John F. Buford

A Framework of Cognitive Situation Modeling and Recognition

This paper scopes the issues of situation management in dynamic systems, defines the basic concepts, and identifies several key enabling technologies. Particular focus of the paper is given to situation modeling. The paper reviews the major aspects of situation modeling and discusses associated technologies, including situation calculus, situation semantics, situation control, situation awareness and others. In more detail, we present an approach to situation modeling and management which is based on combining multi-agent systems and event correlation

Extending BDI Multi-Agent Systems with Situation Management

We extend the BDI (belief desire, intention) agent model by enabling agent beliefs to be based on real-time situations that are generated by a situation management (SM) system. This has several advantages for multi-agent systems using BDI agents. First, because of the use of event correlation and data fusion techniques in situation management, agent platforms can support highly reactive distributed applications. Second, the situation manager provides a semantically rich representation of the world and can dynamically adapt its representation for situations over time. From the system architecture perspective, we discuss several alternatives for how existing BDI-capable agent platforms can incorporate this extension. These alternatives range from complete SM functionality in each agent to having shared SM functionality among multiple agents. We also consider environments where different agent platforms use our situation-based BDI (SBBDI) agent method and must interoperate. We include an example of an SBBDI agent system for homeland security threat assessment

Inferring threats in urban environments with uncertain and approximate data: an agent-based approach

Abstract In this article we discuss the problem of inferring threats in an urban environment, where the knowledge of the environment involves multiple types of intelligence and infrastructure data, and is by nature uncertain or approximate. We use a collection of situation-aware agents to infer potential threats in such environments, where agents are responsible for event correlation and situation assessment. We review the weaknesses of a current approach to threat assessment in Homeland Security and then describe our agent-based approach. The key innovations of our agent-based approach are: an ontological commitment to events and situations, fuzzy event correlation, fuzzy situation assessment, adaptability and learning during threat assessment operations, and an enhancement of traditional belief-desire-intention (BDI) agents with situation awareness. We describe the properties of situation-aware BDI agents and discuss the implementation of them on a variety of BDI agent platforms. Lastly, we discuss the interoperability of these platforms and address the issue of scalability through coupling to large-scale peer-to-peer overlays.

Enabling cyber situation awareness, impact assessment, and situation projection

In the paper we focus on (i) an assessment of impact on missions or business processes resulting from cyber attacks and (ii) the subsequent projection of further possible attacks and corresponding impact assessments. A reference model for impact assessment and situation projection (IASP) is provided, based on which we propose a constraint satisfaction (CS) algorithmic approach for performing IASP. The nodes of a constraint network contain variables with accompanying certainty factors characterizing aspects of missions, services, IT assets, network connections, known vulnerabilities, safeguards, cyber alerts, attack categories, and partial models of complex stepping-stone or island-hopping attacks. Given constraints among these variables, e.g. mission X depends on services Y and Z, the CS algorithm calculates IASP with degree of certainty. We demonstrate the approach on dataset containing audit trails, IDS alerts, and TCP traffic.