Chaum’s Protocol for Detecting Man-in-the-Middle: Explanation,
Demonstration, and Timing Studies for a Text-Messaging Scenario

Prof. Alan T. Sherman
UMBC Cyber Defense Lab

12-1pm Friday, 30 January 2015, ITE 228, UMBC

We explain, demonstrate, and evaluate Chaum’s 2006 protocol for detecting a Man-in-the-Middle (MitM) of text-messaging network communications. MitM attacks pose serious risks to many network communications. Networks often mitigate these risks with robust protocols, such as TLS, which assume some type of public-key infrastructure that provides a mechanism for the authenticated exchange of public keys. By contrast, Chaum’s protocol aims to detect a MitM with minimal assumptions and technology, and in particular without assuming the authenticated exchange of public keys.

Joint work with John Seymour and Akshahraj Kore

PhD Dissertation Proposal

Design and Validation of Brain Network
Visualization Techniques: A Unified Approach

Guohao Zhang

Time and Place:
8:00-10:00am, 22 Jan 22 2015, ITE325

We propose a unified approach to understand why and how visualization works, motivated by scientists’ difficulties in obtaining insights from increasingly complex data that involves multi-modality brain networks from structural and functional magnetic resonance imaging (dMRI and fMRI). Brain scientists are in need of visualization approaches to effectively analysis brain MRI data from different modalities. We design a unified theory expanded upon the classical 2D semiotics for the design and evaluation of brain network visualization approaches. Our research is divided to three-steps. First, we define a taxonomy that includes three dimensions: retinal variable, data continuity, and plane. Second, we demonstrated that this theory carries descriptive power in that we can use it to describe existing visualization techniques for brain imaging visualizations. We then propose five empirical studies to understand and evaluate encoding approaches in structure and functional networks accordingly. The first three studies focus on single modality and the last two studies differences in dual-modality multiplex network comparison based on cohort analyses. Using the results derived from the empirical studies, we present a visual analytics approach for brain scientists to explore cohort and individual brain network to let them answer research questions. We use computational methods to derive relationships from two modalities in cohorts of two modalities, and then represent cohort with uncertainty as well as individual ones for brain scientists to study uncertainty in network analysis.

Committee: Drs. Jian Chen (Chair), Penny Rheingans, Konstantinos Kalpakis, Peter Kochunov (UMB), Niklas Elmqvist (UMCP) and Alexander Auchus (UMC)

Top 10 highest rated passwords for most “Highly Usable” and “Highly Secure.” The highest rated is in the top left, and moving left-to-right by row, the tenth, highest rated is the lower right.

UMBC Information Systems

Measuring Visual Perceptions of Security

Professor Adam J. Aviv
United States Naval Academy

10:00am – 11:00am Friday, 16 January 2015, ITE 459

This talk presents the results of a user study of the Android graphical password system to measure visual perceptions of security. The survey methodology asked participants to select between carefully selected pairs of patterns indicating either a security or usability preference. By selecting password pairs that isolate a visual feature, a perception of usability and security of different features can be quantified in relatively. We conducted a large IRB-approved survey using pairwise preferences which attracted 384 participants on Amazon Mechanical Turk. Analyzing the results, we find that visual features that can be attributed to complexity indicated a stronger perception of security, while spatial features, such as shifts up/down or left/right are not strong indicators for security or usability.

We extended and applied the survey data by building logistic models to predict perception preferences by training on features used in the survey and other features proposed in related work. The logistic model accurately predicted preferences above 70%, twice the rate of random guessing, and the strongest feature in classification is password distance, the total length of all lines in the pattern, a feature not used in the online survey. This result provides insight into the internal visual calculus of users when comparing choices and selecting visual passwords, and the ultimate goal of this work is to leverage the visual calculus to design systems where inherent perceptions for usability coincides with a known metric of security.

Adam J. Aviv is an Assistant Professor of Computer Science at the United States Naval Academy, receiving his Ph.D. from the University of Pennsylvania under the advisement of Jonathan Smith and Matt Blaze. He has varied research interests including in system and network security, applied cryptography, smartphone security, and more recently in the area of usable security with a focus on mobile devices.

MS Thesis Defense

SAX-BOP: Epileptic Seizure Detection using
Symbolic Aggregate Approximation and Bag of Patterns

Sidharth Allani

1:00pm Friday, 12 December 2014, ITE 325b

Epilepsy is a chronic neurological disorder that makes patients susceptible to experiencing recurrent seizures. A seizure occurs when abnormal activity in the brain leads to involuntary body moment, lack of awareness or behavior, short-term loss of memory or attention, short-term unconsciousness, or body convulsions. Epilepsy affects three million people in the United States and accounts for $15.5 billion in direct and indirect costs.

Epilepsy has many different causes, and often no definite cause can be found. Patients who suffer from intractable seizures experience unpredictable and frequent seizures that cannot be controlled using anti-seizure drugs. Such seizures leave the patient traumatized and, due to their uncertainty, the patient’s mobility and independence are restricted, resulting in social isolation and economic hardship.

The research in this thesis aims to detect epileptic seizures and to analyze the performance of Symbolic Aggregate approXimation and the Bag of Patterns representation for seizure event detection. We use Electroencephalogram (EEG) recordings as the data source for seizure detection, which is the recording of electrical activity along the scalp that measures ionic current flows within the neurons of the brain. These signals are a good source of information about abnormal activity in the brain and are helpful in the process of epileptic seizure detection. This problem becomes challenging because of the enormous size of the EEG data, making it difficult to effectively and efficiently analyze these signals and detect a seizure. We use Symbolic Aggregate approXimation (SAX) and the Bag of Patterns Representation (BOP) and analyze their performance with EEG time series data to detect seizures.

Committee: Drs. Tim Oates (chair), Tim Finin and Tinoosh Mohsenin

UMBC ACM techTalk

Increasing Base-Station Anonymity in
Wireless Ad-hoc and Sensor Networks

Profesor Mohamed Younis
University of Maryland, Baltimore County

1:15pm Wednesday, 12 November 2014, ITE 325b

In many applications of ad-hoc networks, the bulk of the traffic is targeted to few nodes. For example, in wireless sensor networks the base-station (BS) collects data from a large number of sensor nodes. Another example is a surveillance network in which the gathered intelligence data about criminal activities flow towards field commanders and/or an in-situ BS. Such a network operation model makes the BS a critical asset for these applications. An adversary can nullify the value of a network by simply disrupting or physically damaging the BS, without targeting individual data sources. The failure of the BS can also cause a loss of important data that may not have been processed and can cause a major negative impact if the BS represents a commanding authority for the network. Therefore, concealing the location and role of the BS is of utmost importance for maintaining a robust network operation.

Packet encryption does not achieve BS anonymity since an adversary can intercept the individual wireless transmissions and employ traffic analysis techniques to follow the data paths without knowing the content of intercepted traffic. Since all active routes end at the BS, the adversary may be able to determine the BS’s location and launch targeted attacks. Similarly, camouflaging or hiding the BS does not provide protection when its location is unveiled via traffic analysis. Employing spread spectrum signaling methods is not a sufficient BS anonymity countermeasure as adversaries are becoming more advanced and equipped with sophisticated intercept technologies. In addition, signal spreading reduces rather than eliminates the prospect of transmission detection. This talk will highlight the traffic analysis threat, present anonymity assessment metrics, provide an overview of effective cross-layer techniques developed in the ESNet Lab for increasing the BS anonymity, and outline open research problems.

Dr. Mohamed Younis is an associate professor in the department of computer science and electrical engineering at the university of Maryland, Baltimore County. He received his Ph.D. degree in computer science from New Jersey Institute of Technology. Before joining UMBC, he was with the Advanced Systems Technology Group, an Aerospace Electronic Systems R&D organization of Honeywell International Inc. While at Honeywell he led multiple projects for building integrated fault tolerant avionics and dependable computing infrastructure. He also participated in the development of the Redundancy Management System, which is a key component of the Vehicle and Mission Computer for NASA-s X-33 space launch vehicle. He has published over 150 technical papers in refereed conferences and journals. Dr. Younis has five granted and two pending patents. In addition, he serves/served on the editorial board of multiple journals and the organizing and technical program committees of numerous conferences. Dr. Younis is a senior member of the IEEE.

UMBC Quantum Computation Seminar

Quantum Probabilistic Logic Programming

Radhakrishnan Balu
Army Research Laboratory

2:30-4:00pm, Tuesday, 28 October 2014, ITE 325B

We describe a logic programming language that supports Horn clauses, random variables, and covariance matrices to express and solve problems in probabilistic logic. The Horn clauses of the language wrap random variables and matrices to express probability distributions and statistical correlations, a powerful way to capture relationship between identical distributions that are not independent. A salient feature of the language is a mechanism to implement statistical ensembles and to solve the underlying SAT instances of probabilistic predicates using quantum mechanical machinery. We exploit the fact that classical random variables have quantum decompositions to build the quantum mechanical observables. We establish the semantics of the language in a rigorous fashion by considering an existing probabilistic logic language called PRISM with classical probability measures defined on the Herbrand base and extend it to the case of quantum probability. In the classical case H-interpretations form the sample space and probability measures defined on them lead to consistent definition of probabilities for well formed formulae. In the quantum analogue probability amplitudes are attached to H-interpretations facilitating the model generations and verifications via quantum mechanical superpositions and entanglements. The well formed formulae of the language can be cast as quantum mechanical observables and thus providing an elegant interpretation for their probabilities. We discuss several examples to combine statistical ensembles and predicates of first order logic to reason with situations involving uncertainty.Further studies include extension of the semantics to temporal logic constructs using quantum dynamic evolutions.

Radhakrishnan Balu is a computational scientist with a research focus on application of quantum mechanics to computation, communications, Chemistry, Physics, and biology. He has been working at the Army Research Lab since 2007 and uses D-wave system, a quantum annealer, and state-of-the-art quantum mechanics based software leveraging the high performance computing infrastructure for research. He has over 20 publications, including peer reviewed journal papers. He has five degrees in science and engineering, with a Ph.D in computational chemistry from the University of Maryland, Baltimore County, an M.S in biotechnology from Johns Hopkins University, and a B.S in computer science from the Indian Institute of Science, Bangalore.

Organizer: Prof. Samuel Lomonaco,

If you are interested in going on to graduate school after graduation, either directly or later, and either full-time and part time, you might attend the following workshop on Monday, October 27.

An Inside Look at Graduate School & Summer Research:
How to Prepare, Get Accepted, and Succeed

Evelyn S. Erenrich, PhD
Asst Dean, Rutgers Graduate School-New Brunswick
Rutgers University

12– 1pm, Monday October 27, 2014
Public Policy Bldg 105

In addition to discussing strategies for research success, I will spotlight exciting programs and interdisciplinary opportunities at Rutgers University, including a summer program, RiSE (Research in Science & Engineering). I will be joined by a UMBC alumnus, now a doctoral Fellow at Rutgers, who will give his personal perspective. Several current UMBC undergraduates who participated in our RiSE program last summer will discuss their experiences.

This session is arranged by the Meyerhoff Program, but all UMBC students are welcome. Students can also sign up for individual appointments before or after the presentation by contacting Ms. Alicia Hall, .

For a flyer and more details, see here. Please contact Dr. Erenrich if you have any questions (, 848.932.9286).

Embodied Interaction: Systems, Experiments, Models

Rob St. Amant
North Carolina State University

1:00pm Friday, 10 October 2015, ITE 325b

Over the past several years, engineering models for human-computer interaction — models that predict and explain performance in quantitative terms–have received increasing attention. In this talk, I’ll give an overview of experimentation and modeling work in my lab, in the areas of mobile interaction, augmented reality, and accessibility. Our research attempts to provide insight into emerging areas of HCI, where interaction goes beyond conventional desktop user interfaces to encompass the influences of physical body movement and cognitive strategies on performance.

Robert St. Amant is an associate professor in the Computer Science Department at North Carolina State University; his degrees are from Johns Hopkins and the University of Massachusetts. He is on the editorial board of the Oxford Series on Cognitive Models and Architectures, and he is a former member of the steering committee for the ACM Intelligent User Interfaces conference. His current research is on human-computer interaction and cognitive modeling; past topics have included intelligent user interfaces, exploratory data analysis, and animal tool use. In 2012 his popular science book, Computing for Ordinary Mortals, was published by Oxford University Press.

Host: Tim Oates,

UMBC Quantum Computation Seminar

How to program the D-Wave Quantum Annealing Computer?

Omar Shehab

2:30-4:00 pm, Tuesday, 9 September 2014, ITE 325B

In this tutorial session, we will give a gentle introduction to the programming model of the D-Wave Quantum Annealing Computer. The implementations of a number of programs will be demonstrated. Mapping of generic problems, minor embedding of problem Ising graphs, classical computational complexity of problem mapping and different system parameters will be discussed in details. We will also discuss how to enhance the success probability of finding a solution.

Omar Shehab is a PhD student of the department of Computer Science and Electrical Engineering working under the direction of Professor Samuel Lomonaco. Omar’s research areas of interest are quantum Hamiltonian complexity and quantum cryptography.

Dissertation Defense

Virtual Circuit Provisioning in Challenged Sensor Internetworks:
with Application to the Solar System Internet

Ed Birrane

10:00am-12:00pm Monday, 11 August 2014, ITE325b

In this thesis, we present a challenged sensor internetwork (CSI) networking architecture which federates heterogeneous constituent networks behind an overlay routing mechanism abstracted from individual data link layers. The CSI is unique and required to implement expanding sensor networks.

Demand for sensing networks with increasing spatial footprints is evidenced by ongoing efforts to build geo-political border monitoring networks, intelligent highway initiatives, automated undersea surveillance, and NASA effort to construct a Solar System Internet. Existing network technologies fail to address multiple physical links, frequent disruptions, and significant signal propagation delays. The construction and maintenance of virtual circuits in an internetwork abstracted from differences in the physical, data-link, and transport layers of an internetwork represents a unique research contribution with immediate utility for a wide variety of sensing network concepts.

We describe the CSI architecture as the intersection of wireless, delay-tolerant, and heterogeneous networks and describe special characteristics of this architecture than enable useful assumptions to optimize messaging. We define an internetwork routing (INR) framework that decomposes the routing function into discrete logical steps and we provide algorithms for each of these steps. An inferred Contact Graph Routing (iCGR) algorithm populates logical graphs from local nodes. A Contact Graph Routing with Extension Blocks (CGR-EB) algorithm provides a hybrid source-path algorithm for synchronizing link state along network paths. A Predictive Capacity Consumption (PCC) algorithm exploits CGR-EB data to build a congestion model. Payload Aggregation and Fragmentation (PAF) and Traffic-Shaping Contacts (TSC) algorithms condition data and place limits on the amount of internetwork traffic carried over local networks.

From simulation, iCGR performs within ~15% of a perfect-knowledge system. CGR-EB has a speedup over standard approaches by 300% in stable topologies, by 3000% in unstable topologies, and by 11000% in unstable topologies with non-monotonic cost functions. PCC delivers 97% more data in congested networks over table-based approaches and 37% more data than the INR framework without the congestion model. PAF/TSC reduces message count by 43% while increasing goodput by 63%.

Together, these algorithms build and monitor virtual circuits in the CSI architecture. Portions of this work are in consideration for deployment in NASA networks.

Committee: Drs. Alan Sherman (Co-Chair, UMBC), Mohammed Younis (Co-Chair, UMBC), Dhananjay Phatak (UMBC), Vinton Cerf (Google), Keith Scott (MITRE), Hans Kruse (OU)