MENU
STIDS 2016 Home
About--
Topic list
Organization
Venue & Local info
Registration
Program--
Keynote Speakers
Tutorials
Best Paper Award
Agenda & Papers
Programme
Submission
Important dates
Classified Session
Download CFP
Previous websites--
STIDS 2015 Website
STIDS 2014 Website
STIDS 2013 Website
STIDS 2012 Website
STIDS 2011 Website
STIDS 2010 Website
OIC 2009 Website
OIC 2008 Website
Previous proceedings--
STIDS 2015
STIDS 2014
STIDS 2013
STIDS 2012
STIDS 2011
STIDS 2010
OIC 2009
OIC 2008
OIC 2007
C4I
Home
|
SEMANTIC
TECHNOLOGY FOR
INTELLIGENCE,
DEFENSE, AND
SECURITY
STIDS 2016
Schedule of Events
Monday, November 14th
| 09:00 - 09:30 |
|
Registration |
|
| 09:30 - 17:00 |
|
Tutorial |
|
Tuesday, November 15th
| 08:00 - 09:00 |
|
Registration |
|
| 09:00 - 09:15 |
|
Welcome |
|
| 09:15 - 10:30 |
|
Keynote Address 1 |
|
| |
|
Leo Obrst and Mark Underwood
A Whistle-stop Tour of Ontology-based Solutions to Improve Situational Awareness for a Dull, Dirty, Diverse IoT
presentation
|
| 10:30 - 10:45 |
Break
|
|
|
|
|
| 10:45 - 11:25 |
|
Scalable Semantically Driven Decision Trees for Crime Data
paper
|
Shawn Johnson
George Karabatis
|
|
Click for abstract
When dealing with large volumes of data in organizations, there is always a need to associate data with its appropriate meaning, since the same data object may have different meaning to different users. This creates a problem of delivering search results that is different from a requester’s intended purpose. To solve this problem, we propose a parallelizable framework capable of capturing user specified constraints that are both semantically relevant to a search/domain in question as well as contextually relevant to a user and/or organization.
|
|
|
|
|
| 11:25 - 12:05 |
|
Using Ontologies to Quantify Attack Surfaces
paper
presentation
|
Michael Atighetchi
Borislava Simidchieva
Fusun Yaman
Thomas Eskridge
Marco Carvalho
Captain Nicholas Paltzer
|
|
Click for abstract
Abstract—Cyber defenders face the problem of selecting and configuring the most appropriate defenses to protect a given network of systems supporting a certain set of missions against cyber attacks. Cyber defenders have very little visibility into security/cost tradeoffs between individual defenses and a poor understanding of how multiple defenses interact, which, in turn, leads to systems that are insecure or too overloaded with security processing to provide necessary mission functionality. We have been developing a reasoning framework, called Attack Surface Reasoning (ASR), which enables cyber defenders to explore quantitative tradeoffs between security and cost of various compositions of cyber defense models. ASR automatically quantifies and compares cost and security metrics across multiple attack surfaces, covering both mission and system dimensions. In addition, ASR automatically identifies opportunities for mini- mizing attack surfaces, e.g., by removing interactions that are not required for successful mission execution. In this paper, we present the ontologies used for attack surface reasoning. In particular, this includes threat models describing important aspects of the target networked systems together with abstract definitions of adversarial activities. We also describe modeling of cyber defenses with a particular focus on Moving Target Defenses (MTDs), missions, and metrics. We demonstrate the usefulness and applicability of the ontologies by presenting instance models from a fictitious deployment, and show how the models support the overall functionality of attack surface reasoning.
|
|
|
|
|
| 12:05 - 13:30 |
Lunch
|
|
|
|
| 13:30 - 14:10 |
|
Developing an Ontology for Individual and Organizational Sociotechnical Indicators of Insider Threat Risk
paper
presentation
|
Frank Greitzer
Muhammad Imran
Justin Purl
Elise Axelrad
Yung Mei
Leong, D. E.
Sunny Becker
Kathryn Laskey
Paul Sticha
|
|
Click for abstract
Human behavioral factors are fundamental to understanding, detecting and mitigating insider threats, but to date insufficiently represented in a formal ontology. We report on the design and development of an ontology that emphasizes individual and organizational sociotechnical factors, and incorporates technical indicators from previous work. We compare our ontology with previous research and describe use cases to demonstrate how the ontology may be applied. Our work advances current efforts toward development of a comprehensive knowledge base to support advanced reasoning for insider threat mitigation.
|
|
|
|
|
| 14:10 - 14:50 |
|
A Holistic Approach to Evaluate Cyber Threats
paper
presentation
|
Márcio Conte Monteiro
Thalysson Sarmento
Alexandre Barreto
Paulo Costa
|
|
Click for abstract
Several vulnerability databases and standards are currently available for assessing the degree of security of IT infrastructures in general. These standards focus on different aspects of the systems, while generally failing to provide support for holistic analyses - a key aspect in ensuring a secure IT infrastructure. This work aims to address this gap by presenting a new methodology for evaluating the overall security risks of a networked system that adopts an ontology-based approach we presented in previous work. We leverage current security standards and databases, while also considering the human factors to build a broader and interconnected view. Our methodology is meant to achieve a more realistic picture of the network security, hence improving situation awareness for its administrators. To illustrate our approach, this paper brings a case study applying the new methodology to a few target networks. The proof of concept is meant to underscore the methodology’s effectiveness in assessing the security of the whole network.
|
|
|
|
|
| 14:50 - 15:05 |
Break
|
|
|
|
| 15:05 - 15:45 |
|
An Extended Maritime Domain Awareness Probabilistic Ontology Derived from Human-aided Multi-Entity Bayesian Networks Learning
paper
|
Cheol Young Park
Kathryn Laskey
Paulo Costa
|
|
Click for abstract
Ontologies have been commonly associated with representing a domain using deterministic information. Probabilistic Ontologies extend this capability by incorporating formal probabilistic semantics. PR-OWL is a language that extends OWL with semantics based on Multi-Entity Bayesian Networks (MEBN), a Bayesian probabilistic logic. Developing probabilistic ontologies can be greatly facilitated by the use of a modeling framework such as the Uncertainty Modeling Process for Semantic Technology (UMP-ST). An example of using UMP- ST was the development of a probabilistic ontology to support PROGNOS (PRobabilistic OntoloGies for Net-Centric Operational Systems), a system that supports Maritime Domain Awareness (MDA). The PROGNOS probabilistic ontology provides semantically aware uncertainty management to support fusion of heterogeneous input and probabilistic assessment of situations to improve MDA. However, manually developing and maintaining a probabilistic ontology is a labor-intensive and insufficiently agile process. Greater automation through a combination of reference models and machine learning methods may enhance agility in probabilistic situation awareness (PSAW) systems. For this reason, a process for Human-aided MEBN Learning in PSAW (HMLP) was suggested. In previous work, we used UMP-ST to develop the PROGNOS probabilistic ontology. This paper presents an extended PROGNOS probabilistic ontology developed using HMLP. The contribution of this research is to introduce the extended PROGNOS probabilistic ontology and present a comparison between two processes (UMP- ST and HMLP).
|
|
|
|
| 15:45 - 16:25 |
|
PR-OWL Decision: Toward Reusable Ontology Language for Decision Making under Uncertainty
paper
|
Shou Matsumoto
Kathryn Laskey
Paulo Costa
|
|
Click for abstract
Decision making is a big topic in Intelligence, Defense, and Security fields. However, very little work can be found in the literature about ontology languages that simultaneously support decision making under uncertainty, abstractions/generalizations with first-order expressiveness, and forward/backward compatibility with OWL—a standard language for ontologies. This work proposes PR-OWL Decision, a language which extends PR-OWL—an extension of OWL to support uncertainty—to support first-order expressiveness, decision making under uncertainty, and backward/forward compatibility with OWL and PR-OWL.
|
|
|
|
|
| 16:25 - 16:45 |
Break
|
|
|
|
| 16:45 - 18:30 |
|
Poster Session / Social Event |
|
|
|
Wednesday, November 16th
| 09:00 - 09:15 |
|
Announcements |
|
|
|
|
| 09:15 - 10:30 |
|
Keynote Address 2 |
|
| |
|
Erik Blasch - Air Force Research Laboratories
Semantic Technologies Research for Data Fusion Applications at AFRL
presentation
|
| 10:30 - 10:45 |
Break
|
|
|
|
|
| 10:45 - 11:25 |
|
Sharing Data under Genetic Privacy Laws
paper
|
Michael Reep
Bo Yu
Duminda Wijesekera
Paulo Costa
|
|
Click for abstract
Clinical medical practice and biomedical research utilize genetic information for specific purposes. Irrespective of the purpose of obtaining genetic material, methodologies for protecting the privacy of patients/donors in both clinical and research settings have not kept pace with rapid genetic advances. When the usage of genetic information is not predicated on the latest laws and policies, the result places all-important patient/donor privacy at risk. Some methodologies err on the side of overly stringent policies that may inhibit research and open- ended diagnostic activity, whereas an opposite approach advocates a high-degree of openness that can jeopardize patient privacy, identifying patient relatives and erode the doctor-patient privilege. As a solution, we present a unique approach that is based on the premise that acceptable clinical treatment regimens are captured in workflows used by caregivers and researchers and therefore their associated purpose can be extracted from these workflows. We combine these purposes with applicable consents (derived from applicable laws) to ascertain the releasability of genetic information. Given that federal, state and institutional laws govern the use, retention and sharing of genetic information, we create a three-level rule hierarchy to apply the laws to a request and auto-generate consents prior to releasing. We prototype our system using open source tools, while ensuring that the results can be added to existing Electronic Medical Records (EMR) systems.
|
|
|
|
|
| 11:25 - 12:05 |
|
Effects-Based Air Operations Planning Framework: A knowledge-based simulation approach
paper
|
André Costa
Paulo Costa
|
|
Click for abstract
Planning air warfare operations has always been a complex endeavor. However, as technology evolves at an increasingly fast pace, so does the complexity of managing its resources. In modern air operations, planners have to deal with a highly changing environment influenced by enemy air defenses, weather forecasts, among many other factors, demanding much effort to handle the great number of constraints and uncertainties presented by them. As a result, a number of decision-support systems have emerged attempting to facilitate the planning of air warfare operations. These systems usually rely on a wide variety of methodologies, which sometimes present a challenge in themselves when it comes to assessing the feasibility and effectiveness of the produced plans. Computer simulations are a practical way of providing this assessment, usually by running the resulting plans multiple times and checking the results against key criteria. Yet, establishing the right criteria, properly accounting for the “fog of war,” and avoiding impractical simulation run times and costs are still major challenges. This paper addresses such challenges by proposing the development of a decision- support framework that combines ontology-based agile knowledge and a simulation-based mission planning methodology that accounts for the inherent uncertainties that air operations face. We avoid costly computation times required by simulation- intensive course-of-action analyzers by initially pruning the solution space through ontological reasoning. Moreover, the approach complies with the Effects-Based Approach to Operations, having a clear correspondence of processes with it. The explanations are focused on a specific scenario concerning intelligence, surveillance, and reconnaissance operations.
|
|
|
|
|
| 12:05 - 13:30 |
Lunch
|
|
|
|
| 13:30 - 13:55 |
|
Extended Abstract: A Practical Approach to Data Modeling using CCO
paper
presentation
|
Rod Moten
Bill Barnhill
|
|
Click for abstract
In this paper, we present work in progress on using the Information Domain ontologies of CCO (Common Core Ontologies) as a domain model for land combat. Our goal is to use the domain model as a common semantics for multiple land combat logical models. In the paper, we show how our domain model can be mapped to different logical models in a manner that is less labor intensive than the approach commonly used by users of CCO. We demonstrate our approach by describing how our domain model, which is a domain ontology of CCO, is mapped to logical models created in Ecore and NIEM (National Information Exchange Model).
|
|
|
|
|
| 13:55 - 14:20 |
|
Semantic Cyberthreat Modelling
paper
presentation
|
Siri Bromander
Audun Jøsang
Martin Eian
|
|
Click for abstract
Cybersecurity is a complex and dynamic area where multiple actors act against each other through computer net- works largely without any commonly accepted rules of engagement. Well-managed cybersecurity operations need a clear terminology to describe threats, attacks and their origins. In addition, cybersecurity tools and technologies need semantic models to be able to automatically identify threats and to predict and detect attacks. This paper reviews terminology and models of cybersecurity operations, and proposes approaches for semantic modelling of cybersecurity threats and attacks.
|
|
|
|
|
| 14:20 - 14:35 |
|
Michael Dean Best Paper Award |
|
|
|
|
|
| 14:35 - 14:50 |
|
Final Remarks |
|
Thursday, November 17th
| 09:00 - 17:00 |
|
Classified Session |
|
|
