Validating Adaptive Behavior Models of Adversaries for Risk Assessment
Efforts for homeland security face constantly evolving adversary tactics, rapid technological advances and changes in the overall environment. The challenge of preparing for new tactics is a very real risk for homeland security. The use of simple historical data to validate the effectiveness of current and new risk models does not account for unknown or new threats in the evolving security landscape.
Finding a dependable method of validating tactical-level adversary behavior models, which can incorporate changing adversary tactics, techniques and procedures(TTPs), countermeasures and other operational circumstances, would increase substantially the value of existing risk assessment efforts by DHS, especially in highly dynamic environments like that experienced by TSA and CBP.
This project is building a framework for validating various homeland security risk models that are being developed and in use today by using course-of-action red teaming (COART) and comparative experimental analysis. It will compare the results of different types of red teaming with a game theoretic model and historical ground truth. This research will ultimately improve adversary model validation by allowing for validation of models when they simulate novel circumstances not represented by historical data, or when such data are unavailable.
The key objectives of this project include:
- Establishing Distributed, Empirical, Systematic, and Scalable Red Teaming (DESSRT) as a viable, low-cost validation framework for tactical-and operational-level adaptive adversary behavior models within the HSE.
- Providing validated adaptive adversary inputs to improve existing TSA and other risk assessment models / testing procedures.
- Transitioning DESSRT-based frameworks into novel software platforms for conducting scalable, rapid red-teaming within CBP and the HSE
Partnering with the Transportation Security Administration (TSA), this research has provided a new validation method for risk models and formulated operational guidance on their long-term effectiveness to the organizations using these models. Additionally, the project is transitioning the research-informed insights into a scalable red-teaming platform for CBP to conduct rapid red-teams of key policies, processes, and technologies.
Research Leadership Team
Principal Investigator: Brandon Behlendorf, University of Albany – State University of New York
Co-PI: Gary Ackerman, University of Albany – State University of New York
Co-PI: Jun Zhuang, University at Buffalo – The State University of New York
Homeland security risk sciences