Department of Computer Science and Electrical Engineering
Inspiring Innovation
talk: IPv6 and its Security Issues, 5:30 Mon. 4/22
IPv6 and its Security Issues
Neal Ziring, National Security Agency
5:30-6:45 Monday 22 April 2019, Math/Psych 101
CMSC 626 Guest Lecture — all are welcome to attend
In this talk, we will introduce the basics of IPv6 and some of the security issues associated with it. Specifically, we discuss the motivations, history and adoption of IPv6, and current status in the global Internet. We then detail the structure of an IPv6 address and the types of addresses used, and the conceptual model for address assignment in IPv6. The modes of deployment of IPv6, and understanding of how dual-stack mode works, is then provided. We then discuss the basic model for IPv6 control protocols, ICMPv6, and how they support low-level network operations. We then identify IPv6’s place in the network stack, and explain how that does, and does not, affect security. Several basic threats to IPv6 devices and networks will be identified as well as how common network security posture/hygiene can be affected by dual stack operation. Lastly, we identify some key concepts in secure use of IPv6, and discuss the concept of NAT and its use in IPv4 and why IPv6 does not use it.
Mr. Neal Ziring is the Technical Director for the National Security Agency’s Capabilities Directorate, serving as a technical advisor to the Capabilities Director, Deputy Director, and other senior leadership. Mr. Ziring is responsible for setting the technical direction across many parts of the capabilities mission space, including in cyber-security. Mr. Ziring tracks technical activities, promotes technical health of the staff, and acts as liaison to various industry, intelligence, academic, and government partners. Prior to the formation of the Capabilities Directorate, Mr. Ziring served five years as Technical Director of the Information Assurance Directorate. His personal expertise areas include security automation, IPv6, cloud computing, cross-domain information exchange, and data access control, and cyber defense. Prior to coming to NSA in 1988, Neal worked at AT&T Bell Labs. He has BS degrees in Computer Science and Electrical Engineering, and an MS degree in Computer Science, all from Washington University in St. Louis.
Post-Bac Certificate in Digital Forensics
Post-Baccalaureate Certificate in Professional Studies: Digital Forensics
UMBC’s cybersecurity graduate program has added a new 12-credit post-baccalaureate certificate in professional studies focused on digital forensics.
The Digital Forensics certificate program is intended for early and mid-career IT and law- enforcement professionals who want to learn basic and advanced concepts and develop skills in the field of computer forensics. Students will understand the role of digital/computer forensics as a subspecialty of cybersecurity. Through firsthand experience using industry-standard forensic tools, techniques, and procedures in the digital forensic process, students will understand the incident-handling process, the special rules of evidence that apply to cybercrime investigations (i.e., chain of custody, search and seizure, forensic imaging), and the relevant state, federal, and/or regulatory frameworks governing such activities within different industry sectors (such as defense, healthcare, and financial services). The four-course, 12-credit certificate can be applied toward obtaining the MPS in Cybersecurity degree.
CYBR 620 Intro to Cybersecurity or CMSC equivalent (i.e., CMSC 626, CMSC 687)
CYBR 641 Computer Crime Investigations
CYBR 642 Introduction to Digital Forensics
CYBR 643 Advanced Digital Forensics
talk: Why are memory-corruption bugs still a thing?, 10:30am Mon 4/8, ITE325
Why are memory-corruption bugs still a thing?
The challenges of securing software at an assembly level
Doug Britton CTO, RunSafe Security Inc.
10:30-11:30 Monday, 8 April 2019, ITE346
Methods to chip away at the danger of memory-corruption bugs have been available for some time. Why has the going-price of memory-corruption-based exploits not spiked? If the methods were have a broad-based result in mitigating exploit vectors, there would be a reduction in supply, causing an increase in prices. Also, there would be a reduction in the pool of people qualified to develop zero-days, allowing them to push the prices up. The data suggest that prices have remained generally stable and attackers are able to move with impunity. What are the challenges to large-scale adoption of memory-corruption based mitigation methods.
Doug Britton serves as Chief Technology Officer and Director of RunSafe Security, Inc. Mr. Britton Co-founded Kaprica Security, Inc., in 2011 and serves as its Chief Executive Officer. Prior to his leadership role in Kaprica, Mr. Britton was a cyber-security focused research and development manager at Lockheed Martin. He has an MBA and MS from University of Maryland and a BS in Computer Science from the University of Illinois.
SFS cyberdefense scholarship applications due April 15
SFS cyberdefense scholarship applications due Noon Monday, April 15
These major scholarships include tuition, generous stipend, and more, in return for government employment. Applicants must have at least junior status in fall 2019. BS, MS, MPS, PhD in any cyber-related field may apply (CS, CE, EE, IS, Cyber, and possibly others). SFS applicants must be citizens or lawful permanent residents capable of obtaining a secret clearance at federal, state, local, or tribal government. The annual stipends are $25,000 undergraduate and $34,000 graduate; in addition, each scholar will receive $6000 per year in professional development funds.
The scholarships are highly competitive (e.g., the median GPA of current SFS scholars at UMBC is 3.8) and favor students who have excelled in upper-level technical courses and who have demonstrated a passion and talent for cybersecurity through relevant accomplishments. We will consider applications from rising juniors and above with GPA over 3.0. All SFS scholars at UMBC are expected to engage in cohort and research activities. UMBC is in the first year of a five -year, $5 million NSF grant, which will support 34 students. For more information, see the SFS FAQ page.
Interested students should contact
Dr. Alan T. Sherman Professor of Computer Science Director, UMBC Center for Information Security and Assurance (CISA)
talk and demo: Exploiting IoT Vulnerabilities, 11:45-1:00pm Mon 2/18
Exploiting IoT Vulnerabilities
Dr. Yatish Joshi, Senior Engineer, Cisco Systems
11:45am-1:00pm Monday, 18 February 2019, ITE 325-B
The past decade has seen explosive growth in the use and deployment of IoT (Internet of Things) devices. According to Gartner there will be about 20.8 billion IoT devices in use by 2020. These devices are seeing wide spread adoption as they are cheap, easy to use and require little to no maintenance. In most cases, setup simply requires using a web or phone app to configure Wi-Fi credentials. Digital home assistants, security cameras, smart locks, home appliances, smart switches, toys, vacuum cleaners, thermostats, leakage sensors etc are examples of IoT devices that are widely used and deployed in home and enterprise environments.
The threat landscape is constantly evolving and threat actors are always on the prowl for new vulnerabilities they can exploit. With traditional attack methods yielding fewer exploits due to the increased focus on security testing, frequent patches, increased user awareness, Threat actors have turned their attention on IoT devices and are exploiting inherent vulnerabilities in these devices. The vulnerabilities, always ON nature, and autonomous mode of operation allow attackers to spy on users, spoof data, or leverage them as botnet infrastructure to launch devastating attacks on third parties. Mirai, a well known IoT malware utilized hundreds and thousands of enslaved IoT devices to launch DDoS attacks on Dyn affecting access to Netflix, Twitter, Github and many other websites. With the release of the Mirai source code numerous variants of the malware are infecting IoT devices across the world and using them to carry out attacks.
These attacks are made possible because the devices are manufactured without security in mind!. In this talk I will demonstrate how one can hack a widely available off-the-shelf IP Camera and router by exploiting the vulnerabilities present in these devices to get on the network, steal personal data, spy on a user, disrupt operation etc. We will also look at what can be done to mitigate the dangers posed by IOT devices.
So attend hack & defend!
Dr. Yatish Joshi is a software engineer in the Firepower division at Cisco Systems where he works on developing new features for Cisco’s security offerings. Yatish has a PhD in Computer Engineering from UMBC. Prior to Cisco Yatish worked as a lecturer at UMBC, and was a senior software engineer developing TV software at Samsung Electronics. When not working, he enjoys reading spy thrillers and fantasy novels.
talk: Using Deep Learning in Identifying Network Intrusions, 10:30am Mon 2/11, UMBC
Maryland Data Science Conference, Fri. 1/25, UMBC (new date)
, a AI and data science consulting firm founded by two UMBC alumni, will hold a one-day Data Science Conference at UMBC on Friday, January 25 in the Linehan Concert Hall of the UMBC Performing Arts & Humanities Building. A limited number of free tickets are available for current UMBC students. To attend, you need to register here.
The event was originally scheduled for January 14, but had to be rescheduled due to inclement weather. If you had registered and obtained a ticket earlier, you will need to re-register.
The event brings together local companies and professionals to share what new and exciting things they are doing with their data. It will be attended by business managers, startup founders, software engineers, data scientists, students, and other curious people that want to learn more about the cutting edge of data science, machine learning, and AI. See the conference website for topics and speakers.
Countering Russian disinformation the Baltic nations’ way
Countering Russian disinformation the Baltic nations’ way
As the new Congress begins, it will soon discuss the comprehensive reports to the U.S. Senate on the disinformation campaign of half-truths, outright fabrications and misleading posts made by agents of the Russian government on social media in the run-up to the 2016 presidential election.
After years of anemic responses to Russian influence efforts, official U.S. government policy now includes taking action to combat disinformation campaigns sponsored by Russia or other countries. In May 2018, the Senate Intelligence Committee endorsed the concept of treating attacks on the nation’s election infrastructure as hostile acts to which the U.S. “will respond accordingly.” In June, the Pentagon unleashed U.S. Cyber Command to respond to cyberattacks more aggressively, and the National Cyber Strategy published in September 2018 clarified that “all instruments of national power are available to prevent, respond to, and deter malicious cyber activity against the United States.”
There are already indications that Cyber Command conducted operations against Russian disinformation on social media, including warning specific Russians not to interfere with the 2018 elections. However, low-level cyberwarfare is not necessarily the best way. European countries, especially the Baltic states of Estonia, Latvia and Lithuania, have confronted Russian disinformation campaigns for decades. Their experience may offer useful lessons as the U.S. joins the battle.
The Baltic Sea region of northern Europe. Estonia, Latvia and Lithuania are in light green in the center, west of Russia in blue. Stefan Ertmann/ Wikimedia Commons, CC BY-SA
The Baltic experience
Beginning in 1940 and continuing until they declared independence in the early 1990s, the Baltic countries were subjected to systematic Russian gaslighting designed to make people doubt their national history, culture and economic development.
The Soviets rewrote history books to falsely emphasize Russian protection of the Baltic people from invading hordes in the Middle Ages, and to convey the impression that the cultural evolution of the three countries was enabled by their allegiance and close ties to Russia. Even their national anthems were rewritten to pay homage to Soviet influence.
Since the fall of the Soviet Union and the independence of the Baltic countries, the Russian Federation has continued to deliver disinformation to the region, making extensive use of Russian-language social media. Some themes characterize the Baltic people as ungrateful for Soviet investment and aid after World War II. Another common message criticizes Baltic historians for “falsification of history” when really they are describing the real nature of the Soviet occupation.
A massive Russian attack
After independence, and as the internet grew, Estonia led the way in applying technology to accelerate economic development. The country created systems for a wide range of government and commercial services, including voting, banking and filing tax returns electronically. Today, Estonia’s innovative e-residency system is being adopted in many other countries.
These advances made the Baltics a prime target for cyberattacks. In the spring of 2007, the Russians struck. When Estonia moved a monument memorializing Soviet soldiers from downtown Tallinn, the country’s capital, to a military cemetery a couple of miles away, it provoked the ire of ethnic Russians living in Estonia as well as the Russian government.
For three weeks, Estonian government, financial and media computer systems were bombarded with enormous amounts of internet traffic in a “distributed denial of service” attack. In these situations, an attacker sends overwhelming amounts of data to the targeted internet servers, clogging them up with traffic and either slowing them down or knocking them offline entirely. Despite concerns about the first “cyber war,” however, these attacks resulted in little damage. Although Estonia was cut off from the global internet temporarily, the country’s economy suffered no lasting harm.
These attacks could have severely damaged the country’s financial system or power grid. But Estonia was prepared. The country’s history with Russian disinformation had led Estonia to expect Russian attacks on computer and information systems. In anticipation, the government spearheaded partnerships with banks, internet service providers and other organizations to coordinate responses to cyberattacks. In 2006, Estonia was one of the first countries to create a Computer Emergency Response Team to manage security incidents.
The Baltic response
After the 2007 attack, the Baltic countries upped their game even more. For example, Estonia created the Cyber Defense League, an army of volunteer specialists in information technology. These experts focus on sharing threat information, preparing society for responding to cyber incidents and participating in international cyber defense activities.
Internationally, Estonia gained approval in 2008 to establish NATO’s Cooperative Cyber Defense Center of Excellence in Tallinn. Its comprehensive research into global cyber activities helps identify best practices in cyber defense and training for NATO members.
In 2014, Riga, the capital of neighboring Latvia, became home to another NATO organization combating Russian influence, the Strategic Communications Center of Excellence. It publishes reports on Russian disinformation activities, such as the May 2018 study of the “Virtual Russian World in the Baltics.” That report analyzes Russian social media activities targeting Baltic nations with a “toxic mix of disinformation and propaganda.” It also provides insight into identifying and detecting Russian disinformation campaigns.
The Baltic countries also rely on a European Union agency formed in 2015 to combat Russian disinformation campaigns directed against the EU. The agency identifies disinformation efforts and publicizes accurate information that the Russians are seeking to undermine. A new effort will issue rapid alerts to the public when potential disinformation is directed against the 2019 European Parliament elections.
Will the ‘Baltic model’ work in the US?
Because of their political acknowledgment of threats and actions taken by their governments to fight disinformation, a 2018 study rated Estonia, Latvia and Lithuania the three European Union members best at responding to Russian disinformation.
A similar approach may work in the U.S., though it would require far more collaboration than has existed so far. But backed by the new government motivation to strike back when provoked, the methods used in the Baltic states and across Europe could provide a powerful new deterrent against Russian influence in the West.
This site uses functional cookies and external scripts to improve your experience.
Privacy settings
Privacy Settings and Information
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. Your choices will not impact your visit.
Details
NOTE: Third-party Google scripts on this website may have access to cross-site third-party cookies under the google.com domain. We, the CSEE Department, do not access, read, or write these third-party cookies, and as a result, we do not control their presence on your browser. You may block them by using a third-party cookie blocker in your browser.
If you click Accept below to accept the general cookie consent, then a “wpgdprc-consent” cookie will be stored on your browser, to record your general consent.
If you click Accept below to accept the general cookie consent, and also have Google Analytics cookies enabled (on the sidebar to the left), the CSEE Department website will store and access Google Analytics cookies on your browser. We use the data from these cookies to collect information on website usage statistics and improve user experience. If you do not wish to allow Google Analytics cookies on your browser, then either do not click Accept on the bottom bar, or disable Google Analytics on the left.
If you log in to this website, then several Wordpress cookies and session variables will be stored on your browser. Accessing the login screen constitutes your consent to have Wordpress cookies and session variables stored on your computer.
External Scripts
The CSEE Department website makes use of several external scripts to improve user experience. These include, but are not necessarily limited to: Google Calendar, Google Analytics, and ReCAPTCHA. If you choose to use this website, then you agree to allow these scripts to be loaded and executed.
External Links
Our service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
NOTE: These settings will only apply to the browser and device you are currently using.
