Faculty Directory

Cukier, Michel

Cukier, Michel

Professor of Reliability Engineering
Director, Advanced Cybersecurity Experience for Students
Mechanical Engineering
Center for Risk and Reliability
Maryland Cybersecurity Center
UMIACS
Electrical and Computer Engineering
Computer Science
4311F John S. Toll Physics Building

Education

Ph.D., Computer Science, National Polytechnic Institute of Toulouse, France, 1996

B.S. Physics Engineering, Free University of Brussels, Belgium, 1991

Background

Michel Cukier is a professor of mechanical engineering.

From 1996 to 2001, Cukier was a researcher at the University of Illinois, Urbana-Champaign. He joined the University of Maryland in 2001 as assistant professor. His research covers dependability and security issues. Cukier has published more than 90 papers in journals and refereed conference proceedings in those areas.

He received his doctorate in computer science from the National Polytechnic Institute of Toulouse, France. 

Honors and Awards

  • The Daily Record's 2023 Higher Education Power List (2023)
  • USM Board of Regents Faculty Award for Excellence in Mentoring (2023)
  • Member of the State of Maryland Cybersecurity Council (2019)
  • SANS Difference Makers Award (2018)
  • University of Maryland Corporate Connector of the Year Award (2018)
  • Distinguished Papers Session, European Dependable Computing Conference (2017)
  • National Science Foundation (NSF) Faculty Early Career Development (CAREER) Award (2003)
  • Best Paper Award, Pacific Rim International Symposium on Dependable Computing (2002)

Professional Memberships

  • Member, IEEE

  • Fault tolerance
  • Intrusion tolerance
  • Dependability and security evaluation

Current Students

Alex Parisi (PhD, RE)

Paul Watrobski (PhD, RE)

Ciro Pinto-Coelho (PhD, RE)

Jessica Zhu (PhD, RE)

Former Students

John McGahagan (PhD, RE)

Margaret Gratian (PhD, RE)

Yazdan Movahedi (PhD, RE)

Bertrand Sobesto (PhD, RE)

Ed Condon (PhD, RE)

Robin Berthier (PhD, RE)

Danielle Chrun (PhD, RE)

Aria Khoshkhou (PhD, RE)

Jesus Molina (PhD, ECE)

Anil Sharma (MS, RE)

Melody Djam (MS, RE)

Shalom Rosenfeld (MS, ECE)

Hari Sivaramakrishnan (MS, ECE)

Merine Zinsou (MS, RE)

Frank Hemingway (MS, ECE)

Benjamin Klimkowski (MS, CS)


Risk Assessment of User Behavior

Michel Cukier (PI)

Sponsor: Laboratory for Telecommunication Sciences

Abstract: It has been claimed many times that the human is the weakest link in cybersecurity. The goal of this research is to improve the overall security of an organization by better understanding user behavior. More specifically, we will assess how users currently assess risks and how to educate them to better understand some of the risks of their online behavior. We will design and implement various experiments on the user population at the University of Maryland. In addition, we will build upon research conducted on risk perception in the physical world and identify approaches used to modify some perceptions with the goal of translating some of these approaches in cyberspace.

SFS for ACES

Michel Cukier (PI), Lawrence Gordon (Co-PI), Charles Harry (Co-PI), Jandelyn Plane (Co-PI), David Levin (Co-PI)

Sponsor: National Science Foundation

Abstract: National and personal security have become major concerns as we continue to increase our reliance on technological advancements. The growth of innovation must mirror the expansion of trained professionals. The University of Maryland (UMD), a National Security Agency - Center of Academic Excellence in Research (CAE-R), proposes to lead the challenge of educating the next cyber workforce through the creation of the Advanced Cybersecurity Experience for Students (ACES) Program, the first undergraduate honors program in cybersecurity in the United States. The CyberCorps(R): Scholarship for Service (SFS) program at UMD will provide a unique opportunity for 36 ACES students earn their Bachelor's degree with an ACES Minor in cybersecurity, and prepare them to join the cadre of cybersecurity professionals in the government. The ACES program aims to provide a unique, multidisciplinary education for a diverse group of undergraduate students of all majors. The curriculum will allow students to live together, use embedded, state-of-the-art laboratories, and work collaboratively inside and outside the classroom. In addition to fulfilling rigorous, required coursework in topics such as Cyber Policy, Psychology, and Reverse Engineering, ACES strongly emphasizes experiential learning by providing opportunities for individual and group research projects, as well as academic term and summer internships. In local middle and high schools, students will have an opportunity to work in CyberPatriot teams and participate in CyberSTEM summer camps (day and residential) and cybersecurity awareness workshops. The SFS program will enhance the university's goal of training a workforce with a range of talents, backgrounds, and expertise that can meet the cybersecurity needs of the government.

Collaborative Proposal: SaTC: Frontiers: Enabling a Secure and Trustworthy Software Supply Chain

Michel Cukier (PI)

Sponsor: National Science Foundation

Abstract: The modern world relies on software in almost every human endeavor, and a typical software product includes 80% open source components. Attackers find and exploit accidentally-injected security vulnerabilities and, increasingly, aggressively implant vulnerabilities or malicious code directly into the software supply chain -- the open source software and its build and deployment pipelines. This Frontiers project establishes the Secure Software Supply Chain Center (S3C2), a large-scale, multi-institution effort designed to aid the software industry re-establish trust in the software supply chain through the development of scientific principles, synergistic tools, metrics, and models in the context of human behavior among software supply chain stakeholders. The project?s novelties include the contributions to a diverse workforce that is trained in secure software supply chain methods through research and outreach initiatives, including summer research experiences for undergraduates (REU), summer camps, and the development of course modules for undergraduates, graduate students, and practitioners. The project?s broader significance and importance are the ways in which S3C2 will facilitate rapid innovation with increased confidence in software supply chain security.
S3C2 focuses on interconnected research thrusts for two supply chain attack vectors: (1) upstream dependencies and (2) the build process in the context of a continuous integration/continuous deployment (CI/CD) pipeline. Thrust One focuses on developing tools and techniques to aid practitioners with the risk of upstream dependencies. It enhances the utility of the Software Bill of Materials (SBoM) by identifying exploitability of vulnerabilities and changes to attack surfaces and isolates risky code as a stop-gap before patching is possible. Thrust Two focuses on developing tools and techniques to aid practitioners with the risk of build processes. It enables strong guarantees for build integrity through analysis of CI/CD configuration and techniques that help developers achieve reproducible builds.

Summer Cyber and Telecommunications Research

Michel Cukier (PI)

Sponsor: Laboratory for Telecommunication Sciences

Abstract: The LASR Internship program offers ACES students a summer research internship experience at the Laboratory for Telecommunication Sciences.

CyberSTEM Outreach Research

Michel Cukier (PI), Jandelyn Plane (Co-PI)

Sponsor: Laboratory for Telecommunication Sciences

Abstract: The subject of intense research at the University of Maryland’s Maryland Center for Women in Computing [MCWIC] and Maryland Cybersecurity Center [MC2] is to understand how best to validate, catalyze, and achieve the creation of a pipeline from STEM education to STEM careers. Two entities - the MCWIC and MC2 - have partnered to conduct foundational studies to inform, define, and create the best solutions to closing the STEM-articulate, graduate gap, with a specific emphasis on significantly reversing national trends in gender-diversity and underrepresented population in computer science.

Fall 2023

ENME 392: Statistical Methods for Product and Processes Development

HACS 200: Applied Cybersecurity Foundations II

HACS 100: Foundations in Cybersecurity I

Spring 2023

ENME 392: Statistical Methods for Product and Processes Development

Fall 2022

ENME 392: Statistical Methods for Product and Processes Development

HACS 200: Applied Cybersecurity Foundations II

HACS 100: Foundations in Cybersecurity I

Spring 2022

ENME 392: Statistical Methods for Product and Processes Development

Fall 2021

ENME 442/ENRE 684: Information Security

HACS 200: Applied Cybersecurity Foundations II

HACS 100: Foundations in Cybersecurity I

Spring 2021

ENME 392: Statistical Methods for Product and Processes Development

Fall 2020

ENME 442/ENRE 684: Information Security

HACS 200: Applied Cybersecurity Foundations II

HACS 100: Foundations in Cybersecurity I

Spring 2020

ENME 392: Statistical Methods for Product and Processes Development

Fall 2019

ENME 442/ENRE 684: Information Security

HACS 200: Applied Cybersecurity Foundations II

Spring 2019

ENME 392: Statistical Methods for Product and Processes Development

Fall 2018

ENME 442/ENRE 684: Information Security

HACS 200: Applied Cybersecurity Foundations II

Spring 2018

ENME 392: Statistical Methods for Product and Processes Development

Fall 2017

ENME 442/ENRE 684: Information Security

Spring 2017

ENME 442/ENRE 684: Information Security

2019

Vulnerability Prediction Capability: A Comparison between Vulnerability Discovery Models and Neural Network Models

Y. Mohavedi, M. Cukier, and I. Gashi

Computers & Security, August 2019

(Impact Factor: 2.650)

Perspective: Risk and the Five Hard Problems of Cybersecurity

N. M. Scala, A. C. Reilly, P. L. Goethals, and M. Cukier

Risk Analysis, March 2019

(Impact Factor: 2.898)

Cluster-based vulnerability assessment of operating systems and web browsers

Y. Movahedi, M. Cukier, A. Andongabo, and I. Gashi

Computing, vol. 101, no. 2, February 2019, pp. 139-160.

(Impact Factor: 1.654)

Identifying infected users via network traffic

M. Gratian, D. Bhansali, M. Cukier, and J. Dykstra

Computers & Security, vol. 80, January 2019, pp 306-316.

A Comprehensive Evaluation of HTTP Header Features for Detecting Malicious Websites

J. McGahagan, D. Bhansali, M. Gratian and M. Cukier

in Proc. 15th European Dependable Computing Conference (EDCC), 2019.

(54% acceptance rate)

"Help, I've Been Hacked!": Insights from a Corpus of User-Reported Cyber Victimization Cases on Twitter

M. Gratian, D. Bhansali, M. Cukier, and J. Dykstra

in Proc. Human Factors and Ergonomics Society's 2019 International Annual Meeting, Seattle, USA, Oct. 28 – Nov. 1, 2019.

(64% acceptance rate)

2018

Process Mining and Hierarchical Clustering to Help Intrusion Alert Visualization

S. Carlisto de Alvarenga, S. Barbon Junior, R. Sanches Miani, M. Cukier, and B. Bogaz Zarpelão

Computers & Security, vol. 73, March 2018, pp 474-491.

(Impact Factor: 2.650)

Correlating Human Traits and Cyber Security Behavior Intentions

M. Gratian, S. Bandi, M. Cukier, J. Dykstra, and A. Ginther

Computers & Security, vol. 73, March 2018, pp 345–358.

(Impact Factor: 2.650)

2017

Illegal Roaming and File Manipulation on Target Computers

A. Testa, D. Maimon, B. Sobesto, and M. Cukier

Criminology & Public Policy, vol. 16, issue 3, August 2017, pp 689–726

(Impact Factor: 2.216)

Discovering Attackers Past Behavior to Generate Online Hyper-Alerts

CT. Kawakani, S. Barbon, RS. Miani, M. Cukier, and BB. Zarpelão

iSys-Revista Brasileira de Sistemas de Informação, vol.10, issue 1, 2017, pp 122-147.

AVAMAT: AntiVirus and Malware Analysis Tool

P. Shahegh, T. Dietz, M. Cukier, A. Algaith, A. Brozik, and I. Gashi

in Proc. 16th IEEE International Symposium on Network Computing and Applications, Boston, USA, 30 Oct - 1 Nov 2017.

(26% acceptance rate)

Cluster-based Vulnerability Assessment Applied to Operating Systems

Y. Movahedi, M. Cukier, A. Andongabo, and I. Gashi

in Proc. 13th European Dependable Computing Conference (EDCC), 2017.

(26% acceptance rate) 

Application of Routine Activity Theory to Cyber Intrusion Location and Time

K Bock, S Shannon, Y Movahedi, and M Cukier

in Proc. 13th European Dependable Computing Conference (EDCC), 2017.

(26% acceptance rate)

ACES Awarded $5M Grant Renewal to Strengthen Cybersecurity Workforce

The funding will support 30 students over the next five years as they prepare for careers in cybersecurity.

Cukier Receives Mentoring Award for Founding and Leading ACES

The award recognizes his success in developing the cybersecurity honors program.

MC2 Kicks Off Third Year of Postdoctoral Fellowship Program

The fellowships offer an opportunity to work closely with MC2 faculty in multiple areas of cybersecurity.

UMD Joins U.S. Cyber Command’s Academic Engagement Network

The initiative's goal is to create a robust and accessible pool of qualified cyber professionals. 

Maryland Cybersecurity Center Kicks Off Second Year of Postdoctoral Fellowship Program

The fellowship offers an opportunity to work closely with faculty and graduate students in the center.

Cukier Appointed to the Maryland Cybersecurity Council

The Council, created by the Maryland General Assembly, is charged with reviewing the state’s cyber readiness. 

Cukier Honored with SANS Difference Makers Award

Cukier was recognized for reaching out to high school students interested in pursuing a cybersecurity career

Northrop Grumman Foundation Renews Commitment to ACES Program with $2.76M Gift

Funding will support additional staffing, programming, scholarships and more

MC2, ACES Program Featured in Gazette Article About Cybersecurity

The Maryland Cybersecurity Center (MC2) and the Advanced Cybersecurity Experience for Students (ACES) program were highlighted today in a Gazette story about the state of cybersecurity in Prince George's County

Cybersecurity Is All a Game for Two ACES Students‬‬

Payer and Bock incorporate lessons into fun competition-style games.

MC2 Welcomes Undergraduates For Nine-Week Research Experience

Nine undergraduates from across the country are collaborating this summer.

Annual Cyber Symposium Brings Large Crowd, Interesting Discussion

More than 200 people attended a daylong symposium.

MC2 Director, Faculty Named to President’s Task Force on Cybersecurity

Jonathan Katz and other MC2 faculty are part of President’s Task Force on Cybersecurity.

ACES Director and Student Named to President's Task Force

ACES Director and Student Board President Named to President's Task Force on Cybersecurity

MC2, ManTech Partner on Cybersecurity Scholarships

Two UMD undergraduates looking to join the ranks of IT experts pitted in this ongoing battle against hackers and cyberthieves.

Local Middle School Girls Receive Hands-On Exposure to Cybersecurity

UMD & National CyberWatch Ctr Host Cool Careers in Cybersecurity to Attract Young Women to STEM.

REU Cybersecurity Scholars: Summer 2013

Six CS Scholars began arriving on campus Sunday, June 2, 2013

Maryland Cybersecurity Center Welcomes 6 Undergraduate Research Students

The scholars will be integral members of research teams for nine weeks in summer 2013

Researchers Expose the Human Side of Cybercrime

UMD's Michel Cukier and David Maimon collaborate to explore hacker behavior.

Cyber Safety Workshop Empowers Middle School Girls

Maryland Cybersecurity Center brings in over 60 students for hands-on, interactive activities.

Associate Professor Michel Cukier Named Inaugural Director of ACES

Cukier to direct Advanced Cybersecurity Experience for Students (ACES), the nation’s first undergraduate honors program in cybersecurity

Cukier, Maimon featured on SC Magazine podcast

The researchers discuss their collaboration correlating criminology with cybersecurity.

Researchers Explore How Cyber-Attackers Think Like Regular Crooks

In unique collaboration, engineer and criminologist apply criminological concepts and research methods to study of cybercrime.

Cukier Featured in Huffington Post Article on Cybersecurity

Prof. Michel Cukier quoted regarding the University of Maryland's approach to cybersecurity education.

Cukier Invited to Deliver Keynote Address at WRAITS 2011

Cukier gives keynote lecture on cybersecurity research at Hong Kong conference.

UMD To Offer Cyber Camp for High School Students This Summer

Camp will offer students the chance to learn about the cybersecurity field, develop skills.

Cybersecurity Scholars Program To Be Offered This Summer

Unique undergraduate summer research experience will be offered to undergraduates across the nation.