|
|
|
| Radical Islam: An Attack from the Past or the Future? |
| Albert Bergesen |
|
|
Department of Sociology,
University of Arizona
|
|
If radical Islam isn't just defensive; isn't just fear of
the modern; isn't just a passing thing, then what else might it be.
Hints of the future; deeper asceticism's yielding the ultimate in
self-control, Suicide Missions? Maybe. Wider communities of
equality--the global umma? Maybe. But also maybe not. It is way to
early to tell. Max Weber's speculations about the effects of the
religious fundamentalism that was the Reformation came hundreds of
years after his radical Protestants had their ascetic spasm; we are in
the midst of the radical Islamists. We can only speculate about the
possible civilizational implications of our present moment.
|
|
|
|
|
|
| Intelligence and Security Informatics: The COPLINK and Dark Web Experience
|
| Hsinchun Chen |
|
Management Information Systems,
University of Arizona
|
|
In this talk I will review the emerging discipline of Intelligence and Security Informatics
(ISI) and its many potential research directions and caveats. Two internationally acclaimed
research projects, COPLINK and Dark Web, will be discussed. Both projects have been supported
by NSF, DOJ, DHS, etc. and developed by the University of Arizona's Artificial Intelligence
Lab members. For more project information, please see: http://ai.arizona.edu.
|
|
|
|
|
|
| Dealing with Liars: Misbehavior Identification via Renyi-Ulam Games |
| Loukas Lazos |
|
Department of Electrical and Computer Engineering,
University of Arizona
|
|
In this talk, we discuss the problem of identifying
misbehaving nodes that refuse to forward packets in wireless multi-hop
networks. We present several methods for monitoring node behavior that
rely on message-overhearing, micro-payment systems, or acknowledgement
schemes. To reduce the communication overhead associated with
behavior monitoring, we map the process of locating misbehaving nodes
to various versions of the classic Renyi-Ulam game of 20
questions. This mapping copes with colluding adversaries that
coordinate their behavioral patterns to avoid identification and frame
honest nodes.
|
|
|
|
|
|
| Integrated Human Decision Making and Planning
Model under Extended Belief-Desire-Intention Framework: Emergency
Evacuation Applications |
| Young-Jun Son |
|
|
Department of Systems and Industrial Engineering,
University of Arizona
|
|
In this talk, we discuss an integrated Belief-Desire-Intention (BDI)
modeling framework for human decision making and planning, whose
sub-modules are based on Bayesian belief network,
Decision-Field-Theory, and probabilistic depth first search
technique. A key novelty of the proposed model is its ability to
represent both the human decision-making and decision-planning
functions in a unified framework. In this talk, the proposed modeling
framework is demonstrated for human's evacuation behaviors under a
terrorist bomb attack situation. To mimic realistic human behaviors,
attributes of the BDI framework are reverse-engineered from the
human-in-the-loop experiments conducted in the Cave Automatic Virtual
Environment (CAVE) available at The University of Arizona. A crowd
simulation is then constructed, where individual human behaviors are
based on what was learned from the CAVE experiments. In this work,
the simulated environment and humans conforming to the proposed BDI
framework are implemented in AnyLogic agent-based simulation software, where
each human entity calls external Netica BBN software to perform its
perceptual processing function and Soar software to perform its
real-time planning and decision-execution functions. The constructed
crowd simulation is then used to test impact of several factors
(e.g. demographics of people, number of policemen, information sharing
via speakers) on evacuation performance (e.g. average evacuation time,
percentage of casualties). Finally, we discuss other emergency
evacuation applications (e.g. evacuation behaviors under fire in a
factory) and research extensions for the proposed BDI framework
|
|
|
|
|
|
| Data Mining for Malicious Code Detection and Security Applications |
| Bhavani Thuraisingham |
|
Cyber Security Research Center in the Erik Jonsson School of Engineering and Computer Science,
University of Texas at Dallas
|
|
Data mining is the process of posing queries and extracting patterns,
often previously unknown from large quantities of data using pattern
matching or other reasoning techniques. Data mining has many
applications in security including for national security as well as
for cyber security. The threats to national security include attacking
buildings, destroying critical infrastructures such as power grids and
telecommunication systems. Data mining techniques are being
investigated to find out who the suspicious people are and who is
capable of carrying out terrorist activities. Cyber security is
involved with protecting the computer and network systems against
corruption due to Trojan horses, worms and viruses. Data mining is
also being applied to provide solutions such as intrusion detection
and auditing.
The first part of the presentation will discuss my joint research with
Prof. Latifur Khan and our students at the University of Texas at
Dallas on data mining for cyber security applications For example;
anomaly detection techniques could be used to detect unusual patterns
and behaviors. Link analysis may be used to trace the viruses to the
perpetrators. Classification may be used to group various cyber
attacks and then use the profiles to detect an attack when it
occurs. Prediction may be used to determine potential future attacks
depending in a way on information learnt about terrorists through
email and phone conversations. Data mining is also being applied for
intrusion detection and auditing. Other applications include data
mining for malicious code detection such as worm detection and
managing firewall policies.
This second part of the presentation will discuss the various types of
threats to national security and describe data mining techniques for
handling such threats. Threats include non real-time threats and
real-time threats. We need to understand the types of threats and also
gather good data to carry out mining and obtain useful results. The
challenge is to reduce false positives and false negatives.
The third part of the presentation will discuss some of the research
challenges. We need some form of real-time data mining, that is, the
results have to be generated in real-time, we also need to build
models in real-time for real-time intrusion detection. Data mining is
also being applied for credit card fraud detection and biometrics
related applications. While some progress has been made on topics such
as stream data mining, there is still a lot of work to be done
here. Another challenge is to mine multimedia data including
surveillance video. Finally, we need to maintain the privacy of
individuals. Much research has been carried out on privacy preserving
data mining.
In summary, the presentation will provide an overview of data mining,
the various types of threats and then discuss the applications of data
mining for malicious code detection and cyber security. Then we will
discuss the consequences to privacy.
|
|
|
Biography: Dr. Bhavani Thuraisingham joined The University of Texas at
Dallas in October 2004 as a Professor of Computer Science and Director
of the Cyber Security Research Center in the Erik Jonsson School of
Engineering and Computer Science. She is an elected Fellow of three
professional organizations: the IEEE (Institute for Electrical and
Electronics Engineers), the AAAS (American Association for the
Advancement of Science) and the BCS (British Computer Society) for her
work in data security. She received the IEEE Computer Society's
prestigious 1997 Technical Achievement Award for outstanding and
innovative contributions to secure data management.
Over the past five years, Dr. Thuraisingham and her team of four
professors at UTD have generated over $10m in research funding from
NSF, AFOSR, IARPA, ONR, NASA, NIH NGA and corporations such as
Raytheon. They are also forming partnerships with Lockheed, Rockwell
Collin, L-3 Communications, and HIE Electronics. The projects include
assured information sharing, securer and private social networks, data
mining for security applications, geospatial semantic web, text mining
and botnet modeling. Her team also conducts interdisciplinary research
with social scientists and management scientists.
Dr Thuraisingham's work in information security and information
management has resulted in over 90 journal articles, over 200 refereed
conference papers and workshops, and three US patents. She is the
author of nine books in data management, data mining and data security
including one on data mining for counter-terrorism and another on
Database and Applications Security and is completing her tenth book in
secure service-oriented information systems. She has given over 70
keynote presentations at various technical conferences and has also
given invited talks at the White House Office of Science and
Technology Policy and at the United Nations on Data Mining for
counter-terrorism. She serves (or has served) on editorial boards of
leading research and industry journals including as the Editor in
Chief of Computer Standards and Interfaces Journal. She is also an
Instructor at AFCEA's (Armed Forces Communications and Electronics
Association) Professional Development Center and has served on panels
for the Air Force Scientific Advisory Board and the National Academy
of Sciences.
Dr Thuraisingham is the Founding President of Bhavani Security
Consulting, LLC - a company providing services in consulting and
training in Cyber Security and Information Technology and the Founding
President of Knowledge Discovery and Security Informatics, LLC - a
company developing data mining for malware detection tools.
Prior to joining UTD, Thuraisingham was an IPA (Intergovernmental
Personnel Act) at the National Science Foundation from the MITRE
Corporation. At NSF she established the Data and Applications Security
Program and co-founded the Cyber Trust theme and was involved in
inter- agency activities in data mining for counter-terrorism. She has
been at MITRE since January 1989and has worked in MITRE's Information
Security Center and was later a department head in Data and
Information Management as well as Chief Scientist in Data
Management. She has served as an expert consultant in information
security and data management to the Department of Defense, the
Department of Treasury and the Intelligence Community for over 10
years. Thuraisingham's industry experience includes six years of
research and development at Control Data Corporation and Honeywell
Inc.
Thuraisingham was educated in the United Kingdom both at the
University of Bristol and at the University of Wales. She is pursuing
a Certificate in Terrorism Studies at St. Andrews University in
Scotland. She is interested in understanding the minds of the
terrorists and hackers as well as their ideologies, networks, and
financial investment strategies so that effective and adaptive tools
can be developed.
|
|
|
|
|
| Exploiting Online Games |
| Gary McGraw |
|
Cigital
|
The talk, based on a book of the same title (co-authored by
Greg Hoglund), exposes the inner workings of online game security
for all to see, drawing illustrations from MMORPGs such as World
of Warcraft to discuss:
- Why online games are a harbinger of software security
issues to come
- How millions of gamers have created billion dollar virtual
economies
- How game companies invade your privacy
- Why some gamers cheat
- Techniques for breaking online game security
- How to build a bot to play a game for you
- Methods for total conversion and advanced mods
But ultimately this talk is about security problems associated with
advanced massively distributed software. With hundreds of thousands
of interacting users, today's online games are a bellwether of modern
software yet to come. The kinds of attack and defense techniques I
describe are tomorrow's security techniques on display today.
|
|
|
Biography: Gary McGraw is the CTO of Cigital, Inc., a software security and
quality consulting firm with headquarters in the Washington,
D.C. area. He is a globally recognized authority on software security
and the author of six best selling books on this topic. The latest,
Software Security Engineering: A Guide for Project Managers, was
released in 2008. His other titles include Exploiting Online Games,
Building Secure Software, Exploiting Software, and
Software Security;
and he is editor of the Addison-Wesley Software Security
series. Dr. McGraw has also written over 90 peer-reviewed scientific
publications, authors a monthly security column at InformIT, and is
frequently quoted in the press. Besides serving as a strategic
counselor for top business and IT executives, Gary is on the Advisory
Boards of Fortify Software and Raven White. His dual PhD is in
Cognitive Science and Computer Science from Indiana University, where
he serves on the Dean's Advisory Council for the School of
Informatics. Gary is an IEEE Computer Society Board of Governors
member and produces the monthly Silver Bullet Security Podcast for
IEEE Security & Privacy magazine.
|
|
|
|
|
| The Building Security In Maturity Model (BSIMM) |
| Gary McGraw |
|
Cigital
|
|
As a discipline, software security has made great progress over the
last decade. There are now at least 46 large scale software security
initiatives underway in enterprises including global financial
services firms, independent software vendors, defense organizations,
and other verticals. In 2008, Brian Chess, Sammy Migues and I
interviewed the executives running nine initiatives using the twelve
practices of the Software Security Framework as our guide.
Those companies among the nine who graciously agreed to be identified
include: Adobe, The Depository Trust and Clearing Corporation (DTCC),
EMC, Google, Microsoft, QUALCOMM, and Wells Fargo.
The resulting data,
drawn from real programs at different levels of maturity was used to
guide the construction of the Building Security In Maturity Model
(BSIMM). This talk will describe the observation-based maturity
model, drawing examples from many real software security programs.
A maturity model is appropriate because improving software security
almost always means changing the way an organization works ---people,
process, and automation are all required.
While not all organizations
need to achieve the same security goals, all successful large scale
software security initiatives share common ideas and approaches.
Whether you rely on the Cigital Touchpoints, Microsoft's SDL, or OWASP
CLASP, there is much to learn from practical experience. Since its
March release, the BSIMM is being expanded to include BSIMM Europe,
BSIMM II, and BSIMM Lite. Use the BSIMM as a yardstick to determine
where you stand and what kind of software security plan will work best
for you.
|
|
|
|
|
|
| Human Flesh Search: A Case Study in Social Computing for Societal Security |
| Fei-Yue Wang |
Institute of Automation, Chinese Academy of Sciences
Department of Systems and Industrial Engineering, University of Arizona
|
|
Human flesh search (HFS), originating in China, has become an explosive Web
phenomenon. In China, HFS is being routinely employed by netizens to
identify corrupt government officials and individuals engaging in other
illegal or unethical practices. After the devastating Wenchuan earthquake in May 2008,
HFS played a positive role in helping people find their missing relatives
and friends. Companies and celebrity hopefuls have also been exploiting HFS
as an advertising and public relations platform. The impact of HFS is being
felt outside of China as well and HFS episodes have fanned the interest of
the general public around the globe. Many popular media outlets have
reported on HFS. On October 23, 2009, the NBC aired its crime show, LAW and
ORDER, Season 20 Episode 6, whose title is "Human Flesh Search
Engine." A range of HFS-related issues such as privacy, legality,
government and community-based regulations, are being hotly debated in
various online communities and popular media.
What is human flesh search? As a term, it is a literal translation from its
original Chinese root. Many working definitions have been offered on
various blogs, wiki sites, and news reports. Those definitions from
non-Chinese sources tend to be narrow and often overly specific, for
example, "digital witch hunts" (from Times Online), "an internet mob that
hunts down real people online, then verbally abuses them and publishes the
victim's private information" (from Guardian's blog site). China-based
sources offer broadened definitions. A definition from Xinhuanet.com, which
is cited as the main entry on Wikipedia, reads "HFS is a phenomenon of
massive (human collaborative) researching using Internet media such as blogs
and forums."
To study HFS systematically we have collected, to the best of our
knowledge, the entire set of online episodes commonly labeled as HFS events
from their inception in 2001 to 2009, applying both manual search and
automatic Web crawling and filtering. After analyzing this dataset, we have
come up with our own definition of HFS: "a Web-facilitated crowd behavior
involving a number of volunteering netizens to accomplish a goal-oriented
task of common interest through (a) sharing and disseminating information
acquired from both online and offline sources, and (b) possibly taking
individual offline actions or group activities coordinated online". Human
flesh search engines (HFSE) are platforms (e.g., dedicated websites and
online forums) to enable HFS activities. In this presentation, we will
report and discuss our preliminary investigation of HFS phenomena from the
perspective of social computing.
|
|
Fei-Yue Wang received his Ph.D. in Computer and Systems Engineering
from Rensselaer Polytechnic Institute, Troy, New York in 1990. He
jointed the University of Arizona in 1990 and became a Professor and
the Director of the Program for Advanced Research in Complex Systems
(PARCS) in 1999. In 1999, he found the Intelligent Control and Systems
Engineering Center at the Chinese Academy of Sciences, Beijing, China,
under the support of the Outstanding Oversea Chinese Talents
Program. Since 2002, he is the Director of the Key Laboratory of
Complex Systems and Intelligence Science at the Chinese Academy of
Sciences. Currently, he is the Vice President for research, education,
and academic exchange at the Institute of Automation, Chinese Academy
of Sciences.
His current research interests include social computing, web and
services science, modeling, analysis, and control of complex systems,
especially social and physical/cyber systems. He was the Editor in
Chief of the International Journal of Intelligent Control and Systems
from 1995 to 2000, Editor in Charge of the Series in Intelligent
Control and Intelligent Automation from 1996 to 2004, EiC, Associate
EiC, or Associate Editors of 10 IEEE Transactions and Magazines. Since
1997, he has served as General or Program Chair of more than 20 IEEE,
INFORMS, ACM, ASME international conferences. He was the President of
IEEE ITS Society from 2005 to 2007 and the President of Chinese
Association for Science and Technology (CAST, USA) in 2005. Currently,
he is the President of the American Zhu Kezhen Education Foundation.
Dr. Wang is a member of Sigma Xi and an elected Fellow of IEEE,
INCOSE, IFAC, ASME, and AAAS. In 2007, he received the National Prize
in Natural Sciences of China and was elected as the Outstanding
Scientist by ACM for his work in intelligent control and social
computing.
|
|
