Example ISI/Chp 4
From AI Wiki
Chapter 4 NATIONAL SECURITY CRITICAL MISSION AREAS AND CASE STUDIES
Contents |
Chapter Overview
This chapter provides an overview for the next six chapters. Based on research conducted at the University of Arizona’s Artificial Intelligence Lab and its affiliated NSF COPLINK Center for Law Enforcement and Intelligence Research, we review seventeen case studies that are relevant to the six homeland security critical mission areas described earlier. More details about each case study follow in each of the next six chapters.
Introduction
In response to the challenges of national security, the Artificial Intelligence Lab and its affiliated NSF COPLINK Center for Law Enforcement and Intelligence Research at the University of Arizona have developed many research projects over the past decade to address the six critical mission areas identified in the “National Strategy for Homeland Security” report [1]: intelligence and warning, border and transportation security, domestic counter-terrorism, protecting critical infrastructure and key assets, defending against catastrophic terrorism, and emergency preparedness and responses. The main goal of the Arizona lab/center is to develop information and knowledge management technologies appropriate for capturing, accessing, analyzing, visualizing, and sharing law enforcement- and intelligence-related information [2].
We demonstrate through seventeen case studies how critical mission issues could be addressed using the knowledge discovery approach. For each case study we discuss its relevance to national security missions, data characteristics, technologies used, and select evaluation results. Quantitative studies focused primarily on the performance of the techniques in terms of effectiveness, accuracy, efficiency, usefulness, etc. In qualitative studies, we summarize and report comments and feedback from our domain experts. We also suggest further readings for each case study.
Intelligence and Warning
Detecting potential terrorist attacks or crimes is possible and feasible with the help of information technology. By analyzing the communication and activity patterns among terrorists and their contacts (i.e., terrorist networks), detecting deceptive identities, or employing other surveillance and monitoring techniques, intelligence and warning systems may issue timely, critical alerts to prevent attacks or crimes from occurring.
We present four case studies of relevance to intelligence and warning in Chapter 5. In Case Study 1, we report a taxonomy of identity deceptions based on police criminal records and propose an entity-matching technique to detect deception. In Case Study 2, we report on the Dark Web Portal project, which collects open source terrorism web site information based on select spidering and portal techniques. Case Study 3 summarizes web spidering and link analysis techniques adopted to analyze the presence of the Jihad on the web. Based on high-quality open source (news) generated terrorist information, Case Study 4 summarizes topological analysis research performed for the Al-Qaeda terrorist network.
| Case Study | Project | Data Characteristics | Technologies Used | Critical Mission Area Addressed |
|---|---|---|---|---|
| 1 | Detecting deceptive identities |
|
| Intelligence and warning |
| 2 | Dark Web Portal |
|
| Intelligence and warning |
| 3 | Jihad on the Web |
|
| Intelligence and warning |
| 4 | Analyzing al Qaeda network |
|
| Intelligence and warning |
For more details about case studies described above, readers are referred to:
- G. Wang, H. Chen, and H. Atabakhsh, “Automatically Detecting Deceptive Criminal Identities,” Communications of the ACM, Volume 47, Number 3, Pages 71-76, 2004.
- G. Wang, H. Chen, and H. Atabakhsh, “Criminal Identity Deception and Deception Detection in Law Enforcement,” Group Decision and Negotiation, Volume 13, Number 2, Pages 111-127, 2004.
- E. Reid, J. Qin, W. Chung, J. Xu, Y. Zhou, R. Schumaker, M. Sageman, and H. Chen, “Terrorism Knowledge Discovery Project: A Knowledge Discovery Approach to Addressing the Threats of Terrorism,” Intelligence and Security Informatics, Proceedings of the Second Symposium on Intelligence and Security Informatics, ISI 2004, Tucson, Arizona, June 2004, Lecture Notes in Computer Science (LNCS 3073), Springer-Verlag.
- H. Chen, J. Qin, E. Reid, W. Chung, Y. Zhou, W. Xi, G. Lai, A. Bonillas, F. Wang, and M. Sageman, “The Dark Web Portal: Collecting and Analyzing the Presence of Domestic and International Terrorist Groups in the Web,” Proceedings of the 7th IEEE International Conference on Intelligent Transportation Systems (ITSC 2004), Washington, DC, October 3-6, 2004.
Dark Web Portal Building
We show a sample search session in the figures below. Suppose the user is interested in the terrorist group “Ku Klux Klan” and uses it as a search term. Two types of search forms are available: simple search and advanced search (see Figure 5-2). Our user chose to use the simple search first. The advanced mode gives users more options to refine their search. For example, the user can specify web pages with the exact phrase. In addition, the user can restrict the results within a few terrorist categories or choose to search a particular file type, such as PDF or Word files.
Figure 5-2. Dark Web Portal interfaces: simple search and advanced search.
KERNEL-BASED DATA FUSION OF MULTIPLE TYPES OF DATA
Protein Function Prediction
The function of an unannotated protein can be predicted based on multiple sources of information given the set of proteins with known functions. For example, it may be predicted based on an observed similarity between the sequences of the unannotated protein and proteins of known functions. The unknown protein may have functional relationships with other proteins similar to those of an annotated protein. The functional relationship between two proteins can also be inferred if they occur in fused form in some other organism, if they co-occur in multiple species, if their corresponding mRNAs share similar expression patterns, or if the proteins interact with one another.
Kernel-based Protein Function Prediction
Under the kernel-based approach, the projection f(x) is specified implicitly using a kernel function K(xi,xj) = < f(xi),f(xj) > . The benefit of such an implicit specification of projection is that to identify data patterns that only involve inner products of the data items, such as the task of similarity-based clustering, one does not need to have the explicit representation of the mapping f. It suffices to be able to evaluate the kernel function, which is often much easier than computing the coordinates of the points explicitly. Thus, quite flexible kernel functions can be applied to search for the nonlinear patterns among data items without even knowing the nature of the projected feature space. For a finite set of data items we do not even require the exact specification of the kernel function itself. All we need is a square kernel matrix K = (kij), each entry kij = < f(xi),f(xj) > is the inner products of the projected data points. This kernel matrix can be interpreted as one that describes a particular notion of similarity between data items. We will see examples of these kernel matrices later in this section.
