artificial intelligence

Solving POMDPs online through HTN Planning and Monte Carlo Tree Search

This paper describes our ShoppingSpree HTN algorithm for online planning in Partially Observable Markov Decision Processes (POMDPs).  ShoppingSpree combines the HTN planning algorithm from SHOP3, extensions to SHOP3's representation to handle partial observability, and Monte Carlo Tree Search for efficient sampling in the problem space.  This paper presents only the algorithm and initial notes on the implementation: this is work in progress.

Extending Biology Models with Deep NLP over Scientific Articles

This paper describes R3 (Reading, Reasoning, and Reporting), our system for deep language understanding and model management for the biomedical domain. Starting from a base BioPAX model, we learn extensions to it by reading biomedical research articles from PubMed Central. We describe the particular issues for text understanding in this domain and how we use pre- and post-analysis reasoning to bridge the differences in how knowledge is packaged in a text versus a biomedical database.

FUZZBUSTER: Towards Adaptive Immunity from Cyber Threats

Today’s computer systems are under relentless at- tack from cyber attackers armed with sophisticated vulnerabil- ity search and exploit development toolkits. To protect against such threats, we are developing FUZZBUSTER , an automated system that provides adaptive immunity against a wide variety of cyber threats. FUZZBUSTER reacts to observed attacks and proactively searches for never-before-seen vulnerabilities. FUZZBUSTER uses a suite of fuzz testing and vulnerability assessment tools to find or verify the existence of vulnerabilities.

Automatically Repairing Stripped Executables with CFG Microsurgery

BINSURGEON is a binary rewriting system that enhances stripped binary executables with repairs, defenses, and additional functionality. This involves making space-consuming changes to the program’s control flow graph (CFG), recomputing instruction content, and relocating instructions, all while preserving functionality in the remainder of the program’s control flow. BINSURGEON uses extendable rewrite templates that enable other systems to specify and parameterize program modifications, which allows BINSURGEON to be a fully-automatic component of a larger system.

Self-Adaptation Metrics for Active Cybersecurity

FUZZBUSTER is a host-based adaptive security system that automatically discovers, refines, and repairs vulnerabilities in hosted applications in order to prevent cyberattacks. FUZZBUSTER must decide when to adapt its applications, when to revoke its previous adaptations, and when to sacrifice functionality to improve security. This requires an adaptation quality metric that captures (1) an application’s susceptibility to cyberattacks and (2) an application’s functionality, since adapting an application affects both of these factors.

Meta-control for Adaptative Cybersecurity in FUZZBUSTER

Modern cyber attackers use sophisticated, highly-automated vulnerability search and exploit development tools to find new ways to break into target computers. To protect against such threats, we are developing FUZZBUSTER, a host-based adaptive security system that automatically discovers faults in hosted applications and incrementally refines and repairs the underlying vulnerabilities. To perform this self-adaptation, FUZZBUSTER uses meta-control to coordinate a diverse and growing set of custom and off-the-shelf fuzz-testing tools.

Automated Fault Analysis and Filter Generation for Adaptive Cybersecurity

We are developing the FUZZBUSTER system to automatically identify software vulnerabilities and create adaptations that shield or repair those vulnerabilities before attackers can exploit them. Adaptive cybersecurity involves efficiently improv- ing software security to minimize the window of attack, and also preserving software functionality as much as possible. This paper presents new tools that have been integrated into FUZZBUSTER adaptive cybersecurity.

Improving Automated Cybersecurity by Generalizing Faults and Quantifying Patch Performance

We are developing the FUZZBUSTER system to automatically identify software vulnerabilities and create adaptations that shield or repair those vulnerabilities before attackers can exploit them. FUZZBUSTER’s goal is to minimize the time that vulnerabilities exist, while also preserving software functionality as much as possible. This paper presents new adaptive cybersecurity tools that we have integrated into FUZZBUSTER, as well as new metrics that FUZZBUSTER uses to assess their performance.

Pages