Data and Applications Security Research at the University of Texas at Dallas

1
Data and Applications Security Research at the
University of Texas at Dallas

• Dr. Bhavani Thuraisingham
• The University of Texas at Dallas
• April 25, 2006

2
Cyber Security Research Areas at UTD

• Network Security
• Secure wireless and sensor networks
• Systems and Language Security
• Embedded systems security, Buffer overflow
  defense
• Data and Applications Security
• Information sharing, Geospatial data management,
  Surveillance, Secure web services, Privacy,
  Dependable information management, Intrusion
  detection
• Security Theory and Protocols
• Secure group communication
• Security Engineering
• Secure component-based software
• Cross Cutting Themes
• Vulnerability analysis, Access control

3
Research Group Data and Applications Security

• Core Group
• Prof. Bhavai Thuraisingham (Professor Director,
  Cyber Security Research Center)
• Prof. Latifur Khan (Director, Data Mining
  Laboratory)
• Prof. Murat Kantarcioglu (Joined Fall 2005, PhD.
  Purdue U.)
• Prof. Kevin Hamlen (will join Fall 2006 from
  Cornell U.)
• Students and Funding
• 10 PhD Students, 16 MS students
• Research grants (Since 2005) Air Force Office of
  Scientific Research Center, Raytheon Corporation,
  Nokia Corporation and proposals submitted to NSF,
  DHS, etc.
• Our Vision
• Assured Information Sharing, Secure Geospatial
  data management, Video Surveillance

4
Vision 1 Assured Information Sharing
Data/Policy for Coalition
Publish
Publish
Data/Policy
Data/Policy
Publish
Data/Policy
Component
Component
Data/Policy for
Data/Policy for
Agency A
Agency C

• Friendly partners
• Semi-honest partners
• Untrustworthy partners

Component
Data/Policy for
Agency B
5
Vision 2 Secure Geospatial Data Management
Semantic Metadata Extraction Decision Centric
Fusion Geospatial data interoperability through
web services Geospatial data mining Geospatial
semantic web
Data Source A
Tools for Analysts
Data Source B
SECURITY/ QUALITY
Data Source C
Discussions on collaborative research between
UTD, OGC (Open Geospatial Consortium), Oracle
and Raytheon
6
Vision 3 Surveillance and Privacy
Raw video surveillance data
Face Detection and Face Derecognizing system
Suspicious people found
Faces of trusted people derecognized to preserve
privacy
Suspicious events found
Comprehensive security report listing suspicious
events and people detected
Suspicious Event Detection System
Manual Inspection of video data
Report of security personnel
7
Example Projects

• Assured Information Sharing
• Secure Semantic Web Technologies
• Social Networks
• Privacy Preserving Data Mining
• Geospatial Data Management
• Geospatial data mining
• Geospatial data security
• Surveillance
• Suspicious Event Detention
• Privacy preserving Surveillance
• Automatic Face Detection
• Cross Cutting Themes
• Data Mining for Security Applications (e.g.,
  Intrusion detection, Mining Arabic Documents)
  Dependable Information Management

8
Secure Semantic Web
Interface to the Semantic Web
Technology At UTD
Inference Engine/ Rules Processor
Policies Ontologies Rules
XML, RDF Documents Web Pages, Databases
Semantic Web Engine
9
Social Networks

• Individuals engaged in suspicious or undesirable
  behavior rarely act alone
• We can infer than those associated with a person
  positively identified as suspicious have a high
  probability of being either
• Accomplices (participants in suspicious activity)
• Witnesses (observers of suspicious activity)
• Making these assumptions, we create a context of
  association between users of a communication
  network

10
Privacy Preserving Data Mining

• Prevent useful results from mining
• Introduce cover stories to give false results
  
• Only make a sample of data available so that an
  adversary is unable to come up with useful rules
  and predictive functions
• Randomization and Perturbation
• Introduce random values into the data and/or
  results
• Challenge is to introduce random values without
  significantly affecting the data mining results
• Give range of values for results instead of exact
  values
• Secure Multi-party Computation
• Each party knows its own inputs encryption
  techniques used to compute final results

11
Geospatial Data MiningChange Detection

• Trained Neural Network to predict new pixel
  from old pixel
• Neural Networks good for multidimensional
  continuous data
• Multiple nets gives range of expected values
• Identified pixels where actual value
  substantially outside range of expected values
• Anomaly if three or more bands (of seven) out of
  range
• Identified groups of anomalous pixels

12
Framework for Geospatial Data Security
13
Data Mining for Surveillance

• We define an event representation measure based
  on low-level features
• This allows us to define normal and
  suspicious behavior and classify events in
  unlabeled video sequences appropriately
• A visualization tool can then be used to enable
  more efficient browsing of video data

14
Data Mining for Intrusion Detection
Training Data
Classification
Hierarchical Clustering (DGSOT)
Testing
SVM Class Training
DGSOT Dynamically growing self organizing
tree SVM Support Vector Machine
Testing Data
15
Information Assurance Education

• Current Courses
• Introduction to Information Security Prof. Sha
• Trustworthy Computing Prof. Sha
• Cryptography Prof. Sudburough
• Information Assurance Prof. Yen
• Data and Applications Security Prof.
  Thuraisingham
• Biometrics Prof. Thuraisingham
• Privacy Prof. Murat Kantarcioglu
• Future Courses
• Network Security Profs. Ventatesan, Sarac
• Security Engineering Profs. Bastani, Cooper
• Digital Forensics Prof. Venkatesan
• Intrusion Detection Prof. Khan
• Digital Watermarking Prof. Prabhakaran

16
Technical and Professional Accomplishments

• Publications of research in top journals and
  conferences, books
• IEEE Transactions on Knowledge and Data
  Engineering, IEEE Transaction on Software
  Engineering, IEEE Computer,
• IEEE Transactions on Systems, Man and
  Cybernetics, IEEE Transactions on Parallel and
  Distributed Systems, VLDB Journal, 7 books
  published and 2 books in preparation including
  one on UTD research (Data Mining Applications,
  Awad, Khan and Thuraisingham)
• Member of Editorial Boards/Editor in Chief
• Journal of Computer Security, ACM Transactions
  on Information and Systems Security, IEEE
  Transactions on Dependable and Secure Computing,
  IEEE Transactions on Knowledge Engineering,
  Computer Standards and Interfaces - - -
• Advisory Boards / Memberships
• Purdue University CS Department, - - -
• Awards and Fellowships
• IEEE Fellow, AAAS Fellow, BCS Fellow, IEEE
  Technical Achievement Award, IEEE Senior Member,
  - - -