The Ohio State University Corporate Engagement Office

Back to All Technologies

Learning Optimal Empirical Reward iNtelligence (LOERN) with Cyber Maintenance Applications

Software & Information Technology
College
College of Engineering (COE)
Researchers
Allen, Theodore
Hou, Chengjun
Licensing Manager
Zinn, Ryan
614-292-5212
zinn.7@osu.edu

T2016-009 A software solution designed to optimize cyber security decision making and reduce maintenance costs.

The Need

As the world becomes more and more connected, our systems become more and more vulnerable. If cyber security can become more automated, risk-based decisions can be made more quickly and rationally. Organizations can then leverage this decision-making to improve their security without increasing costs. Therefore, there is a need for new algorithms that can facilitate this process.

The Technology

Researchers at The Ohio State University led by Dr. Theodore Allen have developed the Learning Optimal Empirical Reward iNtelligence (LOERN) tool, a breakthrough problem solving approach that can solve fundamental problems in machine learning, including how to offer optimal actions in the context of parametric uncertainty, and to optimize learning immediately from observations. This technique has significant advantages compared to the Markov Decision Processes commonly used in machine learning. The primary application of LOERN relates to reducing the maintenance costs associated with cyber security. By selecting optimal policies addressing data limitations, losses from stolen information and maintenance costs can be balanced. LOERN is an engine that can adapt, nuance, and derive cyber policy.

Commercial Applications

  • Cyber Security
  • Machine Learning

Benefits/Advantages

  • Existing Markov Decision Processes approach requires assumptions about transition matrices and costs.
  • Over current security systems in place, LOERN processing generates decisions that lead to save millions in savings from data loss an cyber security maintenance.
    • Some vulnerabilities do not need to be patched as quickly or at all.
    • There are current risks that are accepted that should not need to be.
  • Major vulnerabilities can be quickly addressed.