testbed14/document.120

﻿Natural
Language
Processing
for
Information
Assurance
and
Security:
An
Overview
and
Implementations
Abstract
This
research
paper
explores
a
promising
interface
between
natural
language
processing
(NLP)
and
information
assurance
and
security
(IAS).
More
specificall~
it
is
devoted
to
possible
applications
to,
and
further
dedicated
development
of,
the
accumulated
considerable
resources
in
NLP
for,
IAS.
The
expected
and
partially
accomplished
result
is
in
harnessing
the
weird,
illogical
ways
natural
languages
encode
meaning,
the
very
ways
that
defy
all
the
usual
combinatorial
approaches
to
mathematical--and
computational--complexity
and
make
NLP
so
hard,
to
enhance
information
security.
The
paper
is
of
a
mixed
theoretical
and
empirical
nature.
Of
the
four
possible
venues
of
applications,
(i)
memorizing
randomly
generated
passwords
with
the
help
of
automatically
generated
funny
jingles,
(ii)
natural
language
watermarking,
(iii)
using
the
available
machine
translation
(MT)
systems
for
(additional)
encryption
of
text
messages,
and
(iv)
downgrading,
or
sanitizing
classified
information
in
networks,
two
venues,
(i)
and
(iv),
have
been
at
least
partially
implemented
and
the
remaining
two
(ii)
and
(iii)
are
being
implemented
to
the
proof-of-concept
level.
We
must
make
it
very
clear,
however,
that
we
have
done
very
little
experimentation
or
evaluation
at
this
point,
though
we
are
moving
quickly
in
that
direction.
The
merits
of
the
paper,
if
any,
are
in
its
venture
to
make
considerable
progress
achieved
recently
in
NLE
especially
in
knowledge
representation
and
meaning
analysis,
useful
for
IAS
needs.
The
NLP
approach
adopted
here,
ontological
semantics,
has
been
developed
by
two
of
the
coauthors;
watermarking
is
based
on
the
pioneering
research
by
another
coauthor
and
his
associates;
most
of
the
implementation
of
the
password
memorization
software
has
been
done
by
the
fourth
coauthor.
All
the
four
of
us
have
agonized
whether
we
should
report
this
research
now
or
wait
till
we
have
fully
implemented
all
or
at
least
some
of
the
systems
we
are
developing.
At
the
end
of
the
day,
we
have
reached
a
consensus
that
it
is
important,
even
at
this
early
stage,
to
review
for
the
information
security
community
what
NLP
can
do
for
it
and
to
invite
feedback
and
further
efforts
and
ideas
on
what
seems
likely
to
become
a
new
paradigm
in
information
security.
To
the
body
of
the
paper,
we
Mikhail
J.
Atallah,
Craig
J.
McDonough,
Victor
Raskin
Center
for
Education
and
Research
in
Information
Assurance
and
Security
(CERIAS,
www.cerias.purdue.edu)
Purdue
University
W.
Lafayette,
IN
47907
mja,
raskin,
mcdonoug@cerias.purdue.edu
Sergei
Nirenburg
Computing
Research
Laboratory,
New
Mexico
State
University
Las
Cruces,
NM
88003
sergei@crl.nmsu.edu
have
added
two
self-contained
deliberately
reference-free
appendices
on
NLP
and
ontological
semantics,
respectively,
primarily
for
the
benefit
of
those
IAS
readers,
who
are
interested
in
expanding
their
understanding
of
those
fields
and
further
exploring
their
possible
fruitful
interactions
with
IAS.