Adaptive Automated Threat Recognition (AATR) Introduction

Similar documents
LLNL Production Plans and Best Practices

SIM Card Clone Guide

SNOW SOFTWARE. Fredrik Spolén Country Manager Sales Director. Norway Denmark Finland

Brammer Invend TM. > Convenience & simplicity > Reduce consumption > Lower inventory costs > Improve productivity. 28 th July 2015

Mobile application testing for the enterprise

HP OO 10.X - SiteScope Monitoring Templates

Tertiary Backup objective is automated offsite backup of critical data

Attack Intelligence: Why It Matters

Developing the Corporate Security Architecture. Alex Woda July 22, 2009


HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

Film Scanner The term Film Scanner can refer to a dedicated slide and negative film scanner or to a capture type scanner.

2011 Cyber Security and the Advanced Persistent Threat A Holistic View

Developing a Risk Based Testing Plan for Enterprise Applications Systems

Welcome Computer System Validation Training Delivered to FDA. ISPE Boston Area Chapter February 20, 2014

Xerox WorkCentre 4260 vs. Samsung SCX-6555N. Competitive Assessment. WorkCentre 4260 Multifunction Printer. Competitive Assessment

Amazon EC2 XenApp Scalability Analysis

Cyber Adversary Characterization. Know thy enemy!

Applying Deep Learning to Car Data Logging (CDL) and Driver Assessor (DA) October 22-Oct-15

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

ACCELERATING. Business Processes. through the use of:

Go From Spreadsheets to Asset Management in 40 Minutes

Patch and Vulnerability Management Program

Is Penetration Testing recommended for Industrial Control Systems?

Effective Software Security Management

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Secret Server Qualys Integration Guide

A Conceptual Methodology and Practical Guidelines for Managing Data and Documents on Hydroelectric Projects

: Introduction to Machine Learning Dr. Rita Osadchy

SANS Top 20 Critical Controls for Effective Cyber Defense

1.1.1 Introduction to Cloud Computing

LIGHTING CONTROL AT YOUR FINGERTIPS

Open Source Solution for IVI: Tizen IVI. Brett Branch Tizen IVI Product Marketing

The top 10 advantages of a Windows based PBX

Assurance Cases and Test Design Analysis

ArcGIS Server Security Threats & Best Practices David Cordes Michael Young

Monitoring HP OO 10. Overview. Available Tools. HP OO Community Guides

Department of Homeland Security

IBM Endpoint Manager Product Introduction and Overview

Analysis of the Global Distributed Denial of Service (DDoS) Mitigation Market

Adversary ROI: Why Spend $40B Developing It, When You Can Steal It for $1M?

Protecting Sensitive Data Reducing Risk with Oracle Database Security

System Behavior Analysis by Machine Learning

Design for Success: Designing for the Internet of Things with TiWiConnect

Critical Controls for Cyber Security.

Computer Science Theory. From the course description:

IBM Infrastructure Suite for z/vm and Linux

Service Overview. Business Reply Mail. Trade-mark of Canada Post Corporation. OM Official mark of Canada Post Corporation.

Higher Focus on Quality. Pressure on Testing Budgets. ? Short Release Cycles. Your key to Effortless Automation. OpKey TM

Semantic Analysis of Business Process Executions

TRANSACTION Developer Advanced Training I. Copyright ADSOTECH Scandinavia Oy 2014

Module 5. Deep Convnets for Local Recognition Joost van de Weijer 4 April 2016

VESZPROG ANTI-MALWARE TEST BATTERY

Robotic Process Automation Overview and RPA Case Study. November 2015

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

4. Executive Summary of Part 1 FDA Overview of Current Environment

OCR and 2D DataMatrix Specification for:

Pathways to Financial Empowerment

VEA-bility Security Metric: A Network Security Analysis Tool

DVLA ELISE GSi Closed User Group Code of Connection

Information Security and Continuity Management Information Sharing Portal. Category: Risk Management Initiatives

Category: Nomination for NASPE s Eugene H. Rooney, Jr. Award Innovative State Human Resource Management Program

Managed Network Services

Information Assurance Program at West Point

APPENDIX 2 MIX DESIGNS. Chapter 4: mix design calculation sheet for 40 N/mm 2 strength)

Challenges in Cyber Security Experiments: Our Experience

HOST BASED INTERNAL INTRUSION DETECTION AND PREVENTION SYSTEM.

SANS Dshield Webhoneypot Project. OWASP November 13th, The OWASP Foundation Jason Lam

Cyber Security RFP Template

Symantec Client Management Suite 8.0

San Francisco Chapter. Information Systems Operations

AP ENPS ANYWHERE. Hardware and software requirements

HP WebInspect Tutorial

Check Point and Security Best Practices. December 2013 Presented by David Rawle

Implicit Affinity Networks

IT Governance: The benefits of an Information Security Management System

Cisco Security IntelliShield Alert Manager Service

Information and Communication Technology. Patch Management Policy

Problem Solving Hands-on Labware for Teaching Big Data Cybersecurity Analysis

Model-Based Testing of Spacecraft Flight Software

Oracle Fixed Scope Services Definitions Effective Date: October 14, 2011

Check Point Security Administrator R70

Transcription:

Adaptive Automated Threat Recognition (AATR) Introduction May 17, 2018 Carl Crawford, Csuptwo Harry Martz, LLNL David Castanon, Boston University This material is based upon work supported by the U.S. Department of Homeland security under Award Number 2013-ST-061-E0 1

So What? Who Cares? Space: CT-based explosive detection scanners (checked and carryon) with automated threat recognition (ATR) Problem: Takes too long to field ATRs based on emerging threats from adapting adversary Part of the solution: Adaptive automated threat recognition (AATR) Automatically adapt to computer-readable detection requirement specification Goal: same-day deployment of new AATR after new threat identified Status: ALERT & LLNL funded to develop requirements, algorithms, metrics and testing methods for AATRs TSA benefit: Faster response to emerging threats, trade PD/PFA, change min mass, min sheet thickness Also applicable to AT2, AIT 2

ADSA Format This is a workshop, not a conference Speakers are instructed to begin with So What? Who Cares? (elevator speech) Crawford bears responsibility for format (and agenda) Conversation and questions are expected at all times, especially during presentations after first slide Optimal presentation ends after first slide Public domain no SSI or classified material No speaker introductions; read handouts 3

Goal Vendors deliver an automated system (or tool, process, denoted AATR) that can be used to create new ATRs. ATRs developed without extensive training data and without rigorous TSL testing ATRs can be refined with additional training data and testing AATRs may be complementary to traditionally certified ATRs or could be standalone depending on CONOPS and performance. Hence, time from identification to deployment is reduced Most of the ~20 steps used today would be eliminated Steps may need to be eliminated if Intel says that country being attacked with new threat High PFA may be acceptable with adapted ATR 4

Data: Objects of Interest (OOI) TO4: 188 SSNs -> Clay, Saline, Rubber (training) TO7: 101 SSNs -> m1, m2, m3, m4 (sequestered) Scanned on medical CT scanner OOI Min Density [ MHU ] Max Density [ MHU ] m1 380 525 m2 770 810 m3 1300 1375 m4 1350 1430

Object ment Spec (ORS) Types of threat classes For each class Minimum mass Minimum thickness (sheets only) Density range Coefficient for calculating weighted PD PD per class Texture: no spec at present PFA Computer readable 6

AMs Adaptability Metrics (AM) PD when varying PFA PD/PFA when varying specified OOIs Clay: OOI -> confuser PD/PFA when varying relative weighting (contribution) of a specified OOI PD/PFA when varying specified minimum mass PD/PFA when varying specified minimum thickness PD/PFA: OOIs not found in training data 7

Adaptability Metrics: PD/PFA function different ORSs 8

Performers - AATR David Castanon, Boston University Trent Montgomery Toby Breckon, Durham University, UK Qian Wang, Khalid Ismail Dong Hye Ye + Charlie Bouman, Purdue University Dave Paglieroni, Lawrence Livermore National Laboratory (LLNL) (funded by EXD) Hema Chandrasekaran, Christian Pechard, Harry Martz Avi Kak, Purdue University (unfunded participant) Ankit Manerikar 9

Tools Performers - Support Franco Rupcich, Cich Solutions Technical Leads Carl Crawford, Csuptwo Harry Martz, LLNL David Castanon, Boston University 10

Acknowledgements - Logistics Melanie Smith, lead Tiffany Lam Deanna Beirne Kristin Hicks Anne Magrath Pooja Ravichandran Sara Baier 11

BACKUP SLIDES 12

Potential TSA Usage 13

Test Environment Implementation 14

Virtual Machine - Testing Testing performed in phases (steps) to allow debugging and improvements. 15

Support Functions (Tools) Sample ATR Reading image; Writing results (label, log files) Replace ATR functions with your own Sample ADS Interfaces to tools and to sample ATR Scoring software Detection using recall/precision PD/PFA Compiles results from all runs & AMs into single Top Level Report Must run in Linux Master driver program Runs ADS/AATR for different detection requirement specs Simulated images for validation available Image conversion to FITS Ground truth - Mevislab 16

Performer Training / TO4 Data AM 1: AROC AM 4: PD/PFA for Varying Mass OO I d PD d PFA S 0.7 0.02 S 0.8 0.05 S 0.85 0.08 S 0.9 0.1 S 0.95 0.2 AATR PD AATR PFA OOI Min Mass [ g ] d PD d PFA AAT R PD [ % ] AAT R PFA [ % ] Increment al Mass Rnge [ g ] AATR Incrementa l PD S 400 90 10 N/A N/A S 300 90 10 300-400 S 100 90 10 100-300 AM 5: PD/PFA for Varying Thicness AM 2: PD/PFA for Varying OOIs (ORS #1 OOI C,S, R AROC d PD only) d PFA 90 10 C 90 10 S 90 10 <insert value here> AAT R PD R AM 90 3: Varing 10 PD Weight OO I C, S C, S Req PD C:90, S:90 C:20, S:90 Req PFA [ % ] AATR PD 10 C: xx, S: xx 10 C: xx, S: xx AAT R PFA AATR PFA OO I Min Thickne ss [ mm ] d PD OOI( s) d PFA ALERT Testing / TO7 Data AM 2: PD/PFA for Varying OOIs d PD d PFA m1 90 10 m2 90 10 m3 90 10 m4 90 10 AAT R PD AAT R PFA [ % ] AATR PD Increment al Thickness Rnge [ mm ] AAT R PFA AATR Incrementa l PD R 10 90 10 N/A N/A R 6.5 90 10 6.5-10 R 0 90 10 0 6.5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information