Machine-assisted Cyber Threat Analysis using Conceptual Knowledge Discovery

Over the last years, computer networks have evolved into highly dynamic and interconnected environments, involving multiple heterogeneous devices and providing a myriad of services on top of them. This complex landscape has made it extremely difficult for security administrators to keep accurate and be effective in protecting their systems against cyber threats. In this paper, we describe our vision and scientific posture on how artificial intelligence techniques and a smart use of security knowledge may assist system administrators in better defending their networks. To that end, we put forward a research roadmap involving three complimentary axes, namely, (I) the use of FCA-based mechanisms for managing configuration vulnerabilities, (II) the exploitation of knowledge representation techniques for automated security reasoning, and (III) the design of a cyber threat intelligence mechanism as a CKDD process. Then, we describe a machine-assisted process for cyber threat analysis which provides a holistic perspective of how these three research axes are integrated together

Human factors issues in the use of artificial intelligence in air traffic control. October 1990 Workshop

The objective of the workshop was to explore the role of human factors in facilitating the introduction of artificial intelligence (AI) to advanced air traffic control (ATC) automation concepts. AI is an umbrella term which is continually expanding to cover a variety of techniques where machines are performing actions taken based upon dynamic, external stimuli. AI methods can be implemented using more traditional programming languages such as LISP or PROLOG, or they can be implemented using state-of-the-art techniques such as object-oriented programming, neural nets (hardware or software), and knowledge based expert systems. As this technology advances and as increasingly powerful computing platforms become available, the use of AI to enhance ATC systems can be realized. Substantial efforts along these lines are already being undertaken at the FAA Technical Center, NASA Ames Research Center, academic institutions, industry, and elsewhere. Although it is clear that the technology is ripe for bringing computer automation to ATC systems, the proper scope and role of automation are not at all apparent. The major concern is how to combine human controllers with computer technology. A wide spectrum of options exists, ranging from using automation only to provide extra tools to augment decision making by human controllers to turning over moment-by-moment control to automated systems and using humans as supervisors and system managers. Across this spectrum, it is now obvious that the difficulties that occur when tying human and automated systems together must be resolved so that automation can be introduced safely and effectively. The focus of the workshop was to further explore the role of injecting AI into ATC systems and to identify the human factors that need to be considered for successful application of the technology to present and future ATC systems

Vulnerability anti-patterns:a timeless way to capture poor software practices (Vulnerabilities)

There is a distinct communication gap between the software engineering and cybersecurity communities when it comes to addressing reoccurring security problems, known as vulnerabilities. Many vulnerabilities are caused by software errors that are created by software developers. Insecure software development practices are common due to a variety of factors, which include inefficiencies within existing knowledge transfer mechanisms based on vulnerability databases (VDBs), software developers perceiving security as an afterthought, and lack of consideration of security as part of the software development lifecycle (SDLC). The resulting communication gap also prevents developers and security experts from successfully sharing essential security knowledge. The cybersecurity community makes their expert knowledge available in forms including vulnerability databases such as CAPEC and CWE, and pattern catalogues such as Security Patterns, Attack Patterns, and Software Fault Patterns. However, these sources are not effective at providing software developers with an understanding of how malicious hackers can exploit vulnerabilities in the software systems they create. As developers are familiar with pattern-based approaches, this paper proposes the use of Vulnerability Anti-Patterns (VAP) to transfer usable vulnerability knowledge to developers, bridging the communication gap between security experts and software developers. The primary contribution of this paper is twofold: (1) it proposes a new pattern template – Vulnerability Anti-Pattern – that uses anti-patterns rather than patterns to capture and communicate knowledge of existing vulnerabilities, and (2) it proposes a catalogue of Vulnerability Anti-Patterns (VAP) based on the most commonly occurring vulnerabilities that software developers can use to learn how malicious hackers can exploit errors in software

Design knowledge capture for the space station

The benefits of design knowledge availability are identifiable and pervasive. The implementation of design knowledge capture and storage using current technology increases the probability for success, while providing for a degree of access compatibility with future applications. The space station design definition should be expanded to include design knowledge. Design knowledge should be captured. A critical timing relationship exists between the space station development program, and the implementation of this project

An approach to design knowledge capture for the space station

The design of NASA's space station has begun. During the design cycle, and after activation of the space station, the reoccurring need will exist to access not only designs, but also deeper knowledge about the designs, which is only hinted in the design definition. Areas benefiting from this knowledge include training, fault management, and onboard automation. NASA's Artificial Intelligence Office at Johnson Space Center and The MITRE Corporation have conceptualized an approach for capture and storage of design knowledge

Socially Constrained Structural Learning for Groups Detection in Crowd

Modern crowd theories agree that collective behavior is the result of the underlying interactions among small groups of individuals. In this work, we propose a novel algorithm for detecting social groups in crowds by means of a Correlation Clustering procedure on people trajectories. The affinity between crowd members is learned through an online formulation of the Structural SVM framework and a set of specifically designed features characterizing both their physical and social identity, inspired by Proxemic theory, Granger causality, DTW and Heat-maps. To adhere to sociological observations, we introduce a loss function (G-MITRE) able to deal with the complexity of evaluating group detection performances. We show our algorithm achieves state-of-the-art results when relying on both ground truth trajectories and tracklets previously extracted by available detector/tracker systems

Advanced Methods for Dose-Response Assessment: Bayesian Approaches—Final Report

Resources for the Future (RFF), in conjunction with the U.S. Environmental Protection Agency, the Society for Risk Analysis, and the Electric Power Research Institute, held a workshop September 18–20, 2000, at the RFF Conference Center in Washington, D.C. The intent was to discuss how Bayesian approaches could be useful in improving techniques for estimating exposure–response functions. Ten distinguished scholars from a range of fields (medical biostatistics, decision sciences, environmental engineering, and toxicology) served as faculty. Approximately 80 people attended the workshop. Bayesian methods have been applied to a variety of problems in biomedical research and environmental risk analysis, including design of clinical trials, estimation of exposures to humans and local environments, and, in a few cases, estimation of exposure–response functions. Bayesian methods offer two signal advantages: their use requires careful analysis of problem logic, which has intrinsic utility, and disparate data can be incorporated into calculations. Although application of formal Bayesian analysis can be computationally challenging, widely available computer programs now greatly reduce this burden. Participants identified several factors that may impede the dissemination of Bayesian approaches among practitioners of dose–response assessment and made some recommendations for overcoming these hurdles. EPA, other regulatory agencies that use dose–response assessment as part of their processes, and the private sector all should take steps to foster the use of Bayesian approaches. EPA and other agencies should work to persuade professional societies (for example, Society for Risk Analysis, Society of Toxicology) to seek out and recognize meritorious analyses that use Bayesian approaches. EPA and private-sector organizations should consider sponsoring research into using Bayesian approaches, demonstration analyses that use them, and using the results of this work to help educate peers in the risk analysis and toxicology professions. EPA should request all staff and contractor scientists who develop mathematical models to use Bayesian techniques to calibrate models. EPA should consider ways to inform its staff, contractors, and the research community as to the utility of Bayesian analyses. EPA should consider improving its research planning by making use of Bayesian techniques (including value-of-information analyses).Bayesian analysis, dose–response, regulation, risk assessment, arsenic