edge-enabled tactical systems - carnegie mellon university€¦ · receiver operating...
TRANSCRIPT
Edge-Enabled Tactical Systems
Cached Results(User graph, blacklists,
precomputed) Fact Databases(DBPedia, Freebase)
Rumor Corpus(Snopes.com)
FilterStream
CredibilityScore
CalculateScore
Event andNoise Classi�ers
(event-speci�c spam)
Structural Content
Extract Features
Temporal
Data Stream
User Query
Receiver operating characteristic (ROC) curve
ROC curve (area = 0.97)
1.0
0.8
0.6
0.4
0.2
0.01.00.80.60.40.20.0
User connects mobile device to the cloudlet, and upon visual con�rmation the admin starts the pairing process
Mobile Device connects to router, validates server credentials, and authenticates with RADIUS server
Communication between the mobile device and the cloudlet is encrypted at the transport and message level
The implementation pipeline for credibility calculation.
Word cloud represents input data from a shooting event Word cloud represents input data from a non-shooting event
Fusion Architecture
ISE implementation
Cooperative Context Sharing
Receiver operating characteristic (ROC) curve for shootingevent detection
C&C view of Edge Analytics
The Edge Analytics prototype
Admin logs into the Cloudlet Managerto start the Bootstrapping process
Step 1: Bootstrapping• Generation of Server Credentials using IBE (Identity-Based Encryption)• Setup of RADIUS Server with Server Credentials
Step 2: Pairing• Generation of Device Credentials using IBE• Transfer to device using Bluetooth or USB, plus visual con�rmation• Transfer to RADIUS Server
Step 3: WiFi AuthenticationRADIUS Server implements Wi-Fi WPA2-Enterprise 802.1X EAP-TTLS with PAP• Device receives server credentials and validates• Devices sends its credentials for validation
Step 4: API Requests• Device exchanges encrypted messages with the server• Each exchange is validated against authorized device list
Termination• Automatic due to timeout: Bootstrapping requires setting up mission length• Manual due to known loss or compromise: Server Management component has revocation option
ROUTER
Edge environments are characterized by dynamiccontext, limited computing resources, high levelsof stress, and poor network connectivity.
Edge-Enabled Tactical Systems (EETS) adapts,extends, and innovatively investigatesarchitectures and technologies that provideef�cient and easily deployable mobile solutionsfor teams operating in edge environments.
Goal for FY15: Ef�cient and trusted integration between the edge and the enterprise
Trusted Nodes: Establishing Trusted Identities inDisconnected Tactical Environments
Method and prototype to establish trust between mobile devices andcloudlets in disconnected tactical environments
Con�dence in Information: Fusion of Social and PhysicalSensor Data
Fusion of local sensor information, gathered cooperatively and opportunistically, with streaming social media and Open Source Intelligence (OSINT) to inform strategic support and improve tactical response.
Possible Relationships• Tweet + location (actual or inferred) cues GCF sensors• Trending topic + similar mission keywords cues ISE sensor (events)• ISE sensor/event + location cues GCF sensors
Scenarios (objective)• Geo-tagged tweet triggers GCF sensors for collection• Trending keyword matches with ISE event description• Use ISE to task GCF for additional sensor data• ISE event triggers GCF sensor collection
Con�dence in Information: Assigning Credibility Scores to Social Media Streams in Real-Time
Prototype and algorithm to determine the reliability of information derivedfrom social media.
1
2
3
4
IndividualContext
Unit Context
Enterprise Context
ConsolidatedContext ModelTOCENT
FileSystem
FileSystem
FileSystem
Play HTTPServer
JVM
Browser
EA AnalysisEngine
EA RESTProxy
ElasticSearch
ElasticSearchNative connector
File IO
Websocketconnector
MongoConnector
Redis Protocol
EA System boundary
HTTP//REST
Redis
Redis
ExternalSystem(NICS)
Browser(Chrome)
Legend
Components
Connectors
FileSystem MongoDB
Data Store
Edge AnalyticsFront End (Play App)
Command CenterFront End (Play App)
Redis Database
IntegratedAnalysis
TwitterPublisher and
ControllerGCF Publisherand Controller
GCF
ISEManager
ISENode
TwitterMQTTServer
GCFDevice
Edge Analytics Fusion
GCF Integration
ISE
EA Batch JobsBack EndSystem
Software Component
Request
Data
Legend
Legend
SensorManagement
View
UserInterface
Layer
ApplicationLayer
I/OLayer
Context Data View
ApplicationManager
Context Engine
Data Manager
Battery BluetoothGPS
SensorManager
Set of AndroidSensors
MediatedBroadcast
TCP/IP
CommunicationsManager
Task View User View Alert View
SensorCon�g
Layer LogicalComponent
DataSource
SynchronousCall-Return
AsynchronousCallback
DataRead/Write
AIDLInterface
File
App-Speci�cRule Set
Con�gCon�gCon�g
DefaultRule Set
AppData
SEI Research Review 2015
Contact: Grace Lewisand Jeff Boleng [email protected], [email protected]
Distribution Statement A:Approved for Public Release;Distribution is Unlimited
Copyright 2015 Carnegie Mellon University
This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center.
Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense.
NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
This material has been approved for public release and unlimited distribution except as restricted below.
Internal use:* Permission to reproduce this material and to prepare derivative works from this material for internal use is granted, provided the copyright and “No Warranty” statements are included with all reproductions and derivative works.
External use:* This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other external and/or commercial use. Requests for permission should be directed to the Software Engineering Institute at [email protected].
* These restrictions do not apply to U.S. government entities.
DM-0002827