On Tuesday, April 10, 2018 @ 6PM-9PM

Presented by Dr. Edward Huang

PRESENTATION HERE

Main Site | $0

REGISTER FOR MCLEAN HERE

(US Citizens Only)

Remote Sites | $0

REGISTER FOR DC / L’ENFANT HERE (US Citizens Only)

REGISTER FOR CHANTILLY, VA HERE (US Citizens Only)

REGISTER FOR GMU HERE

REGISTER FOR GWU / DC FOGGY BOTTOM HERE

 

Description:

This talk describes a methodology and testbed for modeling enterprises that use data, tools, people and processes to make mission-focused inferences. We focus on inference enterprises devoted to detecting insider threats. The purpose of modeling is to evaluate enterprise performance. Specifically, we consider the problem of estimating how well system alerts based on insider behaviors perform at identifying insiders of true concern. This is a challenging task because data are often incomplete and noisy, and may be aggregated to protect privacy. For this reason, models may require judgmental inputs from experts as well as sophisticated approaches to addressing incomplete data. Our multi-modeling approach to Inference Enterprise Modeling (IEM), or MIEM, constructs multiple models to generate multiple predictions of IEM performance, which are combined into an overall estimate of performance with error bounds. Our approach was the top performer in the competitive IARPA SCITE program, focused on developing methodology and tools for modeling insider threat inference enterprises.

We present a multi-modeling testbed called STIEM (Semantic Testbed for Inference Enterprise Modeling). The testbed allows the modeler to construct automated workflows that integrate different analysis models and tools into an overall model of the enterprise. The testbed also allows several qualitatively different workflows to be combined into an overall performance estimate with error bounds, in keeping with the finding that an ensemble of models often out-performs the individual models. We demonstrate how to conduct sensitivity analysis of model parameters with respect to performance of the whole system.

While our presentation focuses on the insider threat domain, the STIEM approach is useful to a broad set of areas that involve multiple analysis models. Examples include defense/national security, homeland security, intelligence operations, etc.

 

Presenter Bio:

Dr. Edward Huang is an assistant professor in the Department of Systems Engineering and Operations Research, George Mason University, Fairfax, Virginia. Prior to joining George Mason, he worked as a senior system engineer at Innovative Scheduling. He received his B.S. degree in industrial engineering and engineering management from National Tsing Hua University, Taiwan in 2001, and his M.S. and Ph.D. degrees in industrial systems engineering from Georgia Institute of Technology, Atlanta, Georgia in 2008 and 2011, respectively. Dr. Huang’s current research interests include model-based systems engineering, robust system design, and facility design. He is the member of International Council on Systems Engineering (INCOSE) and Institute for Operations Research and Management Sciences (INFORMS).