A High Level Blackboard Architecture for Cyber SA

15
A HIGH LEVEL BLACKBOARD ARCHITECTURE FOR CYBER SA CYBERSPACE SITUATIONAL AWARENESS TIM BASS

Transcript of A High Level Blackboard Architecture for Cyber SA

Page 1: A High Level Blackboard Architecture for Cyber SA

A HIGH LEVEL BLACKBOARD ARCHITECTURE FOR CYBER SA

CYBERSPACE SITUATIONAL AWARENESS

TIM BASS

Page 2: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1 TIM BASS 7 MAY 2017

KS

BLACKBOARD (BB)

KS KS KS KS

KS KS KS KS KS

BB CONTROL

(C)

CYBERSPACE SITUATIONAL AWARENESS (VISUALIZATION & HUMAN COGNITIVE PROCESSING )

SUMMARY HLA OF THIS BRIEF PRESENTATION

Page 3: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

HIGH LEVEL ARCHITECTURE (HLA) FOR CYBERSPACE SA [1] BLACKBOARD (CSA-BB)

TIM BASS 7 MAY 2017

KS

BLACKBOARD (BB)

KS KS KS KS

KS KS KS KS KS

BB CONTROL

(C)

KNOWLEDGE SOURCES (KS), BLACKBOARD (BB) & CONTROLLER (C)

Page 4: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

HIGH LEVEL DEFINITIONS [2] FOR THIS PRESENTATION

TIM BASS 7 MAY 2017

‣ BLACKBOARD (BB)

A BLACKBOARD IS DEFINED AS A DATABASE OF OBJECTS OF INTEREST

‣ KNOWLEDGE SOURCES (KS)

THERE ARE THREE TYPES OF KNOWLEDGE SOURCES:

1. SENSORS (S)

2. KNOWLEDGE PROCESSORS (KP)

3. ACTUATORS (A)

‣ THE BLACKBOARD CONTROLLER (C)

THE CONTROLLER IS A CONTROL LOOP WHICH MANAGES BB FLOW CONTROL

Page 5: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

HIGH LEVEL ARCHITECTURE (HLA) FOR CYBER SA BLACKBOARD (CSA-BB)

TIM BASS 7 MAY 2017

KP

BLACKBOARD

A S S S

S S S KP A

BB CONTROL

Page 6: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

HIGH LEVEL DEFINITIONS - SENSORS (S)

TIM BASS 7 MAY 2017

SENSORS (S)

A SENSOR A SPECIALIZED TYPE OF KNOWLEDGE SOURCE (KS) THAT HANDLES INPUTS FROM EXTERNAL SOURCES [2].

A SENSOR PERFORMS AN ATOMIC WRITE OPERATION TO INSERT OR UPDATE IT’S “OBJECTS OF INTEREST” (OOI) TO THE BLACKBOARD DB. ALL SENSORS HAVE EXPLICIT EXTERNAL INPUT VARIABLES, THEREFORE SENSORS FALL IN THE CLASS OF EXPLICIT KNOWLEDGE SOURCES [2].

GENERALLY, THE BB CONTROLLER SELECTS OOI FROM THE SENSOR OBJECT BASES (SENSOR DATABASES) AND INSERTS OR UPDATES THE BLACKBOARD DB WITH THE SENSOR DATA [2] THAT MEETS A SELECTION CRITERIA (OFTEN RISK BASED).

EXAMPLES: INTRUSION DETECTION SYSTEMS, APPLICATION & SYSTEM LOG FILES, NETWORK MONITORING (NETSTAT , SNIFFERS) SYSTEMS, WEB SESSION DATA,

Page 7: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

HIGH LEVEL DEFINITIONS - KNOWLEDGE PROCESSORS (KP)

TIM BASS 7 MAY 2017

KNOWLEDGE PROCESSORS (KP)

A KNOWLEDGE PROCESSOR (KP) IS A SPECIALIZED TYPE OF KNOWLEDGE SOURCE [2].

KNOWLEDGE PROCESSORS TAKE ALL OF THEIR INPUT DIRECTLY FROM THE BLACKBOARD [2].

A KP TESTS ITS UPDATE CONDITIONS. IF THE BLACKBOARD UPDATE CONDITIONS ARE TRUE, THE KP EXECUTION PERFORMS AN ATOMIC WRITE OPERATION TO UPDATE BLACKBOARD OBJECT [2].

EXAMPLES: BAYESIAN RISK SCORING NETWORK, ARTIFICIAL NEURAL NETWORK (ANN), EXPERT SYSTEM PROCESSING, STATISTICAL MODELS, EXPERT SYSTEM ALGORITHMS, CORRELATIONS WITH HISTORICAL DATA, ANOMALY DETECTION

Page 8: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

HIGH LEVEL DEFINITIONS - ACTUATOR (A)

TIM BASS 7 MAY 2017

ACTUATOR (A)

AN ACTUATOR IS A SPECIALIZED TYPE OF KS THAT USES BLACKBOARD OBJECTS AS INPUTS BUT DO NOT UPDATE OBJECTS ON THE BLACKBOARD [2].

ACTUATORS MAY TRIGGER BASED ON KP CONDITIONS FROM BLACKBOARD OBJECTS, PERFORM A COMPUTATION (RISK SCORING, CONFIDENCE SCORING), AND MODIFY THEIR LOCAL STATE.

EXAMPLES: ALERT NOTIFICATION SERVICES, IP ADDRESS BLOCKING SERVICES, HUMAN COGNITIVE VISUALIZATION SERVICES

Page 9: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

CYBER SA BLACKBOARD - EXAMPLE IMPLEMENTATION

TIM BASS 7 MAY 2017

KP

BLACKBOARD (MYSQL DATABASE TABLE)

KP KP KP A

WEB SESSION

DATA

IDS ALERTS

NETSTAT DATA S SBB

CONTROL

SELECT, JOIN,

INSERT, UPDATE

DATABASES

CONTROLBB

PROCESSES

SENSOR DATA STORED IN LOCAL SENSOR MYSQL DATABASE TABLES

KPS PERFORM COMPUTATION ON BB OBJECTS AND UPDATE BB OBJECTS

ACTIONS BASED ON BB CONDITIONS

Page 10: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

EXAMPLE TECHNICAL COMPONENTS - HIGH LEVEL VIEW

TIM BASS 7 MAY 2017

SENSORS

LOGIC (PHP)

SENSOR MYSQL DB

BLACKBOARD MYSQL DB

CONTROLLER (GAMING ENGINE CONTROL LOOP - C#)

JSON (NETWORK)

KNOWLEDGE PROCESSORS

LOGIC (PHP, C#)

JSON (NETWORK)

ACTUATORS

LOGIC (PHP, C#)

JSON (NETWORK)

JSON (NETWORK)

Page 11: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1 TIM BASS 7 MAY 2017

KS

BLACKBOARD (BB)

KS KS KS KS

KS KS KS KS KS

BB CONTROL

(C)

CYBERSPACE SITUATIONAL AWARENESS (VISUALIZATION & HUMAN COGNITIVE PROCESSING )

SUMMARY BLACKBOARD ARCHTECTURE

Page 12: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

KEY TAKEAWAYS

TIM BASS 7 MAY 2017

CONTRARY TO THE LITERATURE - A BLACKBOARD ARCHITECTURE IS NOT NECESSARILY A CLASS OF ARTIFICIAL INTELLIGENT (AI) PROCESSING; HOWEVER, AI METHODS MAY BE USED IN VARIOUS LOGIC BLOCKS, FOR EXAMPLE KP LOGIC MAY USE AI METHODS

RISK SCORING AND CONFIDENCE SCORING LOGIC, COMBINED WITH THE ELEMENT OF TIME, ARE OFTEN A KEY COMPONENT OF OBJECT OF INTEREST (OOI) SELECTION CRITERIA

SELECTED SENSOR OBJECT DATA FROM THE SENSOR OBJECT DATABASE IS INSERTED OR UPDATED INTO THE BLACKBOARD DATABASE BASED ON SELECTION CRITERIA

KNOWLEDGE PROCESSING ALGORITHMS SELECT AND UPDATE BLACKBOARD OBJECTS

HUMAN COGNITIVE INTERACTION IS VERY IMPORTANT (HUMAN IN THE LOOP) AND CAN BE MODELED AS ALL THREE TYPES OF KNOWLEDGE SOURCE (SENSOR, KNOWLEDGE PROCESSOR OR ACTUATOR)

Page 13: A High Level Blackboard Architecture for Cyber SA

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

POC IMPLEMENTATION: DONE (BLUE) - WORKING (DARK GREEN)

TIM BASS 7 MAY 2017

SENSORS

LOGIC (PHP)

SENSOR MYSQL DB

BLACKBOARD MYSQL DB

CONTROLLER (GAMING ENGINE CONTROL LOOP - C#)

JSON (NETWORK)

KNOWLEDGE PROCESSORS

LOGIC (PHP, C#)

JSON (NETWORK)

ACTUATORS (VISUALIZATION)

LOGIC (PHP, C#)

JSON (NETWORK)

JSON (NETWORK)

Page 14: A High Level Blackboard Architecture for Cyber SA

REFERENCES[1] BASS, TIM, INTRUSION DETECTION SYSTEMS AND MULTISENSOR DATA FUSION, COMMUNICATIONS OF THE ACM 43(4):99-105 · APRIL 2000, DOI: 10.1145/332051.332079

[2] MCMANUS, J. W., DESIGN AND ANALYSIS TOOLS FOR CONCURRENT BLACKBOARD SYSTEMS, DIGITAL AVIONICS SYSTEMS CONFERENCE, PROCEEDINGS 10TH IEEE/AIAA, NOVEMBER 1991, DOI: 10.1109/DASC.1991.177205

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1 TIM BASS 7 MAY 2017

Page 15: A High Level Blackboard Architecture for Cyber SA

© TIM BASS, MAY 2017

ALL RIGHTS RESERVED [email protected]

PRESENTATION DOI 10.13140/RG.2.2.33614.87365/1

mailto:[email protected]

Web Services and Blackboard Bob Alcorn Blackboard, Inc.

Web Services and Blackboard Bob Alcorn Blackboard, Inc.

Student s Guide: Blackboard Collaborate Ultra · 2020. 3. 21. · Blackboard™ Enterprise –Blackboard Collaborate • Quick Steps Instructor Guide 5 Connecting to a Blackboard

Student s Guide: Blackboard Collaborate Ultra · 2020. 3. 21. · Blackboard™ Enterprise –Blackboard Collaborate • Quick Steps Instructor Guide 5 Connecting to a Blackboard

Blackboard Case Study Blackboard and Cobb County School

Blackboard Case Study Blackboard and Cobb County School

Electronic Electronic Blackboard Blackboard News News

Electronic Electronic Blackboard Blackboard News News

“How To” Use Blackboard - Waynesburg University · Updated: 3/23/15 “How To” Use Blackboard Accessing Blackboard 1. Access Blackboard using the direct URL: a. Your blackboard

“How To” Use Blackboard - Waynesburg University · Updated: 3/23/15 “How To” Use Blackboard Accessing Blackboard 1. Access Blackboard using the direct URL: a. Your blackboard

Synopsis Cyber Situation Awareness Packageeda.europa.eu/docs/.../annex-b---20140623-cyber-sa... · 3.5 Cyber SA Functional Areas Service 3.6 Cyber Command and Control 3.7 Decision

Synopsis Cyber Situation Awareness Packageeda.europa.eu/docs/.../annex-b---20140623-cyber-sa... · 3.5 Cyber SA Functional Areas Service 3.6 Cyber Command and Control 3.7 Decision

Umbrella Presentation Theme C: Cognitive Science of Cyber SA

Umbrella Presentation Theme C: Cognitive Science of Cyber SA

Cyber Crime – South African Persepctives NAIROBI, … @ SA - 14-08-12...Cyber-smearing) fraud (Cyber fraud) (see the case of S v Van den Berg 1991 (1) SACR 104 (T)), defeating the

Cyber Crime – South African Persepctives NAIROBI, … @ SA - 14-08-12...Cyber-smearing) fraud (Cyber fraud) (see the case of S v Van den Berg 1991 (1) SACR 104 (T)), defeating the

Overview of Tests in Blackboard. Benefits of Blackboard Testing.

Overview of Tests in Blackboard. Benefits of Blackboard Testing.

Blackboard Building Blocks on the Microsoft .NET Platform Developer …€¦ · Blackboard Academic Suite Building Block .NET Developer’s Guide Blackboard, the Blackboard logo,

Blackboard Building Blocks on the Microsoft .NET Platform Developer …€¦ · Blackboard Academic Suite Building Block .NET Developer’s Guide Blackboard, the Blackboard logo,

Blackboard discussion board Blackboard Blackboard Rubric ...ma-sled.weebly.com/uploads/1/7/8/2/17822131/techstuff_handout_harri… · discussion board Blackboard Rubric Blackboard

Blackboard discussion board Blackboard Blackboard Rubric ...ma-sled.weebly.com/uploads/1/7/8/2/17822131/techstuff_handout_harri… · discussion board Blackboard Rubric Blackboard

Blackboard Architecture - Concordia Universityusers.encs.concordia.ca/.../PDF/...blackboard_arch.pdf · Blackboard Architectural Pattern Blackboard The Blackboard arrchitectural pattern

Blackboard Architecture - Concordia Universityusers.encs.concordia.ca/.../PDF/...blackboard_arch.pdf · Blackboard Architectural Pattern Blackboard The Blackboard arrchitectural pattern

Cyber Proving Ground (OV-1) - c.ymcdn.com · Cyber Proving Ground ... • Maintaining SA on innovation across industry, academia, govt ... The ORACLE Transition Team General CPG Construct

Cyber Proving Ground (OV-1) - c.ymcdn.com · Cyber Proving Ground ... • Maintaining SA on innovation across industry, academia, govt ... The ORACLE Transition Team General CPG Construct

BlackBoard-UAEH Manual Uso Blackboard

BlackBoard-UAEH Manual Uso Blackboard

The Hunter Blackboard - The Hunter Blackboard | October 2014

The Hunter Blackboard - The Hunter Blackboard | October 2014

Blackboard Enhancement Study Project · Blackboard Enhancement Study Project Page 8 of 33 Recommendations Purchase Blackboard Academic Suite The Blackboard Enhancement Project recommends

Blackboard Enhancement Study Project · Blackboard Enhancement Study Project Page 8 of 33 Recommendations Purchase Blackboard Academic Suite The Blackboard Enhancement Project recommends

Student Guide to Blackboard - Grand Valley State University€¦ · Student Guide to Blackboard Blackboard Help Documents ... 9 Using Blackboard Collaborate Ultra ... **Note: Instructors

Student Guide to Blackboard - Grand Valley State University€¦ · Student Guide to Blackboard Blackboard Help Documents ... 9 Using Blackboard Collaborate Ultra ... **Note: Instructors

Online Course Orientation. Blackboard Navigation & Communication Accessing Blackboard Mandatory Blackboard Tutorials System Requirements Course Communication.

Online Course Orientation. Blackboard Navigation & Communication Accessing Blackboard Mandatory Blackboard Tutorials System Requirements Course Communication.

The Hunter Blackboard - The Hunter Blackboard | January 2015

The Hunter Blackboard - The Hunter Blackboard | January 2015

Blackboard File & Content Management · 2010-08-24 · Blackboard File & Content Management Welcome to Tarleton State University's Blackboard 8! Blackboard is the online Learning

Blackboard File & Content Management · 2010-08-24 · Blackboard File & Content Management Welcome to Tarleton State University's Blackboard 8! Blackboard is the online Learning