New plan recognition paper from AAAI-2011 with Chris Geib.
Computer Science Research
SMITE (Computer Security, Intrusion Detection)
I am currently working on the SMITE project, as part of DARPA's Scalable Network Monitoring program. SMITE aims at performing intrusion detection on ultra high speed network traffic (up to 100 Gbps).
My particular role in the project is to work on what is called intrusion detection system (IDS) "correlation" (correlation is actually a misleading term, what is really meant here is "fusion.")
Even more specifically, my work is in the component that is called the "evidence assessor." This component uses qualitative Bayesian reasoning to weigh competing hypotheses for clusters of IDS resports. Often these competing explanations weigh malign (malware sweeping the network in order to spread) against benign (print daemons looking for networked printers) explanations; the evidence assessor helps us address the problem of false positives that has plagued IDSes.
This project continues work on techniques that were first developed in the ARGUS/Scyllarus project.
Papers from SMITE:
Integrated learning (Planning, Knowledge Representation, Semantic Web)
My most recently concluded activity was working on the BBN-led POIROT team for DARPA's Integrated Learning program, which aimed at integrating together a large number of intelligent systems to learn workflows from observing humans using web services.
Papers from Integrated Learning:
I've been doing a lot of work on planning for UAVs in the past years. This is closely related to my interest in Planning for Intelligent UIs, since we're trying to use AI planners to make it easier to command complex behaviors of autonomous systems. Unfortunately, the pace of this work has been such that I have not had time to write much about it. Here are some snippets:
Planning and Controller Synthesis
My work in automatic controller synthesis has mostly been done in collaboration with my colleague, David Musliner. He introduced me to the CIRCA architecture he developed (while at the University of Michigan). CIRCA is a novel architecture for doing intelligent control in hard real-time. I have since done work on incorporating model-checking into the architecture, doing abstraction-based controller synthesis, and extending the modeling capabilities for hierarchical control.
In 2001 I participated in the NASA New Millennium Program planning process, and to be on the program committee of the AAAI Symposium on Model-Based Validation of Intelligence, to be held at Stanford in March, 2001.
In 2002, I presented results from this work at the 2002 Workshop on Hybrid Control: Control and Computation (HSCC-2002).
In 2005, Musliner, Pelican, and I wrote a paper about incremental verification in controller synthesis at the Third Workshop on Model Checking and Artificial Intelligence (MoChArt05).
February 2006: Our paper on incremental verification in controller synthesis has been published in Electronic Notes in Theoretical Computer Science. You may find the paper through Elsevier's ScienceDirect website.
For recent papers in this area, click here.
My work on planning and controller synthesis grew out of earlier work on planning in conditions of incomplete information.
I am interested in the use of Bayesian networks (belief networks, causal probabilistic networks) to do information fusion. I have worked on this in the context of troubleshooting abnormal situations in oil refineries (in the context of Honeywell's project on Abnormal Situation Management), and am now exploring the use of belief networks for information fusion in computer network intrusion detection (see the Argus project).
Planning with Incomplete Information
I became interested in work on planning under uncertainty as an outgrowth of my interest in general aspects of reasoning under uncertainy. Some of my early work in this area was concerned with developing a better understanding of algorithms for conditional planning, such as CNLP and Cassandra. This led me to work on formalizing the problem of conditional planning, and the development of algorithms for conditional linear planning and epsilon-safe planning. Some relevant papers include:
These papers were all written with Mark S. Boddy at Honeywell Laboratories.
Through work with colleagues in user-centered design, notably
Chris Miller, I have become interested in exploring the ways that
planning systems, particularly constraint-based planning systems, can
provide a user-interface to advanced control systems. One of the
systems my group at Honeywell built was a multi-agent
constraint-based planner (see below). Much
of that work was done in conjunction with my colleague Karen Haigh.
In 2006, a paper entitled "Delegation Interfaces for a Dynamic and Unpredictable Task: A Mobile Target Tracking Example," with my colleagues Chris Miller and Harry Funk, was presented at the NATO RTO Human Factors and Medicine Panel (HFM) Symposium which was held in Biarritz, France, 9-11 October 2006. That paper is available from a university site in France. Word format, I'm afraid.
A paper about the general approach, but written for a human factors audience, rather than an AI audience appeared at the HFES conference: "The Playbook Approach to Adaptive Automation," Proceedings of the Human Factors and Ergonomics Society 49th Annual Meeting, 2005.
From 2005 through 2007 I worked on the DARPA Coordinators program. This was a research program investigating coordination across multiple agents that execute complex, hierarchical tasks, in a dynamic environment. See multi-agent coordination.
My earliest work at Honeywell Technology Center was done on planning under uncertainty, and on constraint-based scheduling, specifically for batch manufacturing (a kind of manufacturing that is a hybrid between continuous and discrete manufacturing. For information on this work, and an off-print of an article from IEEE Intelligent Systems, send me some email.
Another offshoot of my work on controller synthesis has been an interest in verification. Here is a paper I co-authored, appearing in the proceedings of the 2001 Spin Workshop, describing work on verification at Honeywell Laboratories.This web page is currently very much under construction.
My CV is available as HTML for easier browsing.
I have removed the MS Word version because keeping it up-to-date was difficult, especially in the face of revisions to the software and file formats. If you must have it in MS Word, please try to import the HTML and contact me if you have any problems.
I will also make publications available through this web site.
makeis a non-starter); the way this rich environment requires us to ``hot patch'' an existing ASDF in a CL environment; the fact that there are multiple CL implementations, not just a single reference implementation; etc. We describe this work in a paper published at the 2010 International Lisp Conference:
One of my last research projects at Honeywell, and one of those of which I was most proud was the ARGUS project. The ARGUS project was work in the area of computer security, specifically intrusion detection. The objective of the ARGUS project was to provide a framework for fusing the reports of multiple intrusion detection systems into a single unified view of a computer installation's security situation. This work builds on my interest in qualitative probability and Bayesian approaches to information fusion.
A couple of papers on the Argus project, were published at the DISCEX-2001 conference. Drafts are available: