SAT and SMT solvers to reason deeply over the design of the system, producing an automated attack strategy that can decrypt protected messages entirely.

Matthew Green is an Associate Professor at the Johns Hopkins Information Security Institute. His research includes techniques for privacy-enhanced information storage, anonymous payment systems, and bilinear map- based cryptography. He is one of the creators of the Zerocash protocol, which is used by the Zcash cryptocurrency, and a founder of an encryption startup Zeutro. He was formerly a partner in Independent Security Evaluators, a custom security evaluation and design consultancy, and currently consults independently. From 1999-2003, he served as a senior technical staff member at AT&T Laboratories/Research in Florham Park, NJ. email: Dr. Green writes a popular blog on applied cryptography, A Few Thoughts on Cryptographic Engineering, A Few Thoughts on Cryptographic Engineering


Host: Alan T. Sherman,, Support for this event was provided in part by the NSF under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings:

  • The Cyber Defense Lab hosts biweekly talks on Fridays 12-1pm.

1 2 3 4 5 57