Steven A. Harp

Learn More
We report on the results of applying classical planning techniques to the problem of analyzing computer network vulnerabilities. Specifically, we are concerned with the generation of Adversary Courses of Action, which are extended sequences of exploits leading from some initial state to an attacker’s goal. In this application, we have demonstrated the(More)
We present a general and systematic method for neural network design based on the genetic algorithm. The technique works in conjunction with network learning rules, addressing aspects of the network's gross architecture, connectivity, and learning rule parameters. Networks can be optimiled for various applicationspecific criteria, such as learning speed,(More)
A limiting factor for the application of IDA methods in many domains is the incompleteness of data repositories. Many records have fields that are not filled in, especially, when data entry is manual. In addition, a significant fraction of the entries can be erroneous and there may be no alternative but to discard these records. But every cell in a database(More)
This paper describes the SCYLLARUS approach to fusing reports from multiple intrusion detection systems (IDSes) to provide an overall approach to intrusion situation awareness. The overall view provided by SCYLLARUS centers around the site’s security goals, aggregating large numbers of individual IDS reports based on their impact The overall view reduces(More)
A serious problem in mining industrial data bases is that they are often incomplete, and a significant amount of data is missing, or erroneously entered. This paper explores the use of machine-learning based alternatives to standard statistical data completion (data imputation) methods, for dealing with missing data. We have approached the data completion(More)
In this project, w e dev eloped a technique for extracting useful information from databases that contain both xedformat and free-text elds. The present state of the art in data mining is a schism betw een tec hniques that handle only xed-format data (pattern recognition, classi cation algorithms from machine learning), and techniques designed for free-form(More)
In this paper, we present an approach to detecting novel cyber attacks though a form of program diversification, similar to the use of n-version programming for fault tolerant systems. Building on extensive previous and ongoing work by others on the use of code clones in a wide variety of areas, our Functionally Equivalent Variants using Information(More)