1 / 16

Data and Applications Security Research at the University of Texas at Dallas

Data and Applications Security Research at the University of Texas at Dallas. Dr. Bhavani Thuraisingham The University of Texas at Dallas April 25, 2006. Cyber Security Research Areas at UTD. Network Security Secure wireless and sensor networks Systems and Language Security

pier
Download Presentation

Data and Applications Security Research at the University of Texas at Dallas

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data and Applications Security Research at the University of Texas at Dallas Dr. Bhavani Thuraisingham The University of Texas at Dallas April 25, 2006

  2. Cyber Security Research Areas at UTD • Network Security • Secure wireless and sensor networks • Systems and Language Security • Embedded systems security, Buffer overflow defense • Data and Applications Security • Information sharing, Geospatial data management, Surveillance, Secure web services, Privacy, Dependable information management, Intrusion detection • Security Theory and Protocols • Secure group communication • Security Engineering • Secure component-based software • Cross Cutting Themes • Vulnerability analysis, Access control

  3. Research Group: Data and Applications Security • Core Group • Prof. Bhavai Thuraisingham (Professor & Director, Cyber Security Research Center) • Prof. Latifur Khan (Director, Data Mining Laboratory) • Prof. Murat Kantarcioglu (Joined Fall 2005, PhD. Purdue U.) • Prof. Kevin Hamlen (will join Fall 2006 from Cornell U.) • Students and Funding • 10 PhD Students, 16 MS students • Research grants (Since 2005) Air Force Office of Scientific Research Center, Raytheon Corporation, Nokia Corporation and proposals submitted to NSF, DHS, etc. • Our Vision: • Assured Information Sharing, Secure Geospatial data management, Video Surveillance

  4. Vision 1: Assured Information Sharing Data/Policy for Coalition Publish Publish Data/Policy Data/Policy Publish Data/Policy Component Component Data/Policy for Data/Policy for Agency A Agency C • Friendly partners • Semi-honest partners • Untrustworthy partners Component Data/Policy for Agency B

  5. Vision 2: Secure Geospatial Data Management Semantic Metadata Extraction Decision Centric Fusion Geospatial data interoperability through web services Geospatial data mining Geospatial semantic web Data Source A Tools for Analysts Data Source B SECURITY/ QUALITY Data Source C Discussions on collaborative research between UTD, OGC (Open Geospatial Consortium), Oracle and Raytheon

  6. Vision 3: Surveillance and Privacy Raw video surveillance data Face Detection and Face Derecognizing system Suspicious people found Faces of trusted people derecognized to preserve privacy Suspicious events found Comprehensive security report listing suspicious events and people detected Suspicious Event Detection System Manual Inspection of video data Report of security personnel

  7. Example Projects • Assured Information Sharing • Secure Semantic Web Technologies • Social Networks • Privacy Preserving Data Mining • Geospatial Data Management • Geospatial data mining • Geospatial data security • Surveillance • Suspicious Event Detention • Privacy preserving Surveillance • Automatic Face Detection • Cross Cutting Themes • Data Mining for Security Applications (e.g., Intrusion detection, Mining Arabic Documents); Dependable Information Management

  8. Secure Semantic Web Interface to the Semantic Web Technology At UTD Inference Engine/ Rules Processor Policies Ontologies Rules XML, RDF Documents Web Pages, Databases Semantic Web Engine

  9. Social Networks • Individuals engaged in suspicious or undesirable behavior rarely act alone • We can infer than those associated with a person positively identified as suspicious have a high probability of being either: • Accomplices (participants in suspicious activity) • Witnesses (observers of suspicious activity) • Making these assumptions, we create a context of association between users of a communication network

  10. Privacy Preserving Data Mining • Prevent useful results from mining • Introduce “cover stories” to give “false” results • Only make a sample of data available so that an adversary is unable to come up with useful rules and predictive functions • Randomization and Perturbation • Introduce random values into the data and/or results • Challenge is to introduce random values without significantly affecting the data mining results • Give range of values for results instead of exact values • Secure Multi-party Computation • Each party knows its own inputs; encryption techniques used to compute final results

  11. Geospatial Data Mining:Change Detection • Trained Neural Network to predict “new” pixel from “old” pixel • Neural Networks good for multidimensional continuous data • Multiple nets gives range of “expected values” • Identified pixels where actual value substantially outside range of expected values • Anomaly if three or more bands (of seven) out of range • Identified groups of anomalous pixels

  12. Framework for Geospatial Data Security

  13. Data Mining for Surveillance • We define an event representation measure based on low-level features • This allows us to define “normal” and “suspicious” behavior and classify events in unlabeled video sequences appropriately • A visualization tool can then be used to enable more efficient browsing of video data

  14. Data Mining for Intrusion Detection Training Data Classification Hierarchical Clustering (DGSOT) SVM Class Training Testing DGSOT: Dynamically growing self organizing tree SVM: Support Vector Machine Testing Data

  15. Information Assurance Education • Current Courses • Introduction to Information Security: Prof. Sha • Trustworthy Computing: Prof. Sha • Cryptography: Prof. Sudburough • Information Assurance: Prof. Yen • Data and Applications Security: Prof. Thuraisingham • Biometrics: Prof. Thuraisingham • Privacy: Prof. Murat Kantarcioglu • Future Courses • Network Security: Profs. Ventatesan, Sarac • Security Engineering: Profs. Bastani, Cooper • Digital Forensics: Prof. Venkatesan • Intrusion Detection: Prof. Khan • Digital Watermarking: Prof. Prabhakaran

  16. Technical and Professional Accomplishments • Publications of research in top journals and conferences, books • IEEE Transactions on Knowledge and Data Engineering, IEEE Transaction on Software Engineering, IEEE Computer, IEEE Transactions on Systems, Man and Cybernetics, IEEE Transactions on Parallel and Distributed Systems, VLDB Journal, 7 books published and 2 books in preparation including one on UTD research (Data Mining Applications, Awad, Khan and Thuraisingham) • Member of Editorial Boards/Editor in Chief • Journal of Computer Security, ACM Transactions on Information and Systems Security, IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Knowledge Engineering, Computer Standards and Interfaces - - - • Advisory Boards / Memberships • Purdue University CS Department, - - - • Awards and Fellowships • IEEE Fellow, AAAS Fellow, BCS Fellow, IEEE Technical Achievement Award, IEEE Senior Member, - - -

More Related