IT, Defense and IT, Defense and Intelligence Intelligence some current research and future some current research and future opportunities opportunities Tim Finin and Anupam Joshi Computer Science and Electrical Engineering 12 September 2011 http://ebiquity.umbc.edu/r/
14
Embed
IT, Defense and Intelligence some current research and future opportunities Tim Finin and Anupam Joshi Computer Science and Electrical Engineering 12 September.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
IT, Defense and IntelligenceIT, Defense and Intelligencesome current research and future opportunitiessome current research and future opportunitiesIT, Defense and IntelligenceIT, Defense and Intelligencesome current research and future opportunitiessome current research and future opportunities
Tim Finin and Anupam JoshiComputer Science and Electrical Engineering
12 September 2011 http://ebiquity.umbc.edu/r/322
Computer Science and Electrical Engineering• UMBC’s largest department – Faculty: 34 tenure-track, 6 teaching, 16 research;
Students: 900 BS, 225 grad• Degree programs in computer science,
• Track record of successful prototype systemsIn use by sponsors and the research community
securesecure
mobilemobile
socialsocial
semanticsemantic
Some Current Project AreasSituational awareness, security, privacy, CPS, and assured information sharing (AFOSR, NGC, DHS)
Executable policies, trustworthy data management in ad hoc networks, privacy
Social networks & social media analytics (ONR, MIPS, Google)Analytics for sentiment, geo-location, identifying communities/influence, information extraction
Semantic web (NSF, SAP, Microsoft)Search, information extraction, ecoinformatics, intelligence, text understanding, linked open data
Policy-based router management, mobile computing, context aware computing
Medical informatics and imaging (NIST)Interpreting laparoscopic videos, cellular images, EHR text
securesecure
mobilemobile
socialsocial
semanticsemantic
Situational Awareness• Awareness of what’s happening around
you to understand how information,events, and actions will impact yourgoals & objectives, now and in future
• Common theme in many scenarios as webecome increasingly instrumented andinterconnected
Hot conflicts, homeland security, cyber-security, cyber-physical systems, disaster relief, health-care, IT services, network operations & management …
• Applies to people, smart interfaces, sensors, AI, wireless networks, embedded systems, streaming data, image processing, SIGINT, HUMINT, smartphones, etc.
• Highly distributed, dynamic & interconnected systems
Managing the Assured Information Sharing Lifecycle
• UMBC leads a $7.5M five-year project funded by the Air Force Office of Sponsored Research
• Six university groups: UMBC, Illinois, Purdue, Michigan, U. Texas at Dallas, U. Texas at San Antonio
• Move information systems from a “need to know” toward a “need to share” (9/11 commission)
• Goal: understand and reduce barriers preventing people and organizations from sharing information with appropriate constraints on security, trust, privacy and quality
E.g.: Securing information networks• Internet routers must share information about
sub-networks, nodes, routes and network status• Accidental or malicious misinformation can degrade or
disable our information systems15% of Internet’s traffic redirected through Chinese computer networks for 18 minutes in April 2010 !!
• We developed an approach to assure safe, dynamic and context-aware router configuration
• Routers’ software agents reason withpolicies and context information todetect, diagnose and recover fromrouting misconfigurations
Router 1
Router 2
` ` `
Ethernet
Ethernet
Serial Line
E.g.: Privacy Preserving Information Fusion across Agencies
New algorithms and computer enforceable policies allow data fusion and mining across organizations with privacy preservation guarantees
Machine understandable privacy policy for passport database owner includes rules like:•Don’t share data “dumps” for data exploration or fishing•Don’t share data with personally identifiable information (name, DoB,…) unless request is from a certain level of authority for a specified use
Machine understandable privacy policy for passport database owner includes rules like:•Don’t share data “dumps” for data exploration or fishing•Don’t share data with personally identifiable information (name, DoB,…) unless request is from a certain level of authority for a specified use
E.g.: Smartphones sharing context•Platys is an $1.8M NSFproject with Duke & NCSU
•Sensor-rich android phones learn torecognize their user’s context: what,who, where, when, how …
• Information is shared securely and with appropriate detail following user specified privacy policies and context
•The shared information helps other devices learn faster and provide better services
We’re in a two-hour budget meeting at X with A, B and C
We’re in a two-hour budget meeting at X with A, B and C
We’re in a impor-tant meeting
We’re in a impor-tant meeting
We’re busyWe’re busy
E.g.: Tracking Security Vulnerability Info
• Working with Northrop Grumman on system to discover new software vul-nerabilities and track their spread and evolution
• We use human language technology, machine learning and cybersecurity knowledge bases to extract, evaluate and fuse structured information from Web, chat rooms, and social media
• Our prototype automatically adds to, updates and maintains a structured knowledge base
Ex: input and extracted knowledge
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.