Views

Download Presentation
## Speedier Differentiation of Terrorists and Malicious Cyber Transactions from Good People and Transactions

Download Now

**Faster Differentiation of Terrorists and Malicious Cyber**Transactions from Good People and Transactions Peter P. Chen Foster Distinguished Chair Professor Computer Science Dept. Louisiana State University Baton Rouge, LA 70803, USA pchen@lsu.edu http://www.csc.lsu.edu/~chen**Profiling of terrorists and malicious cyber transactions**• Examples: 9-11, Airport Security, D.C. snipers, Louisiana serial killer, Ohio sniper, etc. • Current Problems: • Isolated Data • Questionable data • Little Mathematical Analysis • Algorithms (if any) are independent of (or incompatible with) data models**Why Do We Study the Profiling Problem?**• 9-11 • D.C. snipers • serial killers in Louisiana, California, etc. • Ohio sniper, etc. • Airport Security**Attributes (and “relationships) of bad guys**• Black hair? • Beard/moustache? • Nationality: xxxx? • Has traveled to Country X three times?**Using the fewest attributes to catch all the bad guys …**• black hair • beard/moustache**…also catches some good guys (casualties):**• black hair • beard/moustache**…also catches some good guys (casualties):**• black hair • beard/moustache**Goal: • Find the smallest number of attributes that will**catch all the bad guys, but at the same time• Include as few casualties (good guys) as possible.**Goal (more ambitious):• Find the smallest number of**attributes that will catch as many, and preferably the more important bad guys,but at the same time• Include as few, and preferably the less important good guys, as possible.**Problem -- Profiling of Terrorists and malicious cyber**transactions • Current Problems: • Isolated Data • Questionable data • Little Mathematical Analysis • “Unscientific/Unproven” Methods • Algorithms (if any) are independent of (or incompatible with) data models • Solution: • Data “links” (“relationships”) • Info validity and conflict resolution • Optimization model & algorithms • Integration of data model and algorithms**Solution Techniques for the Profiling Problem (I) –**„New“ Concepts of ERM • Discovering „Links/Relationships“ from Data in Various Sources (such as DARPA‘s EELD Program) • „Auto“-construction of „Relationships“ • „Dynamically adjusting“ the weights of relationships • Validity/Credibility Analysis of Data • A Paper was published in InfoFusion 2001, Montreal • Algorithm was developed • Prototype developed • Also, developed machine learning algorithm**Solution Techniques for the Profiling problem (II) – (a)**Integration of ERM and Math Models, (b) Developing New Math Models & Algorithms • We Model the „profiling“ problem as a „generalized set covering problem“ • Start with the conventional definition of a „set covering problem (SCP)“ • Then, define a „weighted set covering problem“ • Finally, define a „generalized set covering problem“ • We have developed several efficient algorithms for solving this type of problems. Some of them are modified versions of the „greedy algorithm“ • Based on our tests, these new algorithms perform better than other algorithms in the SCP case • We have also obtained and proved some computational complexity bounds**GSCP generalizes WSCP in three aspects:**• Each SiS is associated with a weighted set WiW, where W = {W1, W2, … , Wn} and WiG, 1 ≤ i ≤ n, where G is a finite set. • Each element bB is weighted. • A combination of weighted elements of B with an additional factor enables a relaxation of the covering requirement.**Algorithm Liability_1**Input: S, A, W, jN+ Output: cost 1. costc (Wj) Algorithm Liability_2 Input: S, A, W, jN+ Output: cost 1. costc (Wj) / d (Sj)**Table 1. Outputs to instances of GSCP by various heuristic**algorithms**Table 2. Outputs to instances of SCP by various heuristic**algorithms**Table 3. Number of basic operations executed by the**Democratic Algorithm using various configurations to solve instances of SCP**Table 5. Output of the Democratic Algorithm using**Balas/Carrera and Beasley’s algorithms**Near-Term Research Plans --**• Take advantage of LSU’s NCSRT, one of the largest training centers of emergency and anti-terrorism workers • Test the Models and algorithms with law enforcement agencies and other agencies • Test the data-model/math-model integration problems with real and quasi-real data sets**Other Related Research Activities**• Integration of conceptual models (ER model, etc.) with databases, math models • New Machine Learning Techniques • Trustworthiness of Data and Conflict Resolutions • (High and low-level) System Architecture and Cyber Security • Cost/Effective Assessments of Security Techniques -- Making real impacts!