Crowdsourcing Cybersecurity: Cyber Attack Detection using Social Media

Social media is often viewed as a sensor into various societal events such as disease outbreaks, protests, and elections. We describe the use of social media as a crowdsourced sensor to gain insight into ongoing cyber-attacks. Our approach detects a broad range of cyber-attacks (e.g., distributed denial of service (DDOS) attacks, data breaches, and account hijacking) in an unsupervised manner using just a limited fixed set of seed event triggers. A new query expansion strategy based on convolutional kernels and dependency parses helps model reporting structure and aids in identifying key event characteristics. Through a large-scale analysis over Twitter, we demonstrate that our approach consistently identifies and encodes events, outperforming existing methods.Comment: 13 single column pages, 5 figures, submitted to KDD 201

Geospatial Clustering for Balanced and Proximal Schools

Public school boundaries are redrawn from time to time to ensure effective functioning of school systems. This process, also called school redistricting, is non-trivial due to (1) the presence of multiple design criteria such as capacity utilization, proximity and travel time which are hard for planners to consider simultaneously, (2) the fixed locations of schools with widely differing capacities that need to be balanced, (3) the spatial nature of the data and the need to preserve contiguity in school zones, and (4) the difficulty in quantifying local factors that may arise. Motivated by these challenges and the intricacy of the process, we propose a geospatial clustering algorithm called GeoKmeans for assisting planners in designing school boundaries such that students are assigned to proximal schools while ensuring effective utilization of school capacities. The algorithm operates on polygonal geometries and connects them into geographically contiguous school boundaries while balancing problem-specific constraints. We evaluate our approach on real-world data of two rapidly growing school districts in the US. Results indicate the efficacy of our approach in designing boundaries. Additionally, a case study is included to demonstrate the potential of GeoKmeans to assist planners in drawing boundaries

‘Beating the News ’ with EMBERS: Forecasting Civil Unrest using Open Source Indicators

We describe the design, implementation, and evaluation of EMBERS, an automated, 24x7 continuous system for forecasting civil unrest across 10 countries of Latin America using open source indicators such as tweets, news sources, blogs, economic indicators, and other data sources. Unlike retrospective studies, EMBERS has been making forecasts into the future since Nov 2012 which have been (and continue to be) evaluated by an independent T&E team (MITRE). Of note, EMBERS has successfully forecast the June 2013 protests in Brazil and Feb 2014 violent protests in Venezuela. We outline the system architecture of EMBERS, individual models that leverage specific data sources, and a fusion and suppression engine that supports trading off specific evaluation criteria. EMBERS also provides an audit trail interface that enables the investigation of why specific predictions were made along with the data utilized for forecasting. Through numerous evaluations, we demonstrate the superiority of EMBERS over baserate methods and its capability to forecast significant societal happenings