Publications
Characterization of disinformation networks using graph embeddings and opinion mining
November 26, 2019
Conference Paper
Published in:
2019 European Intelligence and Security Informatics Conference, EISIC, 26-27 November 2019.
Topic:
Summary
Global social media networks' omnipresent access, real time responsiveness and ability to connect with and influence people have been responsible for these networks' sweeping growth. However, as an unintended consequence, these defining characteristics helped create a powerful new technology for spread of propaganda and false information. We present a novel approach for characterizing disinformation networks on social media and distinguishing between different network roles using graph embeddings and hierarchical clustering. In addition, using topic filtering, we correlate the node characterization results with proxy opinion estimates.We plan to study opinion dynamics using signal processing on graphs approaches using longer-timescale social media datasets with the goal to model and infer influence among users in social media networks.
Summary
Global social media networks' omnipresent access, real time responsiveness and ability to connect with and influence people have been responsible for these networks' sweeping growth. However, as an unintended consequence, these defining characteristics helped create a powerful new technology for spread of propaganda and false information. We present a novel...
READ MORE
FirmFuzz: automated IOT firmware introspection and analysis
November 15, 2019
Conference Paper
Published in:
2nd Workshop on the Internet of Things Security and Privacy, IoT S&P '19, 15 November 2019.
Topic:
R&D area:
R&D group:
Summary
While the number of IoT devices grows at an exhilarating pace their security remains stagnant. Imposing secure coding standards across all vendors is infeasible. Testing individual devices allows an analyst to evaluate their security post deployment. Any discovered vulnerabilities can then be disclosed to the vendors in order to assist them in securing their products. The search for vulnerabilities should ideally be automated for efficiency and furthermore be device-independent for scalability. We present FirmFuzz, an automated device-independent emulation and dynamic analysis framework for Linux-based firmware images. It employs a greybox-based generational fuzzing approach coupled with static analysis and system introspection to provide targeted and deterministic bug discovery within a firmware image. We evaluate FirmFuzz by emulating and dynamically analyzing 32 images (from 27 unique devices) with a network accessible from the host performing the emulation. During testing, FirmFuzz discovered seven previously undisclosed vulnerabilities across six different devices: two IP cameras and four routers. So far, 4 CVE's have been assigned.
Summary
While the number of IoT devices grows at an exhilarating pace their security remains stagnant. Imposing secure coding standards across all vendors is infeasible. Testing individual devices allows an analyst to evaluate their security post deployment. Any discovered vulnerabilities can then be disclosed to the vendors in order to assist...
READ MORE
Cultivating professional technical skills and understanding through hands-on online learning experiences
October 23, 2019
Conference Paper
Published in:
2019 IEEE Learning with MOOCS, LWMOOCS, 23-25 October 2019.
Topic:
R&D area:
R&D group:
Summary
Life-long learning is necessary for all professions because the technologies, tools and skills required for success over the course of a career expand and change. Professionals in science, technology, engineering and mathematics (STEM) fields face particular challenges as new multi-disciplinary methods, e.g. Machine Learning and Artificial Intelligence, mature to replace those learned in undergraduate or graduate programs. Traditionally, industry, professional societies and university programs have provided professional development. While these provide opportunities to develop deeper understanding in STEM specialties and stay current with new techniques, the constraints on formal classes and workshops preclude the possibility of Just-In-Time Mastery Learning, particularly for new domains. The MIT Lincoln Laboratory Supercomputing Center (LLSC) and MIT Supercloud teams have developed online course offerings specifically designed to provide a way for adult learners to build their own educational path based on their immediate needs, problems and schedules. To satisfy adult learners, the courses are formulated as a series of challenges and strategies. Using this perspective, the courses incorporate targeted theory supported by hands-on practice. The focus of this paper is the design of Mastery, Just-in-Time MOOC courses that address the full space of hands-on learning requirements, from digital to analog. The discussion centers on the design of project-based exercises for professional technical education courses. The case studies highlight examples from courses that incorporate practice ranging from the construction of a small radar used for real world data collection and processing to the development of high performance computing applications.
Summary
Life-long learning is necessary for all professions because the technologies, tools and skills required for success over the course of a career expand and change. Professionals in science, technology, engineering and mathematics (STEM) fields face particular challenges as new multi-disciplinary methods, e.g. Machine Learning and Artificial Intelligence, mature to replace...
READ MORE
Investigation of the relationship of vocal, eye-tracking, and fMRI ROI time-series measures with preclinical mild traumatic brain injury
October 19, 2019
Abstract
Published in:
Neuroscience 2019
Summary
In this work, we are examining correlations between vocal articulatory features, ocular smooth pursuit measures, and features from the fMRI BOLD response in regions of interest (ROI) time series in a high school athlete population susceptible to repeated head impact within a sports season. Initial results have indicated relationships between vocal features and brain ROIs that may show which components of the neural speech networks effected are effected by preclinical mild traumatic brain injury (mTBI). The data used for this study was collected by Purdue University on 32 high school athletes over the entirety of a sports season (Helfer, et al., 2014), and includes fMRI measurements made pre-season, in-season, and postseason. The athletes are 25 male football players and 7 female soccer players. The Immediate Post-Concussion Assessment and Cognitive Testing suite (ImPACT) was used as a means of assessing cognitive performance (Broglio, Ferrara, Macciocchi, Baumgartner, & Elliott, 2007). The test is made up of six sections, which measure verbal memory, visual memory, visual motor speed, reaction time, impulse control, and a total symptom composite. Using each test, a threshold is set for a change in cognitive performance. The threshold for each test is defined as a decline from baseline that exceeds one standard deviation, where the standard deviation is computed over the change from baseline across all subjects’ test scores. Speech features were extracted from audio recordings of the Grandfather Passage, which provides a standardized and phonetically balanced sample of speech. Oculomotor testing included two experimental conditions. In the smooth pursuit condition, a single target moving circularly, at constant speed. In the saccade condition, a target was jumped between one of three location along the horizontal midline of the screen. In both trial types, subjects visually tracked the targets during the trials, which lasted for one minute. The fMRI features are derived from the bold time-series data from resting state fMRI scans of the subjects. The pre-processing of the resting state fMRI and accompanying structural MRI data (for Atlas registration) was performed with the toolkit CONN (Whitfield-Gabrieli & Nieto-Castanon, 2012). Functional connectivity was generated using cortical and sub-cortical atlas registrations. This investigation will explores correlations between these three modalities and a cognitive performance assessment.
Summary
In this work, we are examining correlations between vocal articulatory features, ocular smooth pursuit measures, and features from the fMRI BOLD response in regions of interest (ROI) time series in a high school athlete population susceptible to repeated head impact within a sports season. Initial results have indicated relationships between...
READ MORE
Multi-Objective Graph Matching via Signal Filtering
October 11, 2019
Journal Article
Published in:
IEEE Signal Processing Magazine Special Issue on GSP [submitted]
Topic:
R&D area:
Summary
In this white paper we propose a new method which exploits tools from graph signal processing to solve the graph matching problem, the problem of estimating the correspondence between the vertex sets of two graphs. We recast the graph matching problem as matching multiple similarity matrices where the similarities are computed between filtered signals unique to eachnode. Using appropriate graph filters, these similarity matrices can emphasize long or short range behavior and the method will implicitly search for similarities between the graphs and at multiple scales. Our method shows substantial improvementsover standard methods which use the raw adjacency matrices, especially in low-information environments.
Summary
In this white paper we propose a new method which exploits tools from graph signal processing to solve the graph matching problem, the problem of estimating the correspondence between the vertex sets of two graphs. We recast the graph matching problem as matching multiple similarity matrices where the similarities are...
READ MORE
An Eye on the Storm: Tracking Power Outages via the Internet of Things
October 4, 2019
Conference Paper
Published in:
Grace Hopper Celebration 2019 [submitted]
Topic:
R&D area:
Summary
Assessing the extent of power outages in the wake of disasters is a crucial but daunting challenge. We developed a prototype to estimate and map the severity and location of power outages throughout an event by taking advantage of IoT as a non-traditional power-sensing network. We present results used by FEMA and other responders during multiple major hurricanes, such as Harvey, Irma, and Maria.
Summary
Assessing the extent of power outages in the wake of disasters is a crucial but daunting challenge. We developed a prototype to estimate and map the severity and location of power outages throughout an event by taking advantage of IoT as a non-traditional power-sensing network. We present results used by...
READ MORE
Uncovering human trafficking networks through text analysis
October 1, 2019
Conference Paper
Published in:
2019 Grace Hopper Celebration, 1-4 October 2019.
Topic:
R&D area:
Summary
Human trafficking is a form of modern-day slavery affecting an estimated 40 million victims worldwide, primarily through the commercial sexual exploitation of women and children. In the last decade, the advertising of victims has moved from the streets to websites on the Internet, providing greater efficiency and anonymity for sex traffickers. This shift has allowed traffickers to list their victims in multiple geographic areas simultaneously, while also improving operational security by using multiple methods of electronic communication with buyers; complicating the ability of law enforcement to disrupt these illicit organizations. In this presentation, we present a novel unsupervised template matching algorithm for analyzing and detecting complex organizations operating on adult service websites. We apply this method to a large corpus of adult service advertisements retrieved from backpage.com, and show that the networks identified through the algorithm match well with surrogate truth data derived from phone number networks in the same corpus. Further exploration of the results show that the proposed method provides deeper insights into the complex structures of sex trafficking organizations, not possible through networks derived from phone numbers alone. This method provides a powerful new capability for law enforcement to more completely identify and gather evidence about trafficking operations
Summary
Human trafficking is a form of modern-day slavery affecting an estimated 40 million victims worldwide, primarily through the commercial sexual exploitation of women and children. In the last decade, the advertising of victims has moved from the streets to websites on the Internet, providing greater efficiency and anonymity for sex...
READ MORE
Security Design of Mission-Critical Embedded Systems
September 24, 2019
Abstract
Published in:
HPEC 2019: IEEE Conf. on High Performance Extreme Computing, 22-24 September 2019.
Topic:
R&D area:
R&D group:
Summary
This tutorial explains a systematic approach of co-designing functionality and security into mission-criticalembedded systems. The tutorial starts by reviewing common issues in embedded applications to define mission objectives,threat models, and security/resilience goals. We then introduce an overview of security technologies toachieve goals of confidentiality, integrity, and availability given design criteria and a realistic threatmodel. The technologies range from practical cryptography and key management, protection of data atrest, data in transit, and data in use, and tamper resistance.A major portion of the tutorial is dedicated to exploring the mission critical embedded system solutionspace. We discuss the search for security vulnerabilities (red teaming) and the search for solutions (blueteaming). Besides the lecture, attendees, under instructor guidance, will perform realistic andmeaningful hands-on exercises of defining mission and security objectives, assessing principal issues,applying technologies, and understanding their interactions. The instructor will provide an exampleapplication (distributed sensing, communicating, and computing) to be used in these exercises.Attendees could also bring their own applications for the exercises.Attendees are encouraged to work collaboratively throughout the development process, thus creatingopportunities to learn from each other. During the exercise, attendees will consider the use of varioussecurity/resilience features, articulate and justify the use of resources, and assess the system’ssuitability for mission assurance. Attendees can expect to gain valuable insight and experience in thesubject after completing the lecture and exercises.The instructor, who is an expert and practitioner in the field, will offer insight, advice, and concreteexamples and discussions. The tutorial draws from the instructor’s decades of experience in secure,resilient systems and technology.
Summary
This tutorial explains a systematic approach of co-designing functionality and security into mission-criticalembedded systems. The tutorial starts by reviewing common issues in embedded applications to define mission objectives,threat models, and security/resilience goals. We then introduce an overview of security technologies toachieve goals of confidentiality, integrity, and availability given design criteria...
READ MORE
Hypersparse neural network analysis of large-scale internet traffic
September 24, 2019
Conference Paper
Published in:
IEEE High Performance Extreme Computing Conf., HPEC, 24-26 September 2019.
Topic:
R&D area:
R&D group:
Summary
The Internet is transforming our society, necessitating a quantitative understanding of Internet traffic. Our team collects and curates the largest publicly available Internet traffic data containing 50 billion packets. Utilizing a novel hypersparse neural network analysis of "video" streams of this traffic using 10,000 processors in the MIT SuperCloud reveals a new phenomena: the importance of otherwise unseen leaf nodes and isolated links in Internet traffic. Our neural network approach further shows that a two-parameter modified Zipf-Mandelbrot distribution accurately describes a wide variety of source/destination statistics on moving sample windows ranging from 100,000 to 100,000,000 packets over collections that span years and continents. The inferred model parameters distinguish different network streams and the model leaf parameter strongly correlates with the fraction of the traffic in different underlying network topologies. The hypersparse neural network pipeline is highly adaptable and different network statistics and training models can be incorporated with simple changes to the image filter functions.
Summary
The Internet is transforming our society, necessitating a quantitative understanding of Internet traffic. Our team collects and curates the largest publicly available Internet traffic data containing 50 billion packets. Utilizing a novel hypersparse neural network analysis of "video" streams of this traffic using 10,000 processors in the MIT SuperCloud reveals...
READ MORE
Large scale parallelization using file-based communications
September 24, 2019
Conference Paper
Published in:
2019 IEEE High Performance Computing Conf., HPEC, 24-26 September 2019.
Topic:
R&D area:
R&D group:
Summary
In this paper, we present a novel and new file-based communication architecture using the local filesystem for large scale parallelization. This new approach eliminates the issues with filesystem overload and resource contention when using the central filesystem for large parallel jobs. The new approach incurs additional overhead due to inter-node message file transfers when both the sending and receiving processes are not on the same node. However, even with this additional overhead cost, its benefits are far greater for the overall cluster operation in addition to the performance enhancement in message communications for large scale parallel jobs. For example, when running a 2048-process parallel job, it achieved about 34 times better performance with MPI_Bcast() when using the local filesystem. Furthermore, since the security for transferring message files is handled entirely by using the secure copy protocol (scp) and the file system permissions, no additional security measures or ports are required other than those that are typically required on an HPC system.
Summary
In this paper, we present a novel and new file-based communication architecture using the local filesystem for large scale parallelization. This new approach eliminates the issues with filesystem overload and resource contention when using the central filesystem for large parallel jobs. The new approach incurs additional overhead due to inter-node...
READ MORE