updated isa ai executive course 7.31.17 - homepage - cmu · microsoft word - updated isa ai...
TRANSCRIPT
Advances in AI and Security between 2016 and 2019---What You Need to Know Course Description
July 31, 2017 100 MARYLAND AVENUE, NE SUITE 510 WASHINGTON, DC 20002
2
Executive Short Course Overview
The Institute for Strategic Analysis (ISA) is an intellectual resource entity for Carnegie Mellon University faculty members who seek to bring their basic research to bear upon matters of national security and national readiness. The institute is supported by four colleges (the College of Engineering, Dietrich College of Humanities and Social Sciences, Heinz College, the School of Computer Science), and the Software Engineering Institute, the university’s federally funded research center. Executive education is one of the ways in which ISA seeks to achieve its core objectives. Through innovative one-‐day courses for defense, diplomatic, and intelligence leaders, ISA has facilitated introductions between government leaders and the Carnegie Mellon University faculty. This has resulted in a sharpened understanding among faculty and academic administrators of military and intelligence priorities and has fostered the creation of an intellectual support network for government officials. These introductions are leading to new collaborations between government officials and academe. Each one-‐day course includes insights from research that are relevant to cyber security. Additionally, the interdisciplinary nature of the courses makes them pertinent to discussions covering a range of national security crises and threats. Each cohort of attendees includes officials from throughout the federal government, academe, think tanks, and the private sector. Thus, those who participate develop a new network of faculty and researchers as well as professional counterparts with similar national security responsibilities. In July 2017, ISA will offer its first course focused on the latest technology research from Carnegie Mellon University: Advances in AI and Security between 2016 and 2019 – What You Need to Know. Course participants will be introduced to technology, tools, and research in security and the artificial intelligence (AI) stack. Each Section in this course serves as “use-‐case” presentations that follow will deepen an understanding of AI and its applications by further highlighting AI building blocks applied to specific security challenges. Specifically, participants will see presentations and demos about AI use in voice forensics, cybercrimes, verifying autonomy, human factors in security, data science, and network analytics. This course will prioritize the identification of pathways for further engagement in these issues between government officials and the research communities. …….
3
Agenda
8:30-‐9:00 am Registration Suite 510
9:00-‐9:15 am Introduction Conference Rooms 1 and 2, First Floor
• Kiron Skinner, Director, Institute for Strategic Analysis, Carnegie Mellon University
9:15-‐12:15 pm Section 1: Key AI Developments and Trends-‐-‐-‐What You Need to Know Conference Rooms 1 and 2, First Floor
• Andrew Moore, Dean, School of Computer Science, Carnegie Mellon University
• Artur Dubrawski, Senior Systems Scientist, The Robotics Institute; Adjunct Professor, Master of Information Systems Management, H. John Heinz III College, Carnegie Mellon University
• Rita Singh, Senior Systems Scientist, Language Technologies Institute, Carnegie Mellon University
• Michael Wagner, Senior Commercialization Specialist, The Robotics Institute, Carnegie Mellon University
12:15-‐12:45 pm Break for lunch 12:45-‐1:30 pm Section 2: Cybercrimes: How They Work and the Technologies that Empower
Them • Rita Singh, Senior Systems Scientist, Language Technologies Institute,
Carnegie Mellon University •
1:30-‐2:15 pm Section 3: Dynamic Network Analysis for Intelligence & Security Conference Rooms 1 and 2, First Floor
• Kathleen M. Carley, Professor of Computation, Organization and Society, Institute for Software Research, School of Computer Science; Director, Center for Computations Analysis of Social and Organizational Systems, Carnegie Mellon University
2:15-‐2:30 pm Break 2:30-‐3:15 pm Section 4: Understanding the Human Factor in Computer Security: Usability
Testing with Attack Scenarios Conference Rooms 1 and 2, First Floor
• Lorrie Cranor, Professor, Computer Science, Engineering and Public Policy; Director, CyLab Usable Privacy and Security Laboratory, Carnegie Mellon University
3:15-‐3:30 pm Closing Discussion
Conference Rooms 1 and 2, First Floor
5
Course Location and Logistics
Date: Monday, July 31, 2017 Time: Course registration begins at 8:30 a.m. The official course runs from 9:00 a.m.-‐ 3:00 p.m Location: The Executive Short Course is hosted in the Carnegie Mellon University Washington, DC, offices, located in the United Methodist Building. The building address is 100 Maryland Avenue NE, Washington, DC, which lies adjacent to both the Supreme Court and Capitol buildings. Registration: To register for the course, please visit the course website: http://www.cmu.edu/isa/isa-‐activities/executiveshortcourses/advances-‐in-‐ai.html
Street Location: 100 Maryland Ave. NE (Directly on the corner of First St. NE & Maryland Ave. NE) Washington, DC 20002
Front of building and entrance
6
Course Objectives and Descriptions
Section 1: Key AI Developments and Trends-‐-‐-‐What You Need to Know Description This presentation will provide participants with a clear understanding of the AI stack. The AI stack provides a detailed introduction to all the components of a modern AI system. Participants will learn what are the recent developments, and what are the big potential disruptions between now and 2020. Once equipped with a foundation, participants will then be able to see how these components are integrated to support autonomous systems and cognitive assistance. Finally, the presentation will highlight specific applications to illustrate the power of Deep Learning Systems and how AI capabilities are integrated and applied. Applications
• Advances in Perception: Video, Acoustic, and Hyperspectral; • Advances in Learning: Scaling to trillions of events, Active Learning, Reinforcement Learning,
Spatial Learning, and Adversarial Learning; • Advances in Planning: Proving AI systems are safe, Developing AI test plans, Game theory
(Negotiation, Threats and Deception), Swarm Intelligences; • Advances in Autonomy: Behavior-‐based Control; • Advances in Cognitive Assistance: Dialog Systems, Emotional Response, and Brain-‐Machine.
7
Presenters Lead: Andrew Moore, Dean, School of Computer Science, Carnegie Mellon University http://www.cs.cmu.edu/~awm/ Artur Dubrawski, Senior Systems Scientist, The Robotics Institute; Adjunct Professor, Master of Information Systems Management, H. John Heinz III College, Carnegie Mellon University https://www.cs.cmu.edu/directory/awd Rita Singh, Senior Systems Scientist, Language Technologies Institute, Carnegie Mellon University http://www.cs.cmu.edu/~rsingh/
Michael Wagner, Senior Commercialization Specialist, The Robotics Institute, Carnegie Mellon University http://www.ri.cmu.edu/person.html?person_id=504
8
Section 2: Cybercrimes: How they Work and the Technologies that Empower Them Educational objectives • Understanding the backdrop of cyber threat intelligence (CTI): cybercrimes, cyber activism and cyber
espionage • Familiarization with the complete range of cybercrimes today: breadth, depth, variety and
categorizations • Understanding enough for a basic assay of the internet of things and crimes of the future • Understanding the key technologies that allow cybercriminals to hide and cybercrime to become
untraceable • Monitoring cybercrime evolutions: knowing what to do and where to look
Description Cybercrimes are often assigned poetic and colorful descriptions (such as “shifting sands of cybercrime”) due to their rapid creation and evolution in today’s world. Cyberspace has become the showcase of the dark side of humanity. In cyberspace, human ingenuity in deception is at its primal best. This is because cyberspace affords all the fuel needed for crime to grow unfettered. Criminals can profit enormously, they yield great power and can affect millions of people easily, and they can remain anonymous, thanks to the technologies that host them and enable them. Cybercriminals are also relatively legally immune – they often operate across international boundaries so that no laws apply to them and even if they do, the reprisal is unlikely to be swift, punishment is unlikely to be well-‐defined or even clear in concept, and procedures are likely to take years to resolve due to logistic issues across borders. Not only is the scale of cybercrime increasing exponentially, but also the types of cybercrime that appear over the horizon increase just as fast, and sometimes faster, than the rate at which new technology is introduced into the world. For example, even while we test the practicality of self-‐driving cars, there are open tutorials on how to break into and take control of self-‐driving cars remotely. For every useful computing technology, there appear hundreds of new disruptive ones in cyberspace. With the advent of the Internet of Things (IoT), what is coming to us now is touted as “nothing short of a tidal wave of cybercrime” (another colorful description). There are so many types of cybercrimes around, that just the terminology seems to be impossible to keep up with, let alone being able to make sense of it all, organize it all mentally, and keep up to date with the “improvements”. This course will sweep through the entire range of cybercrimes as of the first quarter of this year (2017), explaining, familiarizing, and helping organize it all based on devices and human motives. This will include understanding the differences between and the distinguishing hallmarks of cyberterrorism, cyberactivism, cybervandalism, cyberwar etc. It will extend the exposition to the IoT, explaining crimes on the IoT and the broad categories of crimes that are expected to happen in the future. The course will also explain the key technologies that empower cybercrime today – where and how do cybercriminals hide, and introduce the technologies that are making them increasingly untraceable. It will explain how some of these technologies – such as Cryptocurrency (the financial fuel of the Dark web), TOR (enabling network location anonymity), etc. – work. Participants will be practically shown how to access the dark web in a short handholding Section.
9
Finally, the course will introduce participants to maps and tools, and resources that can be used regularly to keep up to date with the global cybercrime scenario. All of this will be tied to the traditional tools and terminologies used in Cyber Threat Intelligence (CTI), covering OSINT, HUMINT, assessment of advanced persistent threat (APT) etc. Presenter Rita Singh, Senior Systems Scientist, Language Technologies Institute, Carnegie Mellon University https://www.cs.cmu.edu/directory/ritasing
10
Section 3: Dynamic Network Analysis for Intelligence & Security Educational objectives • Basic awareness of thinking in networks, key network concepts, and principles • Relation of dynamic network analysis to artificial intelligence, specifically machine learning • Application to insider threat, and strategic applications of networks • Application to social media, and the social-‐cyber warfare threat • Understanding the future potential for dynamic network analytics for intelligence and security Description This course provides an awareness of network thinking – both the analytics and the theory. The basic metrics and theories used in network reasoning that have value for intelligence and security are discussed. Key themes include: the assessment of big data, the role of network position and social influence, and the wide range of intelligence and security applications. Unlike traditional social network analysis, modern dynamic network analysis is concerned with big data, high dimensional network data, and tool pipelines that combine text mining, machine learning and network science. In order to accomplish their mission, intelligence agencies, law enforcement agencies and the US military must be able to characterize and reason about the socio-‐cultural landscape, key individuals and groups. Dynamic Network Analytics (DNA) is an interdisciplinary approach that supports this types of reasoning and enabled its use to support a wide range of operational needs. DNA blends the techniques of graph theory, statistics, machine learning, text mining with organizational theories of structure, and social science theories of power, engagement and communication. DNA and network thinking enable one to understand how the pattern of relations among actors, their environment, and resources influence their operational behavior, and how interventions are likely to change those patterns and so alter behavior. More data is available today to support network thinking than ever before. This data, comes from a variety of sources including humint, sigint, and soc-‐media int. In this course, we will see how artificial intelligence is starting to be combined with dynamic network analysis to enable the assessment of this new big data in ways that support missions that entail reasoning about human and social behavior. The intellectual framing of the course will be that of Network Science, which studies complex systems in terms of relations. Topics of special concern to intelligence and security will be addressed. Examples will be drawn from social media forensics, social-‐cyber warfare, identification of power-‐brokers, network dismantlement, and so forth. Consequently, this course will provide a glimpse of how network science and machine learning have come together to provide new capabilities for identifying, modeling, assessing change in, and forecasting the behavior of individuals, groups and communities. The course will discuss a range of topics including: relative maturity of tools, utilization for social media forensics, covert-‐group detection, and social-‐cyber warfare. Presenters Kathleen M. Carley, Professor of Computation, Organization and Society, Institute for Software Research, School of Computer Science; Director, Center for Computational Analysis of Social and Organizational Systems (CASOS), Carnegie Mellon University http://www.casos.cs.cmu.edu/bios/carley/carley.html
11
Section 4: Understanding the Human Factor in Computer Security: Usability Testing with Attack Scenarios Educational Objectives • Learn why security user studies are important when designing and evaluating secure systems. • Learn about several strategies for conducting security user studies. • Learn to be critical of usability claims made and ask questions about what user studies were
conducted to support these claims. Description Many computer security incidents are caused by human error or attackers exploiting human vulnerabilities rather than bugs in computer code. A growing body of security research is now focused on understanding the human element in computer security, and designing secure systems that people can use without error. User studies are critical to understanding how users perceive and interact with security and privacy software and features. While it is important that users be able to configure and use security tools when they are not at risk, it is even more important that the tools continue to protect users during an attack. Conducting user studies in the presence of (simulated) risk is complicated. We would like to observe how users behave when they are actually at risk, but at the same time we cannot harm user study participants or subject them to increased risk. Often the risky situations we are interested in occur relatively infrequently in the real world, and thus can be difficult to observe in the wild. Researchers use a variety of strategies to overcome these challenges and place participants in situations where they will believe their security or privacy is at risk, without subjecting them to increases in actual harm. In some studies, researchers recruit participants to perform real tasks not directly related to security so that they can observe how participants respond to simulated security-‐related prompts or cues that occur while users are focused on primary tasks. In other studies, researchers create a hypothetical scenario and try to get participants sufficiently engaged in it that they will be motivated to avoid simulated harm. Sometimes researchers have the opportunity to observe real, rather than simulated attacks, although these opportunities are usually difficult to come by. Researchers can monitor real world user behavior over long periods of time (in public or with permission of participants) and observe ho users respond to risks that occur naturally, without researcher intervention. This section will motivate the importance of security user studies and introduce a number of user study approaches used at the CyLab Usable Privacy and Security Lab at Carnegie Mellon University. Presenters Lorrie Cranor, Professor, Computer Science, Engineering and Public Policy; Director, CyLab Usable Privacy and Security Laboratory, Carnegie Mellon University https://www.cmu.edu/epp/people/faculty/lorrie-‐faith-‐cranor.html