Breughel's Landscape with the Fall of Icarus

The MAITA Project

MIT LCS Clinical Decision Making Group

Goals * Papers * Presentations * Software * Personnel * Related Information * Sponsors

Project Goals

Monitoring, analysis, and interpretation (MAI) tasks constitute central elements of many important applications. These tasks vary in scope from narrow process-control monitoring, which require attending only to a fixed set of observable conditions, to national security intelligence analysis, which must attend to a broad range of observations, information, and actionable conditions that cannot be enumerated beforehand.

Although commercial knowledge-based system (KBS) technology has proven successful for the narrower process-control tasks, current technology does not support very well the broader, open-ended monitoring and interpretation processes. New information regularly leads analysts to attend to new classes of information and new potential threats, but current KBS technology depends on small groups of system developers hand-crafting carefully circumscribed knowledge bases, and does not permit distributed communities of users, even those highly knowledgable in the domain, to exploit separately-developed large-scale knowledge bases or to add new analysis knowledge and methods to these knowledge bases in many small increments.

The Monitoring, Analysis, and Interpretation Tool Arsenal (MAITA) Project seeks to build on existing and under-development tools for rapid, distributed (web-mediated) construction of ontologies and knowledge bases to develop tools that, in the hands of system developers, will enable rapid construction of knowledge-based MAI systems, and in the hands of communities of users, will enable ready extension of such systems to cover new knowledge and methods.

To date, the MAITA Project has explored construction of monitoring systems for intensive care units, battlefield movements, and computer security.


MAITA and Monitoring
  1. Jon Doyle, Isaac Kohane, William Long, and Peter Szolovits, "High-Performance Knowledge Base Support for Monitoring, Analysis, and Interpretation Tasks", December 4, 1996. HTML (89KB), PostScript (273KB), or PDF (125KB).
  2. Jon Doyle, Isaac Kohane, William Long, and Peter Szolovits, "The Architecture of MAITA: A Tool For Monitoring, Analysis, and Interpretation", September 21, 1999. PDF (240KB), PostScript (729KB).
  3. William Long, Jon Doyle, Glenn Burke, and Peter Szolovits, "Detection of Intrusion Across Multiple Sensors", April 23, 2003. PostScript (545KB), Doc (198KB).
  4. William Long, "Real-Time Trend Detection Using Segmental Linear Regression", draft of April 2004. PostScript (103KB), PDF (106KB).
Computer Security
  1. Jon Doyle, Isaac Kohane, William J. Long, and Peter Szolovits, "Adaptive Knowledge-Based Monitoring for Information Assurance", October 30, 1998. HTML (107KB), PostScript (461KB), or PDF (138KB).
  2. Howard Shrobe, Jon Doyle, and Peter Szolovits, "Active Trust Management for Autonomous Adaptive Survivable Systems", January 13, 1999, revised January 2000. PostScript (1434KB), or PDF (158KB).
  3. Peter Szolovits, "Detectors should be characterized by likelihood ratios, not posterior probabilities, June 18, 1999, revised February 1, 2000. PDF (50KB).
  4. Jon Doyle, "CC2 Ontology Notes", September 10, 1999. HTML (15KB).
  5. Jon Doyle, "Some Representational Limitations of the Common Intrusion Specification Language", October 26, 1999, revised November 5, 1999. Text (21KB), PostScript (227KB), or PDF (43KB).
  6. Jon Doyle, Howard Shrobe, and Peter Szolovits, "On widening the scope of attack recognition languages", July 13, 2000. Text (19KB), PostScript (185KB), or PDF (40KB).
  7. Jon Doyle, Isaac Kohane, William Long, Howard Shrobe, and Peter Szolovits, "Agile Monitoring for Cyber Defense", Second DARPA Information Survivability Conference and Exposition (DISCEX-II), Anaheim, California, June 12-14, 2001. PostScript (7.3MB) or PDF (200KB).
  8. Jon Doyle, Isaac Kohane, William Long, Howard Shrobe, and Peter Szolovits, "Event recognition beyond signature and anomaly", Second IEEE-SMC Information Assurance Workshop, West Point, New York, June 5-6, 2001. PostScript (172KB) or PDF (111KB).
Battlefield Movement Analysis
  1. Jon Doyle, "HPKB Movement Analysis Ontology", February 12, 1998. HTML.
  2. Paul Cohen, Robert Schrag, Eric Jones, Adam Pease, Albert Lin, Barbara Starr, David Gunning, and Murray Burke, "The DARPA High-Performance Knowledge Bases Project", AI Magazine, Vol. 19, No. 4 (Winter 1998). PDF (250KB).
  1. Christine L. Tsien, "TrendFinder: Automated Detection of Alarmable Trends, MIT Ph.D. dissertation, April 28, 2000.
  2. Mary T. DeSouza, "Automated Medical Trend Detection", MIT M.Eng. thesis, May 22, 2000.
CC2 Final Report
Funding for the project from the DARPA CC2 project ended in May 2002. We prepared a summary report of our activities.



  1. Peter Szolovits, Map-based road computations, May 20, 1998.
    Sources for a Java program that reads maps in the movement analysis challenge problem format and uses an efficient algorithm to find the nearest road link to a given latitude-longitude point (together with its distance to that point). The algorithm uses a KD-tree to compute answers in time logarithmic in the number of nodes in the road network.
  2. Implementation of the MAITA architecture, May 17, 2004.
    Sources and detailed documentation for our implementation of the MAITA architecture are provided here.  Installation instructions are also given.


Principal Investigators Howard Shrobe
Peter Szolovits

Research Faculty / Jon Doyle
Affiliates Hamish S. F. Fraser
  Isaac Kohane
  William Long
Mojdeh Mohtashemi

Graduate Students Michael McGeachie
Delin Shen
Ying Zhang

Programmer Doug Dodds

Alumni Cungen Cao  
Mary T. DeSouza
Philip Greenspun  
Andrew Nakrin
Christine Tsien
  Ruben Brown
  Joe Hastings  
  Stephen Bull  
  Patrick Cody  

Related Information


The MAITA project was initiated with the sponsorship of DARPA through its High Performance Knowledge Bases program (grant F30602-97-1-0193). It continues with support from DARPA's Cyber Command and Control (CC2) program (grant F30602-99-1-0509).

Last modified: 03/15/2002
Fern DeOliveira

Back to Top

CDM Projects