IT, Defense and Intelligence some current research and future opportunities

1
IT, Defense and Intelligencesome current
research and future opportunities

• Tim Finin and Anupam Joshi
• Computer Science and Electrical Engineering

12 September 2011
http//ebiquity.umbc.edu/r/322
2
Computer Science and Electrical Engineering

• UMBCs largest department
• Faculty 34 tenure-track, 6 teaching, 16
  research Students 900 BS, 225 grad
• Degree programs in computer science, computer
  eng., electrical eng., systemseng. and
  cybersecurity
• PhD programs ranked highly (EE68,CS62) for
  research productivity in2010 NRC study
• 220 Ph.D.s since 1986
• Breadth and focus in research areas
• 6M/year in sponsored researchexpenditures

3
Strong growth for computing jobs

• Bureau of Labor Statistics ten-year job growth
  forecast is strong on IT, with demand exceeding
  new BS, MS and PhD production
• It projects computing occupa-tions to be 60 of
  STEM job growth in the next ten years
• Maryland will especially benefit,with its
  emphasis on DoD,intelligence and cyber security

4
UMBC is a major producer of IT degrees
enrollment in core UMBC IT programs

• Seven IT degree programs, fromcomputer science
  to human-cen-tered computing to bioinformatics
• Enrollment in IT programs is up,with gt 2400
  estimated for 2011-12
• Among all US research universities, UMBC is
• 2 for undergraduate IT degrees awarded
• 5 all IT degrees and certificates
• 31 for IT PhDs awarded
• Among all MD/DE/DC/VA research universities, UMBC
  is
• 1 for undergraduate IT degrees awarded, 2 for
  all IT degrees and 3 for PhDs awarded
• UMBC is NSAs largest source of computing
  graduates

2006
2007
2008
2009
2010
2011
Based on most recent USDept. of Education data
5
Ebiquity research group

• Active faculty and research students
• 8 full-time core faculty, 15-20 PhD, MS, and BS
  students
• Diverse research strengths
• Semantic Web, mobile and pervasive computing,
  security, trust and privacy, machine learning,
  NLP, HPC, social media, medical informatics
• Strong funding base
• 2.5M/year from DoD (DARPA, AFOSR, ONR, NSA),
  NASA, NIST, NSF, Northrop Grumman, Lockheed
  Martin, IBM, Qualcomm, Google, Microsoft,
• Track record of successful prototype systems
• In use by sponsors and the research community

6
Ebiquity research group
Our research addresses problems in designing
software systems that are
7
Some Current Project Areas

• Situational awareness, security, privacy, CPS,
  and assured information sharing (AFOSR, NGC, DHS)
• Executable policies, trustworthy data management
  in ad hoc networks, privacy
• Social networks social media analytics (ONR,
  MIPS, Google)
• Analytics for sentiment, geo-location,
  identifying communities/influence, information
  extraction
• Semantic web (NSF, SAP, Microsoft)
• Search, information extraction, ecoinformatics,
  intelligence, text understanding, linked open
  data
• Intelligent networks pervasive computing (NSF,
  Qualcomm, DARPA)
• Policy-based router management, mobile computing,
  context aware computing
• Medical informatics and imaging (NIST)
• Interpreting laparoscopic videos, cellular
  images, EHR text

8
Situational Awareness

• Awareness of whats happening aroundyou to
  understand how information,events, and actions
  will impact yourgoals objectives, now and in
  future
• Common theme in many scenarios as webecome
  increasingly instrumented andinterconnected
• Hot conflicts, homeland security, cyber-security,
  cyber-physical systems, disaster relief,
  health-care, IT services, network operations
  management
• Applies to people, smart interfaces, sensors, AI,
  wireless networks, embedded systems, streaming
  data, image processing, SIGINT, HUMINT,
  smartphones, etc.
• Highly distributed, dynamic interconnected
  systems

9
Managing the Assured Information Sharing
Lifecycle

• UMBC leads a 7.5M five-year project funded by
  the Air Force Office of Sponsored Research
• Six university groups UMBC, Illinois, Purdue,
  Michigan, U. Texas at Dallas, U. Texas at San
  Antonio
• Move information systems from a need to know
  toward a need to share (9/11 commission)
• Goal understand and reduce barriers preventing
  people and organizations from sharing information
  with appropriate constraints on security, trust,
  privacy and quality

10
E.g. Securing information networks

• Internet routers must share information
  aboutsub-networks, nodes, routes and network
  status
• Accidental or malicious misinformation can
  degrade or disable our information systems
• 15 of Internets traffic redirected through
  Chinese computer networks for 18 minutes in April
  2010 !!
• We developed an approach to assure safe, dynamic
  and context-aware router configuration
• Routers software agents reason withpolicies and
  context information todetect, diagnose and
  recover fromrouting misconfigurations

11
E.g. Privacy Preserving Information Fusion
across Agencies

• Machine understandable privacy policy for
  passport database owner includes rules like
• Dont share data dumps for data exploration or
  fishing
• Dont share data with personally identifiable
  information (name, DoB,) unless request is from
  a certain level of authority for a specified use

• New algorithms and computer enforceable policies
  allow data fusion and mining across organizations
  with privacy preservation guarantees

12
Privacy Preserving Info. Fusion policy rules
Rule1_1 (?requester a NatRequester)
(exoutput exrecordCount ?records)
lessThan(?records, 5) -gt (?requester
isAccessingDump "False") Rule2_2_1
(exoutput exhas_passportNumber "True")
(exoutput exhas_dateOfBirth "True") (exoutput
exhas_placeOfBirth "True") (exoutput
exhas_name "True") (exoutput exhas_address
"True") (exoutput exhas_passport_issue_details
"True") -gt (?requester hasAllFields
"True") Rule2_2_3 (?requester
Natbelongs_to_group ?groups) listContains(?groups
, NatG2) -gt (?requester belongsToAllowedGro
up "True") Rule2_2_4 (?requester
Natbelongs_to_group ?groupList)
listContains(?groupList, NatG4) -gt
(?requester belongsToAllowedGroup
"True") Rule2_2_5 (?requester Nathas_use
?uses) equal(?uses, NatU1) -gt (?requester
hasAllowedUses "True") Rule2_2_6 (?requester
Nathas_use ?uses) equal(?uses, NatU3) -gt
(?requester hasAllowedUses "True")

• Machine understandable privacy policy specified
  by passport database owner includes
• Dont share data dumps for data exploration or
  fishing
• Dont share data with personally identifiable
  information (name, DoB,) unless request
  originates from a certain level of authority for
  a specified use

RulePassportDatabse (?requester exisRequester
"True") (?requester isAccessingDump "False")
(?requester hasAllFields "True") (?requester
Natbelongs_to_hierarchyLevel ?requesterLevel) (?r
equesterLevel NathigherLevel_than NatC)
(?requester belongsToAllowedGroup "True")
(?requester hasAllowedUses "True") -gt
(?requester exaccess expermitted)  
13
E.g. Smartphones sharing context

• Platys is an 1.8M NSFproject with Duke NCSU
• Sensor-rich android phones learn torecognize
  their users context what,who, where, when, how
  
• Information is shared securely and with
  appropriate detail following user specified
  privacy policies and context
• The shared information helps other devices learn
  faster and provide better services

Were in a two-hour budget meeting at X with A, B
and C
Were in a impor-tant meeting
Were busy
14
Privacy policies for mobile computing
Policies compiled to RDF N3 rules Share
location with teachers 9-6 weekdaysif on
campus REQ a reinRequest REQ reinresource
LOCATION. ?T a TeachersGroupStuff. ?R a
UserStuff loginclude LOCATION a tuLocation
USERID a tuUserid . REQ reinrequester WHO. ?T
a TeachersGroupStuff logincludes tmember
sessionlogin USERID . LOCATION locequalTo
UMBC . WHO requestTime ?time. ""
timelocaltime ?localTime. ?localTime
timedayOfWeek ?day. ?day mathnotlessthan
"1". ?day mathnotgreaterthan "5". ?localTime
timehour ?dtime. ?dtime mathnotlessthan
"9". ?dtime mathnotgreaterthan "18". gt
WHO loccan-get LOCATION .

• Share my exact location with my family, or with
  others who are in the same location
• Share a public version of my currentactivity
  with my Facebook friends, but let my close
  friends know exactly what I am doing
• Do not reveal my exact GPS coordinatesto a
  server based navigation applicationif my speed
  is over the posted limit
• Share my location exactly with myfamily, unless
  I am in the SKIF

• Using a Logic based reasoner
• This produces conclusions as well as
  justifications for each action
• The justifications are used to explain the policy
  results

15
E.g. Tracking Security Vulnerability Info

• Working with Northrop Grumman on system to
  discover new software vul-nerabilities and track
  their spread and evolution
• We use human language technology, machine
  learning and cybersecurity knowledge bases to
  extract, evaluate and fuse structured information
  from Web, chat rooms, and social media
• Our prototype automatically adds to, updates and
  maintains a structured knowledge base

16
Ex input and extracted knowledge
http//en.wikipedia.org/wiki/Buffer_overflow
Manufacturer Product Version
Buffer overflow in Fax4Decode in LibTIFF 3.9.4
and possibly other versions, as used in ImageIO
in Apple iTunes before 10.2 on Windows and other
products, allows remote attackers to execute
arbitrary code or cause a denial of service
(application crash) via a crafted TIFF Internet
Fax image file that has been compressed using
CCITT Group 4 encoding, related to the EXPAND2D
macro in libtiff/tif_fax3.h.
http//en.wikipedia.org/wiki/Denial-of-service_att
ack
17
E.g. Response Systemfor Gulf Oil Spill (NSF)

• Mine data from socialmedia to improve oilspill
  trajectory modelused by NOAA Emergency Response
  Division
• Uses surface winds, currents, oil spill rates,
  boundary locations, oil dispersion, type of oil,
  diffusion coefficients, drift velocities, etc.
• Couples with atmospheric, hydrologic and storm
  surge models
• Performs regressions, fishery impacts, animations

18
E.g. Secure, verifiable voting systems

• Scantegrity is the first end-to-end audit-able
  voting system used in a binding government
  election (Takoma Park, 2009, 10, 11)
• Cryptographic technology enables voters to verify
  votes counted as cast
• Allows open audit anyone can prove final tally
  correct from public records
• Individual vote privacy protected
• Can be used for online voting, poll-ing, group
  decision making, prefer-ence elicitation, etc.

http//www.scantegrity.org/
19
for info, contact finin_at_umbc.edu or
joshi_at_umbc.edu or see http//ebiquity.org/r/322