conference agenda - icdis.org · 1 1st international conference on data intelligence and security -...

1

1st International Conference on Data Intelligence and

Security - ICDIS

Conference Agenda

April 8 – 10, 2018

Hilton Garden Inn Hotel South Padre Island, TX

www.icdis.org

Corpus Christi Section

http://www.icdis.org/

2

April 08, 2018

3:00 pm - 5:30 pm Registration and Reception in Registration Lobby

6:00 pm – 8:00 pm Sunset Cruise at South Padre Island

April 09, 2018

7:30 am – 8:45 am Continental Breakfast in Pre-Function Space

8:50 am – 9:00 am

9:00 am – 9:45 am

Opening Ceremonies in Marlin/Tarpon

Welcome: Parwinder Grewal, Ph.D., Executive Vice President, UT

Rio Grande Valley

Keynote speaker: C.-C. Jay Kuo, Ph.D.: Why and Why Not

Convolutional Neural Networks (CNNs)?

10:00 am – 10:30 am Presentation #A1 in Tarpon

Presentation #B1 in Marlin

10:30 am – 10:45 am Morning Break in Pre-Function Space





11:45 am – 1:00 pm Lunch in Great White

1:15 pm – 2:00 pm Invited Talk in Marlin/Tarpon: Roy Lindelauf, Ph.D.: Approximating

the Shapley value for the analysis of large terror networks

2:15 pm – 2:45 pm Presentation #C1 in Tarpon

Presentation #D1 in Marlin

2:45 pm – 3:00 pm Afternoon Break in Pre-Function Space







6:00 pm – 7:00 pm Dinner in Great White

10:00 am – 4:30 pm Posters displayed in Swordfish

3

April 10, 2018

7:30 am – 8:45 am Continental Breakfast in Pre-Function Space

9:00 am – 9:45 am

Morning Ceremonies in Marlin/Tarpon

Keynote Speaker: Chaitan Baru, Ph.D., Senior Advisor for Data

Science, National Science Foundation: Harnessing the Data

Revolution

10:00 am – 10:30 am

Presentation #E1 in Tarpon

Presentation #F1 in Marlin

Workshop #W1 in Jellyfish – 2nd floor

10:30 am – 10:45 am Morning Break in Pre-Function Space

10:45 am – 11:15 am




11:15 am – 11:45 am




11:45 am – 1:00 pm Lunch in Great White

1:15 pm – 2:00 pm Invited talk in Marlin/Tarpon: TBA

2:15 pm – 2:45 pm

Presentation #G1 in Tarpon

Presentation #H1 in Marlin


2:45 pm – 3:00 pm Afternoon Break in Pre-Function Space

3:00 pm – 3:30 pm Presentation #G2 in Tarpon






6:00 pm – 7:00 pm Awards and Dinner in Great White

2:00 pm – 4:00 pm Poster presentation in Swordfish

4

Presentations of Papers: A1: Mining Key-Hackers on Darkweb Forums, Ericsson Marin, Jana Shakarian and Paulo Shakarian A2: Detection of Electricity Theft in Customer Consumptions using Outliers Algorithms, Jaime Yeckle and Bo Tang A3: Differentially Private ANOVA Testing, Zachary Campbell, Andrew Bray, Anna Ritz and Adam Groce B1: Adding Channel Binding for an Out-of-Band OTP Authentication Protocol in an Industrial Use-Case, Sven Plaga, Melanie Niethammer, Norbert Wiedermann and Alexander Borisov B2: Reducing Data Complexity in Feature Extraction and Feature Selection for Big Data Security Analytics, Dimitrios Sisiaridis and Olivier Markowitch B3: Using Software Engineering Metrics to Evaluate the Quality of Static Code Analysis Tools, Enas Alikhashashneh and James Hill C1: Competitive Learning Environment for Cyber-Physical System Security Experimentation, Rujit Raval, Alison Maskus, Benjamin Saltmiras, Morgan Dunn, Peter J. Hawrylak and John Hale C2: Rapid Homoglyph Prediction and Detection, Avi Ginsberg and Cui Yu C3: Detection of malicious and abusive domain names, Egon Kidmose, Erwin Lansing, Søren Brandbyge and Jens Myrup Pedersen C4: Snowball: Extracting Causal Chains from Climate Change Text Corpora, Saud Alashri, Jiun-Yi Tsai, Anvesh Reddy Koppela and Hasan Davulcu D1: Prevention of Ransomware Execution in Enterprise Environment on Windows OS: Assessment of Application Whitelisting Solutions, Hasan Turaev, Pavol Zavarsky and Bobby Swar D2: Detecting Pathogenic Social Media Accounts without Content or Network Structure, Elham Shaabani, Ruocheng Guo and Paulo Shakarian D3: A Feedback-based Evaluation Approach for the Continuous Adjustment of Incident Prioritization, Leonard Renners, Felix Heine, Carsten Kleiner and Gabi Dreo Rodosek D4: Finding Novel Event Relationships in Temporal Data, Ashkan Aleali, Mahila Dadfarnia and Paulo Shakarian E1: Proof of Concept for IoT Device Authentication based on SRAM PUFs using ATMEGA 2560-MCU, Christoph Lipps, Andreas Weinand, Dennis Krummacker, Christoph Fischer and Hans D. Schotten E2: A Multiple Radar Algorithm for Automatic Target Recognition of Aircraft using Inverse Synthetic Aperture Radar, Carlos Pena-Caballero, Elifaleth Cantu Alanis, Jesus Rodriguez, Adolfo Gonzales, Osvaldo Castellanos Castellanos, Angel Cantu, Megan Strait, Jae Son and Dongchul Kim

5

E3: A network-based framework for mobile threat detection, Sanjay Kumar, Ari Viinikainen and Timo Hamalainen F1: Hand Gesture Controlled Drones: An Open Source Library, Kathiravan Natarajan, Truong-Huy Nguyen and Mutlu Mete F2: Intrusion detection in network systems through hybrid supervised and unsupervised machine learning process: a case study on the ISCX dataset, Saeid Soheily-Khah, Pierre-François Marteau and Nicolas Béchet F3: Block Level Streaming Based Alternative Approach for Serving a Large Number of Workstations Securely and Uniformly, Fitra Khan, Mahmoud Quweider, Max Torres, Clair Goldsmith, Hansheng Lei and Liyu Zhang G1: Mining Dependent Items, Hansheng Lei, Yamin Hu, Wenjian Luo and Cheng Chang Pan G2: Managing Big Data in Visual Retrieval Systems for DHS Applications: Combining Fourier Descriptors and Metric Space Indexing, Mahmoud Quweider, Hansheng Lei, Fitra Khan and Liyu Zhang G3: Image Captioning for Ambient Awareness on Sidewalk, Faruk Ahmed, Sultan Mahmud, Rakib Al-Fahad, Shahinur Alam and Mohammed Yeasin G4: Effective Android Malware Detection with a hybrid model based on Deep Autoencoder and Convolutional Neural Network, Mengxue Zhao and Wei Wang H1: A Control Flow Anomaly Detection Algorithm for Industrial control, Zhang Zhigang, Wang Wei, Chang Chaowen, Han Peisheng, Lv Zhuo and Wang Yutong H2: Dynamic Privacy Leakage Analysis of Android Third-party Libraries, Binghui Hu and Yongzhong He H3: Extending CDFR for Overlapping Community Detection, Nannan Lu, Wenjian Luo, Li Ni, Hao Jiang and Weiping Ding H4: Efficient Authentication Protocols for Industrial Wireless Network, Jiaping Men, Wei Wang, Jiqiang Liu and Zhen Han

6

Workshops: W1: CAN Authorization Using Message Priority Bit-Level Access Control, Adam Brown, Todd Andel, Jeffrey McDonald and Mark Yampolskiy W2: Enhancing Security against Software Attacks with Reprogrammable Hardware, Todd R. Andel, Lindsey N. Whitehurst, J. Todd McDonald and Waleed Al-Assadi W3: Automatic Generation of Attack Scripts from Attack Graphs, William Nichols, Zachary Hill, Peter Hawrylak, John Hale and Mauricio Papa W4: Phase Space Detection of Virtual Machine Cyber Events through Hypervisor-level System Call Analysis, Joel A. Dawson, J. Todd McDonald, Lee Hively, Todd R. Andel, Mark Yampolskiy and Charles Hubbard

7

Posters (short papers): P1: Attack Detection and Mitigation Techniques in Industrial Control System -Smart Grid DNP3, Ihab Darwish (Queensborough Community College - City University of New York) and Tarek Saadawi P2: Reliability Enhancement in Cloud Computing Via Optimized Job Scheduling Using Reinforcement Learning Algorithm and Queuing Theory, Husamelddin Ahmed Mohamed Nour Balla, Chen Guang Sheng and Jing Weipeng P3: Improve Security over Multiple Cloud Vendors for Resource Allocation, Jayachander Surbiryala, Bikash Agrawal and Chunming Rong P4: Predicting the Effect of Parental Education and Income on Infant Mortality through Statistical Learning, George Toscano and Gahangir Hossain P5: Machine Learning Applied to Rotating Check Fraud Detection, Christine Hines and Abdou Youssef P6: Study of the Impact of Paranoia Levels on Effectiveness of ModSecurity Web Application Firewall Configured with CRS 3.0, Jatesh Singh, Hamman Samuel and Pavol Zavarsky P7: Combating Insider Threats by User Profiling from Activity Logging Data, Mohamed Dahmane and Samuel Foucher P8: Hybrid Security RSA Algorithm in Application of Web Service, Jayraj Gondaliya, Jinisha Savani, Vivek Sheetal Dhaduvai and Gahangir Hossain P9: Hybrid Encryption for Securing SharedPreferences of Android applications, Sourabh Shivaji Kumbhar, Young Lee and Jeong Yang P10: Security Analysis of Intelligent Transportation Systems Based on Simulation Data, Liang Ming, Gang Zhao, Minhuan Huang, Xiaohui Kuang and Alvaro Cardenas P11: Windows Virtualization Architecture for Cyber Threats Detection, Hardik Gohel, Himanshu Upadhyay, Alexander Pons and Leonel Lagos P12: Internet Connectivity Performance under Distributed Denial of Service Attacks from Botnets of Varying Magnitudes, Hugo Herrera, William Rivas and Sanjeev Kumar P13: Community Finding of Malware and Exploit Vendors on Darkweb Marketplaces, Ericsson Marin, Mohammed Almukaynizi, Eric Nunes and Paulo Shakarian P14: Integration of Convolutional Neural Network and Thermal Images into Soil Moisture Estimation, Remilekun Sobayo, Hsiang-Huang Wu, Ram Ray and Lijun Qian P15: A Platform for Experimentation with and Measurement of Reflective Deception, Shay Taylor, Tabor Kvasnicka, Thomas Shaw, Kyle Cook, James Arrowood and John Hale

8

Posters:

P16: DARKMENTION: Reasoning about enterprise-related external cyber threats using a rule-

learning approach, Mohammed Almukaynizi*, Ericsson Marin, Eric Nunes, Paulo Shakarian,

Dipsy Kapoor, Gerardo Simari, Timothy Siedlecki

Abstract: Reasoning about the likelihood of certain cyber-attack events occurring in the future

using cyber threat intelligence is gaining attention. With the increasing number of

darkweb/deepweb (d2web) forums specialized in trading sophisticated exploit kits of

vulnerabilities shortly after they are disclosed, hackers from different levels of expertise gain

access to a wide range of exploits. Although important, the work on reasoning about the families

of vulnerabilities that are likely to be leveraged in attacks to large-scale organizations (e.g., big

financial institutions or defense industrial-based organizations) is limited. While such

organizations maintain high-level defensive standards, a large volume of the external cyber-attack

events is believed to be launched by nation-state actors around the globe.

In this poster, we present a rule-learning approach that leverages a logical programing framework

called Annotated Probabilistic Temporal Logic (APT-Logic), originally introduced in [1-2], to

correlate hacker activity in D2web to real-world cyber events observed in two large organizations.

Of those, one is a financial institution and the other is a defense industrial-based organization. In

this poster, we summarize our approach and demonstrate two contributions: the first is an

application-relevant extension to APT-logic; and second, a suite of preliminary experimental

results and a demonstration of the viability of our approach in this particular application. Going

forward, we look to integrate our inference rules into an existing deployed system that generates

cyber-event warnings and submit them to security operations centers.

P17: Data Integrity of Remotely monitored EKG Signals under Cyber Attack Conditions, Sonal V.

Jha* and Sanjeev Kumar

Abstract: Real-time EKG monitoring is being used increasingly in health-care facilities to monitor

the heart and to discover the underlying medical conditions in patients with heart problems. Often

real-time monitoring involves obtaining EKG signals from multiple patients at different remote

locations and analyzing them in a central location before deciding whether intervention is

necessary for a patient based on the EKG signals received. Increasingly, this long-distance

telemetry is set up using Internet architecture, with EKG data being sent over the Internet for

remote monitoring. This leaves EKG information being sent vulnerable to malicious traffic over

the Internet. It is possible for the EKG signals to be distorted due to malicious traffic in Cyber

attack conditions. The distortions made by the malicious traffic have been previously reported but

the extent and significance of these distortions have not been fully analyzed. This poster intends

to provide information on the current research work performed in the Cyber Security lab at the

UTRGV, and survey the experimental findings to determine whether the EKG distortions caused

by Cyber attacks would result in alarming EKG signals raising false alarms that patient was having

heart related problems. The hidden EKG distortions if produced under Cyber attack conditions

can cause the monitoring centers to raise false alarms resulting in unnecessary interventions,

waste of resources, and disruption of patients' comfort.

9

P18: Low Cost Wireless Motion and Smoke Detection and Notification System, Chu-Wen

Cheng*, Gerardo Hernandez, Edgar Padilla,Luis Vazquez, and Sanjeev Kumar

Abstract: In today’s society, most home security systems are overpriced due to the fact that they

are monitored by a home security system company. We are proposing a system that offers motion

detection and other valuable functions such as CO detection, live video. It will alert users in case

of emergency by sending automated notifications of security violations. This will be controlled by

an Android application, eliminating the need of a monitoring service company and it will make the

user the main and primary contact in case of an emergency. This low-cost security system will be

created for indoor use only and it can be placed in a compact area around the house.

P19: Archer: A system for rapid cyber hypothesis evolution and resolution, Robert A. Bridges,

Maria S. Vincent, Kelly M.T. Huffer, John R. Goodall

Abstract: Cyber security operations now have widespread collection of host and network data

from a variety of systems, as well as many mainly signature-based intrusion/detection systems.

While signature-based methods are effective against previously observed network attacks,

detection and reaction to novel and advanced threats require behavioral analysis. Large variation

across and within networks necessitates analysis by domain professionals with network-specific

expertise. Currently, the large volumes of heterogeneous data being collected is manually

investigated and correlated for situational awareness, advanced intrusion detection, malware

analysis, and incident response. This process is time-consuming and inefficient. Next generation

security requires analytical tools allowing analysts to leverage their domain expertise and

environmental knowledge to enable scientific enquiry using their data. Rather than another black

box producing logs and alerts, operators require data science capabilities allowing them to

leverage their data and their cyber expertise.

Archer, the visual-analytics platform under development, seeks to bring more flexible analytics to

the security analysts' fingertips, allowing analysts to create, refine, and evaluate their hypotheses

using their data. The system will connect to their data store (e.g., Splunk or Elasticsearch) and

provide an interface for analysts to select subsets of data for analysis, configure preset algorithms,

and interact with results. Algorithmic fitting will happen under the hood. Initial algorithms include

anomaly scoring, discriminant analysis, and clustering, with augmentation of standard algorithms

to admit interpretable visualizations and drill down capabilities and to display attributed

information. Our algorithms have been tested on use cases from real operators and have yielded

two publications on the following topics:

(1) SANSR (Situational Awareness of Network System Roles), uses clustering of network flow

data to identify the network role of IPs on the network, giving situational awareness to operators.

(2) Automation of malware forensics uses discriminant analysis of host logs to find the footprint

of ransomware.

P20: Semantic User Profiling from Firewall Data, Mohamed Dahmane, Jean-Francois Rajotte,

and Jean-Philippe Nantel

Abstract: Singular Value Decomposition (SVD) was used to represent relations among very large

number of terms and very large number of natural text passages through a single hidden layer in

Latent Semantic Analysis (LSA). As a general theory of acquired similarity and knowledge

10

representation, LSA is a an appropriate theory that apply to user's profile analysis if we consider

IP address as words (terms) and users as text passages (documents). In the context of firewall

log analysis, we want to extract the hidden meaning of IP address by using LSA as a fully

automatic statistical technique for extracting and inferring relations of expected contextual usage

of IP addresses (words) in user sessions (passages of discourse).

P21: Detecting Pathogenic Social Media Accounts without Content or Network Structure, Elham

Shaabani*, Ruocheng Guo and Paulo Shakarian

Abstract: The spread of harmful mis-information in social media is a pressing problem. We refer

accounts that have the capability of spreading such information to viral proportions as "Pathogenic

Social Media" accounts. These accounts include terrorist supporter’s accounts, water armies, and

fake news writers. We introduce an unsupervised causality-based framework that also leverages

label propagation. This approach identifies these users without using network structure, cascade

path information, content and user's information. We show our approach obtains higher precision

(0.75) in identifying Pathogenic Social Media accounts in comparison with random (precision of

0.11) and existing bot detection (precision of 0.16) methods.

P22: The News that Shifts the Value of Cryptocurrency, Dongming Jin*

Abstract: Cryptocurrency is a concept of digital currency in which encryption techniques are used

to regular the generation and verify the transfer of funds based on blockchain, a distributed ledger

that is inherently resistant to modification of the data. Ever since its birth, its nature and value has

been highly debated. It is the ideal digital asset in the world of internet, which is decentralized and

inherently resistant to modification of the ownership. Even though the nature and value has been

highly debated, the combination of security and transparency makes it one of the most important

innovation in the era of ‘cloud data’, where security is the last shield of privacy. In this study, TF-

IDF is applied on 2017 Wall Street Journal News Archive to explore the potential correlation

between Bitcoin price change and content semantics. A Doc2Vec model trained on Wikipedia

corpus is used to compare the results, with various clustering and decomposition methods.

P23: Detection of Trace Materials Concomitant with Fingerprints Using a Multispectral UV

Camera, Wenli Huang, Barry L. Shoop, and Augustus W. Fountain

Abstract: This poster presents the algorithms in detecting trace materials on fingerprints using a

multi-wavelength UV camera. We evaluate two competitive approaches: The error diffusion neural

network (EDN) and orthogonal space projection (OSP).

Detection of explosive materials present on fingerprints is of importance to intelligence and law

enforcement. Raman spectroscopy has been studied for detection and identification of the

presence of trace explosives in contaminated fingerprints. Raman scattering provides a hyper

spectral cube of data over a wide range of wavelengths; thus chemical compounds that have

known Raman signatures can be identified. However, Raman scattering is time consuming when

a large surface area has to be analyzed. In this research, we aim to develop a system that is fast

and efficient. We will either identify the explosive materials directly or identify the areas of interest

so that Raman scattering can be used to interrogate a reduced surface area.

We primarily studied RDX, 1,3,5-Trinitroperhydro-1,3,5-triazine, the explosive component in C-4.

In the EDN approach, we extend our previous method of a fully-parallel three-dimensional EDN

11

filter that enhanced the quality of a colored halftone image into multi-dimensional interconnected

filters for multispectral applications. In this case, EDN is used as error-conserving multispectral

classifier as we choose the output pattern vectors to be the spectra of “materials” to be detected

in the output. In the OSP approach, the algorithm is based on maximizing the signal to noise ratio

of the target data in the subspace orthogonal to the background subspace.

P24: MIST: Missing Person Intelligence Synthesis Toolkit, Elham Shaabani, Hamidreza Alvari,

Paulo Shakarian, and J.E. Kelly Snyder

Abstract: Each year, about hundred thousands of missing person cases occur in the United

States. This poster introduces the Missing Person Intelligence Synthesis Toolkit (MIST) which

leverages a data-driven variant of geospatial abductive inference. This system takes search

locations provided by a group of experts and rank-orders them based on the probability assigned

to areas based on the prior performance of the experts taken as a group. We evaluate our

approach compared to the current practices employed by the Find Me Group (a non-profit led by

former law enforcement professionals dedicated to missing persons cases) and found it

significantly reduces the search area -leading to a reduction of 53 square miles over 29 cases we

examined in our experiments. The average probability of locating missing person by searching

the same size of areas randomly in our approach and baseline are 0.23 and 0.44, respectively.

This reduction is significant for the following reasons: 1) reduction in time to locate missing

persons, 2) reduction in direct costs, and 3) reduction in indirect costs.

P25: A New Cryptographic command set for Smart Cards, Hazem M. Eldeeb

Abstract: Smart card is a miniature computer with very limited hardware and software resources.

Like any computer, an operating system is needed to manage the card hardware and software

resources. Several smart card operating systems of different types were developed for this

purpose. The basic functions of these operating systems are: handling the card input/out process,

managing the file system, managing communication with card users/ application programs and

data exchange with the cryptographic algorithms embedded in the card, if any. The card issuer

issues cards with their default programmed cryptographic parameters and with no possibility of

cryptographic parameters customization. This paper aims to make the smart card smarter by

presenting a new set of cryptographic commands. The proposed command set enables the card

issuer to deeply access the cryptographic primitives and customize their building blocks without

programming capabilities and prior to card issuing. For the purpose of cryptographic operations

protections, the proposed command set is intended to be isolated from the card operating system

by being executed in co-processor. In order to test the new command set and demonstrate its

features, the new command set has been developed in two parts. The first part has been

developed in embedded C language on Smart card side (on-card) which will hold the binary file

for the code of all the instruction set embedded in the card (non-volatile memory).The second part

;computer side (off-card) which will hold all the command (executable files) for the direct

interaction between the card and card issuer, and it will hold also dynamic link library (DLL) for

interaction with application programs.

12

Invited Speakers

Chaitan Baru, PhD

Senior Advisor for Data Science, CISE

National Science Foundation

Speech title: Harnessing the Data Revolution

Abstract: Harnessing the Data Revolution (HDR) is one of NSF's six "Big Research

Ideas," aimed at supporting fundamental research in data science and engineering;

developing a cohesive, federated approach to the research data infrastructure needed to

power this revolution; and developing a 21st-century data-capable workforce. HDR will

enable new modes of data-driven discovery allowing researchers to ask and answer new

questions in frontier science and engineering, generate new knowledge and

understanding by working with domain experts, and accelerate discovery and innovation.

This initiative builds on NSF's strong history in data science investments. We will describe

NSF’s vision for the HDR Big Idea, as well as related community activities, including

workshops on translational data science, an open knowledge network, and the idea of a

Data Science Corps. As the only federal agency supporting all fields of science and

engineering, NSF is uniquely positioned to help ensure that our country's future is one

enriched and improved by data.

Short Bio: Chaitan Baru is the Senior Advisor for Data Science in the Computer and

Information Science & Engineering Directorate at the National Science Foundation,

Alexandria, VA. He co-chairs the NSF working group for the Harnessing the Data

Revolution Big Idea, and has responsibility for the cross-Foundation BIGDATA research

program. He is the advisor to the NSF Big Data Regional Innovation Hubs and Spokes

program (BD Hubs/Spokes) and was engaged in the development of the NSF

Transdisciplinary Research in Principles of Data Science (TRIPODS) program. He co-

chairs the Big Data Interagency Working Group—which is part of the Networking and IT

R&D program of the National Coordination Office, White House Office of Science and

Technology Policy—and is a primary co-author of the Federal Big Data R&D Strategic

Plan (released May 2016). He is on assignment at NSF from the San Diego

Supercomputer Center (SDSC), University of California San Diego, where he is a

Distinguished Scientist and Director of the Advanced Cyberinfrastructure Development

Group (acid.sdsc.edu) and the Center for Large-scale Data Systems Research (CLDS).

13

C.-C. Jay Kuo, PhD

Director of the Media Communications Laboratory

University of Southern California

Speech Title: Why and Why Not Convolutional Neural Networks (CNNs)?

Abstract: The superior performance of Convolutional Neural Networks (CNNs) has been

demonstrated in many applications such as image classification, detection and

processing. Yet, the CNN solution has its own weaknesses such as robustness against

perturbation, scalability against the class number and portability among different datasets.

Furthermore, CNN’s working principle remains mysterious. In this talk, I will first explain

the reasons behind the superior performance of CNNs. Then, I will present an alternative

solution, which is motivated by CNNs yet allows rigorous and transparent mathematical

treatment, based on a data-driven Saak (Subspace approximation with augmented

kernels) transform. The kernels of the Saak transform are derived from the second-order

statistics of inputs in a one-pass feedforward way. Neither data labels nor

backpropagation is needed in kernel determination. The pros and cons of CNNs and

multi-stage Saak transforms are compared.

Short Bio: C.-C. Jay Kuo received his Ph.D. degree from the Massachusetts Institute of

Technology in 1987. He is now with the University of Southern California (USC) as

Director of the Media Communications Laboratory and Dean’s Professor in Electrical

Engineering-Systems. His research interests are in the areas of digital media processing,

compression, communication and networking technologies. Dr. Kuo was the Editor-in-

Chief for the IEEE Trans. on Information Forensics and Security in 2012-2014. He was

the Editor-in-Chief for the Journal of Visual Communication and Image Representation in

1997-2011, and served as Editor for 10 other international journals. Dr. Kuo received the

1992 National Science Foundation Young Investigator (NYI) Award, the 1993 National

Science Foundation Presidential Faculty Fellow (PFF) Award, the 2010 Electronic

Imaging Scientist of the Year Award, the 2010-11 Fulbright-Nokia Distinguished Chair in

Information and Communications Technologies, the 2011 Pan Wen-Yuan Outstanding

Research Award, the 2014 USC Northrop Grumman Excellence in Teaching Award, the

2016 USC Associates Award for Excellence in Teaching, the 2016 IEEE Computer

Society Taylor L. Booth Education Award, the 2016 IEEE Circuits and Systems Society

John Choma Education Award, the 2016 IS&T Raymond C. Bowman Award, and the

2017 IEEE Leon K. Kirchmayer Graduate Teaching Award. Dr. Kuo is a Fellow of AAAS,

IEEE and SPIE. He has guided 140 students to their Ph.D. degrees and supervised 25

postdoctoral research fellows. Dr. Kuo is a co-author of 260 journal papers, 900

conference papers, 30 patents and 14 books.

14

Roy Lindelauf, PhD

Netherlands Defense Academy, Netherlands

Speech Title: Approximating the Shapley value for the analysis of large terror

networks

Abstract: We present an analysis of the extended WTC 9/11 network of Krebs

(Connections 24(3):43–52, 2002) that consists of 69 members by use of game theoretical

power indices. In particular we focus on the Shapley value. It is one of the most prominent

one-point solution concepts in cooperative game theory that divides revenues (or cost,

power) that can be obtained by cooperation of players in the game. With respect to

terrorism the revenues can be seen to coincide with contextual models of terror related

phenomena. Since the computational complexity increases exponentially with the number

of players in the game, computing the Shapley value for games consisting of more than

25 players becomes too time expensive. Therefore a new method to approximate the

Shapley value by refining the random sampling method introduced by Castro et al.. We

show that our method outperforms the random sampling method, reducing the average

error in the Shapley value approximation by almost 30%.

Short Bio: Roy Lindelauf develops mathematical methods for the analysis of terrorism,

political violence and related topics such as network resilience (cyber) and network

design. He is interested in the game theoretic (cooperative game theory) and graph

theoretic modeling of terrorist, criminal, insurgent and cyber networks.

15

First Floor

Second Floor

conference agenda - icdis.org · 1 1st international conference on data intelligence and security -...

Documents