Department of Computer Science and Electrical Engineering
Inspiring Innovation
National Cybersecurity Virtual Career Fair, Friday 9/17
5th annual National Cybersecurity Virtual Career Fair
1pm-4pm Friday, September 17, 2021
The 5th annual National Cybersecurity Virtual Career Fair, sponsored by National Cybersecurity Training and Education (NCyTE) Center and the CAE in Cybersecurity Community, is right around the corner! The career fair brings together students and alumni from over 300 institutions across the Nation designated as Centers of Academic Excellence in Cybersecurity with employers offering internships, temporary, part-time, and full-time employment. This year, the National Cybersecurity Virtual Career Fair will take place on Friday, September 17th, 2021, from 1 pm to 4 pm ET.
Students, alumni, and faculty – Register here to set up an account for live-day access on September 17, 2021
Each year, the number of undergraduate and graduate students and alumni participating in this event continues to grow. Participants come from a variety of disciplines, including cybersecurity, security studies, computer science, engineering, math, physics, and project management. Students from CAEs in Research (CAE-R), Cyber Defense (CAE-CD), and Cyber Operations (CAE-CO) are invited to participate for FREE.
Students and alumni can submit resumes before the virtual career fair begins to allow employers to view resumes before the career fair. Students can participate in workshops leading up to the National Cybersecurity Virtual Career Fair to help them build their resume and interview skills.
This event is facilitated by the organization and open to the general public. It is not hosted or organized by UMBC.
talk: Thinking Like an Attacker: Towards a Definition and Non-Technical Assessment of Adversarial Thinking, 12-1pm ET 4/30
The UMBC Cyber Defense Lab presents
Thinking Like an Attacker: Towards a Definition and Non-Technical Assessment of Adversarial Thinking
Prof. Peter A. H. Peterson Department of Computer Science University of Minnesota Duluth
“Adversarial thinking” (AT), sometimes called the “security mindset” or described as the ability to “think like an attacker,” is widely accepted in the computer security community as an essential ability for successful cybersecurity practice. Supported by intuition and anecdotes, many in the community stress the importance of AT, and multiple projects have produced interventions explicitly intended to strengthen individual AT skills to improve security in general. However, there is no agreed-upon definition of “adversarial thinking” or its components, and accordingly, no test for it. Because of this absence, it is impossible to meaningfully quantify AT in subjects, AT’s importance for cybersecurity practitioners, or the effectiveness of interventions designed to improve AT. Working towards the goal of a characterization of AT in cybersecurity and a non-technical test for AT that anyone can take, I will discuss existing conceptions of AT from the security community, as well as ideas about AT in other fields with adversarial aspects including war, politics, law, critical thinking, and games. I will also describe some of the unique difficulties of creating a non-technical test for AT, compare and contrast this effort to our work on the CATS and Security Misconceptions projects, and describe some potential solutions. I will explore potential uses for such an instrument, including measuring a student’s change in AT over time, measuring the effectiveness of interventions meant to improve AT, comparing AT in different populations (e.g., security professionals vs. software engineers), and identifying individuals from all walks of life with strong AT skills—people who might help meet our world’s pressing need for skilled and insightful security professionals and researchers. Along the way, I will give some sample non-technical adversarial thinking challenges and describe how they might be graded and validated.
Peter A. H. Peterson is an assistant professor of computer science at the University of Minnesota Duluth, where he teaches and directs the Laboratory for Advanced Research in Systems (LARS), a group dedicated to research in operating systems and security, with a special focus on research and development to make security education more effective and accessible. He is an active member of the Cybersecurity Assessment Tools (CATS) project working to create and validate two concept inventories for cybersecurity, is working on an NSF-funded grant to identify and remediate commonsense misconceptions about cybersecurity, and is also the author of several hands-on security exercises for Deterlab that have been used at many institutions around the world. He earned his Ph.D. from the University of California, Los Angeles for work on “adaptive compression”—systems that make compression decisions dynamically to improve efficiency. He can be reached at .
Host: Alan T. Sherman, . Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings: May 7, Farid Javani (UMBC), Anonymization by oblivious transfer
talk: MeetingMayhem: Teaching Adversarial Thinking through a Web-Based Game, 12-1 ET 4/9
The UMBC Cyber Defense Lab presents
MeetingMayhem: Teaching Adversarial Thinking through a Web-Based Game
Akriti Anand, Richard Baldwin, Sudha, Kosuri, Julie Nau, and Ryan Wunk-Fink UMBC Cyber Defense Lab
joint work with Alan Sherman, Marc Olano, Linda Oliva, Edward Zieglar, and Enis Golazewski
12:00 noon–1 pm ET, Friday, 9 April 2021 online via WebEx
We present our progress and plans in developing MeetingMayhem, a new web-based educational exercise that helps students learn adversarial thinking in communication networks. The goal of the exercise is to arrange a meeting time and place by sending and receiving messages through an insecure network that is under the control of a malicious adversary. Players can assume the role of participants or an adversary. The adversary can disrupt the efforts of the participants by intercepting, modifying, blocking, replaying, and injecting messages. Through this engaging authentic challenge, students learn the dangers of the network, and in particular, the Dolev-Yao network intruder model. They also learn the value and subtleties of using cryptography (including encryption, digital signatures, and hashing), and protocols to mitigate these dangers. Our team is developing the exercise in spring 2021 and will evaluate its educational effectiveness.
Akriti Anand () is an MS student in computer science working with Alan Sherman. She is the lead software engineer and focuses on the web frontend. Richard Baldwin () is a BS student in computer science, a member of Cyberdawgs, and lab manager for the Cyber Defense Lab. Sudha Kosuri () is a MS student in computer science. She is working on the frontend (using React and Flask) and its integration with the backend. Julie Nau () is a BS student in computer science. She is working on the backend and on visualizations. Ryan Wunk-Fink () is a PhD student in computer science working with Alan Sherman. He is developing the backend.
Host: Alan T. Sherman, . Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public.
Upcoming CDL Meetings: April 23, Peter Peterson (Univ. of Minnesota Duluth), Adversarial thinking; May 7, Farid Javani (UMBC), Anonymization by oblivious transfer
Congratulation to the UMBC Cyber Dawgs team, which took first place in the 2021 Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) finals. UMBC’s team was one of eight teams out of an initial 23 that qualified for the final competition. UMBC’s Cyber Dawgs will move on to compete in the National Collegiate Cyber Defense Competition (NCCDC), which will be held April 23-25, 2021.
The 2021 MACCDC regional final took place online April 1-3 and had teams fighting to protect their networks efficiently and effectively from simulated cyber threats and attacks using a scenario based on the COVID-19 global pandemic for its competition events.
The National Emergency Response Division (N.E.R.D.) is a data science-focused group within the Big Time Health Organization (BTHO), a multinational entity headquartered in Bethesda, Maryland. N.E.R.D. employees have been exceptionally busy dealing with the global health pandemic. As such, they have had to not only shift to work from home, but also expand the number of employees to support the inordinate amounts of data that is flooding each of its eight geographic locations throughout the U.S. Protecting the integrity of the data is critical, but when the data affects the delivery of health services to the public, the job of N.E.R.D. becomes even more mission critical.
The student teams will stand on the front lines of technology, alongside various healthcare providers. The main task at hand will be to ensure that pandemic-related data from state departments of health are accurate and delivered quickly. Information on outbreak locations, promising interventions, efficacy of testing, mortality rates, and other related statistics are critical so physicians, public health officials, and government entities can make informed decisions about resource allocations. Loss or inaccurate information can lead to tragic consequences. Vigilance is a must – be smart, be strong, be safe.
These regional and national competitions attract leading collegiate cybersecurity teams from across the nation. They put teams in situations that mimic scenarios they might encounter working to secure and protect online systems for government agencies and companies. Throughout each challenge, teammates work together to protect their systems from hackers and cyber attacks. At the same time, they keep their networks accessible to the users relying on them.
The UMBC Cyber Dawgs team won the MACCDC regionals last year and were national champions in 2017. In this year’s MACCDC, George Mason placed second and Liberty University third. Good luck to the Cyber Dawgs as they compete with the winners of nine other regional competitions in the National Collegiate Cyber Defense Competition later this month.
talk: Transparent Dishonesty: Front-Running Attacks on Blockchain, 12-1 pm ET 3/26
The UMBC Cyber Defense Lab presents
Transparent Dishonesty: Front-Running Attacks on Blockchain
Professor Jeremy Clark Concordia Institute for Information Systems Engineering Concordia University, Montreal, Canada
12–1 pm ET Friday, March 26, 2021 online via WebEx
We consider front-running to be a course of action where an entity benefits from prior access to privileged market information about upcoming transactions and trades. Front-running has been an issue in financial instrument markets since the 1970s. With the advent of blockchain technology, front-running has resurfaced in new forms we explore here, instigated by blockchain’s decentralized and transparent nature. I will discuss our “systemization of knowledge” paper which draws from a scattered body of knowledge and instances of front-running across the top 25 most active decentral applications (DApps) deployed on Ethereum blockchain. Additionally, we carry out a detailed analysis of Status.im initial coin offering (ICO) and show evidence of abnormal miner’s behavior indicative of front-running token purchases. Finally, we map the proposed solutions to front-running into useful categories.
Jeremy Clark is an associate professor at the Concordia Institute for Information Systems Engineering. At Concordia, he holds the NSERC/Raymond Chabot Grant Thornton/Catallaxy Industrial Research Chair in Blockchain Technologies. He earned his Ph.D. from the University of Waterloo, where his gold medal dissertation was on designing and deploying secure voting systems including Scantegrity—the first cryptographically verifiable system used in a public sector election. He wrote one of the earliest academic papers on Bitcoin, completed several research projects in the area, and contributed to the first textbook. Beyond research, he has worked with several municipalities on voting technology and testified to both the Canadian Senate and House finance committees on Bitcoin. email:
Host: Alan T. Sherman, . Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings: April 9, (UMBC), MeetingMayhem: A network adversarial thinking game; April 23, Peter Peterson (University of Minnesota Duluth), Adversarial thinking; May 7, Farid Javani (UMBC), Anonymization by oblivious transfer.
talk: Towards Contextual Security of AI-enabled platforms, 1-2 pm ET 3/22
Towards Contextual Security of AI-enabled platforms
Dr. Nidhi Rastogi Rensselaer Polytechnic Institute
The explosive growth of Internet-connected and AI-enabled devices and data produced by them has introduced significant threats. For example, malware intrusions (SolarWinds) have become perilous and extremely hard to discover, while data breaches continue to compromise user privacy (Zoom credentials exposed) and endanger personally identifiable information. My research takes a holistic approach towards systems and platforms to address security-related concerns using contextual and explainable models.
In this talk, I will present ongoing work that analyzes and improves the cybersecurity posture of Internet-connected systems and devices using automated, trustworthy, and contextual AI-models. Specifically, my research in malware threat intelligence gathers diverse information from varied datasets – system and network logs, source code, and text. In [1], an open-source ontology (MALOnt) contextualizes threat intelligence by aggregating malware-related information into classes and relations. TINKER [2, 3] – the first open-source malware knowledge graph, instantiates MALOnt classes and enables information extraction, reasoning, analysis, detection, classification, and cyber threat attribution. At present, the research is addressing the trustworthiness of information sources and extractors.
1. Rastogi, N., Dutta, S., Zaki, M. J., Gittens, A., & Aggarwal, C. (2020). MALOnt: An ontology for malware threat intelligence, In KDD’20 Workshop at International workshop on deployable machine learning for security defense. Springer, Cham.
2. Rastogi, N., Dutta, S., Christian, R., Gridley, J., Zaki, M. J., Gittens, A., and Aggarwal, C. (2021). Knowledge graph generation and completion for contextual malware threat intelligence. In USENIX Security’21, Accepted.
3. Yee, D., Dutta, S., Rastogi, N., Gu, C., and Ma, Q. (2021). TINKER: Knowledge graph for threat intelligence. In ACL-IJCNLP’21, Under Review.
Dr. Nidhi Rastogi is a Research Scientist at Rensselaer Polytechnic Institute. Her research is at the intersection of cybersecurity, artificial intelligence, large-scale networks, graph analytics, and data privacy. She has papers accepted at top venues such as USENIX, TrustCom, ISWC, Wireless Telecommunication Symposium, and Journal of Information Policy. For the past two years, Dr. Rastogi has been the lead PI for three cybersecurity, privacy research projects and a contributor to one healthcare AI project. For her contributions to cybersecurity and encouraging women in STEM, Dr. Rastogi was recognized in 2020 as an International Women in Cybersecurity by the Cyber Risk Research Institute. She was a speaker at the SANS cybersecurity summit and the Grace Hopper Conference. Dr. Rastogi is the co-chair for DYNAMICS workshop (2020-) and has served as a committee member for DYNAMICS’19, IEEE S&P’16 (student PC), invited reviewer for IEEE Transactions on Information Forensics and Cybersecurity (2018,19), FADEx laureate for the 1st French-American Program on Cyber-Physical Systems’16, Board Member (N2Women 2018-20), and Feature Editor for ACM XRDS Magazine (2015-17). Before her Ph.D. from RPI, Dr. Rastogi also worked in the industry on heterogeneous wireless networks (cellular, 802.1x, 802.11) and network security through engineering and research positions at Verizon and GE Global Research Center, and GE Power. She has interned at IBM Zurich, BBN Raytheon, GE GRC, and Yahoo, which provides her a quintessential perspective in applied industrial research and engineering.
We present EPIC, a novel and efficient asynchronous Byzantine fault-tolerant (BFT) protocol with adaptive security. We characterize efficient BFT protocols using adaptive vs. static corruptions corruption models. EPIC takes a new approach to adaptively secure asynchronous BFT. It uses the adaptively secure threshold pseudorandom function (PRF) scheme for coin tossing and uses the Cobalt asynchronous binary agreement (ABA) protocol, which resolves the liveness issue of HoneyBadgerBFT and BEAT. As our new protocol modifies almost all building blocks for asynchronous BFT (including ABA, threshold PRF, and threshold encryption but not Byzantine reliable broadcast (RBC)), evaluating which component dominates the performance bottleneck is a difficult task. We mix and match different building blocks to implement four asynchronous BFT protocols and evaluate their performance. Via a five-continent deployment on Amazon EC2, we show that EPIC is slightly slower for small and medium-sized networks than the most efficient asynchronous BFT protocols with static security. We also find when the number of replicas less than 46, EPIC’s throughput is stable, achieving a peak throughput of 8,000–12,500 tx/sec using t2.medium VMs. When the network size grows larger, EPIC is not as efficient as those with static security, with a throughput of 4,000–6,300 tx/sec.
BFT state machine replication is the only known software solution for masking arbitrary failures and malicious attacks. BFT has been regarded as the model for building permissioned blockchains, where the distributed ledgers (i.e., replicas) know each other’s identities but may not trust each other.
Asynchronous protocols are inherently more robust against timing and denial-of-service (DoS) attacks. Two recent asynchronous BFT systems—HoneyBadgerBFT proposed by Miller et al. in CCS’16 and BEAT by Duan et al. in CCS’18—have comparable performance as partially synchronous BFT protocols and can scale to 100 replicas. The protocols, however, achieve static security, where the adversary needs to choose the set of corrupted replicas before protocol execution. This security property is weaker than that for many existing BFT protocols (e.g., PBFT), which achieve adaptive security, where the adversary can choose to corrupt replicas at any moment during the execution of the protocol.
Chao Liu is a Ph.D. candidate in computer science at UMBC, working with Alan Sherman. His research interests focus on cryptography, cybersecurity, and distributed systems.
Host: Alan T. Sherman, . Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings include Mar 26, Jeremy Clark (Concordia); April 9, (UMBC), MeetingMayhem: A network adversarial thinking game; April 23, Peter Peterson (University of Minnesota Duluth), Adversarial thinking; and May 7, Farid Javani (UMBC), Anonymization by oblivious transfer
talk: Moving Target Mobile IPv6 Defense, 12-1 Fri 2/26
The UMBC Cyber Defense Lab presents
Moving Target Mobile IPv6 Defense
Prof.Vahid Heydari Computer Science, Rowan University
Remote cyberattacks can be started from an unlimited distance through the Internet. These attacks include particular actions that allow attackers to compromise systems remotely. Address-based Distributed Denial-of-Service (DDoS) attacks and remote exploits are two main categories of these attacks. A remote exploit takes advantage of a bug or vulnerability to view or steal data or gain unauthorized access to a vulnerable system. Current security solutions in IPv6 such as IPsec, firewall, and Intrusion Detection and Prevention System (IDPS) can prevent remote attacks against known vulnerability exploits. However, zero-day exploits can defeat the best firewalls and IDPSs due to using undisclosed and uncorrected computer application vulnerability. Therefore, a new solution is needed to prevent these attacks. This talk discusses a Moving Target Mobile IPv6 Defense (MTM6D) that randomly and dynamically changes the IP addresses to prevent remote attacks in the reconnaissance step. The talk briefly covers the wide range of applications of MTM6D including critical infrastructure networks, virtual private networks, web servers, Internet-controlled robots, and anti-censorship.
Vahid Heydari received the M.S. degree in Cybersecurity and the Ph.D. degree in Electrical and Computer Engineering from the University of Alabama in Huntsville. He is currently an Associate Professor of Computer Science and the Director of the Center for Cybersecurity Education and Research at Rowan University, Glassboro, NJ. He is also a co-founder of a cybersecurity startup ObtegoCyber. His research interests include moving target defenses, mobile ad-hoc, sensor, and vehicular network security. He is a member of ACM, IEEE Computer Society and Communications Society.
Host: Alan T. Sherman, , Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings:
Mar 12, Chao Liu (UMBC), Efficient asynchronous BFT with adaptive security Mar 26, Jeremy Clark (Concordia) April 9, (UMBC), MeetingMayhem: A network adversarial thinking game April 23, Peter Peterson (University of Minnesota Duluth), Adversarial thinking May 7, Farid Javani (UMBC), Anonymization by oblivious transfer
Six UMBC faculty, incuding three in CSEE, receive MIPS research awards
Anupam Joshi (left, photo by Marlayna Demond’ 11) and Tina Williams-Koroma, ’02 computer science (right, photo courtesy of Williams-Koroma)
Six UMBC faculty members have just received grants from the Maryland Industrial Partnerships (MIPS) program to develop new technologies with potential to grow the state’s economy. This is UMBC’s largest number of winning proposals within a single proposal round since MIPS began in 1987. The program connects University System of Maryland (USM) faculty and students with Maryland businesses. UMBC’s latest MIPS grantees include computer science and electrical engineering faculty Tim Oates, Chein-I Chang, and Anupam Joshi;Soobum Lee, mechanical engineering; Dipanjan Pan, chemical, biochemical, and environmental engineering; and Vikram Vakharia, marine biotechnology. Among their industry partners are UMBC alumni entrepreneurs who are building businesses in Maryland.
Joshi, professor and chair of computer science and electrical engineering, received a MIPS grant for a cybersecurity collaboration with the startup CyDeploy. They are developing a platform that automates the quality assurance process for cybersecurity updates made to IT and “internet of things” (IoT) devices like Amazon Alexa, Google Home, and health and medical devices. CyDeploy CEO Tina Williams-Koroma ’02, computer science, presented Joshi with the idea to develop a “cybersecurity-driven change management system.” The technology is based on and leverages the use of artificial intelligence and machine learning to create a cloud-based replica of a company’s systems.
Williams-Koroma and Joshi’s group at UMBC developed a conceptual prototype. It shows the infrastructure and technology that would make the system feasible, combining off-the-shelf tools with novel research. “Increasingly, the government is now beginning to mandate security requirements around IoT devices. The longer-term vision that CyDeploy has is capturing the state of these systems, virtually recreating them and then running the security changes against virtual versions to see how the changes would affect those systems,” Joshi adds.
Williams-Koroma, who is also an adjunct instructor at UMBC, projects that the initial development of the platform will be complete in late spring 2021. They anticipate launching a free pilot version for businesses to test their IT systems. IoT pilots will come in a later phase.
This talk will explore the technology and lessons learned by UMBC alumnus Richard Carback from his experience co-founding and closing the security startup Lexumo, which provided the only automated service that continuously monitors IoT software platforms for the latest public vulnerabilities. In addition to covering some of the hard problems and Lexumo’s technical approach for monitoring all the world’s open-source software to assist companies in managing their vulnerabilities, Dr. Carback will discuss the mistakes and complexities of getting funded, delivering a product, and finding customers.
Dr. Richard Carback is a UMBC Alumnus (CS Ph.D., 2010) who is an entrepreneur who currently runs a private consultancy for computer security, computer forensics, cryptography, and smart contracts. He is a privacy-preserving systems expert with a background in elections and anonymity networks. While the group leader for the embedded systems security group at Charles Stark Draper Laboratories, he spun out an IoT vulnerability startup called Lexumo that provided the only automated service that continuously monitored IoT software platforms for the latest public vulnerabilities. At UMBC, he worked with Alan Sherman on secure elections and was the primary researcher behind Takoma Park’s deployment of the Scantegrity voting system, the first usage of voter-verifiable end-to-end election technology in a municipal election. email:
Host: Alan T. Sherman, . Support for this event was provided in part by the NSF under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1 pm. All meetings are open to the public. Upcoming CDL Meetings:
Feb 26, Vahid Heydari (Rowan University)
Mar 12, Chao Liu (UMBC), Efficient asynchronous BFT with adaptive security
Mar 26, Jeremy Clark (Concordia)
April 9, (UMBC), MeetingMayhem: A network adversarial thinking game
April 23, Peter Peterson (University of Minnesota Duluth), Adversarial thinking
May 7, Farid Javani (UMBC), Anonymization by oblivious transfer
This site uses functional cookies and external scripts to improve your experience.
Privacy settings
Privacy Settings and Information
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. Your choices will not impact your visit.
Details
NOTE: Third-party Google scripts on this website may have access to cross-site third-party cookies under the google.com domain. We, the CSEE Department, do not access, read, or write these third-party cookies, and as a result, we do not control their presence on your browser. You may block them by using a third-party cookie blocker in your browser.
If you click Accept below to accept the general cookie consent, then a “wpgdprc-consent” cookie will be stored on your browser, to record your general consent.
If you click Accept below to accept the general cookie consent, and also have Google Analytics cookies enabled (on the sidebar to the left), the CSEE Department website will store and access Google Analytics cookies on your browser. We use the data from these cookies to collect information on website usage statistics and improve user experience. If you do not wish to allow Google Analytics cookies on your browser, then either do not click Accept on the bottom bar, or disable Google Analytics on the left.
If you log in to this website, then several Wordpress cookies and session variables will be stored on your browser. Accessing the login screen constitutes your consent to have Wordpress cookies and session variables stored on your computer.
External Scripts
The CSEE Department website makes use of several external scripts to improve user experience. These include, but are not necessarily limited to: Google Calendar, Google Analytics, and ReCAPTCHA. If you choose to use this website, then you agree to allow these scripts to be loaded and executed.
External Links
Our service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
NOTE: These settings will only apply to the browser and device you are currently using.
