on detecting and classifying aberrant behavioron detecting...
TRANSCRIPT
On detecting and classifying aberrant behaviorOn detecting and classifying aberrant behaviorin unmanned autonomous systems
under test and on mission
…in the Age of the Black Swanwww kennentech com/Pubs/2009-OnDetectingAndClassifyingAberrantBehaviorInUAS pdfwww.kennentech.com/Pubs/2009 OnDetectingAndClassifyingAberrantBehaviorInUAS.pdf
Rick DoveJanuary 13, 2009
Presented atITEA LVC Conference,,
El Paso, TX.
[email protected], attributed copies permitted 1
This work was supported in part by the U.S. Department of Homeland Security award NBCHC070016
A Note on Black Swans
The Black Swan metaphor is used currently to signify a low probability but catastrophic event. Popular usage emphasizes this low probability.
What is ignored in many examples of recent black swan eventsWhat is ignored in many examples of recent black swan eventsis that they have been enabled by situational evolution, and
will occur with increasing frequency.
It is accurate to see them as unprecedented…having rarely if ever occurred before.
It is inaccurate, in many cases,to think they are equally unlikely to occur again.
Contributing elements of situational evolution:Globalism, ubiquitous networks, technological literacy, empowered individuals,
4th and 5th generation warfare complex interconnected systems
[email protected], attributed copies permitted 2
4 and 5 generation warfare, complex interconnected systems, …
Nassim Nicholas Taleb, The Black Swan, Random House, 2007video: www.charlierose.com/view/interview/9713
Risk Mismanagement Models: False Gods ExposedAaron Brown, a former risk manager at Morgan Stanley, defending the risk management model
everyone used to deny the growing black-swan financial meltdown…everyone used to deny the growing black swan financial meltdown…“In a crisis, you want to know who can kill you and whether or not they will, and who you can kill if necessary. You need to have an emergency backup plan that
assumes everyone is out to get you. In peacetime you think about other people’s intentionsIn peacetime, you think about other people’s intentions.
In wartime, only their capabilities matter. VaR is a peacetime statistic.”
(VaR: Value at Risk)(VaR: Value at Risk)
“VaR is built around statistical ideas and probability theories that have been around for centuries. VaR was developed and popularized in the early 1990s by a h df l f i ti t d th ti i “ t ” th ’ ll d i thhandful of scientists and mathematicians — “quants,” they’re called in the business — who went to work for JPMorgan. VaR’s great appeal is that it expresses risk as a single number.
“When you realize that VaR is using tame historical data to model a wildly different environment, the total losses of Bear Stearns’ hedge funds become easier to understand. It’s like the historic data only has rainstorms and then a tornado hits.”
[email protected], attributed copies permitted 3
From: Risk Mismanagement, New York Times, Joe Nocera, 09Jan02http://www.nytimes.com/2009/01/04/magazine/04risk-t.html?_r=1
Unmanned (Autonomous) Systems
[email protected], attributed copies permitted 4
Weight 3 grams.10 cm tip-to-tip.Speed 5 m/sec.Flies 3 mins on
Dragonfly-likeMicro Air Vehicle(MAV)
Flies 3 mins on1 gram battery.
0.4 gram camera and transmitter of the
www.delfly.nl/?site=DIII&menu=media&lang=nlJuly 2008
transmitter of theDelFly micro
[email protected], attributed copies permitted 5
World's Largest Truck Goes Robotic
Nov. 6, 2008 -- The largest t k i th ld i b t t
http://dsc.discovery.com/news/2008/11/06/monster-robot-truck.html
truck in the world is about to become the largest robotic vehicle in the world. Computer scientists fromComputer scientists from Carnegie Mellon University have teamed up with engineers from Caterpillar to automate the 700-ton trucks which arethe 700-ton trucks, which are made to haul loads up to 240 tons from mines.That's nearly two million ypounds of metal, fuel and stone powered by a 3,550-horsepower, 24-valve engine moving at up to 42 miles per
Fully automated mining trucks promise to reduce maintenance costs while
i i d ti it B i t moving at up to 42 miles per hour, with software and a robot at the wheel.
increasing productivity. By running at peak capacity 24 hours a day, seven
days a week, the trucks could be up to 100 percent more productive
[email protected], attributed copies permitted 6
(Hack these and send an army of themon your own mission – a James Bond plot?)
Engineering of Agile Systems and EnterprisesEngineering of Agile Systems and EnterprisesFundamentals of Analysis, Synthesis, and PerformanceFundamentals of Analysis, Synthesis, and Performance
Research funded by OSD/DARPA through Navy/NSF 1991 19971991-1997
Lehigh University, Agility Forum, and g y ,~1000 people from ~250 organizations
Self Organizing Agile Systems and EnterprisesSelf Organizing Agile Systems and EnterprisesSelf Organizing Agile Systems and EnterprisesSelf Organizing Agile Systems and EnterprisesArchitectural Patterns Enabling Self Organizing Systems of SystemsArchitectural Patterns Enabling Self Organizing Systems of Systems
Research with graduate students pursuing systems engineering degreesAll students professionally employed in system engineering activities
[email protected], attributed copies permitted 7
All students professionally employed in system engineering activities~80 students involved so far
Defining AgilityAgility is effective response to opportunity and problem,
ithi i i lwithin mission ... always.
An effective response is one that is: ti l (f t h t d li l ) timely (fast enough to deliver value), affordable (at a cost that leaves room for an ROI), predictable (can be counted on to meet expectations), h i ( thi / thi ithi i i b d ) comprehensive (anything/everything within mission boundary).
An ineffective response is failure - there is zero tolerance for failure today. Y thi k f A ilit R i it V i tYou can think of Agility as Requisite Variety.You can think of Agility as proactive Risk Management.
Th i k i d di h f il bli dThe trick is understanding the nature of agile-enabling concepts, and how they can be applied to any type of system.
[email protected], attributed copies permitted 8
Domain Independent
Class 1 Agile Systems are Reconfigurableg y g
Useful Metaphors:
atyr
osad
o.co
m/
p
Plug-and-Play – Drag-and-Drop
(UAST)Nat
y R
osad
o, h
ttp://
na
Cl 2 A il S R fi iClass 2 Agile Systems are Reconfiguring
htm
l?l=
w&
p=6
Useful Metaphors:
Ecologies, Evolution, MAS
(UASoS)ls, w
ww
.yes
sy.c
om/a
rtis
ts.h
[email protected], attributed copies permitted 9
(UASoS)
Hel
en W
ell
www kennentech com/Pubs/2009-OnDetectingAndClassifyingAberrantBehaviorInUAS pdf
“There is no difficulty, in principle, in developing synthetic organisms as
www.kennentech.com/Pubs/2009 OnDetectingAndClassifyingAberrantBehaviorInUAS.pdf
complex and as intelligent as we please. But we must notice two fundamental qualifications; first, their intelligence will be an adaptation to, and a specialization towards, their particular environment, with no implication of validity for any other environment such as ours; andimplication of validity for any other environment such as ours; and secondly, their intelligence will be directed towards keeping their own essential variables within limits. They will be fundamentally selfish.
[email protected], attributed copies permitted 10
Principles of the self-organizing system, W. Ross Ashby, 1962
Problem and ObservationSelf Organizing Systems of Systems are too complex to test beyond “ i i l” f i li d “ ” i li“minimal” functionality and “apparent” rationality.Autonomous self organizing entities are willful, with a mind of their own.Unpredictable emergent behavior will occur in unpredictable situations.Emergent behavior is necessary and desirable (when appropriate).Inevitable: sub-system failure, command failure, enemy possession.UAS will work together as swarms and packs and teamsUAS will work together as swarms and packs and teams.Even human social systems exhibit unintended “lethal” consequences.--------I bi l i l i l t b it / f b h i b dIn biological social systems, members monitor/enforce behavior bounds.Could UAS have built-in socially attentive monitoring (SAM) on mission?Could UAST employ SAM proxies for antisocial UAS?Challenges: 1) “Learning” the behavior patterns to monitor.2) Technology for monitoring complex dynamic patterns in real time
[email protected], attributed copies permitted 11
2) Technology for monitoring complex dynamic patterns in real time.3) Decisive counter-consequence action.
Survey on Lethality Responsibility
www.cc.gatech.edu/ai/robot-lab/online-publications/MoshkinaArkinTechReport2008.pdf
y yand Autonomous
Systems
Responsibility forResponsibility for Lethal Errors by
Responsible Party. The soldier was bl
e Pa
rty
found to be the most responsible party, and robots
the least Res
pons
ib
the least. R
Lethality and Autonomous Systems:Survey Design and Results,
Lilia Moshkina, Ronald C. Arkin,Technical Report GIT-GVU-07-16, Mobile Robot Laboratory,
College of Computing Georgia Institute of Technology p 30 2007
[email protected], attributed copies permitted 12
College of Computing, Georgia Institute of Technology, p. 30, 2007
www.cc.gatech.edu/ai/robot-lab/online-publications/MoshkinaArkinTechReport2008.pdf
Applicability of ethical categories is ranked from more concrete and specific to more general and subjective.
[email protected], attributed copies permitted 13
Lilia Moshkina, Ronald C. Arkin, Lethality and Autonomous Systems: Survey Design and Results,Technical Report GIT-GVU-07-16, Mobile Robot Laboratory, College of Computing, Georgia Institute of Technology, p. 29, 2007
FourThe Three Laws
of Robotics
0) A robot may not harm humanity or by
of Robotics(Isaac Asimov)
0) A robot may not harm humanity, or, by inaction, allow humanity to come to harm (added later).
1) A robot may not injure a human being1) A robot may not injure a human being or, through inaction, allow a human being to come to harm.
2) A robot must obey orders given it by2) A robot must obey orders given it by human beings except where such orders would conflict with the First Law.
3) A robot must protect its own existence3) A robot must protect its own existence as long as such protection does not conflict with the First or Second Law.
[email protected], attributed copies permitted 14
This cover of I, Robot illustrates the story "Runaround", the first to list
all Three Laws of Robotics (Asimov 1942)
Self Organizing InevitabilityIsaac Asimov's three laws of robotics were developed to allow UxVs to coexist
ith h d l h ld d b h (i d b t )with humans, under values held dear by humans (imposed on robots). These were not weapon systems.Asimov’s robots existed in a peaceful social environment. Ours are birthing into a community of warfighters with enemies cyber warfare great destructivecommunity of warfighters, with enemies, cyber warfare, great destructive capabilities, human confusion, and a code of war. Ashby notes that a self organizing system by definition behaves selfishly, and warns that its behaviors may be at odds with its creators.So – can we afford to build truly self organizing systems? A foolish question. We will do that regardless of the possible dangers, just as we opened the door to atomic energy, bio hazards, organism creation, nanotechnology and financial meltdownnanotechnology, and financial meltdown.Can a cruise missile on a mission be hacked and turned to the enemy’s bidding? Perhaps we can say that it hasn’t occurred yet. Can a cruise missile get sick or confused, and hit something it shouldn’t? That’s happened.The issue is not “has it happened”. The issue is “can it happen”.
We cannot test-away bad things from happening,
[email protected], attributed copies permitted 15
y g pp gso we better be vigilant for signs of imminence,
and have actionable options when the time has come.
Four Selfish (Potential) Guiding Principles(for synthetics)
Protection of selfProtection of others of like kind
P t ti f i iProtection of missionProtection of permission to exist (civilians, public assets)
A safety mechanism based on principles, for we can never itemize
all of thesituational patterns
and theappropriate response to eachappropriate response to each
[email protected], attributed copies permitted 16
Aberrant behavior arising in a stable social systemis detected and opposed
Example: Female penguin attempting to steal a replacement egg for the one she lost is prevented from doing so by othersfor the one she lost is prevented from doing so by others.
[email protected], attributed copies permitted 17
wip.warnerbros.com/marchofthepenguins/
Ganging Up on Aberrant BehaviorQueenless ponerine ants have no queen caste. All females are workers who can potentially mate and
T. Monnin, F.L.W. Ratnieks, G.R. Jones, R. Beard, Pretender punishment induced by chemical signaling in a queenless ant, Nature, V. 419, 5Sep2002
females are workers who can potentially mate and reproduce. A single “gamergate” emerges, by virtue of alpha rank in a near-linear dominance hierarchy of about 3–5 high-ranking workers. Usually the beta replaces the gamergate if sheUsually the beta replaces the gamergate if she dies. A high-ranker can enhance her inclusive fitness by overthrowing the gamergate, rather than waiting for her to die naturally.( ) T d b h i th t (l ft)(a) To end coup behavior, the gamergate (left) approaches the pretender, usually from behind or from the side, briefly rubs her sting against the pretender depositing a chemical signal, then runs
l i b t di i li t thaway, leaving subsequent discipline to others. (b) One to six low-ranking workers bite and hold the appendages of the pretender for up to 3–4 days with workers taking turns. Immobilization y gcan last several days, and typically results in the pretender losing her high rank. It is not clear why punishment causes loss of rank, but it is probably a combination of the stress caused by
[email protected], attributed copies permitted 18
a combination of the stress caused by immobilization and being prevented from performing dominance behaviours. Occasionally the immobilized individual is killed outright.http://lasi.group.shef.ac.uk/pdf/mrjbnature2002.pdf
Promising Things to Leverage
Social pattern monitoring
Relationships (Gal Kaminka, Ph.D. dissertation)
T j t i (St h I till Ph D di t ti ) Trajectories (Stephan Intille, Ph.D. dissertation)
Emergence (Sviatoslav Braynov, repurposed algorithm concepts)
Technology and Knowledge
Human expertise (Gary Klein, Phillip Ross, Herb Simon)
Biological feedforward hierarchies (Thomas Serre, Ph.D. dissertation)
Parallel pattern processor (Curt Harris, VLSI architecture)
[email protected], attributed copies permitted 19
Accuracy: Decentralized Beats Centralized MonitoringFrom: Gal A. Kaminka, Execution Monitoring in Multi-Agent Environments, Ph.D. Dissertation, USC, 2000, p. 6.
i i d / / lk/P bli ti /di fi l
“We explore socially-attentive algorithms for detecting teamwork failures under various conditions of uncertainty, resulting from the necessity of selectivity.
www.isi.edu/soar/galk/Publications/diss-final.ps.gz.
We analytically show that despite the presence of uncertainty about the actual state of monitored agents, a centralized active monitoring scheme can guarantee failure detection that is either sound and incomplete, or complete and unsound.[centralized: no false positives (sound) or no false negatives (complete) not both][centralized: no false positives (sound) or no false negatives (complete), not both]However, this requires monitoring all agents in a team, and reasoning about multiple hypotheses as to their actual state.We then show that active distributed teamwork monitoring results in sound and e t e s o t at act e d st buted tea o o to g esu ts sou d a dcomplete detection capabilities, despite using a much simpler algorithm. By exploring the agents’ local states, which are not available to the centralized algorithm, the distributed algorithm: (a) uses only a single, possibly incorrect hypothesis of the actual state of monitored agents, and (b) involves monitoringhypothesis of the actual state of monitored agents, and (b) involves monitoring only key agents in a team, not necessarily all team-members (thus allowing even greater selectivity).
[email protected], attributed copies permitted 20
Execution Monitoring in Multi-Agent Environments
A key goal of monitoring other agents:
Gal A. Kaminka, Execution Monitoring in Multi-Agent Environments, Ph.D. Dissertation, USC, www.isi.edu/soar/galk/Publications/diss-final.ps.gz.
Detect violations of the relationships that agent is involved in Compare expected relationships to
those actually maintainedthose actually maintained Diagnose violations,
leading to recoveryenemy
tt kattacker
incorrectlyMotivation for relationship failure-detection: Cover large class of failures Critical for robust performance of entire team
yattackercorrectly
waiting forscout report
incorrectlyflying with
scoutscout
lookingfor enemy
Relationship models specify how agents’ states are related: Formation model specifies relative velocities, distances
Team ork model specifies that team plans jointl e ec ted Teamwork model specifies that team plans jointly executed Many others: Coordination, mutual exclusion, etc.
Agent Modeling:
[email protected], attributed copies permitted 21
Agent Modeling: Infer agents state from observed actions via plan-recognition Monitor agents, attributes specified by relationship models
Identifying Football Play Patterns from Real Game FilmsVisual Recognition of Multi-Agent Action
Stephen Sean Intille Ph D Thesis MIT 1999Stephen Sean Intille, Ph.D.Thesis, MIT, 1999http://web.media.mit.edu/~intille/papers-files/thesis.pdf.
A p51curl play. Doesn’t happen like the chalk board, but is still recognizable.Chalk board patterns a receiver can run.
The task of recognizing American football plays was selected to investigate the general problem of multi-agent action recognition.
[email protected], attributed copies permitted 22
This work indicates one method for monitoringmulti-agent performance according to plan
Maybe Even….Detecting Emergent Behaviors in ProcessSviatoslav Braynov, Murtuza Jadliwala, Detecting Malicious Groups of Agents.
The First IEEE Symposium on Multi-Agent Security and Survivability, 2004.
“In this paper, we studied coordinated attacks and the problem of detecting malicious networks of attackers. The paper proposed a formal method and an algorithm for detecting action interference between users The output of the
The First IEEE Symposium on Multi Agent Security and Survivability, 2004.
algorithm for detecting action interference between users. The output of the algorithm is a coordination graph which includes the maximal malicious group of attackers including not only the executers of an attack but also their assistants. The paper also proposed a formal metric on coordination graphs that help differentiate central from peripheral attackers ”differentiate central from peripheral attackers.“Because the methods proposed in the paper allow for detecting interference between perfectly legal actions, they can be used for detecting attacks at their early stages of preparation. For example, coordination graphs can show all agents and activities directly or indirectly related to suspicious users.
------------------------- conjecture begging investigation -------------------------This work focused on identifying the members of a group of “perpetrators” among a group of “benigns” based on their cooperative behaviors in causing anamong a group of benigns”, based on their cooperative behaviors in causing an event. It is applied in both forensic analysis and in predictive trend spotting.It may be a methodology for identifying the conditions of specific emergent behavior after the fact – for “learning” new patterns of future use.
[email protected], attributed copies permitted 23
It may also provide an early warning mechanism for detecting emergent aberrant team behavior, rather than aberrant UAS behavior.
The RPD (Recognition Primed Decision) model offers an account of situation awareness. It presents several aspects of situation awareness that emerge once asituation awareness that emerge once a person recognizes a situation. These are the relevant cues that need to be monitored, the plausible goals to pursue and actions to consider and theand actions to consider, and the expectancies. Another aspect of situation awareness is the leverage points. When an expert describes a situation to someone else he or she may highlightsomeone else, he or she may highlight these leverage points as the central aspects of the dynamics of the situation.Experts see inside events and objects. Th h t l d l f h t kThey have mental models of how tasks are supposed to be performed, teams are supposed to coordinate, equipment is supposed to function. This model lets th k h t t t d l t ththem know what to expect and lets them notice when the expectancies are violated. These two aspects of expertise are based, in part, on the experts’ mental
d l
[email protected], attributed copies permitted 24
models.
Garry Klein (1998) Sources of Power: How people make decisions, 2nd MIT Press paperback edition, Cambridge, MA. page 152
'Field Sense’ Gretzky-StyleFive seconds of the 1984 hockey game between the Edmonton Oilers and thebetween the Edmonton Oilers and the Minnesota North Stars: The star of this sequence is Wayne Gretzky, widely considered the greatest h k l f ll ti I th f thockey player of all time. In the footage, Gretzky, barreling down the ice at full speed, draws the attention of two defenders. As they converge on what everyone assumes will be a shot oneveryone assumes will be a shot on goal, Gretzky abruptly fires the puck backward, without looking, to a teammate racing up the opposite wing.The pass is timed so perfectly that theThe pass is timed so perfectly that the receiver doesn't even break stride. "Magic," Vint says reverently. A researcher with the US Olympic Committee he collects moments likeCommittee, he collects moments like this. Vint is a connoisseur of what coaches call field sense or "vision," and he makes a habit of deconstructing psychic plays: analyzing the steals of
[email protected], attributed copies permitted 25
Jennifer Kahn, Wayne Gretzky-Style 'Field Sense' May Be Teachable, Wired Magazine, May 22, 2007.
www.wired.com/science/discoveries/magazine/15-06/ff_mindgames#
psychic plays: analyzing the steals of Larry Bird and parsing Joe Montana's uncanny ability to calculate the movements of every person on the field.
The Stuff of ExpertiseResearch indicates that human expertise (extreme domain specific sense-making) i i il tt f i f l tt tit t b ttis primarily a matter of meaningful pattern quantity – not better genes. According to an interview with Nobel Prize winner Herb Simon (Ross 1998), people considered truly expert in a domain (e.g. chess masters, medical diagnosticians) are thought unable to achieve that level until they’ve accumulated g ) g ysome 200,000 to a million meaningful patterns, requiring some 20,000 hours of purposeful focused pattern development. The accuracy of their sense making is a function of the breadth and depth of their pattern catalogpattern catalog. In biological entities, the accumulation of large expert-level pattern quantities does not manifest as slower recognition time. All patterns seem to be considered simultaneously for decisive action. There is no p ysearch and evaluation activity evident. On the contrary, automated systems, regardless of how they obtain and represent learned reference patterns, execute time-consuming sequential steps to sort through pattern libraries and perform statistical feature mathematicsthrough pattern libraries and perform statistical feature mathematics. This is the nature of the computing mechanisms and recognition algorithms employed in this service.
[email protected], attributed copies permitted 26
Philip Ross (1998), “Flash of Genius,” an interview with Herbert Simon,Forbes, November 16, pp. 98- 104, www.forbes.com//forbes/1998/1116/6211098a.html.
Also: Philip Ross, The Expert Mind, Scientific American, July 2006
Rapid visual categorization
Visual input can be classified very rapidly around 120 msec
ReverseEngineering
the Brainvery rapidly…around 120 msec following image onset…At this speed, it is no surprise that subjects often respond without having consciously seen thehaving consciously seen the image; consciousness for the image may come later or not at all. Dual-task and dual-presentation pparadigms support the idea that such discriminations can occur in the near-absence of focal, spatial attention, implying that purely feed forward networks canfeed-forward networks can support complex visual decision-making in the absence of both attention and consciousness.This has now been formallyThis has now been formally shown in the context of a purely feed-forward computational model of the primate’s ventral visual system (Serre et al., 2007).
[email protected], attributed copies permitted 27
y ( , )
www.technologyreview.com/printer_friendly_article.aspx?id=17111www.scholarpedia.org/article/Attention_and_consciousness/processing_without_attention_and_consciousness
Explaining Rapid Categorization.
[email protected], attributed copies permitted 28
Explaining Rapid Categorization. Thomas Serre, Aude Oliva, Tomaso Poggio.http://cbcl.mit.edu/seminars-workshops/workshops/serre-slides.pdf
The Monitoring Selectivity Problem:Unacceptable Accuracy Compromise
From: Gal A. Kaminka, Execution Monitoring in Multi-Agent Environments, Ph.D. Dissertation, USC, 2000, pp. 3-4. i i d / / lk/P bli ti /di fi l
“A key problem emerges when monitoring multiple agents: a monitoring agent must be selective in its monitoring activities (both raw observations and processing), since bandwidth and computational limitations prohibit the agent f f
www.isi.edu/soar/galk/Publications/diss-final.ps.gz.
from monitoring all other agents to full extent, all the time.However, selectivity in monitoring activities leads to uncertainty about monitored agent’s states, which can lead to degraded monitoring performance. We call this challenging problem the Monitoring Selectivity Problem: Monitoring multiplechallenging problem the Monitoring Selectivity Problem: Monitoring multiple agents requires overhead that hurts performance; but at the same time, minimization of the monitoring overhead can lead to monitoring uncertainty that also hurts performance.Key questions remain open:Key questions remain open: What are the bounds of selectivity that still facilitate effective monitoring? How can monitoring accuracy be maintained in the face of limited knowledge of
other agents’ states?other agents states? How can monitoring be carried out efficiently for on-line deployment?This dissertation begins to address the monitoring selectivity problem in teams by investigating requirements for effective monitoring in two monitoring tasks:
[email protected], attributed copies permitted 29
y g g g gDetecting failures in maintaining relationships, and determining the state of a distributed team (for both faire detection and visualization).
Processor Recognition Speed Independent ofPattern Quantity and Complexity
Snort chart source: Alok Tongaonkar, Sreenaath Vasudevan, R. Sekar, Fast Packet Classification for Snort by Native Compilation of Rules, Proceedings of the 22nd Large Installation System Administration Conference (LISA '08), USENIX, Nov 9–14, 2008.
www usenix org/events/lisa08/tech/full papers/tongaonkar/tongaonkar html/index htmlwww.usenix.org/events/lisa08/tech/full_papers/tongaonkar/tongaonkar_html/index.html
4000
Processor info source: Rick Dove, Pattern Recognition without Tradeoffs: Scalable Accuracy with No Impact on Speed, To appear in Proceedings of Cybersecurity Applications & Technology Conference For Homeland Security, IEEE, April 2009.
www.kennentech.com/Pubs/2009-PatternRecognitionWithoutTradeoffs-6Page.pdf.
3000
Nanosecondsper Packet
8 million real packets run on3.06 GHz Intel Xenon processor
2000 Snort 2.6Packet Header
I t t
1000
InterpreterInterpreter
Replaced withNative Code
0100 200 300 400 500 6000 40
Pattern processor comparative speed
(unbounded)
[email protected], attributed copies permitted 30
Comparison shows pattern processor’s flat constant speed recognition vs typical computational alternative. Example chosen for ready availability.
Number of Rules Employed
Reconfigurable Pattern ProcessorReusable Cells Reconfigurable in a Scalable Architecture
Up to 256 possible features
Independent detection cell: content addressableby current input byte
Cell-satisfaction output pointers
Up to 256 possible features can be “satisfied” by all so-designated byte values
Cell-satisfaction
If active, and satisfied with current byte, can activate
other designated cellsincluding itself Cell-satisfaction
activation pointersincluding itself
Individual detection cells are configuredIndividual detection cells are configured into feature cell machines by linking activation pointers (adjacent-cell pointers not depicted here)
an unbounded number of feature cells configured as feature-cell machines can extend indefinitely across multiple processors
[email protected], attributed copies permitted 31
All active cells have simultaneous access to current data-stream byte
Simple Example: Pattern Classification Method Suitable for Many Syntactic, Attributed Grammar, and Statistical Approaches
Reinitialization Transforms Output Register R
Logical Intersection Transforms
Logical Union Transforms
Threshold Counter Transforms
p g
Output Register S
Output Register P
Output Register T
Very SimpleWeighted Feature
Example
½ Million Detection Cells
Output Transform Pointers
FCM Activation Pointers Output Transform Pointers
Multiple Threshold Down Counters
Configured FCMsM1 M2 M3 M4 M5 Mn
Layered Architecture Stack Partial Conceptual Architecture Stack
Class-1Class-2Class-3
Weight=2
Weight=3counter 1counter 2counter 3
classification output occurs for any down output
i tT3T2
T1
Class 3Class-4
counter 3counter 4 counter reaching zero pointers
T1 T2T4T1T3 T4
T4T3
T4T3T2
T3T2
T4T3T1
T4T3 T3
T4T3
FCM-1 FCM-2 FCM-3 FCM-4 FCM-6 FCM-7 FCM-nFCM-5
[email protected], attributed copies permitted 32
Additional transforms provide sub-pattern combination logicFinite Cell Machines, as depicted, could represent sub-patterns or “chunked” features shared by multiple
pattern classes. Padded FCM-7 and FCM-n increase feature weight with multiple down counts.On detecting and classifying aberrant behavior in unmanned autonomous systems under test and on mission,
www.kennentech.com/Pubs/2009-OnDetectingAndClassifyingAberrantBehaviorInUAS.pdf
Value-Based Feature Example
A reference pattern example for behavior-verification of a mobile objectA reference pattern example for behavior-verification of a mobile object.Is it traveling within the planned space/time envelop?
Using GPS position data: Latitude, Longitude, Altitude.
OutputF = failureS = success
absolute relativelinear, log or other scale F F F S
256distancevalues
minimumseparation
LAT
LON
ALT
LAT
LON
ALT
showing acceptable ranges of values
LAT
LON
ALT
FCM configured toclassify failure/success
[email protected], attributed copies permitted 33
On detecting and classifying aberrant behavior in unmanned autonomous systems under test and on mission,www.kennentech.com/Pubs/2009-OnDetectingAndClassifyingAberrantBehaviorInUAS.pdf
Example: Monitoring Complex Multi-Agent Behaviors
Packetized data can use multi-part headersPacketized data can use multi-part headers to activate appropriate reference pattern sets for different times
OutputF = failureS = success
UAS 1002on task 3018
F F F S UAS 1002on task 3002
F F F S
LAT
Task ID003.018
LON
ALT
UAS ID001.002
FCM-49
Task ID003.002
LAT
LON
ALT
UAS ID001.002
FCM-50
[email protected], attributed copies permitted 34
On detecting and classifying aberrant behavior in unmanned autonomous systems under test and on mission,www.kennentech.com/Pubs/2009-OnDetectingAndClassifyingAberrantBehaviorInUAS.pdf
Hybrid Adaptation Could Improve on Natural Systems
li tEvolutionary
l tiLearningi di id l
Hybrid or Augmentedith
Nature has sufficient, but not necessarily optimal, systems – One example:
applies tooutcome
time for one loop to execute
populationsproduces new design featuresperiod between generations –
individualsimproves use of fixed designperiod for one action (sense-process-decide-act)
eithermay be able to do both, or do either bettercould be accelerated
to execute
parallelism of
generations generally slow compared to timescale of actions
(sense process decide act) loop, plus the associated learning (observe action consequences – process –make changes) loop.serial – an individual could use learning mechanismparallelism of
processing through interaction
highly parallel – everymember of the populationis a simultaneousexperiment
serial an individual system or organism experiments with one strategy at a time
could use learning mechanism to create directed evolution, and evolutionary strategies to improve learning. Could also parallelize learning through either parallel processing in
context sensitivity
‘evaluating’ the fitness of one set of variations
in retrospect only –through some
in anticipation – i.e. before choice of action or
single individual, or through networking a population of learning systems.could extend context sensitivity to influence design
alignment of
variations turning out to be fitter in the context than others
100%
response, as well as in retrospect through feedback from consequences of actionhighly variable
choices as well as action choices
could improve alignment in
[email protected], attributed copies permitted 35
fitness and selection mechanism
learning systems by developing better proxies for fitness to drive selection
Grisogono, A.M. “The Implications of Complex Adaptive Systems Theory for C2.” Proceedings of the 2006 Command and Control Research and Technology Symposium, 2006, www.dodccrp.org/events/2006_CCRTS/html/papers/202.pdf
Related Implications and PointsT&E cannot be limited to pre-deployment – it must be an ongoing never-ending
ti it b ilt i t th S S ti th dactivity built-in to the SoS operating methods.
LVC – Put the tester into the environment – total VR immersion – as a player with intervention capability (the ultimate driving machine) Humans will “see”intervention capability (the ultimate driving machine). Humans will see experientially and recognize things in real-time that forensics and remote data analysis will not recognize.
These things we build are not children that we can watch and guide and correct. They need to have a sense of ethics and principles that inform unforeseen situational response.
The biological “expertise” pattern recognition capability needs to exist in both the testing environment and on-board. We are building intelligent willful entities that carry weapons.
[email protected], attributed copies permitted 36
Current StatusKaminka’s Socially Attentive Monitoring examples are modeled.Intelle’s trajectory recognition modeling is started.Serre’s feedforward hierarchy image recognition scheduled for Q2.
These algorithm models are being added to others in a wikiinvestigating collaborative parallel-algorithm development.
A l t / il i t f l ith d liA processor emulator/compiler exists for algorithm modeling.One defense contractor already working on classified project.VLSI availability eta Q1 2010.
500 000 f t ll t d f fi t ti ili~500,000 feature cells expected for first generation silicon.Chips can be combined for unbounded scalability.
K i ki i i bl k i h hi biliKennen is seeking interesting problems to attack with this new capability……a wiki on parallel recognition algorithms now in process
[email protected], attributed copies permitted 37
This work was supported in part by the U.S. Department of Homeland Security award NBCHC070016.