Title: Data and Applications Security Research at the University of Texas at Dallas
1Data and Applications Security Research at the
University of Texas at Dallas
- Dr. Bhavani Thuraisingham
- The University of Texas at Dallas
- April 25, 2006
2Cyber Security Research Areas at UTD
- Network Security
- Secure wireless and sensor networks
- Systems and Language Security
- Embedded systems security, Buffer overflow
defense - Data and Applications Security
- Information sharing, Geospatial data management,
Surveillance, Secure web services, Privacy,
Dependable information management, Intrusion
detection - Security Theory and Protocols
- Secure group communication
- Security Engineering
- Secure component-based software
- Cross Cutting Themes
- Vulnerability analysis, Access control
3Research Group Data and Applications Security
- Core Group
- Prof. Bhavai Thuraisingham (Professor Director,
Cyber Security Research Center) - Prof. Latifur Khan (Director, Data Mining
Laboratory) - Prof. Murat Kantarcioglu (Joined Fall 2005, PhD.
Purdue U.) - Prof. Kevin Hamlen (will join Fall 2006 from
Cornell U.) - Students and Funding
- 10 PhD Students, 16 MS students
- Research grants (Since 2005) Air Force Office of
Scientific Research Center, Raytheon Corporation,
Nokia Corporation and proposals submitted to NSF,
DHS, etc. - Our Vision
- Assured Information Sharing, Secure Geospatial
data management, Video Surveillance
4Vision 1 Assured Information Sharing
Data/Policy for Coalition
Publish
Publish
Data/Policy
Data/Policy
Publish
Data/Policy
Component
Component
Data/Policy for
Data/Policy for
Agency A
Agency C
- Friendly partners
- Semi-honest partners
- Untrustworthy partners
Component
Data/Policy for
Agency B
5Vision 2 Secure Geospatial Data Management
Semantic Metadata Extraction Decision Centric
Fusion Geospatial data interoperability through
web services Geospatial data mining Geospatial
semantic web
Data Source A
Tools for Analysts
Data Source B
SECURITY/ QUALITY
Data Source C
Discussions on collaborative research between
UTD, OGC (Open Geospatial Consortium), Oracle
and Raytheon
6Vision 3 Surveillance and Privacy
Raw video surveillance data
Face Detection and Face Derecognizing system
Suspicious people found
Faces of trusted people derecognized to preserve
privacy
Suspicious events found
Comprehensive security report listing suspicious
events and people detected
Suspicious Event Detection System
Manual Inspection of video data
Report of security personnel
7Example Projects
- Assured Information Sharing
- Secure Semantic Web Technologies
- Social Networks
- Privacy Preserving Data Mining
- Geospatial Data Management
- Geospatial data mining
- Geospatial data security
- Surveillance
- Suspicious Event Detention
- Privacy preserving Surveillance
- Automatic Face Detection
- Cross Cutting Themes
- Data Mining for Security Applications (e.g.,
Intrusion detection, Mining Arabic Documents)
Dependable Information Management
8Secure Semantic Web
Interface to the Semantic Web
Technology At UTD
Inference Engine/ Rules Processor
Policies Ontologies Rules
XML, RDF Documents Web Pages, Databases
Semantic Web Engine
9Social Networks
- Individuals engaged in suspicious or undesirable
behavior rarely act alone - We can infer than those associated with a person
positively identified as suspicious have a high
probability of being either - Accomplices (participants in suspicious activity)
- Witnesses (observers of suspicious activity)
- Making these assumptions, we create a context of
association between users of a communication
network
10Privacy Preserving Data Mining
- Prevent useful results from mining
- Introduce cover stories to give false results
- Only make a sample of data available so that an
adversary is unable to come up with useful rules
and predictive functions - Randomization and Perturbation
- Introduce random values into the data and/or
results - Challenge is to introduce random values without
significantly affecting the data mining results - Give range of values for results instead of exact
values - Secure Multi-party Computation
- Each party knows its own inputs encryption
techniques used to compute final results -
11Geospatial Data MiningChange Detection
- Trained Neural Network to predict new pixel
from old pixel - Neural Networks good for multidimensional
continuous data - Multiple nets gives range of expected values
- Identified pixels where actual value
substantially outside range of expected values - Anomaly if three or more bands (of seven) out of
range - Identified groups of anomalous pixels
12Framework for Geospatial Data Security
13Data Mining for Surveillance
- We define an event representation measure based
on low-level features - This allows us to define normal and
suspicious behavior and classify events in
unlabeled video sequences appropriately - A visualization tool can then be used to enable
more efficient browsing of video data
14Data Mining for Intrusion Detection
Training Data
Classification
Hierarchical Clustering (DGSOT)
Testing
SVM Class Training
DGSOT Dynamically growing self organizing
tree SVM Support Vector Machine
Testing Data
15Information Assurance Education
- Current Courses
- Introduction to Information Security Prof. Sha
- Trustworthy Computing Prof. Sha
- Cryptography Prof. Sudburough
- Information Assurance Prof. Yen
- Data and Applications Security Prof.
Thuraisingham - Biometrics Prof. Thuraisingham
- Privacy Prof. Murat Kantarcioglu
- Future Courses
- Network Security Profs. Ventatesan, Sarac
- Security Engineering Profs. Bastani, Cooper
- Digital Forensics Prof. Venkatesan
- Intrusion Detection Prof. Khan
- Digital Watermarking Prof. Prabhakaran
16Technical and Professional Accomplishments
- Publications of research in top journals and
conferences, books - IEEE Transactions on Knowledge and Data
Engineering, IEEE Transaction on Software
Engineering, IEEE Computer, - IEEE Transactions on Systems, Man and
Cybernetics, IEEE Transactions on Parallel and
Distributed Systems, VLDB Journal, 7 books
published and 2 books in preparation including
one on UTD research (Data Mining Applications,
Awad, Khan and Thuraisingham) - Member of Editorial Boards/Editor in Chief
- Journal of Computer Security, ACM Transactions
on Information and Systems Security, IEEE
Transactions on Dependable and Secure Computing,
IEEE Transactions on Knowledge Engineering,
Computer Standards and Interfaces - - - - Advisory Boards / Memberships
- Purdue University CS Department, - - -
- Awards and Fellowships
- IEEE Fellow, AAAS Fellow, BCS Fellow, IEEE
Technical Achievement Award, IEEE Senior Member,
- - -