A3 12jul05 V01

251 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
251
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

A3 12jul05 V01

  1. 1. Asymmetric Approaches toAnomaly Analysis Martin Joseph Dudziak 2+2 > 4 July 13, 2005
  2. 2. Different approaches to immune defense systems• Total isolation (plastic tent, Great Wall, Maginot Line…)• Vaccination (smallpox, influenza)• Camouflage and adaptability• “Become as thy enemy”Nomad Eyes is a systemic, “organic” architecture for early warning andprediction, interdiction, prevention and response. The fundamental model is basedupon the use of both inverse and forward reasoning to detect both anomalieswithin predictable linear systems and unstable recurrent patterns within highlynonlinear dynamical systems. These events include internet activity as well asspecific sensor events. The goal is to create associations that match predictable,expected sequences of activity consistent with aggravated, intentional assaultssuch as the planning of terrorist attacks. A key principle is to create models andplans “in the first person” from the perspective of the attacker and to treat theinformation flow as an encrypted process not dissimilar from conventionalmessage encryption but involving actions and stages in a larger strategic plan.6/2/2008 Copyright 2005 Martin Dudziak, PhD 2
  3. 3. Nomad Eyes is one effort to answer the Threat• Distributed multi-modal sensing and real-time data acquisition• External (physical) events plus internet traffic and events• Based upon “thinking like a terrorist, not a defender”• Network security and information warfare as a key toolset for the defense of the streets, subways, airways and more“Philosophical” Foundations1. Early warning, prevention, interdiction and response should be integrated,including information and services, including systems, tools, devices2. Civilian and labor populations must be deeply integrated in all activities3. “Low-tech” in massive numbers, properly analyzed and controlled, can bestronger than isolated super-high-tech that can be avoided, circumvented4. Use the “tao of noise” principle – don’t try to analyze the whole turbulence ofdata but seek small, unstable patterns that recur and look for associations betweenthem that fit a higher-scale pattern or logic6/2/2008 Copyright 2005 Martin Dudziak, PhD 3
  4. 4. Two interesting quotes that inspired Nomad Eyes development “Grey suits in offices running a spy network will never be an effective measure to reduce the threat.” Ahmad Hmoud, Jordan “Your security is in your own hands.” Attributed to Osama bin Laden @ 10/27/046/2/2008 Copyright 2005 Martin Dudziak, PhD 4
  5. 5. A challenge for you as you listen and read what follows How much of this (Nomad Eyes, et al) could have been in place in 2001? By now in 2005? How much was held back by conventional thinking? By “hyper” security/classification barriers? By selfish competition? By inertia? How much of Nomad Eyes thinking and technology is already being implemented by al Qaeda and their allies?6/2/2008 Copyright 2005 Martin Dudziak, PhD 5
  6. 6. Introduction – Roots and Objectives• Smooth transition and integration of methods and systems for CBRNE in both combat, post-combat, and civilian environments• Integration of CBRNE prediction, forecasting, detection, countermeasures with geospatial representation and analysis (more than GIS)• Incorporation of several maturing technologies and familiar methodologies: – Mobile, wireless, wearable, portable – Platform-independence, “plug and play” – Commercial, conventional, cheap, familiar, cast-away – Inverse methods, nonlinear methods, hybrid probabilistic reasoning• Adaptation of CBRNE and GIS to changing models of conflict, warfare and military-civilian discipline/collaboration• “Reusable and reconfigurable” is not only about cost-savings 6/2/2008 Copyright 2005 Martin Dudziak, PhD 6
  7. 7. Introduction - Objections• Too ambitious a goal and too many differences between CBRNE situations in the combat field and diverse homeland sectors - “apples and oranges”• Too difficult to attempt assimilation of high-noise sources and low-sensitivity sensors• Consumer-grade technology not sufficiently specialized or robust• Problem of false-positives, esp. in bio and rad domains• Requires massive deployment and training - too expensive and too long• Simply too difficult, too much bureaucracy, interagency problems, well- entrenched conventionalists, etc. 6/2/2008 Copyright 2005 Martin Dudziak, PhD 7
  8. 8. Systemic Foundations• Nomad Eyes architecture for open-ended deployment of sensor-analyzers• Use of inverse methods (from wave scattering and subsurface imaging) with Bayesian and RETE reasoning for analysis of distributed array data• Focus on a few target problems and technical (sensing) solutions – radiation sensors – chemical (organo-phosphate) sensors• Role of the GS and GIS is threefold: – Locate sensor reports over time and provide correlation – Locate both at-risk and risk-potential humans, machines, resources – Predict likely targets and movements• High-speed real-time database “ETL” and other VLDB processing is necessary to keep track of changes in data collection and geospatial object movement 6/2/2008 Copyright 2005 Martin Dudziak, PhD 8
  9. 9. Nomad Eyes™ Architecture and Principles (I)Prevention by Detection of Terrakt Planning OperationsMovement of multiple types of components, not only RAD substancesTime-matching and space-matching of logically connective, supportive events“Sensor Fusion” of the Unordinary (Необычный) Kind - Tracer RAD readings perhaps not individually remarkable Photos of suspicious individuals and vehicles that have some “matches” Exceptional shipping orders, out-of-sequence, special-route, handling Parallel transit/shipment/transaction of non-contraband components useful in an RDD (PRED)Goal toward Inverse Reasoning and Abductive Assimilation with other KBs / XsysFall-Back Value: Emergency public alerts and First-Responder capabilities• Observations that point to possible events, plans for a future undertaking• Observations with imminent value indicating an operation in progress• Observations of value for the investigation and forensic processes after an event 6/2/2008 Copyright 2005 Martin Dudziak, PhD 9
  10. 10. Nomad Eyes = Compound Eyes Multiple TYPES of sensor data Multiple INSTANCES at multiple TIMES INVERSE Methods applied “as if” in surface/subsurface imaging: the task is to find what events and processes may be the modifiers of known or deducible behaviorsUSING•Abductive rules•Bayesian probabilistic inference•Fuzzy inference•Heuristics and “common sense” rulesFor all the value of sophisticated detectors, an “outlier” element or two could make all the difference:Requests for building or water/sewer line plans Repeat-visits of unusual vehicle or people“Non-sequitur” orders of shielding-quality materials Unusual change in shipping order or pickup 6/2/2008 Copyright 2005 Martin Dudziak, PhD 10
  11. 11. Threat Environment Where are the likely targets and means? In the public mind’s-eye and Angst And the less-likely form for many reasons Psycho-Shock is the Aim and Nuclear Radiation is Powerful even in non-lethal doses The same for Chem-Bio Mass-dispersion with uncertain contact and degree will create the most widespread fears6/2/2008 Copyright 2005 Martin Dudziak, PhD 11
  12. 12. Newport-Norfolk (Hampton Roads)6/2/2008 Copyright 2005 Martin Dudziak, PhD 12
  13. 13. Port of Baltimore > 30M tons per year, mainly containers 2M+ residents in Baltimore and surrounding urban center Main East-Coast rail and interstate highways traverse region6/2/2008 Copyright 2005 Martin Dudziak, PhD 13
  14. 14. RDD/Chem/Bio in the context of Prime GoalsConsidering SEP Disruption and Destabilization as the “prime-directive” ofterrorist organizations capable/active in planning RDD and chem-bio tactics• Most likely choice is with massive dispersion through conventional+inflammatory attack• Spread the most compounds in the most uncertain paths among the largest number of possible affected victims• Affect the maximum number of structures including transportation routes• Aim for closure and disruption of normal use/traffic - it does not have to be for years, just months or weeks• Multiple small disruptive attacks easier and more effective than one block-buster 6/2/2008 Copyright 2005 Martin Dudziak, PhD 14
  15. 15. Network Deployment - Where and How• Static but ad-hoc – Passage locations and nexus points for cargo and transfer vehicles – Likeliest places but not limited to one configuration• Pseudo-random• Personal mobile units – Assigned to staff personnel – Personal cell phones• Unpredictable - a “two-edged sword” that cuts in in favor of the Defenders – Inverse predictive models can be applied better to the data “mass” – Al Qaeda (or “X”) cannot predict where are our eyes and ears• Sun Tzu (“Art of War”) - Always Make Your Enemy Nervous 6/2/2008 Copyright 2005 Martin Dudziak, PhD 15
  16. 16. First Responder Capability as well Notify Maximum Numbers of People ASAP after Terrakt Redirect Survivors Keep Other People Away Assist People Finding Loved Ones Provide Essential Life-Saving Information Real-TimeCoordinate and Inform First-Responder Teams Locations of People Active Sensor Array including useful data from public Coordinate with volunteers6/2/2008 Copyright 2005 Martin Dudziak, PhD 16
  17. 17. Nomad Eyes™ Architecture and Principles (II) EVENT ! Class (x) objects received by servers results in generation of n graphs representing hypothetical x y… relational maps; the majority are discarded, but events of interest trigger feedback to both autonomous and human-based nodes for additional collection and reorienting. No node or subset of nodes is reliant and the whole may be considered as a dynamic-geometry cellular automata. EVENT !6/2/2008 Copyright 2005 Martin Dudziak, PhD 17
  18. 18. Nomad Eyes - Mobile Wireless Portable/Handheld Nets for an Asymmetric, Dynamic Countermeasure SystemFor Rad Terrorism but also for othertypes and necessarily looking for all,not only one Mobile units using both cellular and wireless internet/intranets Freeform but adhering to industry standards Incorporating the General Public Incorporating the commercial sector (advertising and consumer products) Asynchronous, Atypical, Asymmetric Sensor Fusion 6/2/2008 Copyright 2005 Martin Dudziak, PhD 18
  19. 19. I3 Foundations Inverse, Nonlinear, Counter-Intuitive (sometimes)Source The Object causes diffusion and scattering of the Beam but the laws governing propagation and movement in different media are known or can be ascertained. Working backwards from the Result, one computes and estimates the Object on the basis of how the Beam must have changed in order to produce the Result instead of a pattern, computable, for what there would have been if no Object had been present. Now, transfer this Inverse Model ought of imaging and into the world of semiotics and intensions. Now, one can do inverse thinking from something Sensed and Observed, in actuality, to determine what were some of the intervening steps and processes out of the usual and ordinary process that would have produced something different, most likely less complex. 6/2/2008 Copyright 2005 Martin Dudziak, PhD 19
  20. 20. Exotic Technology Translated into Plain English:Problem 1: Small tumors or microscopic probes or nanosized drug delivery agentsare in the liver - how to accurately track, compare, recognize, and localize whenthe patient is moving and the body is constantly changing?Problem 2: Radioactive or chemical compounds are passing through a shippingport or through the public waterworks - how to identify a pattern and link a set ofevents and detections into a pattern that shows a natural or deliberate processwhich can be detected, localized, and treated with countermeasures?The IRM (Inverse Relational Map) approach is one of several using inverseproblem modeling plus other nonlinear dynamic structures and functions in orderto produce not only usable answers but answers in real-time. Many of theunderlying maths and algorithms have been known and used before in otherdisciplines. Our approach is to try something new, primarily in the short cuts andspeed-ups gained through applying higher-level representations and heuristics thatcan significantly reduce the compute-cycle and delays.6/2/2008 Copyright 2005 Martin Dudziak, PhD 20
  21. 21. I3 Examples:Problem 1: Radioactive or chemical compounds are passing through a shippingport or through the public waterworks - how to identify a pattern and link a set ofevents and detections into a pattern that shows a natural or deliberate processwhich can be detected, localized, and treated with countermeasures?Problem 2: Small tumors or microscopic probes or nanosized drug delivery agentsare in the liver - how to accurately track, compare, recognize, and localize whenthe patient is moving and the body is constantly changing?The IRM (Inverse Relational Map) approach is one of several using inverseproblem modeling plus other nonlinear dynamic structures and functions in orderto produce not only usable answers but answers in real-time. Many of theunderlying mathematics and algorithms have been known and used before in otherdisciplines. Our approach is to try something new, primarily in the short cuts andspeed-ups gained through applying higher-level representations and heuristics thatcan significantly reduce the compute-cycle and delays.6/2/2008 Copyright 2005 Martin Dudziak, PhD 21
  22. 22. Making Sense of the Data (I)• Basic diffusion equation - usable as starting point for inverse problems ∂ 2u 1 ∂u Particular credits - Roger Dufour, MIT 2 = u( x ,0) = f ( x ) u(0, t ) = u(a, t ) = 0 ∂x k ∂t• Time-transition is accomplished in Fourier domain ∞  x 2 a  x f ( x ) = ∑ fn sin πn  fn = ∫ f ( x ) sin πn dx n =1  a a 0  a ∞  n u( x , t ) = ∑ fne −k ( πn a ) t 2 sin π  n =1  a• Transition backwards in time requires amplification of high frequency components - most likely to be noisy and skewed6/2/2008 Copyright 2005 Martin Dudziak, PhD 22
  23. 23. Making Sense of the Data (II)• Heuristic and a priori constraints needed to maintain physical realism and suppress distortions from inverse process Particular credits - Roger Dufour, MIT• First-pass solution best match or interpolation among a set of acceptable alternatives € x = arg min Ax − y s.t. x∈X x• Final solution may minimize the residual error and the regularization term 2 2 € x = arg min Ax − y 2 + λ L( x − x ) 2 x Regularization offers fidelity to the observed data and an a priori determined (e.g., higher-scale-observed) solution model6/2/2008 Copyright 2005 Martin Dudziak, PhD 23
  24. 24. Making Sense of the Data (III) • Diffusion _ Attraction • Modeling situations and schemas Particular credits - J. P. Thirion, INRIA as composite “images” in n-D • Iterative process with exploration of parallel tree paths – Speculative track; not required for Nomad Eyes sensor fusion to be useful to analysts – Purpose is to enable automation of the analysis and forecasting post-collection process – Area of active current research6/2/2008 Copyright 2005 Martin Dudziak, PhD 24
  25. 25. Making Sense of the Data (IV) - I3BAT • Multiple modalities Sensor 1 Sensor 2 – Acoustic, EM, Optical, Text, NLP, SQL, AI-reasoning… • All looking at the same topic of interest (aka “region”) • Each sensitive to different physical/logical properties Property 3 – “Trigger” data – Contiguity (space/time) – Inference relations Property 2 – “Hits” with conventional DB Property 1 queries (immigration, known associations, other Background investigations) • Compare with Terrorist Cadre Tactic models (schemas, maps)Particular credits - Eric Miller, NEU 6/2/2008 Copyright 2005 Martin Dudziak, PhD 25
  26. 26. CONFIG SETUP (ETLJOB ADB (Initialize) ADaM - making it real-time ETLSPEC) System & Meta Data Agent-Driven Data Mover ORCHESTRATOR (ORCH)• If you cannot collate, coordinate and efficiently MONITO R ETLP access the collected data, in Generato real-time, free-form (with functional r space respect to views and users) and without blocking users Transformer during backup and archiving Transformer periods, then you have a very Transformer inefficient database and it is Extractor Insrtor not conducive to the open- Extractor Insertor Extractor Loader ended purposes of BioScan Control Monitor or Nomad Eyes. Memory Memory• The ADaM software Docs outperformed that from NCR- Data Thread Docs and Memory and Teradata with their own Files Pool product as a data Files Databas Databas warehouse. It outperformed es Machine es ab Initio, a leader in the field space of Extract-Transfer-Load for ADaM runtime modules Setup and configuration Fortune 100 VLDB modules applications. ADaM runtime components Internal elements External data flow sources/destinations6/2/2008 Copyright 2005 Martin Dudziak, PhD 26
  27. 27. ADaM Dynamic Processes (ETLP) P_graph of ETLS (2) - - + 0 - 0 - - - + 0 0 Actor objects - 0 - (nodes) 0 ETLPs (with ETL Set (with actors) ETLPs) - - - - ETL Set (with + + ETLPs) 0 0 - 0 - - 0 - 0 0 P_graph of ETLP (5) - - - - + 0 + - 0 - - - 0 P_graph of Exec - 0 - - (1) - 0 + 0 + 0 0 - 0 - ADaM exec - 0 - (program) 0 06/2/2008 Copyright 2005 Martin Dudziak, PhD 27
  28. 28. Looking for Eddies in the Inferno• 1. Kuramato-Sivashinsky (dissipative extended systems) – Ut = (u2)x – ux x - νux x x x• 2. 3-D Navier-Stokes as the general traffic paradigm – Return to Hopf: – Repertoires of distinguishable patterns – Finite spatial resolution finite time finite alphabet of admissible patterns• 3. Back to Bletchley Park – Looking for “bombes” – no pun intended!!! – Identifying possible, reasonable alphabets (hieroglyphics) of field operations – Moving from characters and codes to patterns of activity and process: • Selected target data and telephony network traffic • Directed graph models (ETLP style) of regional and point-to-point physical traffic • Focusing on the abstract relationships, the potential background, not the foreground!!!!!• 4. The other side of an Anomaly is a Consistency, a Tell-Tale Heartbeat… – u(t) + uxxx + kuux = 0, but in terms far more complex than simple E, ν, ω ! – Increased silence is as important as increases in chatter! 6/2/2008 Copyright 2005 Martin Dudziak, PhD 28
  29. 29. Example Scenario• 1. Multi-modal attack on Washington Metro – “Ring” targets to maximize numbers inside tunnels and stations – Demobilize or “weaponize” air circulation network – Shift modus operandi (e.g., no knapsacks, more upscale) – Conventional explosives plus sarin and/or anthrax or Am(24x) – Aim to lock-down the system through multiple strikes – High-use/dependence on networked data/comms strikes against networks to disable first response abilities, reaction, coordination• 2. Network traffic anomalies to expect – Increases, decreases – Purchases, switches in mobile services – Increases in new internet activity among similar groups, configurations of traffic• 3. Disruption targets – Police/fire/ER – Medical centers – Potential for concurrent major across-the-board D-o-S attacks• 4. Remember that whatever we are looking for… – They know it, too, and they know what we are looking for (in general) – They are chameleons on the Go – Even a well-camouflaged animal in the jungle gives away its position when it moves but only if you are looking not just in some narrow focus but able to take in the bigger field of vision (as in green snakes on banana plants) 6/2/2008 Copyright 2005 Martin Dudziak, PhD 29
  30. 30. Sensor Device Family• 1. OPA ™ Organo-Phosphate Analyzer – Nitrates, Organophosphates (e.g., Sarin, VX) (OPA ™) – OPA in beta development with matching-fund opps• 2. MagnetEyes ™ – Thin-film based magneto-optic sensing and imaging devices for desktop, industrial, and micro-scale applications in security, anti-counterfeiting, structural engineering, and biomedicine. Deployment-Ready• 3. BioScan ™ – Handheld wireless base for plug-compatible interface-standardized sensors and imaging• 4. Radiation sensors – Gamma and neutron detection – Compatible for GPS-locatable mobile wireless (telephony and wi-fi) devices 6/2/2008 Copyright 2005 Martin Dudziak, PhD 30
  31. 31. OPA ™ Portable Version The assay of OPs and other BChE inhibitors is achieved due to the use of nanostructured films based on polyelectrolytes and the bi-enzyme system cholineoxidase / butyrylcholinesterase (ChO/BChE). Conventional nerve agent organo- phosphates (Sarin, VX. GB) and carbamate type ChE-inhibitors can be detected at extremely low levels. Sensitivity for organophosphates (DFP, paraoxon, trichlorfon) is achievable @ 10 pM/L. • Automated version processes up to 24 samples For classical nerve agents the in sequence detection limits will be an order of • Portable unit can be adapted magnitude better; for instance, with air sampling and carbamates (carbofuran, carbetamid, condenser carbaryl) at @ 0.1 -1.0 nM/L.6/2/2008 Copyright 2005 Martin Dudziak, PhD 31
  32. 32. OPA Comparative Sensitivity (1) Parameters Gas chromatograph GC with mass- PolyEnergetics spectrometer portable handheld Sensitivity (SN – 1.0 0.5 0.1 sanitary norm) System price (USD) 10K – 20K 150K – 400K 400 Test cost (USD) 12 15 4 Microchip sensor n/a n/a 1 element cost (USD) Time to perform test hours hours 30-70 min. Sample preparation hours hours 10-20 min. Field analysis Not possible Not possible Yes Organic solvents Necessary Necessary No Reagent consumption High High Low Sample volume No No Yes6/2/2008 Copyright 2005 Martin Dudziak, PhD 32
  33. 33. OPA Comparative Sensitivity (2) Parameters Agilent 6890N (Gas PolyEnergetics Chromatography) portable handheld SN in air for: Sarin (1x10-5 mg/m3) Sarin (2x10-8 mg/m3) Sarin (2x10-7 mg/m3) GB (5x10-6 mg/m3) GB (not tested) GB (1x10-7 mg/m3) VX (1x10-5- 5x10- VX (3-5x10-8mg/m3) 7mg/m3) VX (5x10-8 mg/m3) SN in water for: --- Sarin (5x10-6 mg/m3) Sarin (5x10-5 mg/m3) --- GB (not tested) GB (5x10-6 mg/m3) --- VX (1-2x10-6mg/m3) VX (2x10-6 mg/m3)6/2/2008 Copyright 2005 Martin Dudziak, PhD 33
  34. 34. Radiation sensor specs (targets) Parameter Range -25 -1 -80 -1Gamma sensitivity 200 +80 s (µSv/h) 2cps(µR/h) to 100 -25 s (µSv/h) 1cps(µR/h) +300 -1 +200 -1Neutron sensitivity 200 -25 s (µSv/h) 2cps(µR/h) to 100 -25 s (µSv/h) 1cps(µR/h)Gamma energy range 0.04 – 3.0 MeVNeutron energy range 0.03 – 3.0 MeVDose equiv. rate 1 – 5000 µR/hDose equiv. error +/- 30%False alarms < 1 per hourResponse time (gamma) < 2.5 sU detection 15g at 0.5m, velocity <= 0.5 m/s, background rad < 25 µR/hPu detection 0.5g at 0.5m, velocity <= 0.5 m/s, background rad < 25 µR/hIsotopes and materials U-235, U-238, Np-237, Puy-239, Pu-241, Cr-51, Ga-67, Pd-103, In-detectable 111, I-131, Tl-201, Xe-133, Co-57, Co-60, Ba-133, Cs-137, Ir-192, Se-75, Ra-226, Am-241 and othersBattery lifetime > 20 hrs. with average cell-phone usage (i.e., reduction of cell phone battery life to not less than one typical day)Weight < 100gDimensions smaller than 150mm x 50mm x 20mmCost per unit feasible to manufacture for under $50.00 in quantities > 10,0006/2/2008 Copyright 2005 Martin Dudziak, PhD 34
  35. 35. Today’s consumer-class RAD components Our simple conversion with Nomad Eyes™ Existing mobile phoneLi-ion A/D logic Nomadiks logic or other Rad-sensor element mProc Interface logic to wireless internet6/2/2008 Copyright 2005 Martin Dudziak, PhD 35
  36. 36. 36 CerviScan HEAD NT1004 Video Chip (*) TLWA1100 (*) NT1004 or LED NT1003 options (Array) Copyright 2005 Martin Dudziak, PhD CerviScan STEM Image Cam/LED Data Recognitio Control CollectionVersion 1 BioScan Architecture n / Processor Processor Classifier Module (*) Module (*) Processor Module (*) (*) ST-20/40. ST FIVE, ARM7, StrongARM (Dragonball), CY8C2xxxx, xX256, TE502 (SoC or 16/32 micro + Flash + SRAM chipset solutions for each logical module function CerviScan BASE Belkin USB USB Cable Interface VideoBus II Logic Charger Li ion Lucent/ Interface Battery 6/2/2008 Proxim Wireless Logic
  37. 37. Conclusions• GSR / GIS databases can adapt to handling data produced by a Nomad Eyes type network• In each C-B-R-N-E category there exist today sensors with capability for inclusion in a distributed network of mobile wi-fi devices• Inverse methods can be successfully for accuracy and computational performance) be applied to the problem of analyzing massive amounts of low- accuracy, high-noise data from reporting sources• Interpretation of sensor-analyzer data will benefit from adjunct and meta data about the environment, such as provided by today’s GSR / GIS products• Universality and reusability of network collection and transmission devices simplifies human interface, training, time-lag and reduces errors. 6/2/2008 Copyright 2005 Martin Dudziak, PhD 37
  38. 38. Current Technology Development Status • The electronics hardware for the mobile wireless image capture and collection has been radically simplified. • Pre-contract agreements with suppliers and partners in the electronics hardware domain have been established. • Matching fund agreements for phase-1 work have been obtained. • The software development has proceeded extensively during 2001-2004 and includes work using SOAR, GeNie, BNJ, JESS, and PNL, plus extensive work in the application of inverse method models. • Project work can be resumed and a substantial team of technical personnel can be activated within 1 to 3 months. 6/2/2008 Copyright 2005 Martin Dudziak, PhD 38
  39. 39. The Operational Dimension• The Tetrad “Teen Network” Experiments – US, RU, DE – (How secure is Stanford U’s own security system? Not very, apparently)• Futures Gateway and the Unusual Doors It Opened• Invitations from Strange Quarters – Chechnya-Dagestan and the CEED Project – a Frontline Information Attack Center? – RAD Trading – knowing how and where to go fishin’ (and phishin’) – SOCA – Blackwater• Reusable Technology with Proven Experience – CMP from the Inner Banks• KERBEROS (not the well-known MIT protocol) – “MX” for hyper-encrypted, distributed data – Constantly-moving virtual sites• NSCIP – aiming to tie it all together – ICT’s interesting ideas – Fighting fire with fire 6/2/2008 Copyright 2005 Martin Dudziak, PhD 39
  40. 40. References • Early Nomad Eyes prototype including online co-development experiment http://tetradgroup.com/nomad/ • Early overview document (product oriented, high-level) http://tetradgroup.com/library/bioscan.doc • Technical documents and notes available, on archived CDs • Early published paper on the neural net component http://tetradgroup.com/library/bistablecam_ijcnn99.doc • ADaM extract-transfer-load system, critical for the super-fast movement of image data, triggering of agents, and coordination of images within patient-specific and feature-specific database views http://tetradgroup.com/library/ADaM_Design_Description1-1.doc • ADaM performance optimization, a key part of the system enabling massive throughput and parallelism for high-density imaging (not only for BioScan but more for MRI, CT, PET, 3d-ultrasound, digital x-ray) http://tetradgroup.com/ADaM_PerfOpt.doc 6/2/2008 Copyright 2005 Martin Dudziak, PhD 40
  41. 41. Contact• Martin Dudziak, PhD – (804) 740-0342 – (202) 415-7295 – martin@forteplan.com (also mjdudziak@yahoo.com) TETRAD Technologies Group, Inc. 28 Chase Gayton Circle, Suite 736 Richmond, VA 23238-65336/2/2008 Copyright 2005 Martin Dudziak, PhD 41
  42. 42. BACKUP Material6/2/2008 Copyright 2005 Martin Dudziak, PhD 42
  43. 43. Five Project Themes (focus could be on the Network/Security aspects) (1) Chechen and Central Asian Initiatives and Methods in Nonconventional Radiation-Based Terrorist Devices (2) Design and Simulated Implementation of a PRED Campaign directed against high-volume general public pedestrian and spectator traffic (3) Design and Simulated Implementation of the Seizure and Theft/Dispersion of a Radioisotope- based PRED (4) Comparison, Trade-off Evaluation and Synthesis of Israeli, German, Dutch, Swiss, and Russian Countermeasures against Rad-Bio-Chem and Selective Individual-Carrier Conventional Terrorist Devices (5) Analysis of Key Contemporary Weaknesses in Russian Federation and Latin American Countermeasures against Rad-Bio-Chem WMD Component Production and Distribution These can be modified to fit the needs including those of partners and internal, friendly clients like BW 6/2/2008 Copyright 2005 Martin Dudziak, PhD 43
  44. 44. Some other project themes discussed recently ♦ “Where is Osama” Parts of Martin’s NSCIP team includes fellow mathematicians and complexity/cryptography gurus from Harvard, Boston, and a few other places and we have an approach on how to better localize and predict movements of key people and materiel. Can we help find Osama or Basayev or al-Zarqawi? Not sure. But it does look like we could track some things better and aid in the forecasting of attacks and thereby reduce some ugly surprises. ♦ Al Qaeda Recruitment – If we are able to team up with ICT in Israel and a few other select groups in the US and EU, we can have a very intelligent siphon to not only Middle Eastern but other terrorist-inclined and supportive people, as in individuals, fammilies, groups, companies. We know how to implement this and keep it appropriately under wraps. This is at the core of the NSCIP model. We have the shell built and plenty of expertise from our partners. ♦ Project Anti-Genoa – Genoa, revamped as “Total Information Awareness,” wanted to find needles in haystacks – mountainous haystacks. Our approach is different. First, Think Like a Terrorist. Get into the groove, the mindset. Martin has been there, lived it, breathed it. Now he can put together a Knowledge Discovery and Inference system that is more like a magnet for finding needles in small dustpiles, not humongous haystacks. We did our Homework. ♦ KISS (and I don’t mean the rock group) – We can apply some technology and business model in a way that creates a very effective operation for gathering and assessing intelligence about activities and infrastructures supporting the Jihad. 6/2/2008 Copyright 2005 Martin Dudziak, PhD 44
  45. 45. Braithwaite and Cross, LLC(for example)Registered in an appropriate European domicileFormed by acquisition of prior smaller companyOffice presence in Basel & MoscowSome reputation in the world of anti-tampering, anti-counterfeiting world, alsoa portfolio of business activity relating to polymer-based materials useful forprotection of bodies, vehicles, buildingsInvolved in small-cap venture funding of projects involving more of the sameKnown to have a reputation for being able to find hard-to-access equipment ofall sorts but especially in the chemical, bio and radiation detection area6/2/2008 Copyright 2005 Martin Dudziak, PhD 45
  46. 46. Braithwaite and Cross, LLCWe are definitely not the type one would associate with established agencies and we havethe carefully crafted histories and personalities to confirm this. We are more concernedabout “friendly fire” because of how well we blend in. Essentially, we provide our sponsors with timely and accurate results.6/2/2008 Copyright 2005 Martin Dudziak, PhD 46
  47. 47. OPA BACKUP Material6/2/2008 Copyright 2005 Martin Dudziak, PhD 47
  48. 48. Basic Principles of OPA Operation (1)Amperometric analysis of organophosphates (OPs), carbamates and other specificand nonspecific inhibitors of butyrylcholinesterase (BChE).BChE activity) is inversely related to inhibitor concentrations.The analytical principle is based on the detection of hydrogen peroxide, releasedas a result of two consequent enzymatic processes: BChE Butyrylcholine + H2O → Choline + Butyryc acid (1) ChO Choline + 2O2 + H2O → Betain + 2H2O2 (2)Hydrogen peroxide is released at the final step and is detected through theelectrode.6/2/2008 Copyright 2005 Martin Dudziak, PhD 48
  49. 49. Basic Principles of OPA Operation (2)Enzymes are fixed on a graphite support in the microelectrodes using layer-by-layer self-assembling nanofilm technology. At present, single-enzyme electrodesmodified by oxidoreductases (cholineoidase of tyrosinase) are available forsensitive chemical analysis of choline and phenol.The first prototype of the hand-portable measuring unit was developed and testedfor simple analyte detection: hydrogen peroxide, glucose, choline.This system is based upon the prior and currently available automated desktopsystem capable of processing up to 24 liquid samples per removable tray. Thissystem can be adapted to an air condenser system for processing upwards of 450L volumes into 10ml samples within approx. 10 minutes.6/2/2008 Copyright 2005 Martin Dudziak, PhD 49
  50. 50. OPA Sensitivity (2)Numerous analytical approaches describing anticholinesterase detection arepublished every year in the scientific literature, but they remain distant frompractical commercial application that can meet the demands of widespreaddeployment, transit and movement, operations within intolerant physicalenvironments and conditions, and operation by personnel who are not experttechnicians. These are but a few of the problems that other systems face and thatour solution overcomes.A possible reason for the difficulties with other technical approaches andarchitectures is that primary attention is paid to the development of the sensitiveelement but not both the sensitive element and the measuring device. Because atpresent, water quality assays are based mainly on gas chromatography/gaschromatography with mass-spectrometry techniques. A brief comparison ofperformance characteristics with those that can be realized uniformly from thehandheld analyzer follows:6/2/2008 Copyright 2005 Martin Dudziak, PhD 50
  51. 51. BioScan BACKUP Material6/2/2008 Copyright 2005 Martin Dudziak, PhD 51
  52. 52. Resources• The following images and charts give a snapshot introduction to a few of the tool components that were developed and applied in the BioScan R&D process. Not all of these images reflect BioScan directly, cervical cancer, or skin-related imaging.• These images are provided to show some of what was produced and can be deployed now to either a new Bioscan initiative or to other projects, unrelated to BioScan, for which the same expertise (including mathematical modeling, image analysis, electronics design and testing, database and knowledgebase implementation) can be very easily applied. Wireless Telemed Interface Macromolecular Networks Simulation Verite interactive pattern detection/classification6/2/2008 Copyright 2005 Martin Dudziak, PhD 52
  53. 53. Resources (More) e-Presents conferencing andAnother Verite application, with EKG muilti-channel video streaming ADaM’s exceptional performance 16000 14000 12000 Typical Fastload Typical Tpump Typical Mixed 10000 Peak Fastload Rows/Sec Peak Tpump 8000 Peak Fstld & Tpump Transparent FastL Transparent Tpump 6000 Special FastL "Kitchen Sink" 4000 Peak ETL 2000 0 ed L p " p tL ad ad p tL p nk ET m m um m as ix as lo tlo pu u Si pu M lF k Tp st SQL (Oracle) Data Server tF Tp as a lT n tT Fa al cia Pe he en k F c ca & a en pi k itc e al Pe ar tld pi a Ty Sp c ar "K Pe sp Ty piinterface for image data mining Fs sp Ty an k an Tr a Pe Tr Test Type6/2/2008 Copyright 2005 Martin Dudziak, PhD 53
  54. 54. Resources (Still More) Screenshots of SOAR-based production-rule system6/2/2008 Copyright 2005 Martin Dudziak, PhD 54
  55. 55. Contact• Martin Dudziak, PhD – (804) 740-0342 – (202) 415-7295 – martin@forteplan.com (also mjdudziak@yahoo.com) TETRAD Technologies Group, Inc. 28 Chase Gayton Circle, Suite 736 Richmond, VA 23238-65336/2/2008 Copyright 2005 Martin Dudziak, PhD 55

×