Thomas H. Hinke

Using association rules as texture features

A new type of texture feature based on association rules is proposed in this paper. Association rules have been used in applications such as market basket analysis to capture relationships present among items in large data sets. It is shown that association rules can be adapted to capture frequently occurring local structures in images. Association rules capture both structural and statistical information, and automatically identifies the structures that occur most frequently and relationships that have significant discriminative power. Methods for classification and segmentation of textured images using association rules as texture features are described. Simulation results using images consisting of man made and natural textures show that association rule features perform well compared to other widely used texture features. It is shown that association rule features can distinguish texture pairs with identical first, second, and third order statistics, and texture pairs that are not easily discriminable visually.

Wizard: a database inference analysis and detection system

The database inference problem is a well-known problem in database security and information system security in general. In order to prevent an adversary from inferring classified information from combinations of unclassified information, a database inference analyst must be able to detect and prevent possible inferences. Detecting database inference problems at database design time provides great power in reducing problems over the lifetime of a database. We have developed and constructed a system called Wizard to analyze databases for their inference problems. The system takes as input a database schema, its constituent instances (if available) and additional human-supplied domain information, and provides a set of associations between entities and/or activities that can be grouped by their potential severity of inference vulnerability. A knowledge acquisition process called microanalysis permits semantic knowledge of a database to be incorporated into the analysis using conceptual graphs. These graphs are then analyzed with respect to inference-relevant domains we call facets using tools we have developed. We can determine inference problems within single facets as well as some inference problems between two or more facets. The architecture of the system is meant to be general so that further refinements of inference information subdomains can be easily incorporated into the system.

Refereed paper: Protecting databases from inference attacks

This paper presents a model of database inference and a taxonomy of inference detection approaches. The Merlin inference detection system is presented as an example of an automated inference analysis tool that can assess inference vulnerabilities using the schema of a relational database. A manual inference penetration approach is then offered as a means of detecting inferences that involve instances of data or characteristics of groups of instances. These two approaches are offered as practical approaches that can be applied today to address the database inference problem. The final section discusses future directions in database inference research.

A Fast Algorithm for Detecting Second Paths in Database Inference Analysis

This paper presents an approach for detecting potential second-path inference problems in a way that is significantly faster than previous approaches. The algorithm uses a relational database schema and functional dependencies to detect the potential for second-path inferences. The second-path inference problem involves the ability to infer higher classified data from lower classified data within a relational database system using joins. In previous research, this type of inference vulnerability was detected by actually finding a path. The approach presented in this paper does not find the path, but detects the existence of a path by adapting a well known algorithm used in database design to test a relational decomposition for the lossless join property. The original lossless join algorithm has been extended to include subtypes. The paper compares the performance of the new algorithm with that of a conventional path-finding algorithm and shows that the new algorithm is 10 to 14 times faster than the path-finding approach using schemas that range from 33 to 48 relations. The final contribution of the paper is the presentation of an algorithm for automatically classifying the discovered paths into various groups, based on their potential for indicating a significant potential security vulnerability.

Image segmentation using association rule features

A new type of texture feature based on association rules is described. Association rules have been used in applications such as market basket analysis to capture relationships present among items in large data sets. It is shown that association rules can be adapted to capture frequently occurring local structures in images. The frequency of occurrence of these structures can be used to characterize texture. Methods for segmentation of textured images based on association rule features are described. Simulation results using images consisting of man made and natural textures show that association rule features perform well compared to other widely used texture features. Association rule features are used to detect cumulus cloud fields in GOES satellite images and are found to achieve higher accuracy than other statistical texture features for this problem.

Techniques and Experience in Mining RemotelySensed Satellite Data

The paper presents a set of requirements for a datamining system for mining remotely sensed satellitedata based on a number of taxonomies that characterizemining of such data. The first of these taxonomies isbased on knowledge of the mining objectives and miningalgorithms. The second is based on variousrelationships that are found in data, including thosebetween different types of data, different spatiallocations of the data and different times of datacapture. The paper then describes the ADaM data miningsystem, which was developed to address theserequirements. The paper describes several data miningtechniques that have been applied to remotely senseddata. The first type is target independent mining,which mines data for transients and trends, with minedresults representing a highly concentrated form of theoriginal data. The second type is the mining ofvectors (representing multi-spectral or fused data)for association rules representing relationshipsbetween the various types of data represented by theelements of the vector. The third type mines data forassociation rules that characterize the texture of thedata.

Security and Data Mining

Database mining can be defined as the process of mining for implicit, previously unknown, and potentially useful information from very large databases by efficient knowledge discovery techniques. Naturally such a process may open up new inference channels, detect new intrusion patterns, and raises new security problems. New security concern and research problems are addressed and identified. Finally a particularly well developed theory, rough set theory, is discussed and some potential applications to security problems are illustrated.

A framework for inference-directed data mining

This paper presents a second-path inference-detection approach based on association cardinalities.*It is applicable to the detection of second paths that do not involve functional dependencies or foreign keys. It provides for an analysis sieve that begins with the analysis of an object model of the database. The goal of the analysis is to detect cases in the database in which a small number of values in the target entity can be associated with a single value in the anchor entity. The number of values is called the association cardinality from anchor to target. Inference vulnerabilities occur for cases of small association cardinalities. The analysis sieve processes the data model of the database to detect cases of small association cardinality. For cases with high cardinality associations, the sieve mines the database to detect cases of small instance-level association cardinalities.

AERIE: Database Inference Modeling and Detection Using Conceptual Graphs

Secure databases are ones in which classified information is protected from access by unauthorized persons. Although the information itself may be secure from direct access, data within the database may be combined along with external data to permit classified data to be inferred. This problem, called the database inference problem, can be addressed by analyzing a database and its design. An inference detection model based on conceptual graphs is introduced, and explained in terms of different kinds of inference that may be performed. An automated inference analysis tool (IAT) is introduced and its overall architecture described.

For scientific data discovery: why can't the archive be more like the Web?

The paper addresses the problem of acquiring from scientific data, metadata that is descriptive of the actual content of the data. Scientists can use this content based metadata in subsequent archive searches to find data sets of interest. Such metadata would be especially useful in large scientific archives such as NASAs Earth Observing System Data and Information System (EOSDIS). The paper presents two generic approaches for content based metadata acquisition: target dependent and target independent. Both of these approaches are oriented toward characterizing datasets in terms of the scientific phenomena, such as mesoscale convective systems (severe storms) that they contain. In the target dependent approach, the archived data is mined for particular phenomena of interest and polygons representing the phenomena are stored in a spatial database where they can be used in the data search process. In the target independent approach, data is initially mined for deviations from normal and for trends. This data can then be used for subsequent searches for particular transient phenomena using the deviation data, or for phenomena related to trends. The paper describes results from implementing both of these approaches.