The UMBC Cyber Defense Lab presents

Winning NCCDC, and its practicality in the real world

Bryan Vanek, CSEE, UMBC

12:00noon–1pm Friday, 3 November 2017, ITE 231

The National Collegiate Cyber Defense Competition (NCCDC) takes place every year and gives students an environment where they can develop understanding and operational competency in managing and protecting corporate network infrastructure and business information systems. Competitors participate as the blue team, and try to protect their machines from being infiltrated by the red team, while simultaneously keeping critical services up and running in order for a mock business to stay up and running. After an immense amount of preparation and strife, the UMBC Cyber Defense Team took home its first national title for the competition this year. But what exactly did the team do to prepare for this competition? What exactly happened at the different stages of the competition? And just how practical are these situations in the real world? One of the winning team members will be covering these questions in this week’s CDL, so we hope to see you there!

Bryan Vanek is a UMBC undergraduate computer science major and mathematics minor. In addition to being one of the winning team members for NCCDC, he is currently serving as the president for the UMBC Cyber Defense Team, and is a CWIT T-SITE scholar. He currently works at Interclypse Inc. as a security engineer and software developer, and has had multiple internships and jobs dealing with aspects of computer development and security. Most recently he has completed his second internship at the Department of Defense  in the Summer Internship Program for Information Assurance. Upon graduation he will be returning to the DoD as a member of the Computer Network Operations development Program.

Host: Alan T. Sherman, *protected email*

The post talk: Winning NCCDC, and its practicality in the real world, 12pm 11/3, ITE231 appeared first on Department of Computer Science and Electrical Engineering.

The UMBC Cyber Defense Lab presents

BFT—From the “Saddest Moment” to the Era of Blockchains

Haibin Zhang, CSEE, UMBC

12:00–1:00pm, Friday, 20 October 2017, ITE 231

Blockchains can generally be divided into two categories: permissionless blockchains (e.g., Bitcoin, Ethereum), and permissioned blockchains (e.g., Hyperledger Fabric). In permissionless blockchains, anyone can participate in the protocol. In permissioned blockchains, participants know the IDs of all other participants but do not need to trust them, a particularly useful scenario for business applications. As an emerging technology transforming business models, permissioned blockchains inspired a large number of industrial implementations. The Hyperledger Project (under the Linux Foundation) became a global collaborative project, now with 150+ industry members. Byzantine fault-tolerant (BFT) protocols regained prominence because they can support permissioned blockchain systems. For building permissioned blockchains, BFT is widely regarded as the most appropriate primitive, one accepted by academe and industry. In this talk, I will describe a number of efficient BFT blockchain systems that I helped invent, including BChain, ByzID, CBFT, and secure causal BFT. In addition, I will share my vision for blockchains and associated research opportunities.

Haibin Zhang is an assistant professor in the CSEE Department at UMBC. He is interested in cloud computing, cryptography, security, privacy, and distributed systems. He received the best paper candidate award at the 33rd IEEE International Symposium on Reliable Distributed Systems and proved the security of a NIST standard on ciphertext stealing.  Zhang is one of the main inventors of Norton Zone, Symantec’s scalable cloud storage, and BChain, a highly efficient BFT protocol fully implemented within Hyperledger blockchain framework.

Host: Alan T. Sherman, *protected email*

The UMBC Cyber Defense Lab meets biweekly Fridays.  All meetings are open to the public

In spring 2018, Sherman will teach a CMSC-491/691 special topics class on blockchains and digital currencies.

The post talk: H. Zhang on BFT- From the “Saddest Moment” to the Era of Blockchains, 12pm Fri 10/20 appeared first on Department of Computer Science and Electrical Engineering.

The UMBC Cybersecurity program at USG Speaker Series Presents

The Internet of Things (IoT)

With speaker

William (Bill) Fisher, NCCoE Security Engineer

Building III – Room 4230 (Universities @ Shady Grove Campus)

Monday, October 30th 6:00-8:00 pm

The Internet of Things (IoT) is the inevitable result of years of Moore’s law – compact, cheap, chip platforms that can take ordinarily house hold items and make them data generating and collection devices that users can manage with their smart phone, web browser or their favorite automation platform. Physical proximity is no longer needed for things like cameras, door locks or thermostats. Instead users remotely access all of these “things” while on the go, even sharing some of their favorite things with friends and family, who need not own the thing, but simply be granted access through a web portal or mobile application. Like many technology trends before it, the IoT has brought great innovation but also great security challenges. These challenges go beyond standards and technology to economic and market forces that hinder security best practices, even for some of the most basic cyber hygiene. Join Bill Fisher of the National Cybersecurity Center of Excellence for a presentation on these challenges and basic mitigations organizations can put into place to help alleviate the risk that the IoT devices pose to consumers and the enterprise.

Speaker Bio:

Bill Fisher is a security engineer at the National Cybersecurity Center of Excellence (NCCoE). In this role, he is responsible for leading a team of engineers that work collaboratively with industry partners to address cybersecurity business challenges facing the nation. He leads the center’s Attribute Based Access Control (ABAC) project, Mobile Application Single Sign On (SSO) for the Public Safety and First Responder Sector, and is part of the ITL Cybersecurity for IoT program. Prior to his work at the NCCoE, Mr. Fisher was a program security advisor for the System High Corporation in support of the Network Security Deployment division at the Department of Homeland Security. He holds a bachelor’s degree in business administration from American University and a master’s degree in cybersecurity from Johns Hopkins University.

Host: Dr. Behnam Shariati (*protected email*) and UMBC Graduate Cybersecurity Association at USG

The post talk: Bill Fisher (NCCOE) on IoT Security @ USG 10/30 6-8PM appeared first on Department of Computer Science and Electrical Engineering.

Attacks on Smart Cards, RFIDs and Embedded Systems

Prof. Keith Mayes
Royal Holloway University of London

10-11:00am Tuesday, 10 October 2017, ITE 325, UMBC

Smart Cards and RFIDs exist with a range of capabilities and are used in their billions throughout the world. The simpler devices have poor security, however, for many years, high-end smart cards have successfully been used in a range of systems such as banking, passports, mobile communication, satellite TV etc. Fundamental to their success is a specialist design to offer remarkable resistance to a wide range of attacks, including physical, side-channel and fault. This talk describes a range of known attacks and the countermeasures that are employed to defeat them.

Prof. Keith Mayes is the Head of the School of Mathematics and Information Security at Royal Holloway University of London. He received his BSc (Hons) in Electronic Engineering in 1983 from the University of Bath, and his PhD degree in Digital Image Processing in 1987. He is an active researcher/author with 100+ publications in numerous conferences, books and journals. His interests include the design of secure protocols, communications architectures and security tokens as well as associated attacks/countermeasures. He is a Fellow of the Institution of Engineering and Technology, a Founder Associate Member of the Institute of Information Security Professionals, a Member of the Licensing Executives Society and a member of the editorial board of the Journal of Theoretical and Applied Electronic Commerce Research (JTAER).

The post talk: Keith Mayes on Attacks on Smart Cards, RFIDs and Embedded System appeared first on Department of Computer Science and Electrical Engineering.

Lecture by James Clapper, former US Director of Intelligence, 12-1pm Fri. Oct. 6 at UMBC

James R. Clapper, former US Director of Intelligence, will give a public lecture on Friday, 6 October 2017 in the lecture hall (room 132) of the Performing Arts & Humanities Building at UMBC.

The Honorable James R. Clapper served as the fourth US Director of Intelligence from August 9, 2010 to January 20, 2017. In this position, Mr. Clapper led the United States Intelligence Community and served as the principal intelligence advisor to President Barack Obama.

Mr. Clapper retired in 1995 after a distinguished career in the U.S. Armed Forces. His career began in 1961 when he enlisted in the U.S. Marine Corps Reserve and culminated as a lieutenant general in the U.S. Air Force and Director of the Defense Intelligence Agency. His intelligence-related positions over his 32 years in uniform included Assistant Chief of Staff for Intelligence at Headquarters, US Air Force during Operations Desert Shield/Desert Storm, and Director of Intelligence for three combatant commands: US Forces, Korea; Pacific Command, and Strategic Air Command. He served two combat tours during the Southeast Asia conflict, and flew 73 combat support missions in EC-47’s over Laos and Cambodia.

Directly following his retirement, Mr. Clapper worked in industry for six years as an executive in three successive companies with the Intelligence Community as his business focus. He also served as a consultant and advisor to Congress and to the Departments of Defense and Energy, and as a member of a variety of government panels, boards, commissions, and advisory groups. He was a senior member of the Downing Assessment Task Force which investigated the Khobar Towers bombing in 1996, was vice chairman of a commission chaired by former Governor Jim Gilmore of Virginia on the subject of homeland security, and served on the NSA Advisory Board.

Mr. Clapper returned to the government two days after 9/11 as the first civilian director of the National Imagery and Mapping Agency (NIMA). He served in this capacity for almost five years, transforming it into the National Geospatial-Intelligence Agency (NGA) as it is today.

Prior to becoming the Director of National Intelligence, Mr. Clapper served for over the three years in two Administrations as the Under Secretary of Defense for Intelligence, where he served as the principal staff assistant and advisor to the Secretary and Deputy Secretary on intelligence, counterintelligence, and security matters for the Department. In this capacity, he was also dual-hatted as the Director of Defense Intelligence for the DNI.

Mr. Clapper earned a bachelor’s degree in government and politics from the University of Maryland, a master’s degree in political science from St. Mary’s University, San Antonio, Texas, and an honorary doctorate in strategic intelligence form the then Joint Military Intelligence College.

His awards include three National Intelligence Distinguished Service Medals, two Defense Distinguished Service Medals, the Air Force Distinguished Service Medal, the Coast Guard’s Distinguished Public Service Award, three Department of Defense Distinguished Civilian Service Awards, the Presidentially-conferred National Security Medal, and many other U.S. civilian and military, as well as foreign government awards and decorations.

He is married to the former Susan Terry, and they have two grown children and four grandchildren

The post talk: James R. Clapper, former US Director of Intelligence, 12-1pm Fri. Oct 6, 132 PAHB, UMBC appeared first on Department of Computer Science and Electrical Engineering.