A new intelligent mechanism is presented to protect networks against the new generation of cyber attacks. This
mechanism integrates TCP/UDP/IP protocol stack protection and attacker/intruder deception to eliminate existing
TCP/UDP/IP protocol stack vulnerabilities. It allows to detect currently undetectable, highly distributed, low-frequency
attacks such as distributed denial-of-service (DDoS) attacks, coordinated attacks, botnet, and stealth network
reconnaissance. The mechanism also allows insulating attacker/intruder from the network and redirecting the attack to a
simulated network acting as a decoy. As a result, network security personnel gain sufficient time to defend the network
and collect the attack information. The presented approach can be incorporated into wireless or wired networks that
require protection against known and the new generation of cyber attacks.
Real world adversarial dynamics such as those encountered in Computer and Network security require models
which allow for both imperfect and incomplete information. Recently game theoretic models and specically
signaling games have been at the forefront of interest for modeling these scenarios. We propose a modication
of signaling games, a type of Bayesian game, which we believe can serve as a model for these scenarios. By
incorporating real world data into the model, these games could allow interested parties to learn the true nature
of the game that they are already playing - though without the rulebook.
To date, cyber security investment by both the government and commercial sectors has been largely driven by
the myopic best response of players to the actions of their adversaries and their perception of the adversarial
environment. However, current work in applying traditional game theory to cyber operations typically assumes
that games exist with prescribed moves, strategies, and payos. This paper presents an analytic approach to
characterizing the more realistic cyber adversarial metagame that we believe is being played. Examples show
that understanding the dynamic metagame provides opportunities to exploit an adversary's anticipated attack
strategy. A dynamic version of a graph-based attack-defend game is introduced, and a simulation shows how an
optimal strategy can be selected for success in the dynamic environment.
We describe a method for the estimation of an opponent's utility matrix in a finite repeated game, given that
he selects his actions by a known deterministic algorithm with some unknown parameters. We also investigate
the prediction, based on the utility matrix estimate, of this opponent's future actions, and a simple method by
which the opponent can counter these efforts. These are posed as a feasibility problem and a convex optimization
problem, respectively. Simulation results are also presented.
Training eective cyber operatives requires realistic network environments that incorporate the structural and
social complexities representative of the real world. Network trac generators facilitate repeatable experiments
for the development, training and testing of cyber operations. However, current network trac generators, ranging from simple load testers to complex frameworks, fail to capture the realism inherent in actual environments.
In order to improve the realism of network trac generated by these systems, it is necessary to quantitatively
measure the level of realism in generated trac with respect to the environment being mimicked. We categorize
realism measures into statistical, content, and behavioral measurements, and propose various metrics that can
be applied at each level to indicate how eectively the generated trac mimics the real world.
We successfully introduce an analogy of microarray analysis for robust exemplar selection to enable optimal
classification. The microarray is analogous to the Spatial Voting (SV) grid, where digital artifacts are stacked onto the
grid and grid cells are colored red if only the experiment samples (Class 1) are present, green if only control samples
(Class 2) are present, and yellow if both classes are present. We use this information to determine if the exemplars are to
be placed in the training, validation, or test dataset. The bytes of these digital artifacts are converted into ASCII values,
characterized using the recursive form of higher order parametric and non-parametric statistics, and classifiers derived
for discrimination and classification. The results and findings of our work are presented here.
In the defense industry it is becoming necessary in some cases to encrypt an existing unencrypted or weakly encrypted
wireless communication link. Factors affecting such a requirement include classification of data that was not previously
classified, sustaining an aging system that is no longer state-of-the-art, repurposing a communication link for a new
function requiring encryption, or a change in the acceptability of an existing encryption algorithm. In these cases it is
usually desirable to insert encryption and decryption capabilities into the communication network without drastically
changing the function, structure, or characteristics of the existing network. The easiest way to accomplish this is usually
through a software update. However, that is not always possible for various reasons which will be explained. This paper
will discuss the general process by which encryption can be implemented using electronics hardware, and will place an
emphasis on reducing costs along the way.
Today, the threat perception is changing. Not only for countries but also for defence organisations like NATO, new
threat perception is pointing terrorism. Many countries' air forces become responsible of fighting against terorism or
Counter-Insurgency (COIN) Operations. Different from conventional warfare, alternative weapon or weapon systems are
required for such operatioins. In counter-terrorism operations modern fighter jets are used as well as helicopters,
subsonic jets, Unmanned Aircraft Systems (UAS), turboprop aircraft, baloons and similar platforms. Succes and
efficiency of the use of these platforms can be determined by evaluating the conditions, the threats and the area together.
Obviously, each platform has advantages and disadvantages for different cases.
In this research, examples of turboprop aircraft usage against terrorism and with a more general approach, turboprop
aircraft for Close Air Support (CAS) missions from all around the world are reviewed. In this effort, a closer look is
taken at the countries using turboprop aircraft in CAS missions while observing the fields these aircraft are used in, type
of operations, specifications of the aircraft, cost and the maintenance factors. Thus, an idea about the convenience of
using these aircraft in such operations can be obtained. A SWOT analysis of turboprop aircraft in CAS operations is
performed. This study shows that turboprop aircraft are suitable to be used in counter-terrorism and COIN operations in
low threat environment and is cost benefical compared to jets.
Multi-robot systems comprising of heterogeneous autonomous vehicles on land, air, water are being increasingly
used to assist or replace humans in different hazardous missions. Two crucial aspects in such multi-robot
systems are to: a) explore an initially unknown region of interest to discover tasks, and, b) allocate and share
the discovered tasks between the robots in a coordinated manner using a multi-robot task allocation (MRTA)
algorithm. In this paper, we describe results from our research on multi-robot terrain coverage and MRTA
algorithms within an autonomous landmine detection scenario, done as part of the COMRADES project. Each
robot is equipped with a different type of landmine detection sensor and different sensors, even of the same type,
can have different degrees of accuracy. The landmine detection-related operations performed by each robot are
abstracted as tasks and multiple robots are required to complete a single task. First, we describe a distributed
and robust terrain coverage algorithm that employs Voronoi partitions to divide the area of interest among the
robots and then uses a single-robot coverage algorithm to explore each partition for potential landmines. Then,
we describe MRTA algorithms that use the location information of discovered potential landmines and employ
either a greedy strategy, or, an opportunistic strategy to allocate tasks among the robots while attempting to
minimize the time (energy) expended by the robots to perform the tasks. We report experimental results of our
algorithms using accurately-simulated Corobot robots within the Webots simulator performing a multi-robot,
landmine detection operation.
In this paper we discuss extraction of anomalous events based on the theory of catastrophes, a mathematical theory of
continuous geometrical manifolds with discrete singularities called catastrophes. Intelligence exploitation systems and
technologies include such novel data mining techniques as automatic extraction of discrete anomalous events by
software algorithms based on the theory of catastrophes, that can reduce complex problems to a few essential so-called
state variables. This paper discusses mostly corank-1 catastrophes with only one state variable, for simplicity. As an
example we discuss mostly avionics platforms and catastrophic failures that can be recorded by flight instruments.
Renewable energy is an important source of power for unattended sensors (ground, sea, air), tagging systems, and other
remote platforms for Homeland Security and Homeland Defense. Also, Command, Control, Communication, and
Intelligence (C3I) systems and technologies often require renewable energy sources for information assurance (IA), in
general, and anti-tampering (AT), in particular. However, various geophysical and environmental conditions determine
different types of energy harvesting: solar, thermal, vibration, acoustic, hydraulic, wind, and others. Among them, solar
energy is usually preferable, but, both a solar habitat and the necessity for night operation can create a need for other
types of renewable energy. In this paper, we introduce figures of merit (FoMs) for evaluating preferences of specific
energy sources, as resource management tools, based on geophysical conditions. Also, Battery Systemic Modeling is
The replicator equations are first-order (in time), nonlinear differential equations which can be used to model the
time evolution of probabilities in evolutionary game theory. They are obtained by assuming that the percentage
rate of change of a probability be simply proportional to the difference between a payoff and some average payoff.
Here we apply these equations to obtain the time evolution two players' strategies in a zero-sum game which
models the illegal transport of a commodity across a national border and of the efforts of agents to intercept it.
Detecting invisible details and separating mixed evidence is critical for forensic inspection. If this can be done reliably
and fast at the crime scene, irrelevant objects do not require further examination at the laboratory. This will speed up the
inspection process and release resources for other critical tasks. This article reports on tests which have been carried out
at the University of Jyväskylä in Finland together with the Central Finland Police Department and the National Bureau of
Investigation for detecting and separating forensic details with hyperspectral technology. In the tests evidence was sought
after at an assumed violent burglary scene with the use of VTT's 500-900 nm wavelength VNIR camera, Specim's 400-
1000 nm VNIR camera, and Specim's 1000-2500 nm SWIR camera. The tested details were dried blood on a ceramic
plate, a stain of four types of mixed and absorbed blood, and blood which had been washed off a table. Other examined
details included untreated latent fingerprints, gunshot residue, primer residue, and layered paint on small pieces of wood.
All cameras could detect visible details and separate mixed paint. The SWIR camera could also separate four types of
human and animal blood which were mixed in the same stain and absorbed into a fabric. None of the cameras could
however detect primer residue, untreated latent fingerprints, or blood that had been washed off. The results are
encouraging and indicate the need for further studies. The results also emphasize the importance of creating optimal
imaging conditions into the crime scene for each kind of subjects and backgrounds.
The capability to track individuals in CCTV cameras is important for surveillance and forensics alike. However, it is
laborious to do over multiple cameras. Therefore, an automated system is desirable. In literature several methods have
been proposed, but their robustness against varying viewpoints and illumination is limited. Hence performance in
realistic settings is also limited. In this paper, we present a novel method for the automatic re-identification of persons in
video from surveillance cameras in a realistic setting. The method is computationally efficient, robust to a wide variety
of viewpoints and illumination, simple to implement and it requires no training. We compare the performance of our
method to several state-of-the-art methods on a publically available dataset that contains the variety of viewpoints and
illumination to allow benchmarking. The results indicate that our method shows good performance and enables a human
operator to track persons five times faster.
There are many accepted sensor technologies for generating spectra for material classification. Once the spectra are
generated, communication bandwidth limitations favor local material classification with its attendant reduction in data
transfer rates and power consumption. Transferring sensor technologies such as Cavity Ring-Down Spectroscopy
(CRDS) and Laser Induced Breakdown Spectroscopy (LIBS) require effective material classifiers. A result of recent
efforts has been emphasis on Partial Least Squares - Discriminant Analysis (PLS-DA) and Principle Component
Analysis (PCA). Implementation of these via general purpose computers is difficult in small portable sensor
configurations. This paper addresses the creation of a low mass, low power, robust hardware spectra classifier for a
limited set of predetermined materials in an atmospheric matrix. Crucial to this is the incorporation of PCA or PLS-DA
classifiers into a predictor-corrector style implementation. The system configuration guarantees rapid convergence.
Software running on multi-core Digital Signal Processor (DSPs) simulates a stream-lined plasma physics model
estimator, reducing Analog-to-Digital (ADC) power requirements. This paper presents the results of a predictorcorrector
model implemented on a low power multi-core DSP to perform substance classification. This configuration
emphasizes the hardware system and software design via a predictor corrector model that simultaneously decreases the
sample rate while performing the classification.
We developed a high-sensitivity GaN photocathode that works in transmission mode. It has 40.9 % quantum efficiency at
310 nm wavelength. Conventional GaN photocathodes, both transmission mode and reflection mode, are made on a
sapphire substrate using metal-organic vapor phase epitaxy (MOVPE). In reflection mode, a GaN photocathode has very
high quantum efficiency (QE) of over 50 %. However, in transmission mode, the quantum efficiency of a GaN photocathode
was about 25 % at 240 nm with this technique. Therefore, we developed a new GaN photocathode using a
glass-bonding technique, where a GaN thin film was bonded to a glass face plate. We found out that constituting an Al-
GaN layer on the light incidence side of the photocathode surface provided higher QE than a sole GaN layer type for
transmission mode. We focused on the band bending of the photocathode, and analyzed QE for both transmission mode
and reflection mode. We then verified the effectiveness of the AlGaN layer using the results from the analysis. The
high-sensitivity UV photocathode will be used for flame detection, corona discharge observation, and other UV imaging.
Image sequences (e.g. video) gathered by a sensor mounted on an airborne platform (e.g. UAV) are used today to
address many different tasks in various fields of application. Sequences are usually taken to gather information of an area
for planning and assessing purposes, to witness any changes and to monitor activities within that area. Image sequences
are usually stored as they are taken. In order to perform the above tasks in a post processing step properly, it is necessary
to find relevant sequences or subsequences in the huge amount of stored data efficiently. Therefore it is mandatory to
store the sequences in a way to enable retrieving any relevant frame or subsequence with respect to a geographical
attribute such as e.g. the position of the footprint or a nongeographical attribute such as the date and time gathered or the
spectral band of gathered sequence. We have developed a method to store each frame of an image sequence into a spatial
relational database in a way that addresses this issue. We further have developed an interface to that database that allows
us to retrieve frames and subsequences both employing task specific clients and existing exploitation software systems
such as Fraunhofer IOSB's ABUL exploitation station.
The advanced imagers team at JHU APL and ECE has been advocating and developing a new class of sensor systems
that address key system level performance bottlenecks but are sufficiently flexible to allow optimization of associated
cost and size, weight, and power (SWaP) for different applications and missions. A primary component of this approach
is the innovative system-on-chip architecture: Flexible Readout and Integration Sensors (FRIS). This paper reports on
the development and testing of a prototype based on the FRIS concept. It will include the architecture, a summary of test
results to date relevant to the hostile fire detection challenge. For this application, this prototype demonstrates the
potential for this concept to yield the smallest SWaP and lowest cost imaging solution with a low false alarm rate. In
addition, a specific solution based on the visible band is proposed. Similar performance and SWaP gains are expected for
other wavebands such as SWIR, MWIR, and LWIR and/or other applications like persistent surveillance for critical
infrastructure and border control in addition to unattended sensors.
Fast documentation of complex scenes where accidents or crimes occurred is fundamental not to lose information for
post-event analyses and lesson learning. Today 3D terrestrial laser scanning and photogrammetry offer instruments
capable of achieving this task. The former allows the fast geometric reconstruction of complex scenes through dense
point clouds. Different kinds of instruments can be used according to the size of the area to survey and to the required
level of details. The latter can be used for both geometric reconstruction and for photo-realistic texturing of laser scans.
While photogrammetry better focuses on small details, laser scanning gives out a more comprehensive view of geometry
of whole crime/accident scene. Both techniques can be used for recording a scene just after a crime or a disaster
occurred, before the area is cleared out to recover regular activities. Visualization of results through an easy-to-use 3D
environment is another import issue to offer useful data to investigators. Here two experiences of crime scene
documentation are proposed.
Traditional approach of locating devices relies on "tagging" with a special tracking device, for example GPS receiver.
This process of tagging is often impractical and costly since additional devices may be necessary. Conversely, in many
applications it is desired to track electronic devices, which already emit unintentional, passive radio frequency (RF)
signals. These emissions can be used to detect and locate such electronic devices. Existing schemes often rely on a priori
knowledge of the parameters of RF emission, e.g. frequency profile, and work reliably only on short distances. In
contrast, the proposed methodology aims at detecting the inherent self-similarity of the emitted RF signal by using Hurst
parameter, which (1) allows detection of unknown (not-pre-profiled) devices, (2) extends the detection range over signal
strength (peak-detection) methods, and (3) increases probability of detection over the traditional approaches. Moreover,
the distance to the device is estimated based on the Hurst parameter and passive RF signal measurements such that the
detected device can be located. Theoretical and experimental studies demonstrate improved performance of the proposed
methodology over existing ones, for instance the basic received signal strength (RSS) indicator scheme. The proposed
approach increases the detection range by 70%, the probability of detection by 60%, and improves the range estimation
and localization accuracy by 70%.
Surveillance, detection, and tracking of multiple high-speed projectiles, particularly bullets, RPGs, and
artillery shells, can help military forces immediately locate sources of enemy fire and trigger countermeasures. The
traditional techniques for detection and tracing of fast moving objects typically employ various types of radar, which has
inherently low resolution for such small objects. Fast moving projectiles are aerodynamically heated up to several
hundred degree Kelvin temperatures depending on the speed of a projectile. Thereby, such projectiles radiate in the Mid-
Infrared (MWIR) region, where electro-optical resolution is far superior, even to microwave radars. A new passive
electro-optical tracker (or PET) uses a two-band IR intensity ratio to obtain a time-varying speed estimate from their
time-varying temperatures. Based on an array of time-varying speed data and an array of azimuth/ elevation angles, PET
can determines the 3D projectile trajectory and back track it to the source of fire. Various methods are given to
determine the vector and range of a projectile, both for clear and for non-homogeneous atmospheric conditions. One
approach uses the relative intensity of the image of the projectile on the pixels of a CCD camera to determine the
azimuthal angle of trajectory with respect to the ground, and its range. Then by using directions to the tracked projectile
(azimuth and elevation angles of the trajectory) and the array of instant projectile speeds, PET determines the distance to
the projectile at any point on its tracked trajectory or its predicted trajectory backwards or forwards in time. A second
approach uses a least-squares optimization technique over multiple frames based on a triangular representation of the
smeared image to yield a real-time trajectory estimate. PET's estimated range accuracy is 0.2 m and the azimuth of the
trajectory can be estimated within 0.2°.
Acoustical sniper positioning systems rely on the detection and direction-of-arrival (DOA) estimation of the
shockwave and the muzzle blast in order to provide an estimate of a potential snipers location. Field tests have
shown that detecting and estimating the DOA of the muzzle blast is a rather difficult task in the presence of
background noise sources, e.g., vehicle noise, especially in long range detection and absorbing terrains. In our
previous work presented in the 2011 edition of this conference we highlight the importance of improving the
SNR of the gunshot signals prior to the detection and recognition stages, aiming at lowering the false alarm
and miss-detection rates and, thereby, increasing the reliability of the system. This paper reports on real-time
noise cancellation techniques, like Spectral Subtraction and Adaptive Filtering, applied to gunshot signals. Our
model assumes the background noise as being short-time stationary and uncorrelated to the impulsive gunshot
signals. In practice, relatively long periods without signal occur and can be used to estimate the noise spectrum
and its first and second order statistics as required in the spectral subtraction and adaptive filtering techniques,
respectively. The results presented in this work are supported with extensive simulations based on real data.
Traditionally the methods to increase firearms accuracy, particularly at distance, have concentrated on
barrel isolation (free floating) and substantial barrel wall thickening to gain rigidity. This barrel stiffening
technique did not completely eliminate barrel movement but the problem was significantly reduced to allow
a noticeable accuracy enhancement. This process, although highly successful, came at a very high weight
penalty. Obviously the goal would be to lighten the barrel (firearm), yet achieve even greater accuracy.
Thus, if lightweight barrels could ultimately be compensated for both their static and dynamic mechanical
perturbations, the result would be very accurate, yet significantly lighter weight, weapons. We discuss our
development of a barrel reference sensor system that is designed to accomplish this ambitious goal. Our
optical fiber-based sensor monitors the barrel muzzle position and autonomously compensates for any
induced perturbations. The reticle is electronically adjusted in position to compensate for the induced barrel
deviation in real time.
A novel approach will be discussed to design and fabricate sensors for a wide variety of wavelengths by selecting
appropriate acceptor levels in a semiconductor material. An n-type 4H-SiC substrate has been doped with gallium using
a laser doping method for sensing the MWIR wavelength of 4.21 mm. The incident MWIR photons change the electron
densities in the valence band and the acceptor energy levels, modifying the reflectivity of the sensor. This change in the
reflectivity is determined with a He-Ne laser as an optical signal and the sensor can be operated at room temperature.
The effect of the photon collection optics on the sensor response has been studied. Also the dopant concentration has
been found to affect the optical signal.