C4I Center


   STIDS 2014 Home

   Topic list
   Program Cmte
   Venue & Local info

   Keynote Speakers  
   Best Paper Award
   Agenda & Papers  
   Important dates  
   Classified Session  
   Download CFP   

  C4I Home



STIDS 2014

Schedule of Events

Tuesday, November 18th
   12:00 - 13:00 Registration                             
   13:00 - 18:00 Tutorials

Wednesday, November 19th
08:00 - 09:00     Registration and Breakfast
09:00 - 09:10     Initial remarks
09:10 - 09:30     Welcome
09:30 - 10:30     Keynote Address
Dr. Mark Greaves


10:30 - 11:00     Break
11:00 - 12:00     Session A   -    Chair: Kathryn Laskey
11:00 - 11:30     An Ontological Approach to Territorial Disputes
Barry Smith
Neil Otte
Brian Donohue
University at Buffalo
Click for Abstract

Disputes over territory are a major contributing factor to the disruption of international relations. We believe that a cumulative, integrated and continuously updated resource providing information about such disputes in an easily accessible form would be of benefit to intelligence analysts, military strategists, and political scientists, and others and more generally to all those concerned with international disputes, and we propose an ontology-based strategy for creating such a resource. The resource will contain data and information about territorial disputes, including arguments for and against claims pertaining to sovereignty, proffered evidence for such claims, political and military motives (overt or hidden), and associated conflicts (from occasional skirmishes and limited engagements to terrorist campaigns and outright war). Our approach is designed to support the resolution of several problems surrounding the representation of geopolitical conflict, including: the tracking and individuation of conflicts and the validation of disseminated information.

11:30 - 12:00     Ontological Support for Living Plan
Specification, Execution and Evaluation
Erik Thomsen (a)
Frederick Reed (a)
William Duncan (b)
Tatiana Malyuta (c)
Barry Smith (b)
(a) Charles River Analytics
(b) NCOR
(c) NYC College of

Click for Abstract

Maintaining systems of military plans is critical for military effectiveness, but is also challenging. Plans will become obsolete as the world diverges from the assumptions on which they rest. If too many ad hoc changes are made to intermeshed plans, the ensemble may no longer lead to well-synchronized and coordinated operations, resulting in the system of plans becoming itself i ncoherent. We describe in what follows an Adaptive Planning process that we are developing on behalf of the Air Force Research Laboratory (Rome) with the goal of addressing problems of these sorts through cyclical collaborative plan review and maintenance. The interactions of world state, blue force status and associated plans are too complex for manual adaptive processes, and computer-aided plan review and maintenance is thus indispensable. We argue that appropriate semantic technology can 1) provide richer representation of plan-related data and s emantics, 2) allow for flexible, non-disruptive, agile, scalable, and coordinated changes in plans, and 3) support more intelligent analytical querying of plan-related data.

12:00 - 13:30     Lunch
13:30 - 14:30     Invited Speaker
Dr. Jeffrey Morrison


14:30 - 14:45     Break
14:45 - 15:45     Session B   -    Chair: Cliff Joslyn
14:45 - 15:15     Effective RDF Resource Identifiers for Integration
of Structured Data Sources
paper        presentation
Ian Emmons
Raytheon BBN
Click for Abstract

Based upon extensive experience in the use of semantic technologies to integrate structured data from disparate systems, the author recommends a set of best practices for creating IRIs for RDF resources. Particular attention is paid to avoiding unnecessary coreferences in scenarios where data is drawn from a structured, non-semantic source of record, issues that commonly arise in Department of Defense (DoD), Intelligence Community (IC), and government contracting scenarios, as well as other common pitfalls.

15:15 - 15:45     Comprehension of RDF Data Using
Situation Theory and Concept Maps
paper        presentation
Jakub Moskal (a),
Mieczyslaw Kokar (b),
Brian Ulicny (b)
(a) VIStology, Inc.
(b) Northeastern University
(c) Thomson Reuters
Click for Abstract

The amount of RDF data available on the Web has been increasingly growing over the past few years. Developing and fine-tuning SPARQL queries in order to sift through the data may be a very challenging task for human operators who need to quickly make sense of large graphs. In addition, often multiple queries need to be issued in order to gather and understand the context (relevant facts) for the explanation of the query. Thus, the challenge is not only to answer the query, but also to provide context, so that the analyst can easily comprehend what the data is actually conveying.
This paper describes results of VIStology’s investigation of the possibility to apply Situation Theory, and its ontological realization in the Situation Theory Ontology, to simplify and abstract large RDF data sets, given a focus query from the analyst. In this approach, the query results are presented as concept maps. The approach was successfully implemented as a prototype, although this paper does not include a description of the tool.

15:45 - 16:00     Break
16:00 - 17:00     Session C   -    Chair: Alessandro Oltramari
16:00 - 16:30     Toward the Discovery and Extraction of Money
Laundering Evidence from Arbitrary Data Formats
using Descriptive Data Languages and Hyperstructured
Combinatory Reductions
Alonza Mumford
Duminda Wijesekera
George Mason Univ
Click for Abstract

The evidence of money laundering schemes exist undetected in the electronic files of banks and insurance firms scattered around the world. Intelligence and law enforcement analysts, impelled by the duty to discover connections to drug cartels and other participants in these criminal activities, require the information to be searchable and extractable from all types of textual and binary data formats. While these demands can be managed through the conversion of data imported from another system or averted by means of community standardization, not either approach has resulted in a sufficiently, attainable solution given the large size and variety of the data pool and the challenges involved in reaching an agreement on standardized formats. Like searching for a needle in a haystack, analysts also need to separate interesting data fragments from the whole in order to limit the accumulation of data to data of evidentiary value. In this paper, we articulate an approach --- a capability that uses a descriptive data language extended with higher-order functions for precise discovery and extraction linked data fragments from arbitrary textual and binary data formats. The strength of the approach is grounded in the specification of a declarative compiler for our data language using a higher-order rewriting system with binders called Combinatory Reduction Systems Extended (CRSX). Further, we anticipate that by leveraging CRSX, an accomplishment of rigorous verification for soundness and significant optimization of the compiler.

16:30 - 17:00     Security Requirements Analysis of ADS-B Networks
paper        presentation
Thabet Kacem (a)
Duminda Wijesekera (a)
Paulo Costa (a)
Alexandre Barreto (b)
(a) George Mason Univ
(b) ICEA - Brazil

Click for Abstract

Over the recent years, Software Defined Radios have proliferatated many radio and radar applications. In particular, Automatic Dependent Surveillance-Broadcast (ADS-B) is an emerging software defined radar technology, which has been already deployed in Europe and Australia. Deployment in the US is underway as part of the Next Generation Transportation Systems (NextGen). In spite of its several benefits, such as optimizing the air traffic by reducing the distance between planes while increasing safety, this technology has been widely criticized for being designed without security in mind, making it vulnerable to numerous attacks. Most approaches addressing this issue are not rganized in a systematic way and often try to solve only part of the problem, e.g.. detecting or mitigating attacks at the radio or the networking layer. In this paper, we propose a methodology based on misuse scenarios that can build customized resilient software defined radar applications as well as classifying the detected attack severity according to some measurable security metrics. We showcase our ideas using an ADS-B-related scenario developed to evaluate our research.

17:00 - 18:30     Poster Session / Social Event      

Thursday, November 20th
08:30 - 09:15     Breakfast
09:15 - 09:30     Announcements
09:30 - 10:30     Keynote Address
Dr. Heather McCallum-Bayliss

10:30 - 11:00     Break
11:00 - 12:00     Panel Discussion: Semantics for Collaboration
      Moderator: Paulo Costa
    Mark Greaves
Click here for short bio

Mark Greaves is currently Technical Director for Analytics in the National Security Directorate of the US Department of Energy's Pacific Northwest National Laboratory, providing scientific, programmatic, and business development leadership. At PNNL, he works with national security clients and cutting-edge PNNL scientific teams to advance the nation's overall capability for extracting meaning from large heterogeneous data sets.

Previously, Mark was Director of Knowledge Systems at Vulcan Inc., the private asset management company for Paul Allen, where he led advanced research teams in large knowledge bases and semantic web technologies, including semantic wikis and data- intensive artificial intelligence technologies. He also served as Vice President of the Allen Institute for Artificial Intelligence, which supports individual researchers and research groups that have the promise to dramatically accelerate progress in artificial intelligence. Prior to Vulcan, Mark was Director of DARPA's Joint Logistics Technology Office, and Program Manager in DARPA's Information Exploitation Office. At DARPA, he directed national research programs in semantic web technology, formal ontology specification, logistics and supply chain control technologies, and the application of software agent technology to problems of distributed control of complex systems-of-systems. In May of 2005, he was awarded the Office of the Secretary of Defense Medal for Exceptional Public Service for his contributions to US national security while serving at DARPA.

Prior to coming to DARPA, Mark worked on advanced programs in software agent technology at the Mathematics and Computing Technology group of Boeing. He has published two books and over 20 papers, holds two patents, chaired the FIPA technical committee on agent communications languages, and from 2001 to 2004 served as co- chair of the Joint Readiness and Sustainment of Strategic Systems chapter of the Defense Joint Warfighting Science and Technology Plan. He currently serves on the Advisory Boards of several Semantic Web-oriented organizations, and is a Fellow of the Semantic Technology Institute. Mark holds a PhD in Philosophy from Stanford University.

    Plamen Petrov
Click here for short bio

Dr. Plamen V. Petrov is a Technical Director of BBN’s Information Exploitation group. His interests at BBN include Big Data analytics, knowledge representation and management, and decision support. Dr. Petrov combines strong research, management, and hands-on experience in the development of knowledge-intensive applications. Prior to joining BBN, Dr. Petrov was CTO at 21st Century Systems, Inc. (21CSI), a software R&D firm specializing in the development and transition of high-risk/high-reward research from Department of Defense to commercial applications. During his tenure at 21CSI, Dr. Petrov led a software research and engineering organization and served as a PI on a number of DARPA, ONR, and AFRL–funded SBIR projects in the areas of data analysis, software agents, agent-based decision support, command and control, and intelligent systems. Dr. Petrov holds a Ph.D. in Computer Science from the New Jersey Institute of Technology, with research focused on intelligent agent applications for command and control interactive simulations.

    Barry Smith
Click here for short bio

Barry Smith, PhD, founder of the Ontology for the Intelligence Community (now STIDS) conference series, is an internationally recognized leader in the field of ontology and semantic technology. He is Professor of Philosophy, Biomedical Informatics, Neurology, and Computer Science and Engineering at the State University of New York at Buffalo and Director of the National Center for Ontological Research.

    Duminda Wijesekera
Click here for short bio

Duminda Wijesekera is professor of Computer Science and a Co-director of the Center for Assurance Research and Engineering at George Mason University, Fairfax, Virginia. During various times, he has contributed to research in security, multimedia, networks, systems, avionics, missile defense, command & control systems and theoretical computer science. He is a visiting research scientist at the National Institute of Standards and Technology (NIST), was a visiting associate professor at the Naval Postgraduate School and a fellow at the Potomac Institute of Policy Studies in Arlington, VA.

12:00 - 13:30     Lunch
13:30 - 14:30     Session D   -    Chair: Todd Schneider
13:30 - 14:00     An Ontology for Insider Threat Indicators
paper        presentation
Daniel Costa
Matthew Collins
Samuel Perl
Michael Albrethsen
George Silowash
Derrick Spooner
Software Engineering Inst
Click for Abstract

We describe our ongoing development of an insider threat indicator ontology. Our ontology is intended to serve as a standardized expression method for potential indicators of malicious insider activity, as well as a formalization of much of our team’s research on insider threat detection, prevention, and mitigation. This ontology bridges the gap between natural language descriptions of malicious insiders, malicious insider activity, and machine-generated data that analysts and investigators use to detect behavioral and technical observables of insider activity. The ontology provides a mechanism for sharing and testing indicators of insider threat across multiple participants without compromising organization-sensitive data, thereby enhancing the data fusion and information sharing capabilities of the insider threat detection domain.

14:00 - 14:30     Building an Ontology of Cyber Security
Alessandro Oltramari(a)
Lorrie Cranor (a)
Robert Walls (b)
Patrick McDaniel (b)
(a) Carnegie Mellon Univ, CyLab
(b) Penn State Univ
Click for Abstract

Situation awareness depends on a reliable perception of the environment and comprehension of its semantic structures. In this respect, the cyberspace presents a unique challenge to the situation awareness of users and analysts, since it is a unique combination of human and machine elements, whose complex interactions occur in a global communication network. Accordingly, we outline the underpinnings of an ontology of secure operations in cyberspace. We present the basic architecture of the ontology and provide a modeling example. We make the case for adopting a rigorous semantic model of cyber security to overcome the current limits of the state of the art.

14:30 - 14:45     Break
14:45 - 15:45     Session E   -    Chair: Ian Emmons
14:45 - 15:15     An Incident Management Ontology
David Mundie (a)
Robin Ruefle (a)
Audrey Dorofee (a)
Samuel Perl (a)
John McCloud (b)
Matt Collins (a)
(a) CERT at Carnegie
Mellon University
(b) New Mexico Inst of
Mining and Technology
Click for Abstract

This paper outlines the need for and the development of an Incident Management Ontology. The Incident Management Ontology is derived from an Incident Management Meta-Model. We describe the shortcomings of the Incident Management Meta-Model and how the Incident Management Ontology addresses these shortcomings. The development of the Incident Management Ontology is outlined and the need for such an ontology is discussed. Related work is described and the Incident Management Ontology' s potential uses and applications are presented.

15:15 - 15:45     An Ontology for Medical Treatment Consent
paper        presentation
Bo Yu
Duminda Wijesekera
Paulo Costa
George Mason University
Click for Abstract

Active duty military personnel, their families and veterans seek medical services from the Military Health Service, which partners with private care, or the Veterans Administration, respectively. Indeed, medical services for active duty personnel, who need medical services on deployment, is a readiness issue. Laws that govern the practice of medicine, licensing to practice medicine and the permission to treat a patient is based on local laws (state level) that are specific to medical sub-specialties. That provides a daunting challenge to patients who move frequently, such as active duty military and their families. As most medical providers are transforming their record keeping to Electronic Medical Record (EMR) system, it is desirable to obtain, verify and act according to the legally enforced medical consent using EMRs. We present an Ontology-based framework and a prototype system that provide end-to-end services using an open source EMR system. Providing an electronically verifiable, but compliant with locally mandated laws in one universal system can be beneficial to VA and other DoD EMR systems.

15:45 - 16:00     Break
16:00 - 17:00     Session F   -    Chair: Charles Twardy
16:00 - 16:30     Processing Events in Probabilistic Risk Assessment
paper        presentation
Robert Schrag
Edward Wright
Robert Kerr
Bryan Ware
Haystax Technology
Click for Abstract

Assessing entity (e.g., person) risk from entity-related events requires appropriate techniques to address the relevance of events (individually and/or i n aggregate) relative to a prevailing temporal frame of reference—for continuous risk monitoring, a running time point representing “the present.” We describe two classes of temporal relevance techniques we have used towards insider threat detection in probabilistic risk models based on Bayesian networks. One class of techniques is appropriate when a generic person Bayesian network is extended with a new random variable for each relevant event -practical when events of concern are infrequent and we expect their number per person to be small (as in public records monitoring). Another class is needed when (as in computer network event monitoring) we expect too many relevant events to create a new random variable for each event. We present a use case employing both classes of techniques and discuss their relative strengths and weaknesses.

16:30 - 16:45     Position Paper: An Analytic Approach for Discovery
Eric Dull
Steven P. Reinhardt
YarcData / Cray, Inc.
Click for Abstract

With the widespread awareness of Big Data, mission leaders now expect that the data available to their organizations will be immediately relevant to their missions. However, the continuing onslaught of the ”data tsunami”, with data becoming more diverse, changing nature more quickly, and growing in volume and speed, confounds all but the simplest analysis and the most capable organizations. The core challenge faced by an analyst is to discover the most important knowledge in the data. She must overcome potential errors and inaccuracies in the data and explore it, even though she understands it incompletely, guided by her knowledge of the data’s domain.
We have succeeded in solving customer problems by quickly analyzing numerous dimensions of data to check its sanity and to compare it against expected values, then moving on to further dimensions of the data guided by what we find initially. Sometimes we analyze data and compare it to what we expect. Other times we compare data from one subset (place, time, etc.) to that from another subset, to discover unexpected differences. Sometimes we analyze the values of the data and other times its connectivity. Discovery depends on being able to compare dimensions quickly, without knowing in advance the dimensions to compare. This approach vitally brings the analyst into direct interaction with the data to accelerate discovery.
We implement this approach exploiting the ability of graphs (vertices and edges) to represent rich semantic data and enable discovery within it. We use RDF as the data representation and SPARQL for queries, focusing rapidly on the highest-value knowledge (in the estimation of the subject-matter expert) in the data. We use non-parametric tests such as Jaccard scoring and the Kolmogorov-Smirnov test, which are readily targeted to any type of data. The graph-analytic approach, using proven techniques with widely diverse semantic data, represents a guidepost for breaking the Gordian knot of needing greatly better analysis on much more complex data.

16:45 - 17:00     Position Paper: Towards A Topological Framework for
Integrating Semantic Information Sources
Cliff Joslyn
Emilie Hogan
Michael Robinson
(a) Pacific NW Natl Laboratory, Inc.
(b) American University

Click for Abstract

In this position paper we argue for the role that topological modeling principles can play in providing a framework for sensor integration. While used successfully in standard (quantitative) sensors, we are developing this methodology in new directions to make it appropriate specifically for semantic information sources, including keyterms, ontology terms, and other general Boolean, categorical, ordinal, and partially-ordered data types. We illustrate the basics of the methodology in an extended use case/example, and discuss path forward.

17:00 - 17:20            Michael Dean Award Ceremony     
17:20 - 17:30            Wrap Up   

Last updated: 05/28/2015