Skip to Main Content

Research Projects

Since cybersecurity touches many fields and industries, UMBC faculty are engaged in cybersecurity research across a range of disciplines, both independently and in collaboration with regional or international partner institutions. Some of our ongoing faculty and student research activities include:

  • General cybersecurity
  • Zero-day vulnerability detection & threat attribution
  • Risk analysis (technical and economic)
  • Medical device & data cybersecurity
  • Cloud & mobile security
  • Side-channel attacks
  • Hardware and software assurance
  • Cyber-Physical Systems (CPS) security
  • Security of Autonomous Vehicles
  • Blockchain technology applications
  • Cryptography
  • Malware and network protocol analysis
  • Privacy
  • Cybersecurity Visualization
  • AI/ML and cybersecurity
  • Supply chain security
  • Secure electronic voting
  • IoT and “smart cities” security
  • Cybersecurity education pedagogy
  • Information-age conflict
  • Human factors in cybersecurity
  • Cybersecurity for local governments

Click here to meet our cybersecurity faculty and check out some of our current cybersecurity research activities below!

Developing and Evaluating Immersive Virtual Reality Network Visualizations for Cybersecurity Practitioners

PI: Don Engel, Anita Komlodi (Pi Squared Lab)

Scholarship for Service (SFS) Federal CyberCorps

PI: Alan Sherman, Richard Forno (CyberDefense Lab)

Data Compliance using Policy Integrated Blockchain

PI: Karuna Joshi (Knowledge, Analytics, Cognitive and Cloud Computing (KnACC) lab)

Combining Machine and Human Intelligence in CPS

PI: Nilanjan Banerjee, Ryan Robucci, Chintan Patel (Eclipse Lab)

Cybersecurity for Cyber-Physical Systems (CPS)

PI: Nilanjan Banerjee, Ryan Robucci, Chintan Patel (Eclipse Lab)

More projects being added shortly.  Please check back soon!

Prior Projects (Selected)

Policy Compliant Integration of Linked Data

In August 2012, Computer Science and Electrical Engineering professors Tim Finin and Anupam Joshi  received a $400,000 research award from the NSF Secure and Trustworthy Cyberspace (SaTC) program for a three year project to investigate how to better manage security and privacy constraints while querying semantically annotated linked data sources. The project, Policy Compliant Integration of Linked Data, is a collaboration with researchers at M.I.T. and the University of Texas at Dallas.

Maryland Cyber Challenge

The original Maryland Cyber Challenge was a unique and exciting initiative developed and designed by Richard Forno (PI) in 2011 to encourage young Marylanders to enroll in IT and computer science courses and pursue careers in Maryland’s cybersecurity workforce. The Challenge ran in three competitive divisions: high school, collegiate, and professional. Competitors encounter (scored) vulnerability mitigation, computer forensics, defense and ‘capture the flag’ events during the Challenge while at the same time must demonstrate effective teamwork and communication skills to be successful both in the competition and also as future members of the cybersecurity workforce. (Dr. Forno stepped aside from coordinating the event in 2015 and the Challenge is under new leadership and corporate support now.)

Launched in 2011, the original Maryland Cyber Challenge was a partnership between UMBC, SAIC/Leidos, the Maryland Department of Business and Economic Development (DBED), the National Cyber Security Alliance (NCSA), and the Technology Council of Maryland (TCM). During its first two years, over 700 competitiors spanning 115 teams participated for prizes and internship opportunities awarded to student winners by the National Security Agency (NSA) and SAIC/Leidos. In 2012, the Challenge was incorporated into the CyberMaryland Conference. In its first 5 years over $450,000 in prizes were awarded to student participants.

Teaching information assurance concepts to high school students through a new social media game

Alan Sherman (PI) and Marc Olano (Co-PI), National Security Agency, $168,743, 2011–2013.
Alan Sherman (PI) and Richard Forno (Co-PI), National Security Agency, $85,537, Aug. 2011 – Dec. 2012.

In interacting with any secure environment, the user is the weakest link in security. CISA is developing an espionage themed interactive role-playing game targeted for social networking in which players recruit other players, practice sound security practices, and avoid security pitfalls. The project addresses two threats to cyber safety: users act without thinking about the consequences of their actions; and users lack awareness of basic Information Assurance (IA) concepts. This project contributes to the DHS cyber initiative “Stop. Think. Connect.”.

Primary objectives include teaching fundamental Information Assurance (IA) concepts to users and expose users to CISSP certification concepts including confidentiality, integrity, availability, authentication, physical security, and personnel security. Auxiliary objectives include enhancing student’s critical thinking and problem-solving skills, and by observing the game development process students will learn about software development.

The game was fielded and tested in Spring 2012 at Meade Senior High School (MHS) in Anne Arundel County as a stand-alone web game accessible via CISA servers. Students tested the game, provide feedback, and suggest improvements for the game.