One of the most dangerous terrorist groups in the world, Boko Haram has abducted thousands of children from Nigerian schools and displaced millions of people from their homes since its emergence in 2002, according to BBC News.
Building on top of a specialized dataset which leverages resources including the Armed Conflict Location & Event Data Project, B.HACK is an AI-enabled system that assigns a Boko Haram kidnapping risk score to every school in Nigeria. The platform enables a user to examine schools within a selected region of interest and review the probabilities of each school being attacked based on factors including the five nearest security installations and the number of prior Boko Haram attacks within a specific radius (zero to 50 miles) of each school.
Subrahmanian noted that the B.HACK platform’s risk analysis techniques can apply to predictions of different types of targeted attacks.
“We have a methodology where we can predict other related phenomena, like which security installations will be targeted or which tourist or transportation sites might be targeted,” Subrahmanian said. “This is the first of a long series of spatial predictions we hope to be able to make in the coming years.”
PCORE: Forecasting malicious activity caused by climate change
As climate change dramatically alters the locations of water and vegetation sites in Africa, pastoralists are forced to adapt their movement patterns to sustain their herds. The competition over resources and disputes over land rights are increasing the number of violent conflicts as herders encroach on subsistence farmland or the traditional territory of other herders.
In joint work with the United Nations Department of Political and Peacebuilding Affairs, NSAIL’s Pastoral Conflict Reasoning Engine (PCORE) project generates a map which identifies the locations within five countries — Burundi, Cameroon, Central African Republic, Chad, and the Democratic Republic of the Congo — at risk of pastoral conflicts.
After breaking each country into cells corresponding to specific regions within each of the five countries, the team gathered data on the history of conflict within a given cell as well as weather data and ground data related to variables including terrain, land-use, and roads.
The machine learning models developed by the PCORE team apply several different algorithms to predict whether conflict will occur. Subrahmanian presented an example of a risk assessment in the Central African Republic using a decision-tree algorithm.
“If a cell had over 5.5 conflicts in the past, its relative humidity at two meters is less than or equal to 5.9 percent, and the surface soil wetness is less than or equal to 27.4 percent, then there is a 100 percent probability that such a cell will experience conflict,” Subrahmanian said. “Ten cells validate these rules, and in every one of those 10 cases, there was a conflict.”
Imposing costs on hackers
NSAIL also focuses on issues concerning information, cyber, and technology security, including managing vulnerabilities in an enterprise, managing cyber alerts, and preventing intellectual property (IP) theft.
Cybersecurity project teams are addressing malware, which causes significant harm to individuals and enterprises by stealing sensitive data, disrupting business operations, damaging systems, and exposing confidential information.
“We always want to put ourselves in the shoes of the bad guy and say, ‘if I build a system, how would the bad guy attack it?’” Subrahmanian said. “We put ourselves in the shoes of our adversaries to try to get in front of it and craft defenses.”
Android, the world’s most widely used operating system, is particularly vulnerable to malicious attacks because of its widespread use around the world. According to Zimperium’s 2023 Global Mobile Threat Report, the mobile security firm detected malware in one out of every 20 Android devices in 2022.
Subrahmanian is a coauthor of a new book — with Qian Han and Sai Deep Tetali (Meta), Salvador Mandujano and Sebastian Porst (Google), and Yanhai Xiong (William & Mary) — called The Android Malware Handbook: Detection and Analysis by Human and Machine (No Starch Press Inc., 2023) that introduces the Android threat landscape and presents practical guidance to detect and analyze malware.
The team found that features related to app permissions are linked to whether an app is malware or not. They also proposed novel features based on an analysis of the behaviors of the app.
“Watch those permissions,” Subrahmanian said. “Always check and see whether the app’s permissions are consistent with how you intend to use the app and what the app does.”
