Department of Computer Science and Electrical Engineering

On May 7, 2013, Dr. Richard Forno, Assistant Director of UMBC's Center for Cybersecurity and Director of UMBC's Graduate Cybersecurity Program, conducted an invited talk on the proposed Cybersecurity Information Sharing and Protection Act (CISPA) and moderated a discussion about general cybersecurity issues to UMBC's Delta Sigma Theta Sorority.  The evening event was the second in a series of invited guest speakers as part of the Sorority's May Week festivities.

CISPA is a proposed law that would allow and encourage the sharing of Internet traffic information between the U.S. government and technology and manufacturing companies in order to help US government agencies investigate cyber threats and ensure the security of networks against cyberattacks.

Delta Sigma Theta Sorority, Inc. is a private, non-profit organization whose purpose is to provide assistance and support through established programs in local communities throughout the world. A sisterhood of more than 200,000 predominately Black college educated women, the Sorority currently has over 900 chapters located in the United States, England, Japan (Tokyo and Okinawa), Germany, the Virgin Islands, Bermuda, the Bahamas and the Republic of Korea.

The UMBC Cybersecurity Masters in Professional Studies (MPS) program will offer the following courses over the Summer 2013 session:

• CYBR 620: Introduction to Cybersecurity
• CYBR 621: Cyber Warfare
• CYBR 691: Special Topics in Cybersecurity: Application Security Principles/Practices

Each class will meet one or two days a week in the late afternoon or evening, depending on the length of the session where the course is offered.

For those living in Washington, D.C., Northern Virginia, Frederick, MD, and points west, UMBC's Cybersecurity MPS will launch at the Universities at Shady Grove (USG) in Fall 2013.  Courses offered the first semester at that campus will be:

• CYBR 620: Introduction to Cybersecurity
• CYBR 623: Cybersecurity Law & Policy

The deadline to apply for Fall 2013 admission to the UMBC Graduate Cybersecurity Program is August 1, 2013.

UMBC Training Centers announced new Cybersecurity Academy certificate programs that provide highly-focused skills training and practical experience to address the cyber workforce training needs of the military, the intelligence community, federal civilian agencies, and the commercial sector in the Mid-Atlantic region. The Cybersecurity Academy includes four non-credit certificate programs: Cyber Foundations, Cybersecurity, Cyber Development and Cyber Operations. These certificate programs combine multiple skills training and hands-on problem solving guided by expert instructors to create high-impact learning. The skills mastered in the programs prepare participants with immediate, on-the-job effectiveness to tackle real-world situations.

The Certificate in Cyber Operations program starts June 24 and features a rigorous curriculum that delivers a focused set of skills reinforced by multiple industry certifications, including CompTIA Network+, CompTIA Security+, Cisco Certified Network Associate and Certified Ethical Hacker. This program is closely aligned with the recent National Institute of Standards and Technology release of the National Initiative for Cybersecurity Education framework.

UMBC's cyber defense team, the Cyber Dawgs, will host an interdisciplinary talk and screening of the film Game of Pawns at 7:00pm on Tuesday, April 30, 2013 in room 102 of the ITE building (LH8). The film is a true story of an American student who was recruited by the Chinese government to infiltrate a U.S. intelligence agency.

The event is sponsored and run by InfraGuard, an organization that acts as a partnership mediator between the FBI and US businesses. The talk will be nontechnical and will present an overview of the dangers that might arise when dealing with foreign businesses or representatives. It should be of interest to students considering studying abroad, pursuing international relations or business, or anticipating working for a government agency.

We are now offering the UMBC Cybersecurity MPS program at Shady Grove in Montgomery County, MD.

The Cybersecurity Master’s in Professional Studies degree provides students the essential knowledge required to serve in leadership and operational roles throughout the industry. Through the program, students will learn how to analyze cybersecurity risks and assess available countermeasures. The program will expose students to practical managerial and operational considerations needed to conduct cybersecurity activities for large organizations.

Dissertation Defense

Digital Forensics for
Infrastructure-as-a-Service Cloud Computing

Josiah Dykstra

10:00am Tuesday, 16 April 2013, ITE 325b

We identify important issues in the application of digital forensics to Infrastructure-as-a-Service cloud computing and develop new practical forensic tools and techniques to facilitate forensic exams of the cloud. When investigating suspected cases involving cloud computing, forensic examiners have been poorly equipped to deal with the technical and legal challenges. Because data in the cloud are remote, distributed, and elastic, these challenges include understanding the cloud environment, acquiring and analyzing data remotely, and applying the law to a new domain. Today digital forensics for cloud computing is challenging at best, but can be performed in a manner consistent with federal law using the tools and techniques we developed.

The first problem is understanding how and why criminal and civil actions in and against cloud computing are unique and difficult to prosecute. We analyze a digital forensic investigation of crime in the cloud, and present two hypothetical case studies that illustrate the unique challenges of acquisition, chain of custody, trust, and forensic integrity. Understanding these issues introduces legal challenges which are also important for federal, state, and local law enforcement who will soon be called upon to conduct cloud investigations.

The second problem is the lack of practical technical tools to conduct cloud forensics. We examine the capabilities for forensics today, evaluate the use of existing tools including EnCase and FTK, and discuss why these tools are incapable of trustworthy cloud acquisition. We design consumer-driven forensic capabilities for OpenStack, including new features for acquiring trustworthy firewall logs, API logs, and disk images.

The third problem is a deficit of legal instruments for seizing cloud-based electronically-stored information. We analyze the application of existing policies and laws to the new domain of cloud computing by analyzing case law and legal opinions about digital evidence discovery, and suggest modifications that would enhance cloud the prosecution of cloud-based crimes. We offer guidance about how to author a search warrant for cloud data, and what pertinent data to request.

This dissertation enhances our understanding of technical, trust, and legal issues needed to investigate cloud-based crimes and offers new tools and techniques to facilitate such investigations.

Committee: Dr. Alan T. Sherman (Chair), Dr. Charles Nicholas, Dr. Richard Forno, Dr. Simson Garfinkel (Naval Postgraduate School), Mr. Donald Flynn, JD (Department of Defense Cyber Crime Center)

Here is UMBC President Freeman Hrabowski's talk at the 2013 TED conference. He is, as usual, very inspirational. We are truly lucky to have him leading our university.

"If a student has a sense of self, it’s amazing how their dreams and values can make all the difference in the world."

Look for his mention of computer science and women in IT near the end.

UMBC Graduate student Puneet Sharma talks about his research on developing a multilayer framework to catch data exfiltration, 10:30 Monday April 8 in toom ITE325b at UMBC. Here is the abstract.

Data exfiltration is the unauthorized leakage of confidential data from a particular system. It is nothing but a very specific form of intrusion which is particularly hard to catch due to the most common cause; an insider entity responsible for the leak. That entity could be a real person employed in the organization, or even a malicious hardware piece bought from an unreliable third party. Catching such intrusions therefore, can be extremely difficult. What is proposed is a framework with a multitude of parameters to be constantly monitored on a system. These parameters would cover the entire stack of the computer architecture starting from the hardware up till the application layer. A more spread out and comprehensive monitoring framework should ensure that designing an attack becomes extremely difficult since the intruder must now devote significantly more time and effort to bypass the multiple checks and avoid raising alarms.

Tresys Technology, a provider of technology and engineering services for customers with high-security requirements, announced the "Tresys Technology Scholarship" for UMBC students. The merit-based scholarship is intended to support incoming sophomore or junior computer science majors at UMBC with demonstrated financial need and who have obtained or transferred a grade point average of 3.0 or greater. There is a preference given to students interested in computer security. The scholarship, managed by the UMBC Foundation, may be renewed for a second year, contingent on the student’s academic performance and continued financial need. Scholarship recipients are also invited to apply for paid internship positions at Tresys.

Tresys also announced the first two recipients: UMBC Computer Science juniors Sven Rivera and Sean Hoover, who both received scholarship awards of $2,500. Sven transfered to UMBC after attending Carrol Community College and Howard Community College and Sean came to UMBC as a transfer student from New Mexico State University.

For more information or to apply for future awards of the Tresys Technology Scholarship scholarship, visit the COEIT scholarship page.

The Fourth Trusted Infrastructure Workshop (TIW 2013) will be held at Penn State University in University Park, PA from Sunday afternoon, June 2 to Thursday, June 6.

TIW 2013 is a free premier educational meeting for graduate students with a focus on computer systems security research and research that builds on trusted computing foundations. TIW 2013 will consist of lectures and hands-on labs, enabling the students to learn concepts and apply them in practice. Speakers include world-class experts in their respective fields from industry, government, and academia. See the preliminary program for more information.

The workshop is designed for graduate students with a research interest in computer security. Although the workshop is free for students, students must apply to be selected for TIW 2013. Applications received by April 25 will also receive full consideration for travel support. Applications will continue to be received until May 20 based on space and funds. The workshop may have space for a small number of other attendees, but a fee will be required for other attendees.