Download Заголовок слайда отсутствует

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
Document related concepts
no text concepts found
Transcript 
Agent and Data Mining Research
in Laboratory of Intelligent Systems
(St. Petersburg Institute for Informatics and Automation)
Vladimir Gorodetsky
Head of Laboratory of Intelligent Systems
http://space.iias.spb.su/ai/
[email protected]
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Contents
1. Structure of the research and developments of the
Intelligent System Laboratory
2. Multi-Agent System Development Kit (MASDK): A software
tool supporting MAS application technology
3. Agent-based distributed data mining and machine learning
4. International collaboration
5. Russian Grant and projects
6. Relevant publications
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Laboratory stuff
• 11 researchers including
• Ph.D. -- 3
• Research analysts and programmers – 4
• Ph.D. students -- 4
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
1. Structure of the Research and Developments of the
Intelligent System Laboratory
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Types of the Research of IS Laboratory
Fundamental research:




Machine learning, distributed data mining and decision making
Resource constraint project planning and scheduling
Protocols for distributed data mining and decision making
Agent-based simulation
Technology and software tools
 Technology and software tool for multi-agent application design,
implementation and deployment
 Agent-based technology for distributed data mining and decision making
system
 Technology for resource constraint project planning and scheduling
 Software tool kit for machine learning
Multi-agent applications (software prototyping)





Intrusion detection,
Design process planning, scheduling and management,
Image processing,
Airspace deconfliction,
Transportation logistics, etc.
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Research Structure
RoboCup
(2004 World winner in
Simulation league)
Multi-agent technology
and MASDK software tool
Problem-oriented multi-agent
technology
Distributed
Data mining & machine
learning tool kit
P2P agent-based serviceoriented networks (NEW)
data mining and
decision making
infrastructure
Computer
Information fusion for Project planning
Network security situation assessment and scheduling
Learning of
Intrusion
detection
Intrusion
detection
Simulation of distributed attacks
against computer network
V. Gorodetsky
Knowledgebased project
planning and
scheduling
Image
processing
Transportation
logistics
Airspace
deconfliction (P2P
decision making)
Agent-based
simulation
IADM-06, Discussion, Hong Kong, December 18, 2006
2. Multi-Agent System Development Kit: A Software
Tool Supporting MAS Application Technology
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
General Description of MASDK: Multi-Agent System
Development Kit
System Core
Host
Applied
system
specification
in XML
Integrated
editor
system
Software
agent
builder
Host
Agent
Agent
Agent
Agent
Agent
Agent
Portal
Portal
Generic
agent
Communication
platform
Multi Agent System Development Kit
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
3. Agent-based Distributed Data Mining and
Machine Learning
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Agent-based (Mediated) Distributed Learning Infrastructure
Data Source
KE
Sensor
Meta-level KE
(manager)
Data
Source
Host 1
Data
Source
KE
Data Source
KE
Communication
Host 2
User interface
Meta-level infrastructure
component
Data
Source
Platform
Sensor
Host k
Host 3
Interaction
Protocols
Sensor
Data
Source
Data
Source
KE
Data
Source
Sensor
Distributed Learning Infrastructure=source host-based components + metalevel component+ interaction protocols + communication platform +user
interfaces (not the machine learning algorithms!)
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Example of Application: Distributed Learning of
Intrusion Detection (Hierarchical Architecture)
NETWORL TRAFFIC
Preprocessing procedures
Data Source 1
Data Source 2
Data Source 3
Data Source 4
Data Source 5
Source-based
classifiers
Source-based Source-based
 classifiers
classifiers
Source-based
classifiers
Source-based
classifiers
Decision
stream 1
Decision
stream 2
Decision
stream 3
Decision
stream 4
Decision
stream 5
Input: composition of asynchronous data streams
Two-level meta-classification
Output:
V. Gorodetsky
Computer security status:
{Normal or attack of a class}
IADM-06, Discussion, Hong Kong, December 18, 2006
International Collaboration (Projects)
•
•
•
•
•
•
•
•
US Air Force Research Laboratory - European Office of Aerospace Research
and Development--8 year collaboration since 1998, 5 projects successfully
completed, 1 - in progress until August 2007, new one is discussed)
FP4, FP5, FP6: “AgentLink: Coordination Action for Agent-based Computing”,
FP6 FET Project: “POSITIF” – “Formal specification and verification of
computer network security policy”,
FP5 KDNet NoE: “Data Mining and Knowledge Discovery”,
FP6 KDUbiq NoE: “Knowledge Discovery for Ubiquitous Computing” (WG2
member)
Cadence Design System Ltd. (USA, German Research office) – “Multi-agent
system for design activity support in microelectronics” (2004-2006)
INTEL (USA)–”Preprocessing algorithms for intrusion detection” (2004-2005)
Fraunhofer First Institute, BMBF (Germany) – MIND–”Machine Learning in
Intrusion Detection System” (2004-2006)
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Grants and Projects: Russia
Grants of Russian Foundation for Basic Research:
• Multi-agent technology for distributed learning and decision
making (2004-2006);
Projects from Department of Information Technology and
Computer Systems of the Russian Academy of Sciences:
• Agent-based stochastic modeling and simulation of adversarial
competition of teams in the Internet environment (2003-2005);
• Mathematical models of active audit of computer network
vulnerabilities, intrusion detection and response: Multi-agent
approach (2003-2005);
• Multi-agent technology and software tool (2004-2006)
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
International Conferences etc. Organized by IS
Laboratory
1-4. Mathematical methods, model and architectures for computer network
security (MMM-ACNS): 2001, 2003, 2005 (Proceedings in LNCS of
Springer, vol. 2952, 2776, 3685), MMM-ACNS-2007 will be held in
September of 2007 (St. Petersburg, Russia).
5. International Workshop of Central and Eastern Europe on Multi-agent
Systems (CEEMAS): 1999.
6-7. International Workshop on Autonomous Intelligent Systems: Agents and
Data Mining (AIS-ADM): June 2005 (Proceedings in LNAI of Springer,
vol.3505), AIS-ADM-2007 will be held in June of 2007 (St. Petersburg,
Russia).
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Distributed Data Mining and Decision Making – related
Publications
V.Gorodetsky, O.Karsaev and V.Samoilov. On-Line Update of Situation Assessment:
Generic Approach. In International Journal of Knowledge-Based & Intelligent
Engineering Systems. IOS Press, Netherlands, 2005,
V.Samoylov, V.Gorodetsky. Ontology Issue in Multi–Agent Distributed Learning. In
V.Gorodetsky, J.Liu, V. Skormin (Eds.). Autonomous Intelligent Systems: Agents
and Data Mining. Lecture Notes in Artificial Intelligence, vol. 3505, 2005, 215-230.
O.Karsaev. Technology of Agent-Based Decision Making System Development. In
V.Gorodetsky, J.Liu, V. Skormin (Eds.). Autonomous Intelligent Systems: Agents
and Data Mining. Lecture Notes in Artificial Intelligence, vol. 3505, 2005, 107-121.
V.Gorodetsky, O.Karsaev and V.Samoilov. Direct Mining of Rules from Data with
Missing Values. Studies in Computational Intelligence, Volume 6, Chapter in book
T.Y.Lin, S.Ohsuga, C.J. Liau, X.T.Hu, S.Tsumoto (Eds.). Foundation of Data Mining
and Knowledge Discovery, Springer, 2005, 233-264
V.Gorodetsky, O.Karsaev, V.Samoylov, A.Ulanov. Asynchronous Alert Correlation in
Multi-Agent Intrusion Detection Systems, Lecture Notes in Computer Science,
Vol.3685, Springer, 2005, 366-379
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Distributed Data Mining and Decision Making – related
Publications
V.Gorodetsky, O.Karsaev, V.Samoilov, and A.Ulanov. Multi-Agent Framework for
Intrusion Detection and Alert Correlation. NATO ARW Workshop "Security of
Embedded Systems", Patras, Greece, August 22-26, 2005. In Proceedings of the
Workshop, IOS Press, 2005.
V.Gorodetsky, O.Karsaev, and V.Samoilov. On-Line Update of Situation Assessment
Based on Asynchronous Data Streams. In M.Negoita, R.Howlett, L.Jain (Eds.)
Knowledge-Based Intelligent Information and Engineering Systems, Lecture Notes
in Artificial Intelligence, vol. 3213, Springer Verlag, 2004, pp.1136–1142 (Received
The Best Paper Award)
V.Gorodetsky, O.Karsaev, V.Samoilov. Multi-agent and Data Mining Technologies for
Situation Assessment in Security Related Application. In B.Dunin-Keplicz, A.
Jankovski, A.Skowron, M.Szczuka (Eds.) Monitoring, Security, and Rescue
Techniques in Multi-agent Systems. Series of books Advances in Soft Computing,
Springer, 2004, 411-422.
V.Gorodetsky, O.Karsaev, I.Kotenko, and V.Samoilov. Multi-Agent Information Fusion:
Methodology, Architecture and Software Tool for Learning of Object and Situation
Assessment. International Conference "Fusion-04", Stockholm, 2004, pp. 346–353
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Distributed Data Mining and Decision making – related
Publications
V.Gorodetsky, O.Karsaev, and V.Samoilov. Distributed Learning of Information Fusion:
A Multi-agent Approach. Proceedings of the International Conference "Fusion 03",
Cairns, Australia, July 2003, 318–325.
V.Gorodetsky, O.Karsaeyv, and V.Samoilov. Multi-agent Technology for Distributed
Data Mining and Classification. Proceedings of the IEEE Conference Intelligent
Agent Technology (IAT03), Halifax, Canada, October 2003, 438–441.
V.Gorodetsky, O.Karsaev, and V.Samoilov. Software Tool for Agent-Based Distributed
Data Mining. Proceedings of the IEEE Conference Knowledge Intensive Multiagent Systems (KIMAS 03), Boston, USA, October 2003, 710–715,
etc.
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Contact data
For more information and related publications please contact
E-mail: [email protected]
http://space.iias.spb.su/ai/gorodetsky
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Future Research and Development in Agent and
Data Mining Area
Vladimir Gorodetsky
Head of Laboratory of Intelligent Systems
http://space.iias.spb.su/ai/
[email protected]
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Focus of the Laboratory Current and Forthcoming
Research Projects
The main idea: From hierarchical agent-based distributed
decision making to P2P (serverless) ad-hoc agent-based
service-oriented decision making networks
1. Algorithms for P2P rule extraction from distributed data
sources with overlapping attributes -- DDM area.
2. P2P Agent platform –Agent area (now it is subject of
activity of FIPA Nomadic Agent Working Group).
3. Software tool kit supporting agent-based P2P rule extraction
from distributed data sources – integrated area
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Example: Hierarchical Architecture of Distributed
Decision Making for Intrusion Detection Task
NETWORL TRAFFIC
Preprocessing procedures
Data Source 1
Data Source 2
Data Source 3
Data Source 4
Data Source 5
Source-based
classifiers
Source-based Source-based
 classifiers
classifiers
Source-based
classifiers
Source-based
classifiers
Decision
stream 1
Decision
stream 2
Decision
stream 3
Decision
stream 4
Decision
stream 5
Input: composition of asynchronous data streams
Two-level meta-classification
Output:
V. Gorodetsky
Computer security status:
{Normal or attack of a class}
IADM-06, Discussion, Hong Kong, December 18, 2006
Hierarchical Architecture: Multi-Agent IDS Intended for
Heterogeneous Alert Correlation
Heterogeneous alerts
notify about various
classes of attacks,
either DoS, or Probe,
or U2R
Classifiers :
Attack class – data source
1 DoS –connection-based data
2 R2U –time window-based data -1
3 Prob – time window-based data -1
4 R2U – time window-based data -1
5 Prob –connection window data-1
6 Prob – connection-based data
7 R2U – connection-based data
8 DoS – time window-based data -2
9 R2U –time window-based data -2
Preprocessing procedures
NETWORK TRAFFIC
V. Gorodetsky
10 DoS – time window-based data -2
IADM-06, Discussion, Hong Kong, December 18, 2006
P2P Architecture of Distributed Decision Making for
Intrusion Detection Task:
P2P classifiers
UI
Data sources
6
7
1
5
2
3
10
8
9
4
Example : Serverless (P2P) network for intrusion detection (no metaclassifiers). Each agent detecting an alert acts as combiner of decisions
provided by other agents (“service providers”) on its request
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Ground Object Recognition Based on Infra Red
Images Produced by Airborne Equipment
Infra red data preprocessing and their
transformation into feature spaces
Object models
Scale Invariant Feature
(set of features)
Transform (SIFT)
2D Views
Object recognition components
of the agent-based software
Recognized
object
SIFT 1
SIFT 2
Wavelet Transform (WT)
WT 1
WT 2
Structural Description (SD)
SD 1
SD 2
Model 1
Classifier 1
Meta-agent
Model 2
Classifier 2
Model 3
Classifier 3
Model 16
Classifier 16
…
Decision
combining
…
Agent-classifiers
Objects’ models
The Task: On-line automatic recognition of ground objects based on infra-red
images perceived by airborne surveillance system.
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Ground Object Recognition: Structure of Decision
Making and Decision Combining
Meta-classifier combining decision of
particular meta-classifiers
Recognized objects
Combined decision of the classifiers
trained to detect the object class 1
2-SIFT-based
Object of class 1
- right
3-SIFT-based
Object of class 1
- right
Combined decision of the classifiers
trained to detect the object class 3
2–SIFT-based
Object of class 3
- front
2–SIFT-based
Object of class 3
- right
2–SIFT-based
Object of class 3
- back
V. Gorodetsky
3–SIFT-based
Object of class
3 - front
3–SIFT-based
Object of class
3 - right
3–SIFT-based
Object of class 3
- back
Combined decision of the classifiers
trained to detect the object class M60
2–SIFT-based
Object of class 2 -left
3–SIFT-based
Object of class 2 -left
2–SIFT-based
Object of class 2 -right
3–SIFT-based
Object of class 2-right
Combined decision of the classifiers trained
to detect the object class 4
2–SIFT-based
Object of class 4 -front
2–SIFT-based
Object of class 4 –l eft
3–SIFT-based
Object of class 4 -front
3–SIFT-based
Object of class 4 -left
IADM-06, Discussion, Hong Kong, December 18, 2006
Agent-based P2P Classification Network Implementing
Ground Object Recognition System
Classifiers
detecting the
objects of
class 1
4
9
8
Agent providing user interface
7
4
UI
3
10
15
25
5
11
16
24
9
20
14
8
6
18
19
21
13
22
23
12
V. Gorodetsky
17
1
Classifiers
detecting the
objects of
class 2
24
3
17
25
20
11
Classifiers
detecting the
objects of
class 3
21
23
10
18
19
15
Classifiers
detecting the
objects of
class 4
12
5
13
6
1
22
14
7
16
IADM-06, Discussion, Hong Kong, December 18, 2006
Software Prototype of Agent-based Service- oriented P2P
Classification Network for Ground Object Recognition
The main window of the user interface of the P2P classification
network for ground object recognition
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Architecture of Agent-based Service-oriented P2P
Network
Agent 1-1
Agent 1-2
…
Agent 1-k
Agent 1-1
…
P2P agent platform
Existing P2P networking
middleware
Agent 1-2
…
Agent 1-k
P2P agent platform
Existing P2P networking
middleware
PEER 1
PEER 1
Network Transport
General requirements to P2P agent platform architecture are formulated in the
document of Nomadic Agent Working Group (NAWG) of FIPA. Our expected
contribution is a version of its implementation and verification (via software
prototyping on the basis of particular classification networks).
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Architecture of a Peer of Agent-based Serviceoriented P2P Network
Agent 1-1
Agent 1-2
Agent 1-k
…
OnReceive
Handler
OnReceive
Handler
OnReceive
Handler
Existing P2P
networking
middleware
OnReceive
OnReceive
Handler
Handler
Routing Book
Interface
AMS
(dll, Agent)
Agent book
Search Results
Interface
Yellow Pages
(dll, Agent)
Service book
Search Results
Transport
System
(TCP/IP)
(UDP)
…
interface
Message history
Peer Address
book
Message Transport
System Interface
PEER : P2P Agent Platform instance
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Hot Problems
1. Development of P2P agent platform decoupling peers and
applications
and
supporting
open
service–oriented
architectures, self–optimization of the network structure
through on-line learning. Although the last problem is currently
the subject of the intensive research in the networking scope,
for agent-based architecture it will require specific efforts.
2. Combining of decisions produced by P2P agents within
distributed heterogeneous environment. A peculiarity of this
task is that in each particular case, the classifications incoming
from the peers may be very diverse in the sense that different
peers may be involved in service provision. That is why,
distributed learning of decision combing that is a challenging
task of P2P data mining and ubiquitous computing should be
an important component of the technology in question.
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Contact data
For more information and related publications please contact
E-mail: [email protected]
http://space.iias.spb.su/ai/gorodetsky
V. Gorodetsky
IADM-06, Discussion, Hong Kong, December 18, 2006
Related documents