CSEE Ph.D. student Kavita Krishnaswamy will give a talk entitled Robotics for Independence sponsored by Refresh Baltimore on May 20 at 7:00pm. The talk will be given at Betamore, 1111 Light Street in Baltimore. Refreshments at 6:30, RSVP online.

Robotics for Independence

Kavita Krishnaswamy

7:00pm Wednesday, 20 May 2015
Betamore, 1111 Light St., Baltimore

The future is here! In this talk, Kavita will discuss the development of robotic systems and how they provide assistance and increase independence for people with disabilities. Kavita will introduce several prototype robotic systems that support transferring, repositioning, and personal care, and focus on accessible user interfaces for control that are feasible for persons with severe disabilities.

Kavita Krishnaswamy is a Ph.D. candidate in Computer Science at the University of Maryland, Baltimore County working with Dr. Tim Oates. As a professional researcher with a physical disability, Kavita is motivated by a powerful, innate force: autonomy is the soul of independent daily living that is achieved with the advancement of technology. She is both a Ford Foundation Predoctoral and National Science Foundation Graduate Research Fellow. Kavita has worked at the National Science Foundation's Engineering Research Center – Quality of Life Technology Center (QoLT) in Carnegie Mellon and University of Pittsburgh and IBM Business consulting services.

Refresh Baltimore describes itself as "a community made up of sharp design and development professionals, creative minds and Baltimore technologists looking to learn from one another and apply critical thinking to the industry."

UMBC Cyber Defense Lab

Verifying Security Properties of
Cryptographic Protocols with CPSA

Edward V. Zieglar Jr.
Analysis and Design Methods
DoD Trusted Systems Research Group

12-1pm, Friday, 15 May 2015, ITE 227

The design of cryptographic protocols with well understood properties is a difficult problem. Many simple cryptographic protocols that have been designed over the years by experienced designers have been found to have subtle flaws or incorrect assumptions that have led to attacks against them. Much effort has gone into the development of theories, techniques and tools to formally analysis the security properties of cryptographic protocols in an attempt to identify and eliminate such security flaws. This talk will address basic paradigms used in the analysis and verification of the security properties of cryptographic protocols, discuss efforts to develop tools to assist designers in developing protocols with verifiable security properties and demonstrate one such tool, the Cryptographic Protocol Shapes Analyzer (CPSA), available at https://hackage.haskell.org/package/cpsa.

Mobile Computing and Smart Home
Automation Systems Demonstrations

UMBC Students in CMSC 628 and 691

12:00-1:30pm Tuesday, 12 May 2015
Third floor main corridor, ITE Building

The students in UMBC's graduate Introduction to Mobile Computing class and Systems for Smart Home Automation course will showcase their cutting-edge projects and application that use mobile phones, tablets, cloudservices and smarthome sensors.

Come and enjoy the demonstrations that range from cool smartphone games to smartphone-based educational tools to location‐based mobile phone services to voice and mind controlled home appliances.

For more information, contact Prof. Nilanjan Banerjee at .

Spring 2015 IS Distinguished Lecture 
Department of Information Systems

Opinion Mining, Machine Learning and Big Data

Dr. Philip Bourne
Associate Director for Data Science
The National Institutes of Health

10:00am Tuesday, 5 May 2015, ITE 456, UMBC

Philip E. Bourne is the Associate Director for Data Science at the National Institutes of Health. Formally he was Associate Vice Chancellor for Innovation and Industry Alliances, a Professor in the Department of Pharmacology and Skaggs School of Pharmacy and Pharmaceutical Sciences at the University of California San Diego, Associate Director of the RCSB Protein Data Bank and an Adjunct Professor at the Sanford Burnham Institute.

Bourne's professional interests focus on service and research. He serves the national biomedical community through contributing ways to maximize the value (and hence accessibility) of scientific data. His research focuses on relevant biological and educational outcomes derived from computation and scholarly communication. This implies algorithms, text mining, machine learning, metalanguages, biological databases, and visualization applied to problems in systems pharmacology, evolution, cell signaling, apoptosis, immunology and scientific dissemination. He has published over 300 papers and five books, one of which sold over 150,000 copies.

Bourne is a Past President of the International Society for Computational Biology, an elected fellow of the American Association for the Advancement of Science, the International Society for Computational Biology and the American Medical Informatics Association.  His awards include: the Jim Gray eScience Award (2010), the Benjamin Franklin Award (2009), the Flinders University Convocation Medal for Outstanding Achievement (2004), the Sun Microsystems Convergence Award (2002) and the CONNECT Award for new inventions (1996 and 1997).

Smart Distribution Systems

Dr. Karen Butler-Purry
Texas A&M University

11:00-12:00 Wednesday, 22 April 2015, ITE 325b

Smart Grid refers to the computerizing of the grid via the addition of monitoring, analysis, control, and communication capabilities to improve its reliability, efficiency, and security. Smart meter devices, that include sensors to gather data and two-way digital communication between the smart meters in the field and the utility's grid operations center, are associated with the grid. The smart grid can take advantage of new technologies, such as plug-in hybrid electric vehicles, various forms of renewable and conventional distributed generation, lighting management systems, automation technology that lets the utility adjust and control each individual device or millions of devices from a central location, and many more. This presentation will discuss some of the current research projects being investigated by Butler-Purry's group on smart distributions systems, in grid or island operation. One project investigates the impact of cyber attacks on the operation of smart distribution systems. The second project developed two new approaches to enhance the protection of smart distribution systems. One approach uses smart meters during distribution planning to improve selectivity of protection, and the other approach uses smart meters during operation to improve the sensitivity of protection.

Karen L. Butler-Purry, PhD, PE, is Associate Provost for Graduate and Professional Studies and Professor in the Department of Electrical and Computer Engineering at Texas A&M University where she has served on the faculty since 1994. She received a B.S. in Electrical Engineering in 1985 from Southern University in Baton Rouge, Louisiana. She was awarded a M.S. degree in 1987 from the University of Texas at Austin and a Ph.D. in Electrical Engineering in 1994 from Howard University in Washington, D.C. Her research interests are in the areas of protection and control of distribution systems and isolated power systems such as all electric power systems for ships, mobile grids, and microgrids; cybersecurity protection; and intelligent systems for equipment deterioration and fault diagnosis.

Host: Prof. Gymama Slaughter,

Karen Butler-Purry flyer

Two UMBC alumni who now work at Google will present a Google information session and two technical talks this coming Wednesday afternoon in the Library Gallery. It's a chance for both undergraduate and graduate students to learn about internship and full-time opportunities at Google. The Googlers are:

• Blazej Bulka is a currently a Senior Software Engineer at Google NYC. He received a Ph.D. in Computer Science from UMBC in 2009.
• Robert Banz is a Site Reliability Manager at Google. He received a BS in Computer Science from UMBC in 1995 and worked for UMBC's Department of Information Technology for many years before joining Google.

There will be an opportunity to network and ask questions between talks and an informal happy hour after the talks starting at 5:00pm at Flat Tuesdays in the Commons. Faculty, staff and frinds are welcome to attend the talks and happy hour.

• Noon-1:00pm Google Culture and Careers, Presented by Blazej Bulka and Robert Banz

  Google culture and mission presented by two UMBC graduates who work at Google. Brief history of Google, products and projects, and first-hand relation of how it is to work for Google. The second half of the talk will describe various career opportunities (both for full-time positions and internship), including information about the interview process.

• 2:00-3:00pm Engineering Reliability at Google, Presented by Robert Banz

  Keeping Google services up and running efficiently, reliably, and at scale.

• 4:00-5:00pm Research and Work at Google: Graduate Student Opportunities, Presented by Blazej Bulka

  How to do research and utilize skills learned in graduate school at Google.

• 5:00- Happy Hour at Flat Tuesdays, The Commons

Let Google know you are interested in opportunities and plan to attend some of the sessions by filling out this form.

Enhancing System Security and Privacy with Program Analysis

Yinzhi Cao

Columbia University

12:00-1:00pm Tuesday, 31 March 2015, ITE 325b, UMBC

Cyber security and privacy have brought the attention from the general public these days. Melissa Hathaway, who advised both President Obama and President Bush, estimated in a report that governments and consumers lost $125 billion annually to cyber-attacks, including losses in tax revenue. In this talk, from the perspective of program analysis, I will discuss the security and privacy of two important computer systems: Web browser and Android system. In the first part, I will introduce how to prevent and detect drive-by download attacks, which penetrate the boundary of a browser principal. In particular, I will present JShield, a vulnerability-based detection engine that is more robust to obfuscated drive-by download attacks, when compared to various anti-virus software and most recent research papers. In the second part, I will introduce EdgeMiner, the first automatic tool that creates summaries of Android framework in the form of callback and registration pairs. With the summaries, existing static analysis system can correctly construct a control flow graph with hidden control flow dependencies introduced by callback methods.

Yinzhi Cao is a postdoctoral scientist at Columbia University. He earned his PhD in computer science at Northwestern University. Before that, he obtained his B.E. degree in electronics engineering at Tsinghua University in China. His research mainly focuses on the security and privacy of web, smart phones, and machine learning. He has published more than ten papers at various security conferences, such as Oakland, NDSS, ACSAC and DSN. His JShield system has been adopted by Huawei, the world’s largest telecommunication company. In the past, he served as a program committee member for IEEE CNS’14 and web chair for AsiaCCS SESP’13. Previously, he also conducted research at SRI International and UC Santa Barbara as a summer intern.

UMBC Cyber Defense Lab

Blind Hashing; a new way to secure
passwords against offline attack

Jeremy Spilman

Founder/CTO of TapLink

11-12 Friday 27 March 2015, M/P 101, UMBC

Industry best practice is to secure passwords using a tunable hashing algorithm; pick the right hashing algorithm, tune its cost factors so it runs slowly and makes optimal use of your hardware, and it’s possible to protect very strong passwords from being cracked. However when average password strength and login latency requirements face off against bot-nets and GPU powered dictionary attacks, the vast majority of passwords are easily cracked. Blind hashing entangles password hashes with a massive pool of random data, so large it cannot be stolen over the network. A simple protocol allows any number of sites to share a centralized petabyte-scale data pool, amortizing the cost for defenders, while protecting low-entropy passwords with minimal run-time cost. Blind hashing can also be used as a general-purpose PBKDF to protect against brute-force attacks, and providing the opportunity to add server-based access policies and revocability to the key derivation process. Following his talk, Jeremy will be happy to discuss potential research opportunities with the company for students interested in developing new implementations of blind hashing for password-based authentication and encryption services.

Jeremy Spilman is the Founder and CTO of TapLink, a startup company that is developing systems using its patented Blind Hashing technique, which can completely protect passwords against offline attack, even if the password database is stolen. He was a double major in Computer Science and Economics at Brandeis University.

Summarizing Information in Big Data: Algorithms and Applications

Dr. Fei Liu

School of Computer Science
Carnegie Mellon University

12:00p Friday, 27 March 2015, ITE 325b

Information floods the lives of modern people, and we find it overwhelming. Summarization systems that identify salient pieces of information and present it concisely can help. In this talk, I will discuss both algorithmic and application perspectives of summarization. Algorithm-wise, I will describe keyword extraction, sentence extraction, and summary generation, including a range of techniques from information extraction to semantic representation of data sources; application-wise, I focus on summarizing human conversations, social media contents, and news articles. The data sources span low-quality speech recognizer outputs and social media chats to high-quality content produced by professional writers. A special focus of my work is exploring multiple information sources. In addition to better integration across sources, this allows abstraction to shared research challenges for broader impact. Finally, I try to identify the missing links in cross-genre summarization studies and discuss future research directions.

Dr. Fei Liu is a postdoctoral fellow at Carnegie Mellon University, member of Noah’s ARK. Fei’s research interests are in the areas of natural language processing, machine learning, and data mining, with special emphasis on automatic summarization and social media. From 2011 to 2013, Fei worked as a Senior Research Scientist at Bosch Research, Palo Alto, California, one of the largest German companies providing intelligent car systems and home appliances. Fei received her Ph.D. in Computer Science from the University of Texas at Dallas in 2011, supported by Erik Jonsson Distinguished Research Fellowship. Prior to that, she obtained her Bachelors and Masters degrees in Computer Science from Fudan University, Shanghai, China. Fei has published over twenty peer reviewed articles, and she serves as a referee for leading journals and conferences.

Host: Nilanjan Banerjee and Mohamed Younis

Computer Science and Electrical Engineering
University of Maryland, Baltimore County

 Towards Large-Scale Measurement of Vulnerabilities
and Design of Usable New Systems

Prof. Chuan Yue
University of Colorado Colorado Springs

12:00-1:00 Monday, 23 March 2015, ITE325b, UMBC

Security and privacy vulnerabilities are pervasive in computer and network systems. In my research group, we aim to accurately measure and analyze the vulnerabilities of Web, Cloud, and Mobile systems on a large scale; we also aim to design usable new systems that provide better security and privacy protection to millions of users. In this talk, I will first present our research on analyzing the vulnerabilities of popular Web browsers’ built-in password managers and some third-party browser-and-cloud-based password managers. Next, I will present a framework for automatic detection of information leakage vulnerabilities in JavaScript-based browser extensions including password managers. I will explain why it is very challenging to accurately and automatically analyze JavaScript-based browser extensions, justify why our static and dynamic combined approach is practical and appropriate, and further discuss how we may increase the capabilities of this framework to automatically measure and analyze JavaScript related security and privacy vulnerabilities on a large scale. Finally, I will discuss some of our current and future projects on security and privacy research and education, for example, one project is on measuring users’ susceptibility to sophisticated and highly insidious phishing attacks.

Chuan Yue is an Assistant Professor of Computer Science at the University of Colorado Colorado Springs. His current research focuses on Web, Cloud, and Mobile Systems Security and Privacy. He received his B.E. and M.E. degrees in Computer Science from Xidian University, China, in 1996 and 1999, respectively, and his Ph.D. in Computer Science from the College of William and Mary in 2010. He worked as a Member of Technical Staff at Bell Labs China, Lucent Technologies for four years from 1999 to 2003, mainly on the design and development of the Web-based Distributed Service Management System for Intelligent Network.

For more information and directions: http://bit.ly/UMBCtalks.