Shrobe, Howard


AWDRAT: A Cognitive Middleware System for Information Survivability

AI Magazine

The infrastructure of modern society is controlled by software systems that are vulnerable to attacks. Many such attacks, launched by "recreational hackers" have already led to severe disruptions and significant cost. It, therefore, is critical that we find ways to protect such systems and to enable them to continue functioning even after a successful attack. This article describes AWDRAT, a prototype middleware system for providing survivability to both new and legacy applications. AWDRAT stands for architectural differencing, wrappers, diagnosis, recovery, adaptive software, and trust modeling. AWDRAT uses these techniques to gain visibility into the execution of an application system and to compare the application's actual behavior to that which is expected. In the case of a deviation, AWDRAT conducts a diagnosis that determines which computational resources are likely to have been compromised and then adds these assessments to its trust model. The trust model in turn guides the recovery process, particularly by guiding the system in its choice among functionally equivalent methods and resources.AWDRAT has been applied to and evaluated on an example application system, a graphical editor for constructing mission plans. We describe a series of experiments that were performed to test the effectiveness of AWDRAT in recognizing and recovering from simulated attacks, and we present data showing the effectiveness of AWDRAT in detecting a variety of compromises to the application system (approximately 90 percent of all simulated attacks are detected, diagnosed, and corrected). We also summarize some lessons learned from the AWDRAT experiments and suggest approaches for comprehensive application protection methods and techniques.


Computational Vulnerability Analysis for Information Survivability

AI Magazine

The infrastructure of modern society is controlled by software systems. These systems are vulnerable to attacks; several such attacks, launched by "recreation hackers," have already led to severe disruption. This article is set in the context of self-adaptive survivable systems: software that judges the trustworthiness of the computational resources in its environment and that chooses how to achieve its goals in light of this trust model. Self-adaptive survivable systems contain models of their intended behavior; models of the required computational resources; models of the ways in which these resources can be compromised; and finally, models of the ways in which a system can be attacked and how such attacks can lead to compromises of the computational resources.


Computational Vulnerability Analysis for Information Survivability

AI Magazine

The infrastructure of modern society is controlled by software systems. These systems are vulnerable to attacks; several such attacks, launched by "recreation hackers," have already led to severe disruption. However, a concerted and planned attack whose goal is to reap harm could lead to catastrophic results (for example, by disabling the computers that control the electrical power grid for a sustained period of time). The survivability of such information systems in the face of attacks is therefore an area of extreme importance to society. This article is set in the context of self-adaptive survivable systems: software that judges the trustworthiness of the computational resources in its environment and that chooses how to achieve its goals in light of this trust model. Each self-adaptive survivable system detects and diagnoses compromises of its resources, taking whatever actions are necessary to recover from attack. In addition, a long-term monitoring system collects evidence from intrusion detectors, firewalls, and all the selfadaptive components, building a composite trust model used by each component. Self-adaptive survivable systems contain models of their intended behavior; models of the required computational resources; models of the ways in which these resources can be compromised; and finally, models of the ways in which a system can be attacked and how such attacks can lead to compromises of the computational resources. In this article, I focus on computational vulnerability analysis: a system that, given a description of a computational environment, deduces all the attacks that are possible. In particular, its goal is to develop multistage attack models in which the compromise of one resource is used to facilitate the compromise of other, more valuable resources. Although the ultimate aim is to use these models online as part of a self-adaptive system, there are other offline uses as well that we are deploying first to help system administrators assess the vulnerabilities of their computing environment.


What Does the Future Hold?

AI Magazine

I was asked to give a visionary talk about the future applications of Artificial Intelligence technology; but I should warn you that I'm actually not very good as a visionary. Most of my predictions about what will happen in the industry don't come true even though they ought to. So I'm not going to tell you what the future holds; what I will do is to point out some of the technological trends that are at work. Finally, I'll discuss how the development of practical applications ought to interact with the scientific enterprise of trying to understand intelligence, in particular, human intelligence.


What Does the Future Hold?

AI Magazine

I was asked to give a visionary talk about the future applications of Artificial Intelligence technology; but I should warn you that I'm actually not very good as a visionary. Most of my predictions about what will happen in the industry don't come true even though they ought to. So I'm not going to tell you what the future holds; what I will do is to point out some of the technological trends that are at work. The outline of the talk is as follows: I'll start off by looking at the previous IAAI conferences and reflect on what we've learned from them. Then I'll look at what's changing in the hardware base that sets the context for all the computer applications we do. I think that will lead to interesting new viewpoints. Next I'll sketch what applications might arise from this new viewpoint. Finally, I'll discuss how the development of practical applications ought to interact with the scientific enterprise of trying to understand intelligence, in particular, human intelligence.


Diagnosing Delivery Problems in the White House Information-Distribution System

AI Magazine

As part of a collaboration with the White House Office of Media Affairs, members of the Artificial Intelligence Laboratory at the Massachusetts Institute of Technology designed a system, called COMLINK, that distributes a daily stream of documents released by the Office of Media Affairs. Approximately 4,000 direct subscribers receive information from this service, but more than 100,000 people receive the information through redistribution channels. The information is distributed through e-mail and the World Wide Web. These invalid subscriptions cause a backwash of hundreds of bounced-mail messages each day that must be processed by the operators of the COMLINK system.


The Innovative Applications of Artificial Intelligence Conference: Past and Future

AI Magazine

This article is a reflection on the goals and focus of the Innovative Applications of Artificial Intelligence (IAAI) Conference. The author begins with an historical review of the conference. He then goes on to discuss the role of the IAAI conference, including an examination of the relationship between AI scientific research and the application of AI technology. He concludes with a presentation of the new vision for the IAAI conference.


Diagnosing Delivery Problems in the White House Information-Distribution System

AI Magazine

As part of a collaboration with the White House Office of Media Affairs, members of the Artificial Intelligence Laboratory at the Massachusetts Institute of Technology designed a system, called COMLINK, that distributes a daily stream of documents released by the Office of Media Affairs. Approximately 4,000 direct subscribers receive information from this service, but more than 100,000 people receive the information through redistribution channels. The information is distributed through e-mail and the World Wide Web. In such a large-scale distribution scheme, there is a constant problem of subscriptions becoming invalid because the user's e-mail account has terminated. These invalid subscriptions cause a backwash of hundreds of bounced-mail messages each day that must be processed by the operators of the COMLINK system. To manage this annoying but necessary task, an expert system named BMES was developed to diagnose the failures of information delivery.


The Innovative Applications of Artificial Intelligence Conference: Past and Future

AI Magazine

This article is a reflection on the goals and focus of the Innovative Applications of Artificial Intelligence (IAAI) Conference. The author begins with an historical review of the conference. He then goes on to discuss the role of the IAAI conference, including an examination of the relationship between AI scientific research and the application of AI technology. He concludes with a presentation of the new vision for the IAAI conference.


Knowledge-Based Systems Research and Applications in Japan, 1992

AI Magazine

Representatives of universities and businesses were chosen by the Japan Technology Evaluation Center to investigate the state of the technology in Japan relative to the United States. The panel's report focused on applications, tools, and research and development in universities and industry and on major national projects.