540 likes | 660 Views
Sensor Management Problems of Nuclear Detection – Layered Defense. Fred S. Roberts Rutgers University. Multi-disciplinary, Multi-institutional Project. Based at Rutgers University Partners at Princeton, Texas State University – San Marcos Collaborators at LANL, PNNL, Sandia.
E N D
Sensor Management Problems of Nuclear Detection – Layered Defense Fred S. Roberts Rutgers University
Multi-disciplinary, Multi-institutional Project • Based at Rutgers University • Partners at Princeton, Texas State University – San Marcos • Collaborators at LANL, PNNL, Sandia
Much of this work takes place at CCICADA Founded 2009 as a DHS University Center of Excellence – the DHS CCI COE based at Rutgers
Key Underlying Project Themes • New developments in hardware are important in nuclear detection/prevention, but so are new algorithms, models, and statistical methods • Nuclear detection/prevention involves sorting through massive amounts of information • We need ways to make use of as many sources of information as possible.
Research Thrusts: Recent Work • Tools for Risk Assessment and Anomaly Detection • 2. Layered Defense
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection • Risk Scoring of Containers • Visualization of Data • Machine Learning to Distinguish Threat from non-Threat Radiation Visualization of Port to Port Shipments
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Container Risk Scoring: • We looked at a year’s worth of manifest data from container ships – every Wed. • Goal: Identify mislabeled or anomalous shipments through scrutiny of a manifest data
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Container Risk Scoring: • Used our penalized regression scoring to identify risk scores and patterns or time trends in variables. • Emphasis on relationships among container shipment contents, port of origin and destination, carrier, etc.
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Container Risk Scoring: • Looked at manifest data from before and after the Japanese tsunami. Expect to find differences. Credit: National Geographic News
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Container Risk Scoring: • Looked at manifest data from before and after the Japanese tsunami. Expect to find differences. • Found that pattern of frequency data based on “domestic port of unlading” is statistically different before and after the tsunami. • But the pattern based on distribution of carrier is not • Conclusion: Don’t depend on just one variable to uncover anomalies.
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Visualization of Manifest Data: • Data visualization is a powerful new area of research enabling rapid insight into patterns and departures from patterns • Analyzed relationships among container shipment contents, foreign port of origin and US destination port
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Visualization of Manifest Data: • Encoded shipment information as weighted time-variant graphs amenable to fast stream processing and visualization
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Visualization of Manifest Data: • Developed novel representation of manifest data amenable to fast visualization and processing
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Visualization of Manifest Data: • Developed novel algorithm based on “combinatorial discrepancy” to detect anomalous traffic in manifest data
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Machine Learning to Distinguish Threat from non-Threat Radiation • Goal: distinguish non-threat sources of radiation from threat materials and identify an isotope. • Compared machine learning Topic Modeling algorithms: recently-popularized Higher Order Latent Dirichlet Allocation (H0-LDA) vs. traditional LDA.
Research Thrusts: Recent Work • Research Thrust 1: Tools for Risk Assessment and Anomaly Detection:RecentHighlights • Machine Learning to Distinguish Threat from non-Threat Radiation • Learning based on data set of 302 spectra including 17 isotopes and background. • Analyze gamma-ray spectra generated by CZT-based handheld detectors • Comparing HO-LDA to traditional LDA. • Concentrated on GA67, I131, In111, Tc99m • HO-LDA performed statistically significantly better than LDA
Target Research Thrusts: Recent Work • Research Thrust 2: Layered Defense
Research Thrust 2: Layered Defense • We have formulated a model of how to locate nuclear surveillance in the area around a facility, e.g., roadways and walkways approaching sports stadiums.
Layered Defense • This relates to a CCICADA project in connection with the National Football League. • Developing simulation models for evacuation of stadiums.
Layered Defense To develop our ideas, we have formulated a model of a “perimeter” defense of the target with several layers of defense: • Limited budget for surveillance • How much to invest in each layer? • Defense at outer layers might be less successful but could provide useful information to selectively refine and adapt strategies at inner layers. • Arranging defense in layers so decisions can be made sequentially might significantly reduce costs and increase chance of success.
Target Layered Defense Abstract model of layered defense: • Target in middle • Threats arrive via 4 inner channels • Each combines 2 outer outer flows of vehicles, persons, etc.
Target Layered Defense Abstract model of layered defense: • Fixed budget for outer layer and for inner layer defense • Can choose among detectors with different characteristics and costs • How optimize probability of detection?
Target Layered Defense Different models for: • Flow along different paths • Prob. of detection at different locations (outer, inner) • Allowable modifications of inner defense strategies based on outer layer results
Layered Defense • Monitoring at outer layer not only hinders an attacker but can provide information about current state of threat that can be used to refine and adapt strategies at inner layers. • There is a complex tradeoff between maximizing the cost-effectiveness of each layer and overall benefits from devoting some efforts at the outer layer to gathering as much information as possible to maximize effectiveness of the inner layer. • We have formulated this as an optimization problem.
General Formulation: Outer layer(s) plus inner layer(s) – paths of approach
General Formulation: Outer layer(s) plus inner layer(s) – paths of approach • Model Assumptions: First Model: • Each incoming path u has a dangerous “flow” Fu • At each sensor k, the probability of detection is a • function Dk(Rk) of the resources Rk allocated to • that sensor. • Assume that Dk(Rk) is a concave, piecewise linear • function.
General Formulation: Outer layer(s) plus inner layer(s) – paths of approach • Model Assumptions: First Model • Special Case: The Case of Two Layers • Assume that the outside layers share a limited • resource budget and so do the inside layers. • More subtle models allow one to make decisions • about how much budget to allocate between • inside and outside. • Goal: Allocate the total outside resources among • individual sensors and allocate the total inside • resources among individual sensors in order to • maximize the illegal flow detected.
General Formulation: Outer layer(s) plus inner layer(s) – paths of approach • Model Assumptions: First Model • Special Case: The Case of Two Layers • Goal: Allocate the total outside resources among individual sensors and allocate the total inside resources among individual sensors in order to maximize the illegal flow detected. • Note: So far, this model does not have the • random allocation of resources to sensors that • we ultimately aim for to confuse the attacker. That is an added component for future work.
General Formulation: Outer layer(s) plus inner layer(s) – paths of approach • Model Assumptions: First Model • Special Case: The Case of Two Layers • Since there are only 2 layers, we can identify • the path name with the outer layer sensor where • it begins. • Thus, path u is the path beginning at outer • sensor u.
The Case of Two Layers Dangerous flow captured at outsidesensor j Dangerous flow not captured at outside sensor j that is captured at inside sensor i
Solving the Optimization Problem • This formulates the problem as a non-linear optimization problem. • A standard approach to such problems is a • brute force approach that fixes a resource “mesh”size and enumerates all possibilities. • Discretize the resource space for each sensor into subintervals • Examine every possible resource allocation • That approach is not computationally feasible for the problem as we have formulated it. • We have developed a new approach to solving the problem in our context.
Solving the Optimization Problem • We have developed a new approach to solving the problem in our context. • Still discretize the resource space for interior sensors into subintervals and solve that. • However, we can now find the optimal configuration for the exterior sensors by solving a linear programming problem for each combination of interior and exterior sensors. • An improvement, but this is still too computationally intensive. • However, a dynamic programming variant avoids the worst part of the computation.
Methods Solve Some Special Cases Detection network architecture First assumption: linear detection rates both inside and outside
Our methods for this simple problem as well as • the more complex problems we will describe were • applied on a simple AMD Phenom X4 9550 • workstation with 6GB of DDR2 RAM, and • were often solved in a matter of seconds.
A more complicated network: Multiple outside sensors Case of 2 Outside sensors (green and blue) and 1 inside sensor Piecewise linear detection rate functions
A more complicated network: Multiple outside and multiple inside sensors
Our methods generalize to this case. • Even with 4 inside sensors and 2 outside sensors per inside sensor, solution in < 2 minutes on modest workstation.
Solution with 4 inside sensors and 2 outside sensors per inside sensor • Solution “tableau” includes10,302 distinct points. • Solution in < 2 minutes on modest workstation. • Methods feasible up to 10 inside sensors. • After that, need approximation methods.
Case of an Adaptive Adversary • So far, our model assumed a fixed flow of dangerous material on each pathway. • What if we have an adaptive adversary who recognizes how much of a resource we use for sensors on each node and then chooses the path that minimizes the probability of detection? • To defend against such an adversary we might seek to assign sensor resources so as to maximize the minimum detection rate on any path.
The Problem for Two Layers with an Adaptive Adversary
The Case of Two Layers with an Adaptive Adversary • We have developed methods that work with • multiple inside sensors and multiple outside sensors
Solution with 4 inside sensors and 2 outside sensors per inside sensor • Solution “tableau” had 40,401 distinct points. • Solution in 3102 seconds (52 minutes) on modest workstation. • Hope to be able to speed up so methods feasible • for up to 10 inside sensors. • After that, need approximation methods.
Testing Layered Defense Ideas at NFL Stadiums • Working with NFL stadiums • Looking at variety of inspection problems, not just nuclear detection. • Gathering data about how they do layered defense and building simulation models
Testing Layered Defense Ideas at NFL Stadiums • Model for inspection: • Assume all basic inspection methods perform like M/M/1 queues (inter-arrival times and service times are exponentially distributed) • Studying a variety of different kinds of inspections • Five measures of effectiveness: • Detection rate • False alarm rate • Monetary cost • Throughput • Average waiting time
Testing Layered Defense Ideas at NFL Stadiums • Model for inspection: • Comparing different kinds of strategies • Mixed strategy: Execute inspection strategy Ai on fraction xi of people • Layered strategy: Execute strategy A for everyone; then strategy B on those who test positive and strategy C on those who test negative • Distributed strategy: Split the current queue for strategy A into a k-multiserver queue for strategy A • Randomization strategy: if you can’t inspect everyone.
Testing Layered Defense Ideas at NFL Stadiums • Model for inspection: • For layered strategies: • Have developed an algorithm for finding the convex hull of “dominating strategies that: • Satisfy some conditions such as maximize detection rate and minimize false alarm rate and monetary cost • subject to constraints on maximum cost and minimum throughput. • Algorithm runs in a few seconds if maximum 2 layers, takes 30 minutes for 3 layers.
Testing Layered Defense Ideas at NFL Stadiums • In practice: Looking at three types of inspection: • Wanding • Pat-down • Bag inspection • Observing stadium inspections and gathering data about each type of inspection, in particular length of time it takes. • Data shows major differences depending on inspector, time before kickoff, etc.
Testing Layered Defense Ideas at NFL Stadiums • Working with NFL stadiums wanding
Testing Layered Defense Ideas at NFL Stadiums • Also looking at doing ticket scans first – as an extra layer of inspection wanding