Arduino workshop 11-1 Friday 2/25

Arduino is an open-source electronics platform based on easy-to-use hardware and software.

The UMBC IEEE student branch will hold a free Arduino workshop on Friday, February 25, 2022, from 11:00 to 1:00 pm ET in ITE 238. Arduino is an inexpensive, open-source electronic prototyping platform enabling users to create interactive electronic objects. The workshop will lead participants through some guided projects. No experience is necessary.

The Arduino microcontroller is a great device for anyone who wants to learn more about embedded and cyber-physical systems. It is used in many fields in research and industry and might even help you get an internship. UMBC students have used the Arduino for researching self-replicating robots, remote-controlled helicopters, hacking into a vehicle’s control system, and using radar to detect human activity in a room. The Arduino is a wonderful tool and is fairly easy to use.

The workshop is open to all majors and only minimum coding experience is recommended.  Bring a laptop with a full USB A port and charger and download and install the Arduino IDE. All Arduino equipment will be provided.

For more information send email to .

talk: Semantically Rich Knowledge Graphs to Automate Cloud Data Security & Compliance, 12-1 Feb 22

The UMBC Cyber Defense Lab presents

Semantically Rich Knowledge Graphs to Automate Cloud Data Security and Compliance

Prof. Karuna Joshi
Information Systems, UMBC

12-1 pm ET, Friday, 18 February 2022, via WebEx

To address data protection concerns, authorities and standards bodies worldwide have released a plethora of regulations, guidelines, and software controls to be applied to cloud services data. As a result, service providers maintaining their end-users private attributes have seen a surge in compliance requirements. This becomes especially important in critical domains like healthcare and finance. As most of these cloud data regulations are not available in a machine-processable format, it requires significant manual effort to adhere to them. Often many of the laws have overlapping rules, but as they are not referencing each other, providers must duplicate efforts to comply with each regulation. Furthermore, providers often encrypt cloud data to meet regulatory requirements, but these records cannot be queried without the large overhead of decryption. As the volume of cloud-based services reaches big data levels, it is essential to be able to have searchable encrypted cloud data.

We have developed a semantically rich ontology or knowledge graph that captures knowledge embedded in various cloud data compliance regulations using techniques from AI, NLP, and text extraction. It includes data threats and security controls that are needed to mitigate the risks. We have also developed a novel approach that facilitates searchable encryption using attribute-based encryption (ABE) and multi-keyword search techniques. In this talk, I will present the results of this work, especially as applied to GDPR, PCI-DSS, and HIPAA regulations.

Dr. Karuna Pande Joshi is an associate professor of information systems at UMBC and UMBC director of the Center of Accelerated Real-Time Analytics (CARTA). She also directs the Knowledge Analytics Cognitive and Cloud (KnACC) Lab. Her research focus is in the areas of data science, cloud computing, data security and privacy, and healthcare IT systems. She has published over 70 papers and her research is supported by ONR, NSF, DoD, IBM, GE Research, and Cisco. She teaches courses in big data, database systems design, decision support systems, and software engineering. She received her MS and Ph.D. in computer science from UMBC, where she was twice awarded the IBM Ph.D. Fellowship, and her Bachelors in computer engineering from the University of Mumbai, India. Dr. Joshi also has extensive experience working in industry, primarily as an IT program/project manager at the International Monetary Fund.

Host: Alan T. Sherman, Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1 pm. All meetings are open to the public. Upcoming CDL meetings: Mar 4, Mar 18, Apr 1 Kirellos Elsaad (UMBC), Apr 15, Apr 29 Ian Blumenfeld (UMBC), May 13 Enka Blanchard (Digitrust Loria, France)

COEIT’s 30th Anniversary Celebration and Engineering & Computing Week

UMBC’s College of Engineering and Information Technology celebrates its 30th anniversary with a series of events in the week of February 21-25.

COEIT’s 30th Anniversary Celebration and
Engineering & Computing Week

February 21-25, 2022

UMBC’s College of Engineering and Information Technology will celebrate its 30th anniversary with a series of events during the week of February 21-25.


  • Engineers week kick-off, 12-lpm, ENG atrium
  • Virtual trivia night, 6-8 pm, Online


  • Open Lab Tours, 11-1 pm, ENG & ITE
  • SHPE Diversity panel, 5-7 pm, ITE 238
  • SWE Hot chocolate bar & CWIT cookie bar 7-7:30 pm, ENG atrium


  • Connecting with Nature, Reflecting on our future, Library Pond
  • ASME Showcase, 2-3 pm, ENG atrium AIAA & AIChE Showcase, 5-7 pm, ENG atrium


  • NSBE Engineering challenges, 1-2pm, ITE 238
  • Alumni reception, 5:30-8 pm, Guinness Brewery


  • IEEE Arduino workshop, Ilam-lpm, ITE 238
  • Battle of COEIT, 2-3 pm, ENG atrium
  • Baja Car unveiling, 3-4 pm, ENG atrium

All week

  • Week-long photo scavenger hunt

talk: Users’ Preferences for Enhanced Misinformation Warnings on Twitter

The UMBC Cyber Defense Lab presents

Context, a Red Flag, or Both? Users’ Preferences for Enhanced Misinformation Warnings on Twitter

Prof. Filipo Sharevski
Adversarial Cybersecurity Automation Lab
DePaul University

12–1pm ET Friday, 4 Feb. 2022, WebEx

Warning users about hazardous information on social media is far from a simple usability task. The so-called soft moderation must balance between debunking falsehoods and avoiding moderation bias while avoiding disrupting the social media consumption flow. Platforms thus employ visually indistinguishable warning tags with generic text under a suspected misinformation content. This approach resulted in an unfavorable outcome where the warnings “backfired” and users believed the misinformation more, not less. To address this predicament, we developed enhancements to the misinformation warnings where users are advised on the context of the information hazard and exposed to standard warning iconography.

Balancing for comprehensibility, the enhanced warning tags provide context in regards to (1) fabricated facts; and (2) improbable interpretations of facts. Instead of the generic “Get the facts about the COVID-19 vaccine” warning, users in the first case are warned about “Strange, Potentially, Adverse Misinformation (SPAM): If this were an email, this would have ended up in your spam folder” and in the second case about “For Facts Sake (FFS): In this tweet, facts are missing, out of context, manipulated, or missing a source.” The SPAM warning tag contextualizes misinformation with an analogy to an already known phenomenon of spam email, while the FFS warning tag as an acronym blends with the characteristic communication Twitter behavior with compact language due to the tweets’ length restriction. The text-only warning tags were then paired with the hereto ignored usable security intervention when it comes to misinformation: red flags as watermarks over the suspected misinformation tweets. The tag-and-flag variant provided an option for us also to test user receptivity to warnings that incorporate contrast (red), gestalt iconography for general warnings (flag), and actionable advice for inspection (watermark).

We ran an A/B evaluation with Twitter’s original warnings in a usability study with 337 participants. The majority of the participants preferred the enhancements as a nudge towards recognizing and avoiding misinformation. The enhanced warnings were most favored by the politically left-leaning and to a lesser degree moderate participants, but they also appealed to roughly a third of the right-leaning participants. The education level was the only demographic factor shaping participants’ preferences for the proposed enhancements. Through this work, we are the first to perform an A/B evaluation of enhanced social media warnings providing context and introducing visual design frictions in interacting with hazardous information. Our sentiment analysis towards soft moderation in general, and enhanced warning tags in particular from a political and demographic perspective, provides the basis for our recommendations about future refinements, frictions, and adaptations of soft moderation towards secure and safe behavior on social media.

About the Speaker. Dr. Filipo Sharevski () is an assistant professor of cybersecurity and director of the Adversarial Cybersecurity Automation Lab ( His main research interest is adversarial cybersecurity automation, m/disinformation, usable security, and social engineering. Sharevski earned the PhD degree in interdisciplinary information security at Purdue University, CERIAS in 2015.

Host: Alan T. Sherman, Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1 pm. All meetings are open to the public.

talk: Building Resilience against Cyberattacks, 12pm ET, Dec 15

ArtIAMAS Seminar Series, Co-organized by UMBC, UMCP, and the Army Research Lab

Building Resilience against Cyberattacks

Aryya Gangopadhyay, UMBC

12-1 PM ET Wednesday, 15 December 15, 2021
Online via webex

In this talk, we will address the issue of building resilient systems in the face of cyberattacks. We will present a defense mechanism for cyberattacks using a three-tier architecture that can be used to secure army assets and tactical information. The top tier represents the front-end where autonomous sensing and inferencing through AI models take place by UAVs, UGVs, etc. We will illustrate how models can be defended against data poisoning attacks. In the middle tier, we focus on building cyber defense against attacks in federated learning environments, where models are trained on a large corpus of decentralized data without transferring raw data over a communication channel. The bottom tier represents back-end servers that train deep learning models with large amounts of data that can subsequently be pushed to the edge for inferencing. We will demonstrate how adaptive models can be developed for detecting and preventing various types of attacks at this level.

Dr. Aryya Gangopadhyay is a Professor in the Information Systems department at the University of Maryland, Baltimore County. Dr. Gangopadhyay has a courtesy appointment as a Professor in Computer Science and Electrical Engineering at UMBC. He is also the Director of the Center for Real-time Sensing and Autonomy (CARDS) at UMBC. His research interests include adversarial machine learning at the edge, cybersecurity, and smart cities. He has graduated 16 Ph.D. students and is currently mentoring several others at UMBC. He has published over 125 peer-reviewed research articles and has received extramural support from ARL, NSF, NIST, the Department of Education, and IBM.

talk: Top-K Ranking Deep Contextual Bandits for Information Selection Systems, 12pm ET 12/8

The multi-armed bandit problem arises when allocating a fixed limited set of resources between competing choices to maximize expected gain when each choice’s properties are only partially known but may become better understood as time passes

ArtIAMAS Seminar Series, co-organized by UMBC, UMCP & Army Research Lab

Top-K Ranking Deep Contextual Bandits for Information Selection Systems

Dr. Jade Freeman, Army Research Lab

12-1pm ET Wed. 8 Dec. 2021, Online via Webex

In today’s technology environment, information is abundant, dynamic, and heterogeneous in nature. Automated filtering and prioritization of information is based on the distinction between whether the information adds substantial value toward one’s goal or not. Contextual multi-armed bandit has been widely used for learning to filter contents and prioritize according to user interest or relevance. Learn-to-Rank technique optimizes the relevance ranking on items, allowing the contents to be selected accordingly. We propose a novel approach to top-K rankings under the contextual multi-armed bandit framework. We model the stochastic reward function with a neural network to allow non-linear approximation to learn the relationship between rewards and contexts. We demonstrate the approach and evaluate the performance of learning from the experiments using real-world data sets in simulated scenarios. Empirical results show that this approach performs well under the complexity of a reward structure and high dimensional contextual features.

Dr. Jade Freeman is the Chief of the Battlefield Information Systems Branch, DEVCOM U.S. Army Research Laboratory (ARL), overseeing military information systems and analysis research projects. Prior to joining ARL, Dr. Freeman served as the Senior Statistician for the Chief of Staff at the Department of Homeland Security, Office of Cybersecurity and Communications, currently known as The Cybersecurity and Infrastructure Security Agency (CISA), Dr. Freeman obtained her Ph. D. in Statistics from George Washington University

talk: Shadow IT in Higher Ed: Survey & Case Study for Cybersecurity, 12-1 Fri 12-3

Shadow IT is the use of information technology systems, devices, software, applications, and services without explicit IT department approval.

The UMBC Cyber Defense Lab presents

Shadow IT in Higher Education: Survey and Case Study for Cybersecurity

Selma Gomez Orr, Cyrus Jian Bonyadi, Enis Golaszewski, and Alan T. Sherman
UMBC Cyber Defense Lab

Joint work with Peter A. H. Peterson (University of Minnesota Duluth), Richard Forno, Sydney Johns, and Jimmy Rodriguez

12-1:00 pm, Friday, 3 December 2021, online via WebEx

We explore shadow information technology (IT) at institutions of higher education through a two-tiered approach involving a detailed case study and comprehensive survey of IT professionals. In its many forms, shadow IT is the software or hardware present in a computer system or network that lies outside the typical review process of the responsible IT unit. We carry out a case study of an internally built legacy grants management system at the University of Maryland, Baltimore County that exemplifies the vulnerabilities, including cross-site scripting and SQL injection, typical of such unauthorized and ad-hoc software. We also conduct a survey of IT professionals at universities, colleges, and community colleges that reveals new and actionable information regarding the prevalence, usage patterns, types, benefits, and risks of shadow IT at their respective institutions.

Further, we propose a security-based profile of shadow IT, involving a subset of elements from existing shadow IT taxonomies, that categorizes shadow IT from a security perspective. Based on this profile, survey respondents identified the predominant form of shadow IT at their institutions, revealing close similarities to findings from our case study.

Through this work, we are the first to identify possible susceptibility factors associated with the occurrence of shadow IT-related security incidents within academic institutions. Correlations of significance include the presence of certain graduate schools, the level of decentralization of the IT department, the types of shadow IT present, the percentage of security violations related to shadow IT, and the institution’s overall attitude toward shadow IT. The combined elements of our case study, profile, and survey provide the first comprehensive view of shadow IT security at academic institutions, highlighting the tension between its risks and benefits, and suggesting strategies for managing it successfully.

Dr. Selma Gomez Orr ( ) received her Ph.D. from Harvard University in the field of decision sciences. She also holds Masters degrees in applied mathematics, engineering sciences, and business administration, also from Harvard. She has worked in the private sector in the fields of cybersecurity and data analytics. Most recently, as a CyberCorps Scholarship for Service (SFS) Scholar, Dr. Orr completed a Master’s of Professional Studies in both cybersecurity and data science at UMBC.

Cyrus Jian Bonyadi ( ) is a computer science Ph.D. student and former SFS scholar studying consensus theory at UMBC under the direction of Alan T. Sherman, Sisi Duan, and Haibin Zhang.

Enis Golaszewski ( ) is a Ph.D. student at UMBC under Alan T. Sherman where he studies, researches, and teaches cryptographic protocol analysis. A former SFS scholar, Golaszewski helps lead annual research studies that analyze and break software at UMBC.

Dr. Alan T. Sherman () is a professor of computer science, director of CDL, and associate director of UMBC’s Cybersecurity Center. His main research interest is high-integrity voting systems. Sherman earned the Ph.D. degree in computer science at MIT in 1987 studying under Ronald L. Rivest.

Host: Alan T. Sherman, Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1 pm. All meetings are open to the public. Upcoming CDL Meetings: Feb 4, Filipo Sharevski

Webinar on NSA Codebreaker challenge and student opportunities, Sept 9

NSA Codebreaker challenge and student opportunities Webinar

4-6 pm EDT Thursday, 9 September 2021, Online

Register Here

NSA will hold an NSALive Adobe Webinar on Thursday, September 9, 2021, from 4-6 pm EDT to learn about the National Security Agency and Student Program opportunities, as well as a deep dive into the 2021 Codebreaker Challenge. Register for the online session here.

The Codebreaker Challenge is the NSA’s annual cybersecurity and cryptanalysis challenge with a realistic, NSA mission-centric scenario open to U.S-based academic institutions. The 2021 challenge is open now and runs through December 31, 2021.

While the challenge is intended for students, faculty are encouraged to participate as well. Furthermore, the site was designed to make it easy for those faculty interested in incorporating the challenge into their courses (see the additional FAQ entries below.)

The 2021 Codebreaker Challenge consists of a series of tasks worth a varying amount of points based upon their difficulty. Schools will be ranked according to their students’ total number of points with the current ranking shown on a leaderboard. Solutions may be submitted at any time for the duration of the Challenge.

While not required, it is recommended that participants solve tasks in order since they flow with the storyline. Later tasks may rely on artifacts or inputs from earlier tasks. Each task in the 2021 challenge will require a range of skills. You will need to call upon all of your technical expertise, intuition, and common sense.

UMBC’s Donna Ruginski and bwtech@UMBC finalists for CAMI’s Maryland Cybersecurity Awards

Donna Ruginski and bwtech@UMBC finalists for CAMI’s Maryland Cybersecurity Awards

Congratulations to UMBC’s Donna Ruginski and bwtech@UMBC Research and Technology Park for their selection as finalists in the Cybersecurity Association of Maryland’s Fifth Annual Maryland Cybersecurity Awards.

Donna Ruginski is a finalist for the Cyber Warrior Woman Award, which honors a woman doing extraordinary or exemplary work in Maryland’s cybersecurity industry. She is UMBC’s Executive Director for Cybersecurity Initiatives in the Office of the Vice President for Research. She is responsible for the strategic positioning and growth of UMBC’s cybersecurity partnerships, research, and programs.

The bwtech@UMBC Research and Technology Park is a finalist for the Cybersecurity Industry Resource Award, which celebrates a non-cybersecurity business, organization, academic institution, or government agency that has significantly contributed to Maryland’s cybersecurity industry through its products, services, or mission.

Finalists were selected by an independent panel of judges represented by leaders in a variety of fields. One winner from each category will be announced at the Maryland Cybersecurity Awards Celebration on September 22, 2021, 5 PM – 8 PM at Maryland Live! Casino.

All finalists are automatically entered into the People’s Choice Award category. The public is invited to vote online to determine who will receive the coveted Cybersecurity People’s Choice Award. The winner will be announced during the virtual Awards Celebration on September 22, 2021. Vote for your choice here.

The Cybersecurity Association of Maryland, Inc. (CAMI) is a statewide nonprofit organization established in 2015. It is Maryland’s only organization dedicated 100% to the growth of Maryland’s cybersecurity industry. 

UMBC’s 25th Undergraduate Research & Creative Achievement Day had a global audience

A scene from the game Recurring Moment by Kristian Mischke. Image courtesy of Mischke.

UMBC’s 25th Undergraduate Research and Creative Achievement Day had an expanded global audience

UMBC’s 25th Undergraduate Research and Creative Achievement Day (URCAD) reached more viewers than ever before, with visitors connecting online from as far away as Spain, Indonesia, Nigeria, Brazil, Bhutan, Germany, and the U.K.. Audiences logged more than 11,000 visits (compared with 8,000 in 2020) and posted more than 3,500 comments over the course of the week-long event. 

For UMBC’s video game designers, going virtual was not new. Marc Olano, associate professor of computer science and electrical engineering, mentored four projects presented at URCAD, each led by a group of about four students. They include Sword Shibe; Recurring Moment – A Time Travel Puzzle Platformer; Jump Starters, and the two-player Android and PC strategy game Hamster Toaster Checker. Students in UMBC’s computer science game development track collaborated with students in animation and interactive media to envision and begin developing the new games.

“The beauty of the CMSC 493 class is that it brings artists and programmers together and the management of the project is completely led by us,” says Kristian Mischke ‘21, computer science, the game designer for the Recurring Moment project.

In Sword Shibe, players take a dog with a sword through different paths. The student team that created it drew inspiration for its concept designs from Japanese culture, folklore, and legends. The dog in the game is also inspired by a Shiba Inu, which is a breed of hunting dog from Japan. 

Olano worked to model the students’ project experience on the structure of the game design and development industry. “Students began working through ideas in small teams and worked their way through prototypes and onto a bigger team,” he explains. “In the game industry, you have to work collaboratively or you fail.” 

Mischke explains how he would bounce ideas off the artists for visual appeal or about the game’s narrative arc. With the other programmers, he talked through implementation feasibility. “We all would give feedback and discuss adaptations together,” says Mischke. “Everyone on the team was able to be part of the process and apply their unique skill set.”

This post was adapted from a UMBC News article written by Catalina Sofia Dansberger Duque.

1 2 3 4 33