Investigating the Impact of Device Aging on the Security of Cryptographic Chips

Professor Naghmeh Karimi received a prestigious NSF CAREER award to support her research on Investigating the impact of device aging on the security of cryptographic chips.

CAREER awards are among NFS’s most prestigious awards and are intended to support early-career faculty who have the potential to serve as academic role models in research and education and to lead advances in the mission of their department or organization.

Cryptographic chips implement cryptographic functions in hardware for better performance. Despite the significant performance benefits, cryptographic chips can be compromised by the adversaries via monitoring their power-consumption, tampering their logic or placing the chips under stress to generate erroneous outputs to infer sensitive data. The current protections against such attacks do not consider the aging of the devices that can cause a parametric shift of device parameters over time which can compromise device security.

Supported by this five-year award, Professor Karimi and her students will investigate the effects of device aging on the security of cryptographic devices, particularly those with protection against physical attacks, and develop solutions to ensure security when device aging comes into account. Her work will help enable the development of long-lasting security for trusted hardware platforms, and result in aging-resistant security solutions that benefit the society via devices that remain secure over their lifetime.

UMBC Cyber Dawgs place first in
15th Mid-Atlantic Collegiate Cyber Defense Competition

Congratulations to the UMBC Cyber Dawgs for winning the 15th Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) which was held this Friday and Saturday. UMBC placed first in a field of teams from eight Universities who made the regional finals out of an initial set of 27 qualifying teams. By winning the regional competition, UMBC will represent the Mid-Atlantic states in the National Collegiate Cyber Defense Competition to be held on May 22-24, 2020.

The MACCDC has been held annually since 2006. Each year, it develops a new realistic challenge using the latest technologies currently in use. This year’s scenario involves student teams working for a fictitious Artificially Intelligent Institute (AII), a multinational corporation with offices in the Mid-Atlantic region. It was described as follows.

“As a leading provider of advanced AI surveillance tools to intelligence and law enforcement agencies, as well as private-sector organizations, the main business driver of AII is to show how new surveillance capabilities are transforming government’s and organization’s monitoring capabilities. As part of their duties, Blue Teams are expected to defend their systems against aggressors. Early intelligence reports suggest that rouge Hackistanian antagonist are interested in stealing AII’s intellectual property, source code, and customer database. Hackers contracted and working directly for the country of Hackistan are also interested in disrupting IoT devices on-premises at the various AII regional offices.”

The MACCDC team was chosen from members of the CyberDawgs student group, composed of students from a variety of majors who share a common interest in computer and network security. No prior experience is required to join and any UMBC students who want to learn more about cybersecurity and learn new skills in the field are encouraged to subscribe to its mailing list and attend meetings.

The CyberDawgs group is advised by CSEE faculty Charles Nicholas and Richard Forno.

Synergy-based human-machine interfaces

Ramana Vinjamuri
Harvey N. Davis Distinguished Assistant Professor
Stevens Institute of Technology

1:00-2:00 pm Monday, 23 March 2020

Online Webex meeting

Human-machine interfaces (HMIs) have not only become popular technologies but have become the hope of many individuals for restoring their lost limb function. Any HMI has two important intrinsic design components—(i) decode the human commands and (ii) controlling the machine to convert that command into action. Decades of research went into making the interface between the human and the machine seamless but were unable to effectively address the inherent challenges, namely, complexity, adaptability, and variability. To overcome the above challenges, it is critical to computationally understand and quantitatively characterize the human sensorimotor control. Emerging areas in HMIs critically depend on the ability to build bioinspired models, experimentally validate them and utilize them in adaptive and intuitive control. The human hand with high dimensionality encompasses the three inherent challenges and may serve as an ideal validation paradigm. How the central nervous system (CNS) controls this high dimensional human hand effortlessly is still an unsolved mystery. To address this high dimensional control problem, many bioinspired motor control models have been proposed, one of which is based on synergies. According to this model, instead of controlling individual motor units, CNS simplifies the control using coordinated control of groups of motor units called synergies. However, there are several unanswered questions today— Where are synergies present in CNS? What is their role in motor control and motor learning? By combining the concepts of human motor control, computational neuroscience, machine learning and validation with noninvasive human experiments, can we answer these fundamental questions? The goal of this research is to develop efficient, seamless and near-natural human-machine interfaces based on biomimetically inspired models.

Ramana Vinjamuri received his Ph.D. in Electrical Engineering in 2008 specialized in dimensionality reduction in control and coordination of human hand from the University of Pittsburgh. He worked as a postdoctoral research associate (2008-2012) in the field of Brain Machine Interfaces (BMI) to control prosthesis in the School of Medicine, University of Pittsburgh where he received Mary E Switzer Merit Fellowship from NIDILRR in 2010. He worked as a Research Assistant Professor in the Department of Biomedical Engineering at the Johns Hopkins University (2012-2013) in the area of neuroprosthetics. He is currently an Assistant Professor in the Department of Biomedical Engineering at Stevens Institute of Technology (2013-Present). In 2018, he received Harvey N Davis Distinguished Teaching Award for excellence in undergraduate and graduate teaching. He received the NSF CAREER Award in 2019. His other notable research awards are from USISTEF and New Jersey Health Foundation. He also holds a secondary appointment as an Adjunct Assistant Professor at Indian Institute of Technology, Hyderabad, India.

The UMBC Cyber Defense Lab presents

Hard-Learned Lesson in Defense of a Network

Dan Yaroslaski
Former Operations Officer at Marine Forces Cyberspace Command, Colonel, USMC

12–1:00pm, Friday, 27 March 2020
WebEx: https://umbc.webex.com/meet/sherman

Often network defenders fail to take into account organizational culture when attempting to provide a secure, reliable, and usable enterprise network. Users and process leaders often fall victim to the false allure of the value of networked systems, without asking the question, “Should this be networked?” Collectively, organizations also forget that networks are a combination of the humans who use the network, the personas we all have to form to gain access to this manmade domain, and the interplay of logical and physical network architecture manifested in geographical locations. The value of some simple military principles—including defense-in-depth, mission focus, redundancy, and resiliency versus efficiency—can help a network defender better advise everyone from the “C Suite” decision-makers to the average network user, on how to have a secure network while accepting reasonable limitations.

Colonel Dan Yaroslaski is a career Marine with over 30 years of service to the nation. He started as an enlisted anti-armor missileman, who then became an Assault Amphibian Vehicle Officer (AAV’s are 27 Ton armored amphibious descendants of the WW II vehicles used from Tarawa to Iwo Jima). He has made a career of integrating technology and human beings to form cohesive combat organizations. Dan’s diverse career placed him at the forefront of high-end, top-secret compartmentalized planning and execution, to the extremely human act of advising an Afghan National Army Kandak (Battalion). During his five-year tenure at Marine Forces Cyberspace Command, he successfully architected new techniques that took advantage of boundary defenses, to new and innovative ways to integrate traditional warfare methods with cyberspace operations, as highlighted in a recent NPR story about USCYBERCOM’s Operation GLOWING SYMPHONY. Dan also spent time creating effective policy directing network operations and defense, to include an extremely frustrating year negotiating the interplay of network operations, operations in the information environment, and Marine Corps culture. Dan and his wife are now empty nesters, so they spend an enormous amount of time nurturing two dogs to fill the void left by their children. As the Rolling Stones point out, “What a drag it is getting old.”

Host: Alan T. Sherman,

Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings:

• Apr 10, Russ Fink (APL), ransomware
• Apr 24, Lance Hoffman (GWU), policy
• May 8, Jason Wells (UMBC SFS scholar), law enforcement
• May 22, Spring SFS Meeting at UMBC, 9:30am-2pm, ITE 456

The UMBC Cyber Defense Lab presents

Autonomous Agents, Deep Learning,
and Graphs for Cyber Defense

Dr. Hasan Cam
Army Research Laboratory

12–1 pm Friday, 13 March 2020, ITE 227, UMBC

Cyber resilience usually refers to the ability of an entity to detect, respond to, and recover from cybersecurity attacks to the extent that the entity can continuously deliver the intended outcome despite their presence. Cybersecurity tools such as intrusion detection and prevention systems usually generate far too many alerts, indicators or log data, many of which do not have obvious security implications unless their correlations and temporal causality relationships are determined. In this talk, I will present methods to first estimate the infected and exploited assets and then take recovery and preventive actions using autonomous agents, deep learning, and graphs. Autonomous adversary and defender agents are designed such that the adversary agent can infer the adversary activities and intentions, based on cybersecurity observations and measurements, while the defender agent aims at estimating the best reactive and pro-active actions to protect assets and mitigate the adversary activities. The graph thinking and causality analysis of cyber infection and exploitation helps predict the infection states of some assets. This prediction data of infections is taken as input data by deep reinforcement learning to train agents for determining effective actions. This talk will discuss some preliminary results from the development of building an automated system of autonomous agents to provide cyber resiliency over networks.

Hasan Cam is a Computer Scientist at US Army Research Laboratory. He currently works on the projects involved with autonomous agents, active malware defense, cyber resiliency, and risk assessment over wired, mobile, and tactical networks. His research interests include cybersecurity, machine learning, data analytics, networks, algorithms, and parallel processing. He served as the government lead for the Risk area in Cyber Collaborative Research Alliance. He has previously worked as a faculty member in academia and a senior research scientist in the industry. He has served as an editorial member of two journals, a guest editor of two special issues of journals, an organizer of symposiums and workshops, and a Technical Program Committee Member in numerous conferences. He received a Ph.D. degree in electrical and computer engineering from Purdue University, and an M.S. degree in computer science from Polytechnic University, New York. He is a Senior Member of IEEE.

Host: Alan T. Sherman,

Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings:

• Mar 27, Dan Yaroslaski, cybercommand
• Apr 10, Russ Fink (APL), ransomware
• Apr 24, Lance Hoffman (GWU), policy
• May 8, Jason Wells, law enforcement
• May 22, Spring SFS Meeting at UMBC, 9:30-2, ITE 456

❌ Canceled: UMBC Data Science Meetup:
Rapid Data Exploration with Apache Drill ❌

5:30-7:00 pm 11 March 2020, UC 310, UMBC

Join Charles Givre for a hands-on introduction to data exploration with Apache Drill. Becoming a data-driven business means using all the data you have available, but a common problem in many organizations is that data is not optimally arranged for ad-hoc analysis. Through a combination of lecture and hands-on exercises, you’ll gain the ability to access previously inaccessible data sources and analyze them with ease. You’ll learn how to use Drill to query and analyze structured data, connect multiple data sources to Drill, and perform cross-silo queries. Study after study shows that data scientists and analysts spend between 50% and 90% of their time preparing their data for analysis. Using Drill, you can dramatically reduce the time it takes to go from raw data to insight. This workshop will show you how.

UMBC University Center, Room 310
March 11, 2020, from 5:30 pm to 7:00 pm
(5:30 – 6:00 pm) Social
(6:00 – 6:50 pm) Workshop: Rapid Data Exploration with Apache Drill
(6:50 – 7:00 pm) Question and Answer Session

Register on the Meetup page.

Note that we formally end our Q&A session at 7 pm (so that graduate students can catch their classes starting at 7:10 pm) but in our previous events we’ve seen that one-on-one and group discussions with the speaker(s) continue even after Q&A session

Speaker: Mr. Charles Givre works as a manager at JP Morgan Chase. Prior to joining Deutsche Bank, Mr. Givre worked as a Senior Lead Data Scientist for Booz Allen Hamilton for the last seven years where he works in the intersection of cybersecurity and data science. Mr. Givre taught data science classes at BlackHat, the O’Reilly Security Conference, the Center for Research in Applied Cryptography and Cyber Security at Bar Ilan University. One of Mr. Givre’s research interests is increasing the productivity of data science and analytic teams, and towards that end, he has been working extensively to promote the use of Apache Drill in security applications and is a committer and PMC Chair for the Drill project. Mr. Givre teaches online classes for O’Reilly about Drill and Security Data Science and is a coauthor for the O’Reilly book Learning Apache Drill. Mr. Givre holds a Masters Degree in Middle Eastern Studies from Brandeis University, as well as a Bachelors of Science in Computer Science and a Bachelor’s of Music both from the University of Arizona. He blogs at thedataist.com and tweets @cgivre.

Complimentary food, such as pizza and chips, and non-alcoholic beverages will be provided

Visitor parking spaces are located at Administration Drive Garage upper level, Commons Garage first level, Walker Avenue Garage upper level, Lot 9 and Lot 7 on Walker Avenue. Visitors do not need to pay for parking after 4:00 pm.

Join the UMBC Data Science Meetup group and register for this event here.

Enabling Value-Based Health Care
Using Modern Analytics Tools

Daniel Pichardo and Dr. Xue Yang

UMBC will have its second Data Science meetup on February 27 at UMBC University Center, Room 310. Attendance is free, register here. Visitors can park for free (after 4:00 pm) at the parking lots marked with black arrows in the event photo. The program is as follows

(5:30 – 6:00 pm) Social
(6:00 – 6:50 pm) Talk & Demo: Enabling Value-Based Health Care Using Modern Analytics Tools
(6:50 – 7:15 pm) Question and Answer Session

Speakers: Daniel Pichardo and Dr. Xue Yang

Speaker Bios: Danny Pichardo is a Senior Data Scientist at Newwave. He previously worked as a Statistician at the American Urological Association. He holds a B.Sc. In Statistics from UMBC. His interest and experience include prediction modeling and causal inference using real world health data.

Xue Yang is a data scientist with a solid medical background. At NewWave, Xue works on data analysis and AI/ML model exploration that support data exchange/feedback platform and AI/ML projects. Before joining NewWave, she was building AI/ML models using medical insurance claims data at CareFirst. Xue has a M.P.S. in Data Science from UMBC, a Ph.D. on Genetics and an M.D. from China, and was a postdoc at Johns Hopkins Medical School at the Institute of Genetic Medicine.

Abstract: Value-based healthcare is a healthcare delivery model in which providers are paid based on patient health outcomes. Value-based healthcare requires measuring clinical outcomes and spotting population trends while incentivizing health care providers for the delivery of better healthcare.

New Wave is building next-generation data platforms to improve health outcomes and reduce waste by transforming the wealth of data CMS currently collects, which allows the Center for Medicare and Medicaid Innovation to fulfill its objectives of delivering value-based health care for the citizens. We leverage cloud-based tools such as Snowflake, Looker, and Databricks to provide health care providers a flexible platform to explore their patient’s data, as well as enable data scientists to perform efficient data analyses, model development, and reporting. We will demo how these tools can seamlessly work together, enabling every step of the data science process. Please join us on this journey of transformation as we attempt to modernize and innovate in healthcare.

Parking: Visitor parking spaces are located at Administration Drive Garage upper level, Commons Garage first level, Walker Avenue Garage upper level, Lot 9 and Lot 7 on Walker Avenue. Visitors do not need to pay for parking after 4:00 pm. Register here.

Lockheed Martin Distinguished Speaker Series

Designing Secure Hardware Systems

Shawn Blanton

Trustee Professor, Electrical and Computer Engineering
Carnegie Mellon University

1:00-2:00pm Friday 7 Feb. 2020

Commons 329, UMBC
University Center Ballroom

On October 29, 2018, DARPA issued an RFI that stated: “This Request for Information (RFI) from the Defense Advanced Research Projects Agency’s (DARPA) Microsystems Technology Office (MTO) seeks information on technology, concepts, and approaches to support the integration of security capabilities directly into System on Chip (SoC) system design and to enable the autonomous integration and assembly of SoCs.

This RFI and the tens of millions of dollars that the US government has already invested in hardware security research and development is based on the fact that the fabrication of state-of-the-art electronics is now mostly overseas. With the recent announcement that GLOBALFOUNDRIES is going to stop all 7nm development, there is now only one company in the US that continues to pursue advanced semiconductors (Intel). Unfortunately, Intel does not have the same experience of making chips for third parties as does Samsung and (most importantly) TSMC (Taiwan Semiconductor Manufacturing Corporation). As a result, the US government believes it will be forced to fabricate advanced, sensitive electronics overseas in untrusted fabrication facilities. As a result, there is keen interest in design methodologies that mitigate reverse engineering, tampering, counterfeiting, etc.

In this talk, an overview of hardware security will be presented followed by a discussion on a concept called logic locking. This approach will be described and the “back and forth” that is now occurring in the research community involving: (i) vulnerability discovery and (ii) logic locking improvement.

Shawn Blanton is a professor in the Electrical and Computer Engineering Department at Carnegie Mellon University and Associate Director of the SYSU-CMU Joint Institute of Engineering (JIE). In 1995 he received his Ph.D. in Electrical Engineering and Computer Science from the University of Michigan, Ann Arbor. His research interests include various aspects of integrated system tests, testable design, and test methodology development. He has consulted for various companies and is the founder of TestWorks, a Carnegie Mellon University spinout focused on information extraction from IC test data. He is a Fellow of the IEEE and Senior Member of the ACM and served as the program chair for the 2011 International Test Conference.

URCAD 2020 Applications now open

UMBC’s 24th Annual Undergraduate Research and Creative Achievement Day will be held on April 22, 2020. Apply to present your research or creative work by February 14, 2020.

All current undergraduates who have conducted research, scholarship or creative work in the last year may apply to present their results at URCAD. Student work is shared through oral presentations, posters, artistic exhibits and performances, and film. Mentors, fellow students, friends, family members, high school teachers and students, graduate school recruiters, and the general public are invited to attend.

Researchers work with faculty mentors on independent research or research that is part of the mentor’s on-going projects.  They are from all disciplines and can be working on a thesis, capstone project, part of a scholars or honors program, or they can be unaffiliated with other programs.

Students who have received Undergraduate Research Awards for the previous year will present their findings. The UMBC Review, UMBC’s annual peer-reviewed research journal, which features academic papers written by UMBC undergraduates, makes its debut at this event- stop by and get your copy! Come hear the alumni keynote speaker talk about their experiences after UMBC, and how being an undergraduate researcher benefited them.

UMBC is unique in providing this opportunity for undergraduate students to conduct and present their research in a professional and supportive setting.  Students get valuable feedback from their peers, faculty, and staff, and practice their public speaking and presentation skills.  This campus-wide celebration of achievement affirms UMBC’s commitment to the twin goals of research and a distinctive undergraduate experience.

For more information and to apply, visit the URCAD site.