UMBC Center for Cybersecurity
Permanent URI for this collection
Browse
Recent Submissions
Item KiNETGAN: Enabling Distributed Network Intrusion Detection through Knowledge-Infused Synthetic Data Generation(2024-05-26) Kotal, Anantaa; Luton, Brandon; Joshi, AnupamIn the realm of IoT/CPS systems connected over mobile networks, traditional intrusion detection methods analyze network traffic across multiple devices using anomaly detection techniques to flag potential security threats. However, these methods face significant privacy challenges, particularly with deep packet inspection and network communication analysis. This type of monitoring is highly intrusive, as it involves examining the content of data packets, which can include personal and sensitive information. Such data scrutiny is often governed by stringent laws and regulations, especially in environments like smart homes where data privacy is paramount. Synthetic data offers a promising solution by mimicking real network behavior without revealing sensitive details. Generative models such as Generative Adversarial Networks (GANs) can produce synthetic data, but they often struggle to generate realistic data in specialized domains like network activity. This limitation stems from insufficient training data, which impedes the model’s ability to grasp the domain’s rules and constraints adequately. Moreover, the scarcity of training data exacerbates the problem of class imbalance in intrusion detection methods. To address these challenges, we propose a Privacy-Driven framework that utilizes a knowledge-infused Generative Adversarial Network for generating synthetic network activity data (KiNETGAN). This approach enhances the resilience of distributed intrusion detection while addressing privacy concerns. Our Knowledge Guided GAN produces realistic representations of network activity, validated through rigorous experimentation. We demonstrate that KiNETGAN maintains minimal accuracy loss in downstream tasks, effectively balancing data privacy and utility.Item What is Volt Typhoon? A cybersecurity expert explains the Chinese hackers targeting US critical infrastructure(The Conversation, 2024-03-29) Forno, RichardChinese state-sponsored hackers are targeting critical infrastructure. Here’s what they’re doing, how the US government is responding and how you can help.Item UMBC’s Vandana Janeja aims to boost high-performance computing know-how to tackle environmental science challenges with a $1 million NSF grant(UMBC News, 2023-10-30) Meyers, CatherineItem No Silver Bullet: Fighting Russian Disinformation Requires Multiple Actions(National Cryptologic Museum Foundation, 2020-08) Thompson, Terry L.Item The SFS Summer Research Study at UMBC: Project-Based Learning Inspires Cybersecurity Students(2018-11-12) Sherman, Alan; Golaszewski, Enis; LaFemina, Edward; Goldschen, Ethan; Khan, Mohammed; Mundy, Lauren; Rather, Mykah; Solis, Bryan; Tete, Wubnyonga; Valdez, Edwin; Weber, Brian; Doyle, Damian; O’Brien, Casey; Oliva, Linda; Roundy, Joseph; Suess, JackMay 30-June 2, 2017, Scholarship for Service (SFS) scholars at the University of Maryland, Baltimore County (UMBC) analyzed the security of a targeted aspect of the UMBC computer systems. During this hands-on study, with complete access to source code, students identified vulnerabilities, devised and implemented exploits, and suggested mitigations. As part of a pioneering program at UMBC to extend SFS scholarships to community colleges, the study helped initiate six students from two nearby community colleges, who transferred to UMBC in fall 2017 to complete their four-year degrees in computer science and information systems. The study examined the security of a set of "NetAdmin" custom scripts that enable UMBC faculty and staff to open the UMBC firewall to allow external access to machines they control for research purposes. Students discovered vulnerabilities stemming from weak architectural design, record overflow, and failure to sanitize inputs properly. For example, they implemented a record-overflow and code-injection exploit that exfiltrated the vital API key of the UMBC firewall. This report summarizes student activities and findings, and reflects on lessons learned for students, educators, and system administrators. Our students found the collaborative experience inspirational, students and educators appreciated the authentic case study, and IT administrators gained access to future employees and received free recommendations for improving the security of their systems. We hope that other universities can benefit from our motivational and educational strategy of teaming educators and system administrators to engage students in active project-based learning centering on focused questions about their university computer systems.