MARYLAND CYBERSECURITY CENTER

cyber.umd.edu

INNOVATIVE INTERDISCIPLINARY RESEARCH

The Maryland Cybersecurity Center (MC2) brings together

experts in computer science and engineering with colleagues

in public policy, business, the social and behavioral sciences,

and information science to establish broad-based cybersecurity

initiatives.

Research focuses on cryptography, privacy and anonymity,

programming-language security and secure software

development, wireless and network security, empirical security,

attack behavioral analysis, usable security, and more.

CRYPTOGRAPHYResearchers work on both theoretical and applied aspects of cryptography. Specific areas of interest include privacy-preserving computation, cryptographic techniques for cloud security (e.g., searchable encryption, oblivious RAM, fully homomorphic encryption, verifiable outsourcing of computation, and authenticated data structures), mechanisms for protecting against side-channel and fault attacks, formal notions of privacy, authentication and key-exchange protocols, anonymity/pseudonymity, post-quantum cryptography, and cryptographic foundations.

DANA DACHMAN-SOLED Assistant Professor, Electrical and Computer EngineeringSide-channel and fault attacks, post-quantum cryptography, cryptographic foundations, complexity theory

JONATHAN KATZ Professor, Computer Science and Director, MC2Privacy-preserving computation, cloud security, privacy/anonymity, post-quantum cryptography, cryptographic foundations, science of cybersecurity, cybersecurity education

CHARALAMPOS (BABIS) PAPAMANTHOU Assistant Professor, Electrical and Computer Engineering Cloud security, searchable encryption, system security

ELAINE SHIAssistant Professor, Computer SciencePrivacy-preserving computation, cloud security, privacy/anonymity, system security, machine learning

PROGRAMMING-LANGUAGE AND SOFTWARE SECURITYResearchers are working on techniques to help software programmers design and develop software that is more reliable and secure. They have developed dynamic software-updating approaches that avoid shutdown-and-restart when updating software to encourage faster application of security patches. They have also designed novel programming languages that ensure important security properties are met, as well as software tools that can analyze existing software to identify (and even fix) potential flaws. In collaboration with researchers in cryptography, they have developed tools and compilers for privacy-preserving and verifiable computation. They are also interested in understanding and teaching best practices for secure software development.

RAJEEV BARUAAssociate Professor, Electrical and Computer EngineeringReverse engineering, binary rewriting, security-policy enforcement

JEFF FOSTERAssociate Professor, Computer ScienceWeb security, security/privacy for mobile devices

MICHAEL HICKSProfessor, Computer Science Privacy-preserving computation, quantifying information flow, web and mobile security, cybersecurity education

ATIF MEMONAssociate Professor, Computer ScienceSoftware testing and verification, security for mobile devices, cybersecurity education

BILL PUGHProfessor Emeritus, Computer ScienceStatic analysis, web security, secure software development

DAVID VAN HORNAssistant Professor, Computer ScienceProgram verification, model checking, security for mobile devices

EMPIRICAL SECURITYResearchers collect and analyze real-world data and use techniques from machine learning and statistical data analysis to characterize threats, develop vulnerability-detection tools, propose new security metrics, and predict incident trends.

MICHEL CUKIERAssociate Professor, Reliability Engineering and Associate Director for Education, MC2Intrusion detection, honeypots, behavioral aspects of security, cybersecurity education

TUDOR DUMITRASAssistant Professor, Electrical and Computer EngineeringMachine learning, data analytics, system security, security metrics, distributed systems, science of cybersecurity

FORENSICSWork in this area develops security tools and forensic technologies, particularly for multimedia files such as digital images, video, and audio. Researchers are working to ensure that content and devices are used by authorized users for authorized purposes, as well as developing techniques for gathering forensic evidence regarding the date, time, location, etc., at which multimedia files were created.

MIN WUProfessor, Electrical and Computer EngineeringMultimedia data and device forensics, content protection, anti-collusion fingerprinting and traitor tracing, steganography

NETWORK AND SYSTEMS SECURITYResearchers study the security of network protocols, develop protocols for secure and/or anonymous communication, analyze real-world network attacks, and explore methods for improving privacy and accountability in the Internet.

BILL ARBAUGHAssociate Professor Emeritus, Computer ScienceWireless security, operating-system security, virus/malware detection and prevention

JOHN BARASProfessor, Electrical and Computer EngineeringWireless security, secure group communication, physical-layer security, trust management, security metrics, malware detection, security of cyberphysical systems

BOBBY BHATTACHARJEEProfessor, Computer SciencePrivacy/anonymity, censorship resistance, security of network protocols

MEHDI KALANTARI KHANDANIAssistant Research Scientist, Electrical and Computer Engineering Distributed denial of service (DDoS) attacks

DAVE LEVINAssistant Research Scientist, UMIACSNetwork-security economics, game theory, privacy/anonymity, censorship resistance, privacy-preserving advertising

MICHELLE MAZUREKAssistant Professor, Computer ScienceAccess control, operating system security, social networks, usable security

MARK SHAYMANProfessor, Electrical and Computer Engineering IP geolocation

NEIL SPRINGAssociate Professor, Computer Science Network instrumentation, topology discovery for censorship resistance, privacy/anonymity

HARDWARE SECURITYResearchers study several aspects of hardware security, including security in an era of growing parallelism and concurrency, novel hardware architectures to improve system security, hardware-specific attack vectors and defenses, and the use of hardware-security primitives (e.g., tamper-resistant processors or physically unclonable functions) to bootstrap security in larger systems.

SHUVRA BHATTACHARYYAProfessor, Electrical and Computer EngineeringSignal-processing systems and architectures, security of embedded software, hardware/software co-design for system security, wireless sensor networks

GANG QUAssociate Professor, Electrical and Computer EngineeringTrusted integrated-circuit and system design, hardware-security primitives, hardware-level Trojan-horse detection and prevention, hardware/software co-design for system security, wireless-network security, security of cyberphysical systems

ANKUR SRIVASTAVAAssociate Professor, Electrical and Computer Engineering Novel and architectures, hardware-security primitives

UZI VISHKINProfessor, Electrical and Computer EngineeringParallel algorithms and architectures for computer security, security under concurrency, hardware/software co-design for system security

INFORMATION-THEORETIC SECURITYResearchers employ tools and techniques from information theory, coding theory, and combinatorics to design new protocols for secure key distribution and private communication/computation based on correlated measurements.

ALEXANDER BARG Professor, Electrical and Computer EngineeringCoding theory, combinatorics, anti-collusion fingerprinting

ARMAND MAKOWSKI Professor, Electrical and Computer EngineeringWireless security, key pre-distribution schemes

PRAKASH NARAYANProfessor, Electrical and Computer EngineeringNetwork information theory, coding theory, information-theoretic key distribution, signal processing

SENNUR ULUKUSProfessor, Electrical and Computer EngineeringWireless security, physical-layer security

MARSHINI CHETTYAssistant Professor, College of Information StudiesUsable security, user behavior

VANESSA FRIAS-MARTINEZAssistant Professor, College of Information StudiesPrivacy of mobile traces, behavioral fingerprinting

JENNIFER GOLBECKAssociate Professor, College of Information StudiesSocial networks, trust, usable security

DAVID MAIMONAssistant Professor, Criminology and Criminal Justice Behavioral and social aspects of cyber-criminals, user behavior

KATIE SHILTONAssistant Professor, College of Information StudiesPolicies and ethics for the design of informationtechnologies and systems, usable security

V.S. SUBRAHMANIANProfessor, Computer ScienceAssessment of cyber risk, intrusion detection, user behavior, cybersecurity policy, science of cybersecurity

JESSICA VITAKAssistant Professor, College of Information StudiesSocial networks, users’ perception of privacy

BEHAVIORAL ASPECTS OF CYBERSECURITYResearchers are analyzing how people use online social networks such as Twitter and Facebook to understand notions of trust, users’ expectations of privacy, the dynamics of human-computer interaction, and the usability of cybersecurity solutions. Researchers also seek to understand attackers’ motivations for carrying out cyberattacks, and to develop criminological theories accounting for their behavior.

ECONOMIC ASPECTS OF CYBERSECURITYSince organizations do not have infinite security resources, business executives must often make security decisions based on cost. Researchers have developed quantitative methods and models to inform these decisions. Researchers also study supply-chain management and techniques to improve end-to-end supply-chain security.

SANDOR BOYSONResearch Professor, Robert H. Smith School of Business Supply-chain security and risk management, logistics, management practices

LAWRENCE A. GORDONProfessor, Robert H. Smith School of BusinessCybersecurity economics, cybersecurity risk management

MARTIN LOEBProfessor, Robert H. Smith School of BusinessAccounting and information assurance, cybersecurity economics, cybersecurity regulation

CYBERSECURITY POLICYResearchers in the Center for International Security Studies at Maryland (CISSM) study cybersecurity policy and regulation, especially in regard to securing critical infrastructure.

JACQUES GANSLERProfessor, School of Public PolicyNational security, globalization, supply-chain management

WILLIAM LUCYSHYNVisiting Senior Research Scholar, Center for Public Policy and Private Enterprise Supply-chain management, economics of cybersecurity

WILLIAM NOLTEResearch Professor, Center for Public Policy and Private EnterpriseCybersecurity education, cybersecurity policy

CONTACT INFORMATION

Please select the appropriate contact below for your inquiry.

RESEARCH INQUIRIES: MC2 Director Jonathan Katz, jkatz@cs.umd.edu

EDUCATION PROGRAM INQUIRIES: MC2 Associate Director for Education Michel Cukier, mcukier@umd.edu

CORPORATE PARTNERSHIP INQUIRIES: cyberpartner@umiacs.umd.edu

MEDIA INQUIRIES: MC2 Director Jonathan Katz, jkatz@cs.umd.edu; or Tom Ventsias, tventsia@umd.edu

GENERAL INQUIRIES: MC2 Coordinator Carolyn Flowers, cflowers@umd.edu or 301.405.0794

cyber.umd.edu

The Maryland Cybersecurity Center is supported by the College of Computer, Mathematical, and Natural Sciences and the A. James Clark School of Engineering. It is one of 16 centers and laboratories in the University of Maryland Institute for Advanced Computer Studies (UMIACS).