CyberCorps SFS Spring Meeting at UMBC

9am-1pm, Friday, 26 May 26 2017, ITE 456, UMBC
open to the public

Six CyberCorps Scholarship for Service (SFS) students from Montgomery College and Prince George’s Community College will present their results solving IT security problems for their county governments. In spring 2017, these students worked collaboratively in a special applied research course at their school to help their county government. In fall 2017, these students will transfer to UMBC to complete their four-year degrees. This activity is part of a pioneering program centered at UMBC to extend SFS scholarships to community college students.

This summer, these students will join forces with SFS scholars at UMBC to work collaboratively on an applied research problem involving analysis of a policy and set of scripts that enable machine owners at UMBC to lower the UMBC firewall on their machines.

09:00  light refreshments
09:30  Introduction, Alan T. Sherman, UMBC
09:35  Report from Montgomery College, Joe Roundy and students
10:40  Report from Prince George’s Community College, Casey W. O’Brien and students
11:45  Introducing the summer research study problem, Jack Suess and Damian Doyle, UMBC Division of Information Technology
12:00  lunch and informal discussions
13:00  adjourn

CyberCorps: Scholarship For Service (SFS) is a unique program designed to increase and strengthen the cadre of federal information assurance professionals that protect the government’s critical information infrastructure. This program provides scholarships that may fully fund the typical costs incurred by full-time students while attending a participating institution, including tuition and education and related fees. Additionally, participants receive stipends of $22,500 for undergraduate students and $34,000 for graduate students. The scholarships are funded through grants awarded by the National Science Foundation.

Host: Alan T. Sherman () is a professor of computer science and Director of the UMBC Center for Information Security and Assurance (CISA), which center is responsible for UMBC’s designation as a National Center of Academic Excellence in Cyber Defense Education and Cyber Defense Research.

Joe Roundy is the Cybersecurity Program Manager at Montgomery College, Germantown.

Casey W. O’Brien is Executive Director and Principal Investigator of the National CyberWatch Center, Prince George’s Community College.

Support for this event is provided in part by the National Science Foundation under SFS Grant 1241576.

The UMBC Cyber Defense Lab presents

A Practical Introduction to Penetration Testing

Dr. Arno Wacker
University of Kassel, Germany
and UMBC 2017

12:00noon Friday, 28 April 2017, ITE 227, UMBC

While many students learn the theoretical concepts of cybersecurity and cryptology at universities, their exposure to real life systems and the application of learned theoretical foundations in the real world is usually limited. Additionally, most students and sometimes even students of cybersecurity often deal with cybersecurity threats on a very abstract level, thereby being unaware that these threats are not abstract but real for everyone, including for themselves.

Therefore, this talk intends to raise the awareness about real cybersecurity threats for everyone by demonstrating live the process of penetration testing a system. I will show live how an attacker can gain control over a victim’s PC in a matter of seconds, and how this attack can be prevented. To do so, several techniques and tools will be used, including breaking a WPA-protected wireless network, defeating SSL/TLS encryption, and obtaining a reverse shell with system rights on the victim’s computer.

By experiencing these attacks in a simulated penetration test, we can gain a deeper understanding of the theoretical foundations and their implications for real-life scenarios. With this knowledge, the attack vectors can be mitigated to a bare minimum. In many cases, the cybersecurity-aware usage of IT systems is already countering many real threats.

Prof. Dr. Arno Wacker is an assistant professor with the University of Kassel in Germany and the head of the research group Applied Information Security (AIS). Currently, he is a visiting assistant professor at UMBC teaching the network security class. He is also the lead of the open source project CrypTool 2  and a member of the steering group of MysteryTwister C3 . His main research interests are modern security protocols for decentralized distributed systems, computerized cryptanalysis of classical ciphers, and cybersecurity awareness. At the University of Kassel, he teaches classes about cryptology and cybersecurity. Additionally, he regularly offers cryptology workshops for students at local schools and gives talks about penetration testing for companies. Email: <>

Host: Alan T. Sherman,

The UMBC Cyber Defense Team took first place at the 2017 National Collegiate Cyber Defense Competition held in San Antonio, Texas this past weekend. The team defeated nine other regional winners from across the country in a contest to protect their networks from cyber attacks and threats efficiently and effectively.

“We are as excited about the national cyber defense competition as we are about an NCAA athletic competition,” says UMBC President Freeman Hrabowski. “UMBC is developing brainpower to protect our nation and build the economy in the Baltimore region. Our partnerships with the Department of Defense, NSA, the Naval Academy, NIST, and dozens of cyber companies at bwtech@UMBC and beyond expose students to authentic problems and allow them to immediately provide value to government and business employers. Our campus is an ecosystem for cybersecurity talent development.”

Cyber Dawgs’ faculty advisor Charles Nicholas, professor of computer science and electrical engineering, calls the win “my proudest moment at UMBC.” He explains that the competition puts the team in a realistic situation that requires them to use resources and rely on their colleagues and teammates in challenging situations. During 14 hours of competition over two days, the teams are not able to interact with their coaches. Eight students used a dozen pieces of equipment throughout the tournament to keep the services on their network accessible and make sure that the systems are not brought down by hacks or cyber attacks.

“We are absolutely ecstatic with our win at Nationals. We have worked very hard to be the first team from the Mid-Atlantic region to win nationals,” said Christian Beam ‘18, computer science. “I am filled with pride to be a part of such an amazing team, and we are looking forward to returning to compete at the 2018 Collegiate Cyber Defense Competition!”

Leading up to the national and regional tournaments, the team spent hours training, studying, and reviewing scenarios that they might encounter during the competition. They prepared and practiced counterattacks to combat attacks from the other teams.

In early April, the Cyber Dawgs placed first in the Mid-Atlantic Collegiate Cyber Defense Competition, and solidified their spot in the National Collegiate Cyber Defense Competition. The Cyber Dawgs beat teams from Towson University, the University of Maryland, College Park, and Drexel University during the regional competition.

Originally published on UMBC News. Photos by Marlayna Demond ’11 for UMBC.

The UMBC CyberDawgs team receiving the first place trophy at the 2017 National Collegiate Cyber Defense Competition finals event. Pictured from left to right: Bryan Vanek, Jacob Rust, Anh Ho, Professor Charles Nicholas, Christian Beam, Justin Wright, Chris Gardner, Seamus Burke and Zack Orndorff

The UMBC CyberDawgs team took first place at the finals of the National Collegiate Cyber Defense Competition (NCCDC).  The CyberDawgs had won the Mid-Atlantic Collegiate Cyber Defense Competition earlier in the spring, earning the team an invitation to compete in the final ten national championship match held April 13-15 at the University of Texas, San Antonio.  This is UMBC’s second trip to the NCCDC finals – two years ago in their first visit the CyberDawgs came in fourth.

The National Collegiate Cyber Defense Competition has been held annually since 2005 and focuses on the operational aspect of managing and protecting an existing network infrastructure. Teams are scored on their ability to detect and respond to outside threats, maintain availability of existing services such as mail servers and web servers, respond to business requests such as the addition or removal of additional services, and balance security needs against business needs.

This year more than 230 schools participated at the state and regional level with winners of the ten regional competitions faceing off in San Antonio. In addition to UMBC, this year’s finalists included teams from the University of Tulsa (2nd Place), Brigham Young University (3rd place), DePaul University, the University of Washington, California State University Northridge, Rochester Institute of Technology, Montana Tech, University of South Alabama, and University of Alaska, Fairbanks.

The CyberDawgs is a group of UMBC students who share a common interest in computer and network security.  The group is advised by UMBC faculty Charles Nicholas and Richard Forno. See the CyberDawgs Web site for information on their activities and how to get involved.

Congratulations to the UMBC CyberDawgs!!!

The UMBC CyberDawgs are at the University of Texas, San Antonio competing in the national two-day finals event for the Collegiate Cyber Defense Competition (CCDC) that takes place April 13-14. The CybrDawgs took first place in the Mid-Atlantic regional finals two weeks ago which qualified them for the finals this week. This is UMBC’s second trip to the CCDC national finals – two years ago in their first visit the CyberDawgs came in fourth.

The CyberDawgs is a group of UMBC students who share a common interest in computer and network security.  The group is advised by UMBC faculty Charles Nicholas and Richard Forno. See the CyberDawgs Web site for information on their activities and how to get involved.

Good luck to the CyberDawgs!!!

The Central Intelligence Agency’s latest leak is the most recent major hack exposing information that could possibly compromise national security. In The Conversation, Anupam Joshi and Rick Forno, explain that this hack is a reminder of how cyberdefense strategies must be continually improved to ensure sensitive information is protected.

Joshi is a professor and chair of the department of computer science and electrical engineering and director of UMBC’s Center for Cybersecurity, and Forno is the assistant director of the UMBC Center for Cybersecurity and director of UMBC’s graduate program in cybersecurity. Their latest article has been republished by media across the globe and has been read more than 20,000 times.

“This round of leaks, of documents dating from 2013 to 2016,…reinforces perhaps the most troubling piece of information we already know: Individuals and the government itself must step up cyberdefense efforts to protect sensitive information,” write Joshi and Forno.

They ask readers to consider the risk to security and privacy compared with the benefits and convenience of modern technologies. “As citizens, we must decide what level of risk we — as a nation, a society and as individuals — are willing to face when using internet-connected products.”

Any electronic device connected to the internet is susceptible to a cyber attack, Joshi and Forno go on to explain, noting, “It’s not necessarily a good idea to have always-on and network-enabled microphones or cameras in every room of the house.”

Joshi also spoke with CBS Baltimore about how hacks can impact technologies consumers use every day, such as cars that now feature high tech navigation and entertainment systems. “The more electronic gizmos you have in your car, the newer the car you have, the more you’re connected to the network with your car, the greater the probability something can be done to your car,” he explained. Still, he noted, a hacker would need to have advanced technical knowledge and, likely, close proximity to the car to carry out such an attack.

To ensure that sensitive information is protected, Joshi and Forno say that focusing on “the mundane tasks of cyberdefense” is essential to maintaining security for everyone, from government to individuals, although they emphasize that no internet-connected technologies are immune to cyber hacks. Ultimately, they write, “Keeping others out of key systems is crucial to American national security, and to the proper function of our government, military and civilian systems.”

Read the full article in The Conversation, and watch the complete interview on CBS Baltimore.  Adapted from an article in UMBC News.

Join the UMBC Computer Science Education Club and the Center for Women in Technology for a free screening of the award winning film, CODE: Debugging the Gender Gap. The documentary exposes the dearth of American female and minority software engineers and explores the reasons for this gender gap. CODE raises the question: what would society gain from having more women and minorities code?

CODE will be screened on Friday March 31 at 3:00-5:00pm in ITE 104.  A discussion about the film will immediately follow the screening. Snacks will be provided!  RSVP via myUMBC to let the organizers know you will be there on Friday 3/31!.

Here’s a trailer for the film: