talk: Using Deep Learning in Identifying Network Intrusions, 10:30am Mon 2/11, UMBC

 

Using Deep Learning in Identifying Network Intrusions

Dr. Rajeev Agrawal
Information Technology Laboratory
US Army Engineer Research and Development Center

10:30-11:30 Monday, February 11, 2019, ITE325

Deep Learning algorithms have been very successful in computer vision, natural language processing, and speech recognition. However, there is a big challenge in applying it in cyber security domain due to non‐availability of ‘real’ cybersecurity data. Many researchers have tried using synthetic data such as KDD‐NSL or newer UNSW-NB15 network intrusion datasets, however, it is difficult to determine the performance of the proposed research on a dataset captured from an enterprise network. The DoD’s High Performance Computing Modernization Program (HPCMP) operates Defense Research Engineering network (DREN), which has multiple security software and hardware tools installed across the network. A variety of cybersecurity logs are captured using these tools. We use a TensorFlow based framework to analyze DREN’s Bro alert data generated under Cybersecurity Environment for Detection, Analysis and Reporting (CEDAR) project. These alerts are marked as bad or normal by the cybersecurity analysts and used as ground truths. This labeled data is used to measure the performance of our approach in identifying network intrusions. We are able to achieve high level accuracy by tuning hyper-parameters used in any deep learning approach. In this presentation, we will discuss the results of our approach which harnesses the power of HPC systems to train our proposed model.

Dr. Rajeev Agrawal joined Cyber Engineering and Analysis branch (CEAB), Information Technology Laboratory in 2016. He is the Data Science lead of the High Performance Computing Architecture (HPC) for Cyber Situational Awareness (HACSAW) Project. The goal of this project is to analyze the cybersecurity data captured across Defense Research and Engineering Network (DREN). He is also a member of the HPC-based deep learning project team and exploring deep learning applicability in cybersecurity domain. Dr. Agrawal received his Ph.D. in Computer Science with minor in Engineering from Wayne State University in 2009. Prior to joining ITL, he was an Associate Professor in the Department of Computer Systems Technology at North Carolina A&T State University.  Dr. Agrawal’s research interests include Deep Learning, Cyber Security, SCADA/ICS, Machine Learning and Pattern Recognition. He has published more than 80 technical papers and book chapters in refereed conferences and journals in these areas. He was selected a Data Science Fellow by the National Consortium of Data Science (NCDS) in 2014. His research has been funded by NSF, US Army, John Deere, ACM, RedHat, National Consortium of Data Science and Michigan State University.

talk: The Web PKI in Theory and Malpractice, Prof. Bruce Maggs, 11am Fri 12/7, ITE325

 

Distinguished Departmental Seminar

The Web PKI in Theory and Malpractice

Dr. Bruce Maggs, Duke University

11:00am Friday, 7 December 2018, ITE325b

 

The Public Key Infrastructure (PKI) for the web was designed to help thwart “phishing” attacks by providing a mechanism for browsers to authenticate web sites, and also to help prevent the disclosure of confidential information by enabling encrypted communications. For users to reap these benefits, however, the parties that implement and operate the PKI, including certificate authorities, web-site operators, and browser vendors, must each perform their roles properly.

This talk focuses on one aspect of the PKI: certificate revocation. The security of a web site hinges on the ability of the site operator to keeps its private keys private. While most operators guard their keys carefully, on occasion software vulnerabilities such as the notorious Heartbleed Bug have put millions of keys at risk. If a web-site operator fears that its private key has been compromised, it should ask its certificate authority to revoke the corresponding certificate. Browsers, however, often do not fully check whether the certificates they receive have been revoked, and mobile browsers never check. There are a variety of reasons for not checking, but the most important are the amount of bandwidth required to download certificate revocation lists in advance, the latency of checking certificates on the fly, and the slow progress of upgrading every web server to support the newer certificate status stapling approach.

This talk presents a new and much more efficient system, CRLite, for pushing the revocation status of every certificate to every browser. CRLite leverages a recent development: although lists of revoked certificates were previously available, Google’s Certificate Transparency project now also provides a log of all unrevoked certificates as well. With both lists in hand, a compact data structure called a filter cascade can be used to represent the status of every certificate with no false positives and no false negatives. CRLite requires a browser to download a 1.2MB filter cascade initially, and then a 40KB update (on average) every day. Our results demonstrate that complete revocation checking is within reach for all clients.

Bruce Maggs received the S.B., S.M., and Ph.D. degrees in computer science from the Massachusetts Institute of Technology in 1985, 1986, and 1989, respectively. His advisor was Charles Leiserson. After spending one year as a Postdoctoral Associate at MIT, he worked as a Research Scientist at NEC Research Institute in Princeton from 1990 to 1993. In 1994, he moved to Carnegie Mellon, where he stayed until joining Duke University in 2009. While on a two-year leave-of-absence from Carnegie Mellon, Maggs helped to launch Akamai Technologies, serving as its first Vice President for Research and Development. He retains a part-time role at Akamai as Vice President for Research. In 2017 he won the Best Dataset Award at the Passive and Active Measurement Conference, The Best Paper Award at CoNEXT, a Distinguished Paper Award at USENIX Security, and the 2017 IEEE Cybersecurity Innovation Award for work that appeared at IEEE Security and Privacy. In 2018 he was part of a large team that received the inaugural SIGCOMM Networking Systems Award for the Akamai CDN.

Supported by UMBC’s Eminent Scholar Mentoring program.

talk: Legal Aspects of Privacy and Data Protection, 12-1 Fri 11/9

The UMBC Cyber Defense Lab presents

Legal Aspects of Privacy and Data Protection

Razvan Miutescu
Privacy Counsel, Whiteford, Taylor & Preston

12:00–1:00pm Friday, 9 November 2018, ITE 227, UMBC

Privacy and data security continue to be topics of interest for organizations of all sizes. In addition to being concerned about cyber crimes and data breaches occurring more frequently and with higher operational impact, consumers and regulators around the world are focusing on privacy. Individuals are becoming increasingly aware of the value and the use of the information that identifies them or analyzes their conduct and behavior. Privacy laws around the world are becoming stricter. The European Union’s General Data Protection Regulation (GDPR) is viewed as a flagship law that imposes data protection requirements well beyond the borders of the European Economic Area. California recently passed its Consumer Privacy Act, which borrows concepts from the GDPR, leaving no doubt that privacy laws in the United States are also on track to become more complex. In this context, we will discuss practical legal approaches to an organization’s privacy and data security program.

Razvan Miutescu is a technology and information governance attorney with Whiteford, Taylor & Preston. His practice focuses on privacy and data security, information technology transactions and licensing, intellectual property, and data management, including data broker transactions, cloud services, distributed ledgers/blockchain, and related regulatory and compliance matters. Email:

Host: Alan T. Sherman,

The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public.

talk: Unbiased Decisions with Biased Data, Nov 14

Differential Fairness for Machine Learning and Artificial Intelligence Systems: Unbiased Decisions with Biased Data

 

Prof. James Foulds
Information Systems, UMBC

5:30-7:30 14 November 2018
MD-AI Meetup, Emerging Technology Centers, Baltimore

With the rising influence of machine learning algorithms on many important aspects of our daily lives, there are growing concerns that biases inherent in data can lead the behavior of these algorithms to discriminate against certain populations. Biased data can lead data-driven algorithms to produce biased outcomes along lines of gender, race, sexual orientation, and political ties, with important real-world consequences, including decision-making for lending and law enforcement. Thus, there is an urgent need for machine learning algorithms that make unbiased decisions with biased data. We propose a novel framework for measuring and correcting bias in data-driven algorithms, with inspiration from privacy-preserving machine learning and Bayesian probabilistic modeling. A case study on census data demonstrates the utility of our approach.

Dr. James Foulds is an Assistant Professor in the Department of Information Systems at UMBC. His research interests are in both applied and foundational machine learning, focusing on probabilistic latent variable models and the inference algorithms to learn them from data. His work aims to promote the practice of probabilistic modeling for computational social science, and to improve AI’s role in society regarding privacy and fairness. He earned his Ph.D. in computer science at the University of California, Irvine, and was a postdoctoral scholar at the University of California, Santa Cruz, followed by the University of California, San Diego. His master’s and bachelor’s degrees were earned with first class honours at the University of Waikato, New Zealand, where he also contributed to the Weka data mining system.

Register to attend at the MD-AI meetup site.

talk: Results of a student study of UMBC computer systems security

The UMBC Cyber Defense Lab presents

 

Results from the January 2018 SFS Research Study at UMBC

Enis Golaszewski, CSEE, UMBC

12:00-1:00pm Friday, 12 October 2018, ITE 227

January 22-26, 2018, UMBC SFS scholars worked collaboratively to analyze the security of a targeted aspect of the UMBC computer system. The focus of this year’s study was the WebAdmin module that enables users to perform various functions on their accounts, including changing the password. Students identified vulnerabilities involving failure to sanitize user input properly and suggested mitigations. Participants comprised BS, MS, MPS, and PhD students studying computer science, computer engineering, information systems, and cybersecurity, including SFS scholars who transferred from Montgomery College (MC) and Prince George’s Community College (PGCC) to complete their four-year degrees at UMBC. We hope that other universities can benefit from our motivational and educational strategy of cooperating with the university’s IT staff to engage students in active project-based learning centering on focused questions about the university computer system.

Enis Golaszewski is a PhD student and SFS scholar in computer science working with Dr. Sherman on blockchain, protocol analysis, and the security of software-defined networks.

This project was supported in part by the National Science Foundation under SFS grant 1241576.

Host: Alan T. Sherman,

The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public.

MD-AI Meetup holds 1st event at UMBC 6-8pm Wed 10/3, 7th floor library


MD-AI Meetup holds 1st event at UMBC
6-8pm Wed 10/3, 7th floor library

 

A new Maryland-based meetup interest group has been established for Artificial Intelligence (MD-AI Meetup) and will have its first meeting at UMBC this coming Wednesday (Oct 3) from 6:00-8:00pm in the 7th floor of the library.  The first meeting will feature a talk by UMCP Professor Phil Resnik on the state of NLP and an AI research agenda.  Refreshments will be provided.  The meetup is organized by Seth Grimes and supported by TEDCO, local AI startup RedShred, and the Maryland Tech Council.

If you are interested in attending this and possibly future meetings (which will probably be monthly), go to the Meetup site and join (it’s free) and RSVP to attend this meeting (if there’s still room).  If you join the meetup and RSVP, you can see who’s registered to attend.

These meetups are good opportunities to meet and network with people in the area who share interests. It’s a great opportunity for students who are will be looking for internships or jobs in the coming year.

talk: NSF Advanced Cyberinfrastructure Research Workforce Development and Education Programs

UMBC Information Systems Department

Innovations in NSF Advanced Cyberinfrastructure Research Workforce Development and Education Programs

Dr. Sushil K. Prasad
National Science Foundation

2:00pm Tuesday, 18 September 2018, ITE459, UMBC

The National Science Foundation Office of Advanced Cyberinfrastructure (OAC) has growing research and education programs, including programs for early career multidisciplinary faculty such as CAREER and CISE Research Initiation Initiative (CRII). OAC is pleased to announce its newest program, its core research program solicitation (NSF 18-567), with the goals of supporting all aspects of advanced cyberinfrastructure (CI) research that will significantly impact the future capabilities of advanced research CI, as well as the research career paths of computer as well as computational and data-driven scientists and engineers. Through this solicitation, OAC seeks to foster the development of new knowledge in the innovative design, development, and utilization of robust research CI. The OAC core research areas include architectures and middleware for extreme-scale systems, scalable algorithms and applications, including simulation and modeling, and the advanced CI ecosystem, including tools and sociotechnical aspects.

OAC also introduced a CyberTraining program (NSF 18-516) for education and training aimed to fully prepare scientific workforce for nation’s research enterprise to innovate and utilize high performance computing resources, tools and methods. The community response in its two rounds of competition have exceeded expectations. OAC also has programs for research training of undergraduate students (REU sites).

I will introduce these and share some of the recent awards. I will also touch on other OAC opportunities in cyberinfrastructure including those on high performance computing (HPC) hardware, software, data, networking and security, and on NSF’s ten big ideas, including Harnessing the Data Revolution.


Sushil K. Prasad is a Program Director at National Science Foundation in its Office of Advanced Cyberinfrastructure (OAC) in the Computer and Information Science and Engineering (CISE) directorate leading its emerging research and education programs such as CAREER, CRII, Expeditions, CyberTraining, and the most-recently introduced OAC-Core research. He is an ACM Distinguished Scientist and a Professor of Computer Science at Georgia State University. He is the director of Distributed and Mobile Systems Lab carrying out research in Parallel, Distributed, and Data Intensive Computing and Systems. He has been twice-elected chair of IEEE-CS Technical Committee on Parallel Processing (TCPP), and leads the NSF-supported TCPP Curriculum Initiative on Parallel and Distributed Computing for undergraduate education.

talk: Phishing in an Academic Community, a Study of User Susceptibility and Behavior

The UMBC Cyber Defense Lab

Phishing in an Academic Community:
a Study of User Susceptibility and Behavior

Alejandra Diaz
University of Maryland, Baltimore County

12:00–1:00pm, Friday, 14 September 2018, ITE 227

(joint work with Alan T. Sherman Anupam Joshi)

We present an observational study on the relationship between demographic factors and phishing susceptibility at the University of Maryland, Baltimore County (UMBC). From March through May 2018, we performed three experiments that delivered phishing attacks to 450 randomly-selected students on three different days (1,350 students total) to examine user click rates and demographics within UMBC’s undergraduate student population. The participants were initially unaware of the study. We deployed the Billing Problem, Contest Winner, and Expiration Date phishing tactics. Experiment 1 impersonated banking authorities; Experiment 2 enticed users with monetary rewards; and Experiment 3 threatened users with account cancellation.

We found correlations resulting in lowered susceptibility based on college affiliation, academic year progression, cyber training, involvement in cyber clubs or cyber scholarship programs, amount of time spent on the computer, and age demographics. We found no significant correlation between gender and susceptibility. Contrary to our expectations, we observed an inverse correlation between phishing awareness and student resistance to clicking a phishing link. Students who identified themselves as understanding the definition of phishing had a higher susceptibility rate than did their peers who were merely aware of phishing attacks, with both groups of students having a higher susceptibility rate than those with no knowledge whatsoever. Overall, approximately 70% of the students who opened a phishing email clicked on it.

Alejandra Diaz () is a cyber software engineer at Northrop Grumman. She earned her BS in computer science from UMBC with a concentration in cybersecurity in May 2017, and her MS in computer science in August 2018. As a Cyber Scholar and a Society of Women Studying Information Security Scholar, she has a special interest in the human aspects of cybersecurity.

Host: Alan T. Sherman,

Support for this research was provided in part by the National Science Foundation under SFS grant 1241576, the U.S. Department of Defense under CAE grant H988230-17-1-0349, and IBM.

talk: Ballerina, a modern programming language focused on integration, 2pm Thr 9/6, ITE325

Ballerina, a modern programming language
focused on integration

Dr. Sanjiva Weerawarana
Founder, Chairman and Chief Architect, WSO2

2:00-3:00pm, Thursday, 6 September 2018, ITE325, UMBC

Ballerina is a concurrent, transactional, statically typed programming language. It provides all the functionality expected of a modern, general purpose programming language, but it is designed specifically for integration: it brings fundamental concepts, ideas and tools of distributed system integration into the language with direct support for providing and consuming network services, distributed transactions, reliable messaging, stream processing, security and workflows. It is intended to be a pragmatic language suitable for mass-market commercial adoption; it tries to feel familiar to programmers who are used to popular, modern C-family languages, notably Java, C# JavaScript.

Ballerina’s type system is much more flexible than traditional statically typed languages. The type system is structural, has union types and open records with optional/mandatory fields. This flexibility allows it also to be used as a schema for the data that is exchanged in distributed applications. Ballerina’s data types are designed to work particularly well with JSON; any JSON value has a direct, natural representation as a Ballerina value. Ballerina also provides support for XML and relational data.

Ballerina’s concurrency model is built on the sequence diagram metaphor and offers simple constructs for writing concurrent programs. Its type system is a modern type system designed with sufficient power to describe data that occurs in distributed applications. It also includes a distributed security architecture to make it easier to write applications that are secure by design.

Ballerina is designed for modern development practices with a modularity architecture based on packages that are easily shared widely. Version management, dependency management, testing, documentation, building and sharing are part of the language design architecture and not left for later add-on tools. The Ballerina standard library is in two parts: the usual standard library level functionality (akin to libc) and a standard library of network protocols, interface standards, data formats, authentication/authorization standards that make writing secure, resilient distributed applications significantly easier than with other languages.

Ballerina has been inspired by Java, Go, C, C++, Rust, Haskell, Kotlin, Dart, Typescript, Javascript, Swift and other languages. This talk will discuss the core principles behind Ballerina including the semantics of combining aspects of networking, security, transactions, concurrency and events into a single architecture.


Sanjiva Weerawarana founded WSO2 in 2005 with a vision to reinvent the way enterprise middleware is developed, sold, delivered, and supported through an open source model. Prior to starting WSO2, Sanjiva worked for nearly eight years in IBM Research, where he focused on innovations in middleware and emerging industry standards. At IBM, he was one of the founders of the Web services platform, and he co-authored many Web services specifications, including WSDL, BPEL4WS, WS-Addressing, WS-RF, and WS-Eventing. In recognition for his company-wide technical leadership, Sanjiva was elected to the IBM Academy of Technology in 2003.

Sanjiva also has been committed to open source development for many years. An elected member of the Apache Software Foundation, Sanjiva was the original creator of Apache SOAP, and he has contributed to Apache Axis, Apache Axis2 and most Apache Web services projects.

In 2003, Sanjiva founded the Lanka Software Foundation (LSF), a non-profit organization formed with the objective of promoting open source development, not usage, by Sri Lankan developers. He is currently its chief scientist and a director. LSF’s success stories include many Apache Web services projects and Sahana, the predominant disaster management system in the world. In recognition of his role in promoting open source participation from developing countries, Sanjiva was elected to the board of the Open Source Initiative (OSI) in April 2005, where he served for two years.

Sanjiva also teaches and guides student projects part-time in the Computer Science & Engineering department of the University of Moratuwa, and he is a member of the university’s Faculty of Engineering Industry consultative board. Prior to joining IBM, Sanjiva spent three years at Purdue University as visiting faculty, where he received his Ph.D. in Computer Science in 1994.

talk: Methods and Models: Data Science for Campus Parking, 11:15am Mon 8/13

Methods and Models: Data Science for Campus Parking

Professor John Hoag
Associate Professor, Ohio University
11:15-12:15pm Monday, 13 August 2018 in ITE 325B

How can data science improve the parking experience for students, faculty, and staff? Or are there other motives at work? This talk will define and approach this perennial campus problem from perspectives of telematics and modeling, starting with the “Smart Cities” life cycle of data collection and analysis – from best practices through optimization. Next, we will consider relevant probabilistic models and their implementations over a century of study. We will conclude by discussing unintended consequences such as LPRs and other outcomes.

Dr. John Hoag is Associate Professor of Information and Telecommunication Systems at Ohio University in Athens, OH. He earned Ph.D. and M.S. Degrees in Operations Research from Ohio State University and holds a Bachelor’s degree in Computer Science. His current portfolio can be termed Smart Cities, which subsumes transportation, energy, finance, public health, and more, for which he is forming interdisciplinary public-private teams whose scope encompasses data collection, telemetry, storage, and analysis. The Smart Cities displaced work he started in bioinformatics and translational biomedical science, where his efforts focused on computational complexity and system performance. He maintains an adjunct appointment in EECS at Case Western Reserve University.

Host: Dr. Richard Forno ()

1 7 8 9 10 11 58