a3 12jul05 v01
TRANSCRIPT
Asymmetric
Approaches to
Anomaly Analysis
2+2 > 4
July 13, 2005
Martin Joseph Dudziak
6/2/2008 Copyright 2005 Martin Dudziak, PhD 2
Different approaches to immune defense systems
• Total isolation (plastic tent, Great Wall, Maginot Line…)• Vaccination (smallpox, influenza)• Camouflage and adaptability• “Become as thy enemy”
Nomad Eyes is a systemic, “organic” architecture for early warning and
prediction, interdiction, prevention and response. The fundamental model is based
upon the use of both inverse and forward reasoning to detect both anomalies
within predictable linear systems and unstable recurrent patterns within highly
nonlinear dynamical systems. These events include internet activity as well as
specific sensor events. The goal is to create associations that match predictable,
expected sequences of activity consistent with aggravated, intentional assaults
such as the planning of terrorist attacks. A key principle is to create models and
plans “in the first person” from the perspective of the attacker and to treat the
information flow as an encrypted process not dissimilar from conventional
message encryption but involving actions and stages in a larger strategic plan.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 3
Nomad Eyes is one effort to answer the Threat
• Distributed multi-modal sensing and real-time data acquisition
• External (physical) events plus internet traffic and events• Based upon “thinking like a terrorist, not a defender”
• Network security and information warfare as a key toolset for the
defense of the streets, subways, airways and more
“Philosophical” Foundations
1. Early warning, prevention, interdiction and response should be integrated,
including information and services, including systems, tools, devices
2. Civilian and labor populations must be deeply integrated in all activities
3. “Low-tech” in massive numbers, properly analyzed and controlled, can be
stronger than isolated super-high-tech that can be avoided, circumvented
4. Use the “tao of noise” principle – don’t try to analyze the whole turbulence of
data but seek small, unstable patterns that recur and look for associations between
them that fit a higher-scale pattern or logic
6/2/2008 Copyright 2005 Martin Dudziak, PhD 4
Two interesting quotes that inspired Nomad Eyes development
“Grey suits in offices running a spy network will never be an effective measure to reduce the threat.”
“Your security is in your own hands.”
Ahmad Hmoud, Jordan
Attributed to Osama bin Laden @ 10/27/04
6/2/2008 Copyright 2005 Martin Dudziak, PhD 5
A challenge for you as you listen and read what follows
How much of this (Nomad Eyes, et al) could have been in place in 2001? By now in 2005? How much was held back by conventional thinking? By “hyper” security/classification barriers? By selfish competition? By inertia?
How much of Nomad Eyes thinking and technology is already being implemented by al Qaeda and their allies?
6/2/2008 Copyright 2005 Martin Dudziak, PhD 6
• Smooth transition and integration of methods and systems for CBRNE in both combat, post-combat, and civilian environments
• Integration of CBRNE prediction, forecasting, detection, countermeasures with geospatial representation and analysis (more than GIS)
• Incorporation of several maturing technologies and familiar methodologies:
– Mobile, wireless, wearable, portable
– Platform-independence, “plug and play”
– Commercial, conventional, cheap, familiar, cast-away
– Inverse methods, nonlinear methods, hybrid probabilistic reasoning
• Adaptation of CBRNE and GIS to changing models of conflict, warfare and military-civilian discipline/collaboration
• “Reusable and reconfigurable” is not only about cost-savings
Introduction – Roots and Objectives
6/2/2008 Copyright 2005 Martin Dudziak, PhD 7
• Too ambitious a goal and too many differences between CBRNE situations in the combat field and diverse homeland sectors - “apples and oranges”
• Too difficult to attempt assimilation of high-noise sources and low-sensitivity sensors
• Consumer-grade technology not sufficiently specialized or robust
• Problem of false-positives, esp. in bio and rad domains
• Requires massive deployment and training - too expensive and too long
• Simply too difficult, too much bureaucracy, interagency problems, well-entrenched conventionalists, etc.
Introduction - Objections
6/2/2008 Copyright 2005 Martin Dudziak, PhD 8
• Nomad Eyes architecture for open-ended deployment of sensor-analyzers
• Use of inverse methods (from wave scattering and subsurface imaging) with Bayesian and RETE reasoning for analysis of distributed array data
• Focus on a few target problems and technical (sensing) solutions
– radiation sensors
– chemical (organo-phosphate) sensors
• Role of the GS and GIS is threefold:
– Locate sensor reports over time and provide correlation
– Locate both at-risk and risk-potential humans, machines, resources
– Predict likely targets and movements
• High-speed real-time database “ETL” and other VLDB processing is necessary to keep track of changes in data collection and geospatial object movement
Systemic Foundations
6/2/2008 Copyright 2005 Martin Dudziak, PhD 9
Nomad Eyes™ Architecture and Principles (I)
Prevention by Detection of Terrakt Planning Operations
Movement of multiple types of components, not only RAD substances
Time-matching and space-matching of logically connective, supportive events
“Sensor Fusion” of the Unordinary (Необычный) Kind -
Tracer RAD readings perhaps not individually remarkable
Photos of suspicious individuals and vehicles that have some “matches”
Exceptional shipping orders, out-of-sequence, special-route, handling
Parallel transit/shipment/transaction of non-contraband components useful
in an RDD (PRED)
Goal toward Inverse Reasoning and Abductive Assimilation with other KBs / Xsys
Fall-Back Value: Emergency public alerts and First-Responder capabilities
• Observations that point to possible events, plans for a future undertaking
• Observations with imminent value indicating an operation in progress
• Observations of value for the investigation and forensic processes after an event
6/2/2008 Copyright 2005 Martin Dudziak, PhD 10
Nomad Eyes = Compound Eyes
Multiple TYPES of sensor data
Multiple INSTANCES at multiple TIMES
INVERSE Methods applied “as if” in surface/subsurface imaging:
the task is to find what events and processes may be the modifiers of
known or deducible behaviors
For all the value of sophisticated detectors, an “outlier” element or two could make all the difference:
Requests for building or water/sewer line plans Repeat-visits of unusual vehicle or people
“Non-sequitur” orders of shielding-quality materials Unusual change in shipping order or pickup
USING
•Abductive rules
•Bayesian probabilistic inference
•Fuzzy inference
•Heuristics and “common sense” rules
6/2/2008 Copyright 2005 Martin Dudziak, PhD 11
Where are the likely targets and means?
In the public mind’s-eye and Angst
And the less-likely form for many reasons
Psycho-Shock is the Aim and
Nuclear Radiation is Powerful
even in non-lethal doses
The same for Chem-Bio
Mass-dispersion with
uncertain contact and
degree will create the
most widespread fears
Threat Environment
6/2/2008 Copyright 2005 Martin Dudziak, PhD 12
Newport-Norfolk (Hampton Roads)
6/2/2008 Copyright 2005 Martin Dudziak, PhD 13
Port of Baltimore
2M+ residents in Baltimore and surrounding urban center
Main East-Coast rail and interstate highways traverse region
> 30M tons per year, mainly containers
6/2/2008 Copyright 2005 Martin Dudziak, PhD 14
RDD/Chem/Bio in the context of Prime Goals
• Most likely choice is with massive dispersion through conventional+inflammatory attack
• Spread the most compounds in the most uncertain paths among the largest number of possible affected victims
• Affect the maximum number of structures including transportation routes
• Aim for closure and disruption of normal use/traffic - it does not have to be for years, just months or weeks
• Multiple small disruptive attacks easier and more effective than one block-buster
Considering SEP Disruption and Destabilization as the “prime-directive” of terrorist organizations capable/active in planning RDD and chem-bio tactics
6/2/2008 Copyright 2005 Martin Dudziak, PhD 15
Network Deployment - Where and How
• Static but ad-hoc
– Passage locations and nexus points for cargo and transfer vehicles
– Likeliest places but not limited to one configuration
• Pseudo-random
• Personal mobile units
– Assigned to staff personnel
– Personal cell phones
• Unpredictable - a “two-edged sword” that cuts in in favor of the Defenders
– Inverse predictive models can be applied better to the data “mass”
– Al Qaeda (or “X”) cannot predict where are our eyes and ears
• Sun Tzu (“Art of War”) - Always Make Your Enemy NervousNervous
6/2/2008 Copyright 2005 Martin Dudziak, PhD 16
First Responder Capability as well
Notify Maximum Numbers of People ASAP after Terrakt
Redirect Survivors
Keep Other People Away
Assist People Finding Loved Ones
Provide Essential Life-Saving Information Real-Time
Coordinate and Inform First-Responder Teams
Locations of People
Active Sensor Array including useful data from public
Coordinate with volunteers
6/2/2008 Copyright 2005 Martin Dudziak, PhD 17
Nomad Eyes™ Architecture and Principles (II)
EVENT !
EVENT !
Class (x) objects received by servers results
in generation of n graphs representing
hypothetical x��y… relational maps; the
majority are discarded, but events of interest
trigger feedback to both autonomous and
human-based nodes for additional collection
and reorienting. No node or subset of nodes
is reliant and the whole may be considered as
a dynamic-geometry cellular automata.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 18
Nomad Eyes - Mobile Wireless Portable/Handheld Netsfor an Asymmetric, Dynamic Countermeasure System
For Rad Terrorism but also for other
types and necessarily looking for all,
not only oneMobile units using both cellular and
wireless internet/intranets
Freeform but adhering to industry
standards
Incorporating the General Public
Incorporating the commercial sector
(advertising and consumer products)
Asynchronous, Atypical, Asymmetric Sensor Fusion
6/2/2008 Copyright 2005 Martin Dudziak, PhD 19
Inverse, Nonlinear, Counter-Intuitive (sometimes)
Source
The Object causes diffusion and scattering of the Beam but the laws governing propagation and movement in
different media are known or can be ascertained. Working backwards from the Result, one computes and
estimates the Object on the basis of how the Beam must have changed in order to produce the Result instead of a
pattern, computable, for what there would have been if no Object had been present. Now, transfer this Inverse
Model ought of imaging and into the world of semiotics and intensions. Now, one can do inverse thinking from
something Sensed and Observed, in actuality, to determine what were some of the intervening steps and processes
out of the usual and ordinary process that would have produced something different, most likely less complex.
I3 Foundations
6/2/2008 Copyright 2005 Martin Dudziak, PhD 20
Exotic Technology Translated into Plain English:
Problem 1: Small tumors or microscopic probes or nanosized drug delivery agents
are in the liver - how to accurately track, compare, recognize, and localize when
the patient is moving and the body is constantly changing?
Problem 2: Radioactive or chemical compounds are passing through a shipping
port or through the public waterworks - how to identify a pattern and link a set of
events and detections into a pattern that shows a natural or deliberate process
which can be detected, localized, and treated with countermeasures?
The IRM (Inverse Relational Map) approach is one of several using inverse
problem modeling plus other nonlinear dynamic structures and functions in order
to produce not only usable answers but answers in real-time. Many of the
underlying maths and algorithms have been known and used before in other
disciplines. Our approach is to try something new, primarily in the short cuts and
speed-ups gained through applying higher-level representations and heuristics that
can significantly reduce the compute-cycle and delays.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 21
I3 Examples:
Problem 1: Radioactive or chemical compounds are passing through a shipping
port or through the public waterworks - how to identify a pattern and link a set of
events and detections into a pattern that shows a natural or deliberate process
which can be detected, localized, and treated with countermeasures?
Problem 2: Small tumors or microscopic probes or nanosized drug delivery agents
are in the liver - how to accurately track, compare, recognize, and localize when
the patient is moving and the body is constantly changing?
The IRM (Inverse Relational Map) approach is one of several using inverse
problem modeling plus other nonlinear dynamic structures and functions in order
to produce not only usable answers but answers in real-time. Many of the
underlying mathematics and algorithms have been known and used before in other
disciplines. Our approach is to try something new, primarily in the short cuts and
speed-ups gained through applying higher-level representations and heuristics that
can significantly reduce the compute-cycle and delays.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 22
Making Sense of the Data (I)
• Basic diffusion equation - usable as starting point for inverse problems
• Time-transition is accomplished in Fourier domain
• Transition backwards in time requires amplification of high frequency components - most likely to be noisy and skewed
t
u
kx
u
∂∂∂∂
∂∂∂∂====
∂∂∂∂
∂∂∂∂ 12
2
)()0,( xfxu ==== 0),(),0( ======== tautu
∑∑∑∑∞∞∞∞
====
ππππ====
1
sin)(n
na
xnfxf dx
a
xnxf
af
a
n
ππππ==== ∫∫∫∫ sin)(
2
0
(((( ))))∑∑∑∑∞∞∞∞
====
ππππ−−−−
ππππ====
1
sin),(2
n
tankn
a
neftxu P
arti
cula
r cr
edit
s -
Roger
Dufo
ur,
MIT
6/2/2008 Copyright 2005 Martin Dudziak, PhD 23
Making Sense of the Data (II)
Par
ticu
lar
cred
its
-R
oger
Dufo
ur,
MIT
• Heuristic and a priori constraints needed to maintain physical realism and
suppress distortions from inverse process
• First-pass solution best match or interpolation among a set of acceptable
alternatives
• Final solution may minimize the residual error and the regularization term
Xx s.t. yAxxx
∈∈∈∈−−−−==== minarg€
2
2
2
2)(minarg€ xxLyAxx
x−−−−λλλλ++++−−−−====
Regularization offers fidelity to the observed data and an
a priori determined (e.g., higher-scale-observed) solution model
6/2/2008 Copyright 2005 Martin Dudziak, PhD 24
Making Sense of the Data (III)
• Diffusion _ Attraction
• Modeling situations and schemas
as composite “images” in n-D
• Iterative process with
exploration of parallel tree paths
– Speculative track; not required
for Nomad Eyes sensor fusion
to be useful to analysts
– Purpose is to enable automation
of the analysis and forecasting
post-collection process
– Area of active current research
Par
ticu
lar
cred
its
-J.
P. T
hir
ion,
INR
IA
6/2/2008 Copyright 2005 Martin Dudziak, PhD 25
Making Sense of the Data (IV) - I3BAT
Sensor 1 Sensor 2
Property 1
Background
Property 3
Property 2
• Multiple modalities
– Acoustic, EM, Optical, Text, NLP, SQL, AI-reasoning…
• All looking at the same topic of interest (aka “region”)
• Each sensitive to different physical/logical properties
– “Trigger” data
– Contiguity (space/time)
– Inference relations
– “Hits” with conventional DB queries (immigration, known associations, other investigations)
• Compare with Terrorist Cadre Tactic models (schemas, maps)
Particular credits - Eric Miller, NEU
6/2/2008 Copyright 2005 Martin Dudziak, PhD 26
• If you cannot collate, coordinate and efficiently access the collected data, in real-time, free-form (with respect to views and users) and without blocking users during backup and archiving periods, then you have a very inefficient database and it is not conducive to the open-ended purposes of BioScanor Nomad Eyes.
• The ADaM software outperformed that from NCR-Teradata with their own product as a data warehouse. It outperformed ab Initio, a leader in the field of Extract-Transfer-Load for Fortune 100 VLDB applications.
ADaM - making it real-time
ORCHESTRATOR (ORCH)
Extractor
Transformer
ADB
System & Meta Data
SETUP(Initialize)
Docs
and
Files
Databas
es
ADaM runtime modules
External
sources/destinations
Setup and configuration
modules
CONFIG(ETLJOB
ETLSPEC)
ADaM runtime components
Generator
ExtractorExtractor
TransformerTransformer
InsrtorInsertor
Loader
Docs
and
Files Databas
es
data flow
MONITO
R ETLP functional
space
Internal elements
Control
Memory
Data
Memory
Monitor
Memory
Thread
Pool
Machine space
Agent-Driven Data Mover
6/2/2008 Copyright 2005 Martin Dudziak, PhD 27
ADaM Dynamic Processes (ETLP)
ETL Set (with
ETLPs)
ETL Set (with
ETLPs)
Actor objects
(nodes)
ETLPs (with actors)
ADaM exec
(program)
00
+
-
-
0
-
-
0
0
+
-
-
0
-
-
00
+
-
-
0
-
-
00
+
-
-
0
-
-
00
+
-
-
0
-
-
00
+
-
-
0
-
-
00
+
-
-
0
-
-
00
+
-
-
0
-
-
P_graph of ETLP (5)
P_graph of Exec
(1)
P_graph of ETLS (2)
6/2/2008 Copyright 2005 Martin Dudziak, PhD 28
• 1. Kuramato-Sivashinsky (dissipative extended systems)– Ut = (u2)x – ux x - νux x x x
• 2. 3-D Navier-Stokes as the general traffic paradigm– Return to Hopf:
– Repertoires of distinguishable patterns
– Finite spatial resolution � finite time � finite alphabet of admissible patterns
• 3. Back to Bletchley Park– Looking for “bombes” – no pun intended!!!
– Identifying possible, reasonable alphabets (hieroglyphics) of field operations
– Moving from characters and codes to patterns of activity and process:• Selected target data and telephony network traffic
• Directed graph models (ETLP style) of regional and point-to-point physical traffic
• Focusing on the abstract relationships, the potential background, not the foreground!!!!!
• 4. The other side of an Anomaly is a Consistency, a Tell-Tale Heartbeat…– u(t) + uxxx + kuux = 0, but in terms far more complex than simple E, ν, ω !
– Increased silence is as important as increases in chatter!
Looking for Eddies in the Inferno
6/2/2008 Copyright 2005 Martin Dudziak, PhD 29
• 1. Multi-modal attack on Washington Metro– “Ring” targets to maximize numbers inside tunnels and stations
– Demobilize or “weaponize” air circulation network
– Shift modus operandi (e.g., no knapsacks, more upscale)
– Conventional explosives plus sarin and/or anthrax or Am(24x)
– Aim to lock-down the system through multiple strikes
– High-use/dependence on networked data/comms � strikes against networks to disable first response abilities, reaction, coordination
• 2. Network traffic anomalies to expect– Increases, decreases
– Purchases, switches in mobile services
– Increases in new internet activity among similar groups, configurations of traffic
• 3. Disruption targets– Police/fire/ER
– Medical centers
– Potential for concurrent major across-the-board D-o-S attacks
• 4. Remember that whatever we are looking for…– They know it, too, and they know what we are looking for (in general)
– They are chameleons on the Go
– Even a well-camouflaged animal in the jungle gives away its position when it moves but only if you are looking not just in some narrow focus but able to take in the bigger field of vision (as in green snakes on banana plants)
Example Scenario
6/2/2008 Copyright 2005 Martin Dudziak, PhD 30
• 1. OPA ™ Organo-Phosphate Analyzer– Nitrates, Organophosphates (e.g., Sarin, VX) (OPA ™)
– OPA in beta development with matching-fund opps
• 2. MagnetEyes ™– Thin-film based magneto-optic sensing and imaging devices for desktop, industrial, and
micro-scale applications in security, anti-counterfeiting, structural engineering, and biomedicine. Deployment-Ready
• 3. BioScan ™– Handheld wireless base for plug-compatible interface-standardized sensors and imaging
• 4. Radiation sensors– Gamma and neutron detection
– Compatible for GPS-locatable mobile wireless (telephony and wi-fi) devices
Sensor Device Family
6/2/2008 Copyright 2005 Martin Dudziak, PhD 31
OPA ™ Portable Version
• Automated version processes up to 24 samples in sequence
• Portable unit can be adapted with air sampling and condenser
The assay of OPs and other BChEinhibitors is achieved due to the use of nanostructured films based onpolyelectrolytes and the bi-enzyme system cholineoxidase /butyrylcholinesterase (ChO/BChE).
Conventional nerve agent organo-phosphates (Sarin, VX. GB) andcarbamate type ChE-inhibitors can be detected at extremely low levels.
Sensitivity for organophosphates (DFP, paraoxon, trichlorfon) is achievable @ 10 pM/L.
For classical nerve agents the detection limits will be an order of magnitude better; for instance, carbamates (carbofuran, carbetamid,carbaryl) at @ 0.1 -1.0 nM/L.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 32
OPA Comparative Sensitivity (1)
YesNoNoSample volume
LowHighHighReagent consumption
NoNecessaryNecessaryOrganic solvents
YesNot possibleNot possibleField analysis
10-20 min.hourshoursSample preparation
30-70 min.hourshoursTime to perform test
1n/an/aMicrochip sensor
element cost (USD)
41512Test cost (USD)
400150K – 400K10K – 20KSystem price (USD)
0.10.51.0Sensitivity (SN –
sanitary norm)
PolyEnergetics
portable handheld
GC with mass-
spectrometer
Gas chromatographParameters
6/2/2008 Copyright 2005 Martin Dudziak, PhD 33
OPA Comparative Sensitivity (2)
Sarin (5x10-6 mg/m3)
GB (not tested)
VX (1-2x10-6mg/m3)
---
---
---
SN in water for:
Sarin (5x10-5 mg/m3)
GB (5x10-6 mg/m3)
VX (2x10-6 mg/m3)
Sarin (2x10-8 mg/m3)
GB (not tested)
VX (3-5x10-8mg/m3)
Sarin (1x10-5 mg/m3)
GB (5x10-6 mg/m3)
VX (1x10-5- 5x10-
7mg/m3)
SN in air for:
Sarin (2x10-7 mg/m3)
GB (1x10-7 mg/m3)
VX (5x10-8 mg/m3)
PolyEnergetics
portable handheld
Agilent 6890N (Gas
Chromatography)
Parameters
6/2/2008 Copyright 2005 Martin Dudziak, PhD 34
Parameter Range
Gamma sensitivity 200-25
+80 s-1
(µSv/h) 2cps(µR/h) to 100-80
-25 s-1
(µSv/h) 1cps(µR/h) Neutron sensitivity 200
+300-25 s
-1(µSv/h) 2cps(µR/h) to 100
+200-25 s
-1(µSv/h) 1cps(µR/h)
Gamma energy range 0.04 – 3.0 MeV Neutron energy range 0.03 – 3.0 MeV Dose equiv. rate 1 – 5000 µR/h Dose equiv. error +/- 30% False alarms < 1 per hour Response time (gamma) < 2.5 s U detection 15g at 0.5m, velocity <= 0.5 m/s, background rad < 25 µR/h Pu detection 0.5g at 0.5m, velocity <= 0.5 m/s, background rad < 25 µR/h Isotopes and materials detectable
U-235, U-238, Np-237, Puy-239, Pu-241, Cr-51, Ga-67, Pd-103, In-111, I-131, Tl-201, Xe-133, Co-57, Co-60, Ba-133, Cs-137, Ir-192, Se-75, Ra-226, Am-241 and others
Battery lifetime > 20 hrs. with average cell-phone usage (i.e., reduction of cell phone battery life to not less than one typical day)
Weight < 100g Dimensions smaller than 150mm x 50mm x 20mm Cost per unit feasible to manufacture for under $50.00 in quantities > 10,000
Radiation sensor specs (targets)
6/2/2008 Copyright 2005 Martin Dudziak, PhD 35
Today’s consumer-class RAD components
Our simple conversion with Nomad Eyes™
Li-ion
Rad-sensor element
A/D logic Nomadiks
or
other
mProc
Existing mobile phone
logic
Interface logic to
wireless internet
6/2/2008 Copyright 2005 Martin Dudziak, PhD 36
Version 1 BioScan Architecture
NT
1004
Vid
eo
Chip
(*)
TL
WA
1100
LE
D
(Arra
y)
Cerv
iSca
nH
EA
D
Cerv
iSca
nB
AS
E
Cerv
iSca
nS
TE
M
Charg
er
Interface
Li io
n
Battery
Lu
cent/
Pro
xim
Wireless
Lo
gic
Belk
in
US
B
Vid
eoB
us
II Lo
gic
US
B C
able In
terface
Imag
e
Reco
gnitio
n /
Classifier
Pro
cessor
Module (*
)
Data
Collectio
n
Pro
cessor
Module (*
)
Cam
/LE
D
Contro
l
Pro
cessor
Module (*
)
(*) S
T-2
0/4
0. S
T F
IVE
, AR
M7,S
trongA
RM
(Drag
onb
all), CY
8C
2xxxx
, xX
256, T
E502 (S
oC
or
16/3
2 m
icro +
Flash
+ S
RA
M ch
ipset so
lutio
ns fo
r
each lo
gical m
odu
le functio
n
(*) N
T1004 o
r
NT
1003 o
ptio
ns
6/2/2008 Copyright 2005 Martin Dudziak, PhD 37
• GSR / GIS databases can adapt to handling data produced by a Nomad Eyes type network
• In each C-B-R-N-E category there exist today sensors with capability for inclusion in a distributed network of mobile wi-fi devices
• Inverse methods can be successfully for accuracy and computational performance) be applied to the problem of analyzing massive amounts of low-accuracy, high-noise data from reporting sources
• Interpretation of sensor-analyzer data will benefit from adjunct and meta data about the environment, such as provided by today’s GSR / GIS products
• Universality and reusability of network collection and transmission devices simplifies human interface, training, time-lag and reduces errors.
Conclusions
6/2/2008 Copyright 2005 Martin Dudziak, PhD 38
Current Technology Development Status
• The electronics hardware for the mobile wireless image capture and
collection has been radically simplified.
• Pre-contract agreements with suppliers and partners in the electronics
hardware domain have been established.
• Matching fund agreements for phase-1 work have been obtained.
• The software development has proceeded extensively during 2001-2004
and includes work using SOAR, GeNie, BNJ, JESS, and PNL, plus
extensive work in the application of inverse method models.
• Project work can be resumed and a substantial team of technical personnel
can be activated within 1 to 3 months.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 39
The Operational Dimension
• The Tetrad “Teen Network” Experiments – US, RU, DE
– (How secure is Stanford U’s own security system? Not very, apparently)
• Futures Gateway and the Unusual Doors It Opened
• Invitations from Strange Quarters
– Chechnya-Dagestan and the CEED Project – a Frontline Information Attack Center?
– RAD Trading – knowing how and where to go fishin’ (and phishin’)
– SOCA
– Blackwater
• Reusable Technology with Proven Experience – CMP from the Inner Banks
• KERBEROS (not the well-known MIT protocol)
– “MX” for hyper-encrypted, distributed data
– Constantly-moving virtual sites
• NSCIP – aiming to tie it all together
– ICT’s interesting ideas
– Fighting fire with fire
6/2/2008 Copyright 2005 Martin Dudziak, PhD 40
• Early Nomad Eyes prototype including online co-development
experiment
http://tetradgroup.com/nomad/
• Early overview document (product oriented, high-level)
http://tetradgroup.com/library/bioscan.doc
• Technical documents and notes available, on archived CDs
• Early published paper on the neural net component
http://tetradgroup.com/library/bistablecam_ijcnn99.doc
• ADaM extract-transfer-load system, critical for the super-fast
movement of image data, triggering of agents, and coordination of
images within patient-specific and feature-specific database views
http://tetradgroup.com/library/ADaM_Design_Description1-1.doc
• ADaM performance optimization, a key part of the system enabling
massive throughput and parallelism for high-density imaging (not
only for BioScan but more for MRI, CT, PET, 3d-ultrasound, digital
x-ray) http://tetradgroup.com/ADaM_PerfOpt.doc
References
6/2/2008 Copyright 2005 Martin Dudziak, PhD 41
• Martin Dudziak, PhD– (804) 740-0342
– (202) 415-7295
– [email protected] (also [email protected])
TETRAD Technologies Group, Inc.28 Chase Gayton Circle, Suite 736
Richmond, VA 23238-6533
Contact
6/2/2008 Copyright 2005 Martin Dudziak, PhD 42
BACKUP Material
6/2/2008 Copyright 2005 Martin Dudziak, PhD 43
Five Project Themes (focus could be on the Network/Security aspects)
(1)Chechen and Central Asian Initiatives and Methods in Nonconventional Radiation-Based Terrorist Devices
(2)Design and Simulated Implementation of a PRED Campaign directed against high-volume general public pedestrian and spectator traffic
(3)Design and Simulated Implementation of the Seizure and Theft/Dispersion of a Radioisotope-based PRED
(4)Comparison, Trade-off Evaluation and Synthesis of Israeli, German, Dutch, Swiss, and Russian Countermeasures against Rad-Bio-Chem and Selective Individual-Carrier Conventional Terrorist Devices
(5)Analysis of Key Contemporary Weaknesses in Russian Federation and Latin American Countermeasures against Rad-Bio-Chem WMD Component Production and Distribution
These can be modified to fit the needs including those of partners and internal, friendly clients like BW
6/2/2008 Copyright 2005 Martin Dudziak, PhD 44
Some other project themes discussed recently
♦ “Where is Osama” Parts of Martin’s NSCIP team includes fellow mathematicians and complexity/cryptography gurus from Harvard, Boston, and a few other places and we have an approach on how to better localize and predict movements of key people and materiel. Can we help find Osama or Basayev or al-Zarqawi? Not sure. But it does look like we could track some things better and aid in the forecasting of attacks and thereby reduce some ugly surprises.
♦ Al Qaeda Recruitment – If we are able to team up with ICT in Israel and a few other select groups in the US and EU, we can have a very intelligent siphon to not only Middle Eastern but other terrorist-inclined and supportive people, as in individuals, fammilies, groups, companies. We know how to implement this and keep it appropriately under wraps. This is at the core of the NSCIP model. We have the shell built and plenty of expertise from our partners.
♦ Project Anti-Genoa – Genoa, revamped as “Total Information Awareness,” wanted to find needles in haystacks – mountainous haystacks. Our approach is different. First, Think Like a Terrorist. Get into the groove, the mindset. Martin has been there, lived it, breathed it. Now he can put together a Knowledge Discovery and Inference system that is more like a magnet for finding needles in small dustpiles, not humongous haystacks. We did our Homework.
♦ KISS (and I don’t mean the rock group) – We can apply some technology and business model in a way that creates a very effective operation for gathering and assessing intelligence about activities and infrastructures supporting the Jihad.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 45
Braithwaite and Cross, LLC
Registered in an appropriate European domicile
Formed by acquisition of prior smaller company
Office presence in Basel & Moscow
Some reputation in the world of anti-tampering, anti-counterfeiting world, also
a portfolio of business activity relating to polymer-based materials useful for
protection of bodies, vehicles, buildings
Involved in small-cap venture funding of projects involving more of the same
Known to have a reputation for being able to find hard-to-access equipment of
all sorts but especially in the chemical, bio and radiation detection area
(for example)
6/2/2008 Copyright 2005 Martin Dudziak, PhD 46
Braithwaite and Cross, LLC
Essentially, we provide our sponsors with timely and accurate results.
We are definitely not the type one would associate with established agencies and we have the carefully crafted histories and personalities to confirm this. We are more concerned about “friendly fire” because of how well we blend in.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 47
OPA BACKUP Material
6/2/2008 Copyright 2005 Martin Dudziak, PhD 48
Basic Principles of OPA Operation (1)
Amperometric analysis of organophosphates (OPs), carbamates and other specific and nonspecific inhibitors of butyrylcholinesterase (BChE).
BChE activity) is inversely related to inhibitor concentrations.
The analytical principle is based on the detection of hydrogen peroxide, released as a result of two consequent enzymatic processes:
BChE
Butyrylcholine + H2O → Choline + Butyryc acid (1)
ChO
Choline + 2O2 + H2O → Betain + 2H2O2 (2)
Hydrogen peroxide is released at the final step and is detected through the electrode.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 49
Basic Principles of OPA Operation (2)
Enzymes are fixed on a graphite support in the microelectrodes using layer-by-layer self-assembling nanofilm technology. At present, single-enzyme electrodes modified by oxidoreductases (cholineoidase of tyrosinase) are available for sensitive chemical analysis of choline and phenol.
The first prototype of the hand-portable measuring unit was developed and tested for simple analyte detection: hydrogen peroxide, glucose, choline.
This system is based upon the prior and currently available automated desktop system capable of processing up to 24 liquid samples per removable tray. This system can be adapted to an air condenser system for processing upwards of 450 L volumes into 10ml samples within approx. 10 minutes.
6/2/2008 Copyright 2005 Martin Dudziak, PhD 50
OPA Sensitivity (2)
Numerous analytical approaches describing anticholinesterase detection are published every year in the scientific literature, but they remain distant from practical commercial application that can meet the demands of widespread deployment, transit and movement, operations within intolerant physical environments and conditions, and operation by personnel who are not expert technicians. These are but a few of the problems that other systems face and that our solution overcomes.
A possible reason for the difficulties with other technical approaches and architectures is that primary attention is paid to the development of the sensitive element but not both the sensitive element and the measuring device. Because at present, water quality assays are based mainly on gas chromatography/gas chromatography with mass-spectrometry techniques. A brief comparison of performance characteristics with those that can be realized uniformly from the handheld analyzer follows:
6/2/2008 Copyright 2005 Martin Dudziak, PhD 51
BioScan BACKUP Material
6/2/2008 Copyright 2005 Martin Dudziak, PhD 52
• The following images and charts give a snapshot introduction to a few of the tool
components that were developed and applied in the BioScan R&D process. Not all
of these images reflect BioScan directly, cervical cancer, or skin-related imaging.
• These images are provided to show some of what was produced and can be deployed
now to either a new Bioscan initiative or to other projects, unrelated to BioScan, for
which the same expertise (including mathematical modeling, image analysis,
electronics design and testing, database and knowledgebase implementation) can be
very easily applied.
Resources
Macromolecular
Networks Simulation Verite interactive pattern
detection/classification
Wireless Telemed Interface
6/2/2008 Copyright 2005 Martin Dudziak, PhD 53
Resources (More)
Another Verite application, with EKG
e-Presents conferencing and
muilti-channel video streaming
SQL (Oracle) Data Server
interface for image data mining
0
2000
4000
6000
8000
10000
12000
14000
16000
Typic
al Fast
load
Typic
al T
pum
pTyp
ical
Mixe
dPea
k Fa
stlo
adPea
k Tp
ump
Peak
Fstld
& T
pump
Trans
pare
nt F
astL
Trans
pare
nt T
pum
pSpec
ial F
astL
"Kitc
hen
Sink"
Peak
ETL
Test Type
Ro
ws
/Se
c
Typical Fastload
Typical Tpump
Typical Mixed
Peak Fastload
Peak Tpump
Peak Fstld & Tpump
Transparent FastL
Transparent Tpump
Special FastL
"Kitchen Sink"
Peak ETL
ADaM’s exceptional performance
6/2/2008 Copyright 2005 Martin Dudziak, PhD 54
Resources (Still More) Screenshots of SOAR-based production-rule system
6/2/2008 Copyright 2005 Martin Dudziak, PhD 55
Contact
• Martin Dudziak, PhD– (804) 740-0342
– (202) 415-7295
– [email protected] (also [email protected])
TETRAD Technologies Group, Inc.28 Chase Gayton Circle, Suite 736
Richmond, VA 23238-6533