Welcome to Xiaohui Cui's page

Home

Research

Publications

Resume

Links

I am a research scientist in the field of Artificial Intelligence. My research focuses on developing algorithms featured with robust Collective Intelligence or Swarm Intelligence, and applying these algorithms in multiple national crucial applications, including mobile sensor network for hazardous emission materials localization, terrorist threat-vulnerability analysis, collaborative multiple robots exploring and Malicious insider detection in a cyber system. Currently I am working as a postdoctoral research scientist on a Department of Homeland Security (DHS) supported-research program project in the Computational Sciences and Engineering Division at Oak Ridge National Laboratory, with the major focus on the Multi-agent System and Swarm Intelligence.

 

Multi-agent Systems have been widely used to solve complex and multi-dimensional spatial-temporal distributed problems in uncertain environments. Swarm Intelligence is a new area in the Artificial Intelligence field. It is inspired from the fact that swarms of simple biological or artificial organisms can exhibit rich emergent behaviors without centralized control or global communication. Behaviors of social insects in particular provide us with a powerful metaphor for designing collectively intelligent systems comprised of numerous agents. I started the Swarm Intelligence research from 2002 as part of my PhD dissertation research. My research results indicate that merging the swarm intelligence and multi-agent system solution, using large amount of simple agents to emerge complex collective intelligence, can be used to solve complex problems that can not be solved using traditional cooperative multi-agent systems.

 

If you are interest in my research works in University of Louisville (2001 – 2004), press here.

 

Current research works

 

1.     DHS advanced scientific computing

 

Currently, I am one of the postdoctoral research scientists in the advanced scientific computing (ASC) project, which is supported by DHS. The mission of the ASC program is to develop enabling computational science and mathematics technologies for deployment in next-generation homeland security applications. My current research in the ASC project is developing scalable algorithms and software for information management and knowledge discovery to support terrorist threat identification and threat-vulnerability linkage analysis. With the increasing information collective ability of the U. S. intelligence community, an unmanageable amount of intelligence related information is consequently collected from different sources in different formats. This information is critical for analyzing threat-vulnerability and assessing potential terrorist threat scenarios. However, lack of an automated information analysis and knowledge discovery system, which allows fast and effective retrieval, analysis, and fusion of information severely, weakens the effectiveness and efficiency of managing the available information for decision making and threat analyzing. Currently, fusion of such information has to be performed by experienced human analysts. As a result, much of the staggering collection of information is not utilized or significantly underutilized.

 

          The flock based clustering algorithm demo.

 

 

2.     Malicious Insider Threat Detection

 

Cyber attack took Billions toll on the United States economy. A malicious insider (MI) is someone who is a valid user on a cyber system but decides, for whatever reason, to perform unauthorized acts to the system. MI poses the greatest threat to national security as well as enterprise interests. The 2003 FBI survey of 643 organizations indicates the average loss of each MI attack is $1.8M. DHS has list “insider access detection and prevention” as one of the homeland security impact.

Insider attacks are more difficult to detect because any user of the cyber system may potentially launch an attack. Existing real-time information security technologies such as firewalls or Intrusion Detection Systems cannot provide adequate defenses against sophisticate insider threats and attack. RAND Company 2005 MI survey indicates: currently, “effective mechanisms to detect insider attack do not exist”. A research report released by DOD indicates that “opportunities and motivations for espionage by cleared "insiders" are steadily increasing”. Our current work is developing a novel swarm-based approach for malicious insider threat detection in a cyber system.

In this research, we transfer detection of insider threat and sophisticate attack into knowledge discovery from high dimensional time serial data stream. The enormous behavior discovery algorithm is used to solve the challenge for knowledge discovery in cyber attack data streams. To facilitate early and accurate MI detection, it requires the ability to uncover the relationships, changing trends, and cyclic behaviors that are hidden within the data streams. A technique that can quickly transform time serial data streams into a large number of animated agents to represent the evolving trend of the data stream is developing. The MI detection system will efficiently help security officer detect anomaly behaviors of MI in the high dimensional time dependent state spaces. Furthermore, by combining mission-impact analysis with time-based representations, this novel system will be able to quickly and effectively predict the attack target computer and network to respond to system security threats.