Intelligence and Security Informatics: Techniques and Applications (Studies in Computational Intelligence, 135)

Title Page
Preface
Contents
Assured Information Sharing: Technologies, Challenges and Directions
Introduction
Coalition Data Sharing
Policy Issues
Data Integration and Analysis Technologies
Security Policy Enforcement
Dependability Aspects
Balancing Conflicting Requirements
Game Theory Applications and Semi-trustworthy-partners
Handling Untrustworthy Partners
Summary and Directions
References
Automating Event Extraction for the Security Domain
Introduction
Incident Databases
Trends and Early Warning
Information Extraction
History and State-of-the-Art of Event Extraction
IE Methods and Challenges
News Gathering and Preprocessing
News Gathering
Clustering: Grouping Similar Articles
NewsExplorer: Exploring News through Clusters and Entities
Corleone
Entity Recognition
Markup of News
Event Extraction
Machine Learning for Pattern Acquisition
On-Line Extraction and Information Aggregation
Pattern Matching Engine
Preliminary Evaluation
Initial Deployment
Conclusions and Future Work
References
Knowledge Discovery and Information Visualization for Terrorist Social Networks
Terrorist Social Networks
Social Network Analysis – Centrality Measurement
Example
Information Visualization
Fisheye Views
Fractal Views
Case Studies
Case 1 – Extracting the Hamburg Cell of the 911 Attack
Case 2 – Determine the Gatekeepers between Two Terrorist Leaders
Case 3 – Determining the Relationships of the Terrorists in the US Millennial Plot Operation
Conclusion
References
Understanding the Nexus of Terrorist Web Sites
Introduction
Literature Review
Web Structure Mining
Network Topological Analysis
Web Mining Studies on Terrorist Web sites
The Dark Web Dataset
Results and Discussion
Network Topological Analysis
Giant Component Analysis
Conclusions and Future Directions
References
Multi-lingual Detection of Web Terrorist Content
Introduction
Literature Review
Document Categorization and Classification
Representation of Text and Web Documents
Web Document Classification with the Hybrid Approach
Case Studies
Case Study 1: Identification of Terrorist Web Sites in Arabic (Based on [11])
Case Study 2: Categorization of Terrorist Web Sites in English
Conclusions
References
Modeling Anticipatory Event Transitions
Introduction
Related Work
Topic and Event
New Event Detection (NED)
Topic Tracking (TT)
Retrospective Event Detection (RED)
Event Transition Graph (ETG)
AED Model
Problem Definition
AED on Document Streams
Types of AE Detection
AED Prototype
Document Representation for AED
Extracting Named Entities Types from Documents
Factoring Burstiness into Document Representation
Modeling the AET
Sentence Classifier
Document Classifier
Experiments
Dataset
Experimental Setup
Clustering TDT3-Eng
Modeling Transitions at the Sentence Resolution
Conclusions and Future Work
Conclusions
Future Work
References
Exploring Gray Web Forums: Analysis and Investigation of Forum-Based Communities in Taiwan
Introduction
Forum-Based Communities
Gray Web Forum-Based Communities
A Framework for Gray Web Forum Analysis
Research Design
Taiwan Gray Web Forum: Forum Level Analysis
Taiwan Gray Web Forum: Thread Level Analysis
Taiwan Gray Web Forum Member Level Analysis
Crime Investigation on Forum-Based Communities
Thread Analysis Using Full Text Search Based on Key Phrases Identified by Domain Expert
Threads Analysis Based on Automatic Key Phrase Extraction and Vector Matching
Conclusions and Future Work
References
Identifying Interesting Networks of Criminal Activity
Introduction
Literature Review
How Do LE Agencies Integrate Data?
Network-Based Analysis of Criminal Activity
Case-Study: Helping Create a Fraud/Meth Link Chart
The Task: Link Chart Creation
Our Analysis Methodology
Experimentation and Results
Discussions and Conclusions
References
Name Matching in Law Enforcement Database
Introduction
The Operational Environment -- FINDER
The PREFIX Algorithm
Constructing a Dictionary of Prefixes of Names
Searching the Prefix-Dictionary
The ANSWER Algorithm
Experimental Results
DBMS (Database Management System) Implementation
Summary, Conclusions and Future Work
References
Discovering Investigation Clues through Mining Criminal Databases
Introduction
Adequacy of Using Data Mining Techniques in Discovering Investigation Clues
Criminological Foundations
Theories on Thefts
Theories of Deception
Systems for Mining Criminal Data
Methodology in Mining Criminal Data
Research Process
Crime Data Mining Techniques
Experiments and Mining Results
Crime Facets
Association Rule Analysis
Decision Trees Analysis
Prediction
Data Generalization and Summarization-Based Characterization
Visualization and Presentation
Discussions
Conclusion
References
Automated Filtering on Data Streaming for Intelligence Analysis
Introduction
Definitions and Preliminaries
Data Model
Filtering Query Model
Filter Refinement Model
Our Approach
Gathering and Representing Feedback
Filter Refinement
Experiments
Results
Related Work
Conclusions
References
Personal Information Management for Intelligence Tasks
Introduction
Background
The Intelligence Cycle
Personal Information Management (PIM)
Case Studies
Discussion: PIM for Intelligence Analysis
Conclusion
References
A Data Miner’s Approach to Country Corruption Analysis
Introduction
Overview of Data Mining Techniques
Self Organizing Maps
CART
LS-SVM
Description and Preprocessing of the Data
SOM Analysis
Exploring the Data
Clustering of the SOM
Regression Analysis
Absolute Level of Corruption
Relative Level of Corruption
Conclusion
References
Protecting Private Information in Online Social Networks
Introduction
Background
Bayesian Inference Via Social Relations
Single-Hop Inference
Multi-hop Inference
Experimental Study of Bayesian Inference
Characteristics of Social Networks
Data Set
Simulation Results
Experiments on Epinions.com
Privacy Protection
Causal Effect between Friends’ Attribute Values
A Privacy Protection Rule
Performance of Privacy Protection
Analysis of RHR and SHR
Randomly Hiding Friend Relationships (RHR)
Selectively Hiding Friend Relationships (SHR)
Randomly vs. Selectively Hiding Friend Relationships
Related Work
Conclusion
References
Protection of Database Security Via Collaborative Inference Detection
Introduction
Related Work
The Inference Framework
Knowledge Acquisition for Data Inference
Data Dependency
Database Schema
Domain-Specific Semantic Knowledge
Semantic Inference Model
Computation Complexity of Constructing Semantic Inference Model
Semantic Inference Graph
Evaluating Inference in Semantic Inference Graph (SIG)
Inference Violation Detection for Individual User
Inference Violation Detection for Collaborative Users
Collaborative Inference Violation Detection
An Example of Inference Violation Detection for Collaborative Users
Collaboration Level
Experimental study of Collaboration Level
Estimation of Collaboration Level
Robustness in Inference Detection
Sensitivity Definition
Adjust Security Threshold by Attribute Sensitivity Analysis
Conclusion
References
Suspect Vehicle Identification for Border Safety
Introduction
Literature Review
Association Rule Mining
Mutual Information
Case Study: Including Time and Port Heuristics in Mutual Information
Study Testbed
Study Design
Experimental Results
Conclusion
References
Optimization Problems for Port-of-Entry Detection Systems
Introduction
Model Formulation
The Polyhedral Formulation
Extension to More Sensors and Variables
Selection of Threshold Grids or Partitions
Different Allowable Topologies for the Decision Trees
Series, Parallel, and Other Topologies
Optimal Threshold Setting
Unknown Boolean Function F
Complete, Monotone Binary Decision Trees
Multi-objective Programming Approaches
Generalizations and Complications
Allowing for Stochastic Dependence of the Sensor Readings
Measurement Error and Optimal Threshold Setting
Case Study: Container Risk Scoring
Closing Comments
References
Modeling and Validation of Aviation Security
Introduction
Related Work
Aviation Security Guidelines
Modeling Airport Security
Abstract State Machines
Probabilistic Model Checking
Airport Security Model
Security Flow Model
Incremental Refinements
Probabilistic Timed Automata (PTA) Model
Model Analysis and Validation
Analysis of PTA Models with PRISM
Experimental Results
Discussions and Conclusions
References
Anomaly Detection in Moving Object
Introduction
Trajectory Representation
Representation with Motifs
Motif-Based Feature Space
Multi-resolution Feature Hierarchies
Framework
Motif Extractor
Feature Generator
Classification
Experiments
Real Data
Synthetic Data
Related Work
Discussion and Conclusion
References
Intelligent Face Recognition
Introduction
A Review on Face Recognition
Face Image Databases
Difficulties in Face Detection
Recognition Methods
Artificial Intelligence and Face Recognition
Case Study 1: Intelligent Global Face Recognition
Image Database for Global Face Recognition
Image Pre-processing (Global Averaging)
Neural Network Implementation
Results and Discussion (Case 1)
Conclusions
Case Study 2: Intelligent Local Face Recognition
Image Database for Local Face Recognition
Image Pre-processing (Local Averaging)
Neural Network Implementation
Results and Discussion (Case 2)
Conclusions
Discussions and Conclusions
References
Video Analysis of Vehicles and Persons for Surveillance
Introduction
Literature Review
A Case Study
Planar Homography Mapping
Track Analysis in Spatio-temporal Domain
Distributed Sensor Placements and Site Model
Tracking Multiple Objects
Dynamic Density Estimation
Discussions and Conclusions
References
Video-Based Deception Detection
Introduction
Literature Review
Humans and Deception Detection
Tools to Detect Deception
Brunswikian Lens Model for Deception Detection
Distal Cues, Proximal Percepts, and Deception
Research Approach
Automated Kinesics Feature Extraction
Research Questions
Description of Mock Theft Dataset
Measurement
Results
Discussion
Conclusion
References
Subject Index
Author Index