This news is classified in: Defense Cyber Defense / IT Communications Homeland Security
Jan 29, 2018
HRL’s proposed Complex Analytics of Network of Networks (CANON), is a set of software tools that will aim, with high confidence, to detect and warn intelligence analysts of weapons of mass terrorism (WMT) activity. Using integrated information from networks of massive amounts of intelligence data, CANON will be designed to find WMT activity at a level surpassing today’s best practices.
“WMTs can be known types of destructive weapons, but they can also be improvised from materials that are not alarming when purchased alone, such as the components of the bombs set off at the 2013 Boston Marathon. Despite being relatively small homemade munitions, the resulting atmosphere of terror they created has yet to dissipate at such public events,” said Jiejun Xu, HRL’s principal investigator for the Modeling Adversarial Activity (MAA) program.
The Defense Advanced Research Projects Agency (DARPA) selected HRL Laboratories to develop novel mathematical frameworks and techniques as part of its MAA program to track down activities related to WMTs. The CANON project is HRL’s contribution to the DARPA program.
Forecasts by Deployment Mode (Cloud-based, On-premise), by Component (Hardware, Software, Services), by End-user (Army, Navy, Air Force, Cyber Commands), by Security Type (Network Security, Endpoint Security, Application Security, Cloud-based Security, Data Security), by Solutions (Threat Intelligence and Response Management, Identity and Access Management (IAM), Intrusion Detection and Prevention Systems (IDPS), Security Information and Event Management (SIEM), Firewall, Other) AND Regional and Leading National Market Analysis PLUS Analysis of Leading Companies AND COVID-19 Impact and Recovery Pattern Analysis
Download free sample pagesWMT-related activity is often hidden and its electronic trail is spread across many online domains and in many contexts. Such adversarial activity is nearly impossible to detect within isolated networks, but becomes detectable and recognizable when networks are analyzed together.
“The idea is to effectively merge intelligence data networks and fuse all the information together to create a unified world view that enables global analysis,” Xu said. “We use the term ‘connecting the dots’ to describe how our algorithms will connect nodes in the networks we analyze. For example, an individual acting in separate financial and transportation networks that become combined parts of our world view could be the common node for us to stitch together those two networks. From our big picture we will be able to see how the nodes form a pattern that matches our known patterns for obtaining WMTs.”
The DARPA requirements of the research are to create a unified worldview with high accuracy and also be scalable to a size that involves a massive ten billion nodes. The HRL researchers will use a technique for this called network alignment.
“Once we have our world view developed, we then must find the needle in the haystack,” Xu said. “We use that metaphor to describe a technique called subgraph matching, robust and efficient graph-based search algorithms that identify WMT pathways hidden in the world-view graph. When we search our worldview network and rank the indicators for these pathways, intelligence analysts can then use them to accurately lead back to the groups or individuals who are creating the WMT concern.”
“A conversation alone may not indicate suspicious behavior, but that conversation combined with data transactions about obtaining materials, such as texting or online ordering, or money wired between accounts of possible bad actors might indicate a pathway to obtaining a WMT,” said Tsai-Ching Lu, HRL’s project manager for MAA. “When the goals of the MAA project are achieved, it will be a mathematical breakthrough that will input massive amounts of intel from many sources and output a ranked list of possible WMT activities with extremely high accuracy. The accuracy and scalability of this system will be far beyond any current system.”
