|The MAITA Project|
Monitoring, analysis, and interpretation (MAI) tasks constitute central elements of many important applications. These tasks vary in scope from narrow process-control monitoring, which require attending only to a fixed set of observable conditions, to national security intelligence analysis, which must attend to a broad range of observations, information, and actionable conditions that cannot be enumerated beforehand.
Although commercial knowledge-based system (KBS) technology has proven successful for the narrower process-control tasks, current technology does not support very well the broader, open-ended monitoring and interpretation processes. New information regularly leads analysts to attend to new classes of information and new potential threats, but current KBS technology depends on small groups of system developers hand-crafting carefully circumscribed knowledge bases, and does not permit distributed communities of users, even those highly knowledgable in the domain, to exploit separately-developed large-scale knowledge bases or to add new analysis knowledge and methods to these knowledge bases in many small increments.
The Monitoring, Analysis, and Interpretation Tool Arsenal (MAITA) Project seeks to build on existing and under-development tools for rapid, distributed (web-mediated) construction of ontologies and knowledge bases to develop tools that, in the hands of system developers, will enable rapid construction of knowledge-based MAI systems, and in the hands of communities of users, will enable ready extension of such systems to cover new knowledge and methods.
To date, the MAITA Project has explored construction of monitoring systems for intensive care units, battlefield movements, and computer security.
- MAITA and Monitoring
- Jon Doyle, Isaac Kohane, William Long, and Peter Szolovits, "High-Performance Knowledge Base Support for Monitoring, Analysis, and Interpretation Tasks", December 4, 1996. HTML (89KB), PostScript (273KB), or PDF (125KB).
- Jon Doyle, Isaac Kohane, William Long, and Peter Szolovits, "The Architecture of MAITA: A Tool For Monitoring, Analysis, and Interpretation", September 21, 1999. PDF (240KB), PostScript (729KB).
- William Long, Jon Doyle, Glenn Burke, and Peter Szolovits, "Detection of Intrusion Across Multiple Sensors", April 23, 2003. PostScript (545KB), Doc (198KB).
- William Long, "Real-Time Trend Detection Using Segmental Linear Regression", draft of April 2004. PostScript (103KB), PDF (106KB).
- Computer Security
- Jon Doyle, Isaac Kohane, William J. Long, and Peter Szolovits, "Adaptive Knowledge-Based Monitoring for Information Assurance", October 30, 1998. HTML (107KB), PostScript (461KB), or PDF (138KB).
- Howard Shrobe, Jon Doyle, and Peter Szolovits, "Active Trust Management for Autonomous Adaptive Survivable Systems", January 13, 1999, revised January 2000. PostScript (1434KB), or PDF (158KB).
- Peter Szolovits, "Detectors should be characterized by likelihood ratios, not posterior probabilities, June 18, 1999, revised February 1, 2000. PDF (50KB).
- Jon Doyle, "CC2 Ontology Notes", September 10, 1999. HTML (15KB).
- Jon Doyle, "Some Representational Limitations of the Common Intrusion Specification Language", October 26, 1999, revised November 5, 1999. Text (21KB), PostScript (227KB), or PDF (43KB).
- Jon Doyle, Howard Shrobe, and Peter Szolovits, "On widening the scope of attack recognition languages", July 13, 2000. Text (19KB), PostScript (185KB), or PDF (40KB).
- Jon Doyle, Isaac Kohane, William Long, Howard Shrobe, and Peter Szolovits, "Agile Monitoring for Cyber Defense", Second DARPA Information Survivability Conference and Exposition (DISCEX-II), Anaheim, California, June 12-14, 2001. PostScript (7.3MB) or PDF (200KB).
- Jon Doyle, Isaac Kohane, William Long, Howard Shrobe, and Peter Szolovits, "Event recognition beyond signature and anomaly", Second IEEE-SMC Information Assurance Workshop, West Point, New York, June 5-6, 2001. PostScript (172KB) or PDF (111KB).
- Battlefield Movement Analysis
- Jon Doyle, "HPKB Movement Analysis Ontology", February 12, 1998. HTML.
- Paul Cohen, Robert Schrag, Eric Jones, Adam Pease, Albert Lin, Barbara Starr, David Gunning, and Murray Burke, "The DARPA High-Performance Knowledge Bases Project", AI Magazine, Vol. 19, No. 4 (Winter 1998). PDF (250KB).
- Christine L. Tsien, "TrendFinder: Automated Detection of Alarmable Trends, MIT Ph.D. dissertation, April 28, 2000.
- Mary T. DeSouza, "Automated Medical Trend Detection", MIT M.Eng. thesis, May 22, 2000.
- CC2 Final Report
- Funding for the project from the DARPA CC2 project ended in May 2002. We prepared a summary report of our activities.
Principal Investigators Howard Shrobe email@example.com Peter Szolovits firstname.lastname@example.org
Research Faculty / Jon Doyle email@example.com Affiliates Hamish S. F. Fraser firstname.lastname@example.org Isaac Kohane email@example.com William Long firstname.lastname@example.org Mojdeh Mohtashemi email@example.com
Graduate Students Michael McGeachie firstname.lastname@example.org Delin Shen email@example.com Ying Zhang firstname.lastname@example.org
Programmer Doug Dodds email@example.com
Alumni Cungen Cao Mary T. DeSouza firstname.lastname@example.org Philip Greenspun Andrew Nakrin email@example.com Christine Tsien firstname.lastname@example.org Ruben Brown email@example.com Joe Hastings Stephen Bull Patrick Cody
The MAITA project was initiated with the sponsorship of DARPA through its High Performance Knowledge Bases program (grant F30602-97-1-0193). It continues with support from DARPA's Cyber Command and Control (CC2) program (grant F30602-99-1-0509).