Technical Talks
MC2 faculty and top researchers describe their cutting edge cybersecurity research.
Bond Breaker: Identifying Close Friends on the Internet
Dr. Randolph Baden - Ph.D. from University of Maryland, College Park (soon to work at DOD)
Online Social Networks (OSNs) encourage users to create an online presence that reflects their offline identity. OSNs create the illusion that these online accounts belong to the corresponding offline person, but in reality the OSN lacks the resources to detect impersonation. OSN impersonation is a precursor to a number of social engineering attacks, such as spam, phishing, and privacy invasion. The capability and responsibility to prevent OSN impersonation and to establish verified social network identities rests in the hands of OSN users.
Impersonation can be thwarted by users who possess exclusive shared knowledge, secret information shared only between a pair of OSN friends. We describe existing protocols that can be applied to the OSN setting and that use shared secrets to exchange public keys without revealing those secrets to attackers. We present results from a user study on Facebook to show that users do share exclusive knowledge with their Facebook friends and attackers are rarely able to guess that knowledge. Finally, we show that friend identification can be extended using a web of trust built on the OSN friend graph.
Bio: Randy Baden graduated from the University of Maryland in May, 2012 with a Ph.D. in Computer Science. He studied distributed and decentralized systems, with an emphasis on security and privacy in Online Social Networks (OSNs). His Ph.D. adviser was Bobby Bhattacharjee, and he also worked extensively with Neil Spring. His work on Persona, a privacy-enabled online social network, won the Best Student Paper award at Sigcomm 2009. He intends to start working at the Department of Defense later in 2012.
Digital fingerprinting
Alex Barg - Professor, Electrical and Computer Engineering
Fingerprinting is a technique designed to protect copyrighted contents from unauthorized distribution. The task of the system designer is to identify registered users of the system who engage in creating pirated copies of the data. Theoretical problems related to fingerprinting depend on the assumptions about the information available to the pirates and their functionality. We discuss and motivate statements of several problems that arise in this area. Assuming no prior knowledge, we present several concrete results on the maximum number of users that the system can support ("fingerprinting capacity").
Bio: Alexander Barg is a Professor in the Department of Electrical and Computer Engineering and Institute for Systems Research, University of Maryland, College Park. Prior to joining UMD he worked for a number of years as a member of technical staff of Bell Labs, Lucent Technologies. His research interests include communications and signal processing, applied mathematics, and cryptography. A. Barg holds a Ph.D. degree in electrical engineering from the Russian Academy of Sciences, Moscow. He is a member of the editorial board of "Advances in Mathematics of Communications," "Problems of Information Transmission," and SIAM Journal on Discrete Mathematics.
Privacy-preserving computation
Michael Hicks - Associate Professor, Computer Science and Director, MC2
This talk explores the idea of knowledge-based security policies, which are used to decide whether to answer queries over secret data based on an estimation of the querier's (possibly increased) knowledge given the results. Limiting knowledge is the goal of existing information release policies that employ mechanisms such as noising, anonymization, and redaction. Knowledge-based policies are more general: they increase flexibility by not fixing the means to restrict information flow, but properly account for communication content in any mechanism used. We enforce a knowledge-based policy by explicitly tracking a model of a querier's belief about secret data, represented as a probability distribution, and denying any query that could increase knowledge above a given threshold. Experiments with several useful queries using our implementation show that belief tracking is reasonably efficient while maintaining good levels of precision.
http://www.cs.umd.edu/~mwh/papers/mardziel12belieflong.html
Bio: Michael W. Hicks is an associate professor in the Computer Science department and UMIACS at the University of Maryland, College Park, and is the Director of the Maryland Cybersecurity Center (MC2). His research focuses on using programming languages and analyses to improve the security, reliability, and availability of software. Noteworthy among his research accomplishments is the development of analysis and compilation tools for enabling software to be safely updated while it runs. He has explored the design of new programming languages and analysis tools for automatically discovering or remediating software flaws and security vulnerabilities. He has recently been exploring new approaches to privacy preserving computation and maintains an interest in distributed systems design and evaluation, particularly when adaptivity and security are system goals.
Retrofitting Security in COTS Software with Binary Rewriting
Rajeev Barua - Associate Professor, Electrical and Computer Engineering
We present a practical tool for inserting security features against low-level software attacks into third-party, proprietary or otherwise binary-only software. We are motivated by the inability of software users to select and use low-overhead protection schemes when source code is unavailable to them, by the lack of information as to what (if any) security mechanisms software producers have used in their toolchains, and the high overhead and inaccuracy of solutions that treat software as a black box.
Our approach is based on SecondWrite, an advanced binary rewriter that operates without need for debugging information or other assist. Using SecondWrite, we insert a variety of defenses into program binaries. Although the defenses are generally well known, they have not generally been used together because they are implemented by different (non-integrated) tools. We are also the first to demonstrate the use of such mechanisms in the absence of source code availability. We experimentally evaluate the effectiveness and performance impact of our approach. We show that it stops all variants of low-level software attacks at a very low performance overhead, without impacting original program functionality.
http://www.ece.umd.edu/~barua/sec11-padraig-barua.pdf
Bio: Rajeev Barua is an Associate Professor in the Department of Electrical and Computer Engineering and the University of Maryland, College Park. He received his Ph.D. in Computer Science and Electrical Engineering from the Massachusetts Institute of Technology. Dr. Barua's research interests are in the areas of compilers, embedded systems, and computer architecture, and their applications to high-performance and secure computing. Dr. Barua is a recipient of the National Science Foundation CAREER award and of the UMD George Corcoran Award for teaching excellence.
Enhancing Cybersecurity with Trusted Hardware
Gang Qu - Associate Professor, Electrical and Computer Engineering
Hardware is a double-edged sword in cybersecurity: it can be the weakest link in security but it can also improve security. This talk focuses on two hot topics in hardware related security and trust. First, we will introduce a novel approach to build trusted systems based on constraint manipulation. Then we will discuss several implementation issues in physical un-clonable function, a hardware feature with many promising security applications.
Bio: Gang Qu is an associate professor in the Department of Electrical and Computer Engineering and the Institute for System Research in the University of Maryland, College Park. He received his M.S. and Ph.D. degrees in Computer Science from UCLA. His research interests include VLSI intellectual property reuse and protection, low power embedded system design, computer-aided synthesis, wireless sensor networks, and hardware related security and trust. He is currently on the editorial boards of several journals, including the IEEE Transactions on Computers, IEEE Embedded Systems Letters, and Integration, the VLSI Journal.
Empirical Studies in Cybersecurity: Some Challenges
Michel Cukier - Associate Professor, Reliability Engineering, and Associate Director of Education, MC2
Empirical studies are needed to add some science to the field of cybersecurity. However, metrics are lacking in cybersecurity. Few datasets are made publicly available. Shared datasets lack context to be very useful. The University of Maryland has a strong history of partnership between researchers and the Office of Information Technology Security Team allowing researchers and students to work with some real security data. However, empirical studies based on in-house data do not meet all the requirements of typical empirical studies. In this talk, I will share my ten year long experience in trying to conduct empirical studies in cybersecurity.
Bio: Michel Cukier is an Associate Professor of Reliability Engineering with a joint appointment in the Department of Mechanical Engineering and the Institute for Systems Research at the University of Maryland, College Park. His research covers dependability and security issues. His latest research focuses on the empirical quantification of cybersecurity. He has published over 70 papers in journals and refereed conference proceedings in those areas. He is the PI of an NSF REU Site on cybersecurity in collaboration with Women in Engineering where over 85% of the participants are female students. He co-advises the UMD Cybersecurity Club with a membership of over 400 students.
Physical Layer Security
Sennur Ulukus - Professor, Electrical and Computer Engineering
Our research explores possibilities of providing security in a wireless network in the physical layer using techniques from information theory, communication theory and signal processing. We exploit unique characteristics of the wireless medium, such as the inherent random fluctuations in the wireless channel, its broadcast nature and the resulting overheard information, and the use of multiple antennas, to secure wireless communications in the physical layer. Physical layer security is unbreakable because it is not computation-based, it is provable and quantifiable (in bits/sec/Hz). In this talk, we will give a brief introduction to physical layer security and show how opportunistic transmissions in fading channels, cooperation with trusted or untrusted relays, multiple antennas, and signal alignment can be used to enhance security of wireless communications.
Bio: Sennur Ulukus is a Professor of Electrical and Computer Engineering at the University of Maryland at College Park. Prior to joining UMD, she was a Senior Technical Staff Member atAT&T Labs-Research. She received her Ph.D. degree in Electrical and Computer Engineering from Wireless Information Network Laboratory (WINLAB), Rutgers University, and B.S. and M.S. degrees in Electrical and Electronics Engineering from Bilkent University. Her research interests are in wireless communication theory and networking, network information theory for wireless communications, signal processing for wireless communications, information-theoretic physical-layer security, and energy-harvesting communications. Dr. Ulukus is the recipient of the 2003 IEEE Marconi Prize Paper Award in Wireless Communications, a 2005 NSF CAREER Award, and the 2010-2011 ISR Outstanding Systems Engineering Faculty Award.
Cybersecurity: How did we get here and how do we get out of here?
Carl Landwehr - Adjunct Senior Research Scientist, Institute for Systems Research
The great successes of the Internet and modern computing devices in making business, travel, communication, and much of life better in many ways are moderated by the increasing evidence that the foundations of the technology are vulnerable to many kinds of attacks. The entire concept of privacy is in a state of flux. While the precise meaning of "cyberwar" is debated, the military prepares for attack and defense in the medium of cyberspace. What we now call cybersecurity research has its roots in the late 1960s and early 1970s. This talk will briefly survey the state of things, consider why the results of past research seem to have had so little uptake in modern products, and suggest a few directions for future research and policy that might lead us to a less dangerous place.
Bio: Carl Landwehr is a adjunct senior research scientist in the Institute for Systems Research at the University of Maryland, College Park. Dr. Landwehr is a noted expert in trustworthy computing, including high assurance software development, understanding software flaws and vulnerabilities, token-based authentication, system evaluation and certification methods, multilevel security, and architectures for intrusion tolerant systems. He has been a leader in cybersecurity research, having led cybersecurity programs at the National Science Foundation from 2001-2004 and 2009-2011, overseeing the disbursement of more than $110M of grants, and having served as a division chief at IARPA from 2005-2009.