Intelligence and Security Informatics

Intelligence and Security Informatics

Research Goal

The tragic events of September 11th have caused drastic effects on many aspects of society. Academics in the fields of natural sciences, computational science, information science, social sciences, engineering, medicine, and many others have been called upon to help enhance the government’s ability to fight terrorism and other crimes. Six critical mission areas have been identified where information technology can contribute, as suggested in the National Strategy for Homeland Security report (2002), including: intelligence and warning, border and transportation security, domestic counter-terrorism, protecting critical infrastructure, defending against catastrophic terrorism, and emergency preparedness and responses. Facing the critical missions of national security and various data and technical challenges, we believe there is a pressing need to develop the science of "Intelligence and Security Informatics" (ISI) (Chen 2006), with its main objective being the "development of advanced information technologies, systems, algorithms, and databases for national security-related applications, through an integrated technological, organizational, and policy-based approach." Funded by various federal agencies, the AI Lab has conducted more than one decade of research in ISI, in particular, with its COPLINK, Dark Web, and BioPortal research. See these important books for more information:

Areas of Research

The world has been flattened (according to T. Freeman and many others) in the past two decades, for better or for worse. International travel, multinational corporations and supply chains, international outsourcing, cross-continent fiber optics cables, mobile devices and wireless communications, powerful commodity computing and storage devices, and the ubiquitous Internet have all contributed to this transformation. In spite of this progress, there are also significant consequences and unintended global security risks, such as, for example, global pandemics (SARS and avian flu), the "War on Terror" (post September 11), cyber security (botnets, zombie computers, e-commerce and identity fraud), border security and immigration issues (virtual fences and Secure Border Initiative), etc. Although the security applications are diverse, the IT aspects of these problems and potential solutions are similar. How do we identify potential threats and security concerns? How do we systematically monitor, collect, and fuse security-related data and information from diverse global data sources? How do we analyze these raw data and information and turn them into actionable intelligence and knowledge for decision makers and policy makers? Our ISI research has focused on four major theme areas: border security, biosecurity, cyber security, and e-commerce security. For border security, we aim to develop advanced research in data fusion, situation awareness, risk assessment, and information visualization for use by border protection and public safety agencies. For biosecurity, we have been conducting informatics-based epidemiology and public health research of relevance to infectious diseases and bioagents. For cyber security, we conduct advanced research in autonomic intrusion detection, botnets and malware analysis, and cyber terrorism research. For e-commerce security, we are performing advanced research of relevance to fake e-commerce site detection, customer-based fraud detection, botnet related e-commerce transaction analysis, and social media analytics based e-commerce opinion mining.

Funding (Selected)

We thank the following agencies for providing research funding support:

  • NSF. "CRI: Developing a Dark Web Collection and Infrastructure for Computational and Social Sciences," October 2007-September 2010 ($500,000).
  • NSF. "EXP-LA: Explosives and IEDs in the Dark Web: Discovery, Categorization, and Analysis," December 2007-November 2010 ($800,000).
  • NSF(SGER). "Authorship Analysis of Multilingual Extremist Forums," October 2006-September 2007 ($75,000).
  • DHS, USDA, DOD, Defense Intelligence Agency, Armed Forces Medical Intelligence Center (AFMIC). "Foot-and-Mouth (FMD) BioPortal: Global FMD Surveillance, Information Sharing,and Analysis," September 2006-March 2008 ($260,000).
  • NSF-Digital Government Program (IIS-0429364). "COPLINK Center: Social Network Analysis and Identity Deception Detection for Law Enforcement and Homeland Security," September 2003-August 2007 ($600,000).
  • NSF-Information Technology Research (ITR) Program (EIA-0326348). "COPLINK Center for Intelligence and Security Informatics – A Crime Data Mining Approach to Developing Border Safe Research," September 2003-August 2007 ($700,000).
  • Department of Homeland Security (DHS), CNRI. "BorderSafe Initiative Phase-2" (subcontract: Tucson Police Department). June 2004-October 2005 ($780,000).
  • Department of Homeland Security (DHS), CNRI. "BorderSafe Initiative" (subcontracts: Tucson Police Department and Arizona Department of Customs and Border Protection)," October 2003-September 2004 ($550,000).
  • NSF-Digital Government Program (EAI-9983304). "COPLINK Center: Information and Knowledge Management for Law Enforcement," July 2000-March 2004 ($1,600,000).

Approach and Methodology

We believe that KDD (Knowledge Discovery from Databases) techniques can play a central role in improving counter-terrorism and crime-fighting capabilities of intelligence, security, and law enforcement agencies by reducing the cognitive and information overload. KDD refers to non-trivial extraction of implicit, previously unknown, and potentially useful knowledge from data. KDD techniques promise easy, convenient, and practical exploration of very large collections of data for organizations and users, and have been applied in marketing, finance, manufacturing, biology, and many other domains. Many of the KDD technologies could be applied in ISI studies (Chen 2006). Keeping in mind the special characteristics of crimes and security-related data, we categorize existing ISI technologies into six classes: information sharing and collaboration, crime association mining, crime classification and clustering, intelligence text mining, spatial and temporal crime pattern mining, and criminal network analysis. In the figure below we present our proposed research framework, with the horizontal axis being the security concerns and the vertical axis being the six classes of techniques (Chen 2006).

Publications (Selected)

Books

  • H. Chen, D. Zeng, and P. Yan (Eds.), "Infectious Disease Informatics: Syndromic Surveillance for Public Health and Biodefense" Springer, 2008.
  • H. Chen and C. Yang (Eds.), "Intelligence and Security Informatics: Techniques and Applications," Springer, 2008.
  • H. Chen, E. Reid, J. Sinai, A. Silke, and B. Ganor (Eds.), "Terrorism Informatics: Knowledge Management and Data Mining for Homeland Security," Springer, 2008.
  • H. Chen, T. S. Raghu, R. Ramesh, A. Vinze, and D. Zeng (Eds.), "Handbooks in Information Systems -- National Security," Elsevier Scientific, 2007.
  • H. Chen, "Intelligence and Security Informatics for International Security: Information Sharing and Data Mining," Springer, 2006.

 

Journal Articles

2011-2012

  • S. Kaza, P. J. Hu, H. Hu, and H. Chen, “Designing, Implementing, and Evaluating Information Systems for Law Enforcement: A Long-term Design Science Research Program,” Communications of the AIS, 2012.
  • G. Wang and H. Chen, “A Hierarchical Naïve Bayes Model for Approximate Identity Matching,” Decision Support Systems, Volume 51, Issue 3, Pages 413-423, June 2011.
  • J. Li, G. Wang, and H. Chen, “Identity Matching Using Social Identity Features,” Information Systems Frontiers, Volume 13, Number 1, 2011.
  • P. J. Hu, H. Hu, F. M. Hsu, and H. Chen, “Law Enforcement Officers’ Acceptance of Advanced E-Government Technology: A Survey Study of COPLINK Mobile,” Electronic Commerce Research and Applications, Volume 10, Number 1, Pages 6-16, January-February 2011.

2007-2008

  • H. Chen, Y Zhang, and Y. Dang, “Intelligence and Security Informatics,” Encyclopedia of Library and Information Sciences, 3rd ed., 2009.
  • H.-M. Lu, D. Zeng, L. Trujillo, K. Komatsu, and H. Chen, "Ontology-enhanced Automatic Chief Complaint Classification for Syndromic Surveillance," Journal of Biomedical Informatics, Volume 4, Issue 2, Pages 340-356, April 2008.
  • E. Reid and H. Chen, "Mapping the Contemporary Terrorism Research Domain," International Journal of Human-Computer Studies, special issue on Information Security in the Knowledge Economy, Volume 65, Pages 42-56, 2007.
  • J. Qin, Y. Zhou, E. Reid, G. Lai, and H. Chen, "Analyzing Terror Campaign on the Internet: Technical Sophistication, Content Richness, and Web Interactivity," International Journal of Human-Computer Studies, special issue on Information Security in the Knowledge Economy, Volume 65, Pages 71-84, 2007.
  • P. J-H. Hu, D. Zeng, H. Chen, C. Larson, W. Chang, C. Tseng, and J. Ma, "A System for Infectious Disease Information Sharing and Analysis: Design and Evaluation," IEEE Transactions on Information Technology in Biomedicine, Volume 11, Number 4, Pages 483-492, 2007.
  • E. Reid and H. Chen, "Internet-savvy U.S. and Middle Eastern Extremist Groups," Mobilization: An International Quarterly Review, Volume 12, Number 2, Pages 177-192, 2007.
  • S. Kaza, Y. Wang, and H. Chen, "Enhancing Border Security: Mutual Information Analysis to Identify Suspect Vehicles," Decision Support Systems, Volume 43, Number 1, Pages 199-210, 2007.
  • T. S. Raghu and H. Chen, "Cyberinfrastructure for Homeland Security: Advances in Information Sharing, Data Mining, and Collaboration Systems," Decision Support Systems, Volume 43, Number 4, Pages 1321-1323, 2007.
  • R. Schumaker and H. Chen, "Leveraging Question Answer Technology to Address Terrorism Inquiry," Decision Support Systems, Volume 43, Number 4, Pages 1419-1430, 2007.

2005-2006

  • P. Yan, H. Chen and D. Zeng, "Syndromic Surveillance Systems," Annual Review of Information Science and Technology (ARIST), Volume 41, Pages 425-495, 2007.
  • H. Chen and J. Xu, "Intelligence and Security Informatics for National Security: A Knowledge Discovery Perspective," Annual Review of Information Science and Technology (ARIST), Volume 40, Pages 229-289, 2006.
  • H. Chen, "Intelligence and Security Informatics: Information Systems Perspective," Decision Support Systems, special issue on Intelligence and Security Informatics, Volume 41, Number 3, Pages 555-559, March 2006.
  • J. L. Zhao, H. H. Bi, H. Chen, D. Zeng, C. Lin, and M. Chau "Process-Driven Collaboration Support for Intra-Agency Crime Analysis," Decision Support Systems, special issue on Intelligence and Security Informatics, Volume 41, Number 3, Pages 616-633, March 2006.
  • W. Chung, H. Chen, W. Chang, and S. Chou, "Fighting Cybercrime: A Review and the Taiwan Experience," Decision Support Systems, special issue on Intelligence and Security Informatics, Volume 41, Number 3, Pages 669-682, March 2006.
  • R. Zheng,, J. Li, H. Chen, and Z. Huang, "A Framework for Authorship Identification of Online Messages: Writing-Style Features and Classification Techniques," Journal of the American Society for Information Science and Technology, Volume 57, Number 3, Pages 378-393, 2006.
  • J. Li, R. Zheng, and H. Chen, "From Fingerprint to Writeprint," Communications of the ACM, Volume 49, Number 4, Pages 76-82, April 2006.
  • G. Wang, J. Xu,, H. Chen, and H. Atabakhsh, "Automatically Detecting Criminal Identity Deception: An Adaptive Detection Algorithm," IEEE Transactions on Systems, Man, and Cybernetics, Part A, Volume 36, Number 5, Pages 988-999, 2006.
  • W. Chung, H. Chen, L. G. Chaboya, C. O’Toole, and H. Atabakhsh, "Evaluating Event Visualization: A Usability Study of COPLINK Spatio-Temporal Visualizer," International Journal of Human-Computer Studies, Volume 62, Number 1, Pages 127-157, 2005.
  • H. Chen, "Intelligence and Security Informatics," Journal of the American Society for Information Science and Technology, special issue on Intelligence and Security Informatics, Volume 56, Number 3, Pages 217-220, 2005.
  • P. J. Hu, C. Lin, and H. Chen, "User Acceptance of Intelligence and Security Informatics Technology: A Study of COPLINK," Journal of the American Society for Information Science and Technology, special issue on Intelligence and Security Informatics, Volume 56, Number 3, Pages 235-244, 2005.
  • J. Xu and H. Chen, "CrimeNet Explorer: A Framework for Criminal Network Knowledge Discovery," ACM Transactions on Information Systems, Volume 23, Number 2, Pages 201-226, April, 2005.
  • J. Xu and H. Chen, "Criminal Network Analysis and Visualization," Communications of the ACM, Volume 48, Number 6, Pages 101-107, 2005.
  • H. Chen and F. Wang, "Artificial Intelligence for Homeland Security," IEEE Intelligent Systems, special issue on AI for Homeland Security, Volume 20, Number 5, Pages 12-16, 2005.
  • Y. Zhou, E. Reid, J. Qin, H. Chen, and G. Lai, "U.S. Domestic Extremist Groups on the Web: Link and Content Analysis," IEEE Intelligent Systems, special issue on AI for Homeland Security, Volume 20, Number 5, Pages 44-51, 2005.
  • A. Abbasi and H. Chen, "Applying Authorship Analysis to Extremist-Group Web Forum Messages," IEEE Intelligent Systems, special issue on AI for Homeland Security, Volume 20, Number 5, Pages 67-75, 2005.
  • Y. Xiang, M. Chau, H. Atabakhsh, and H. Chen, "Visualizing Criminal Relationships: Comparison of a Hyperbolic Tree and a Hierarchical List," Decision Support Systems, Volume 41, Number 1, Pages 69-83, 2005.

2002-2004

  • G. Wang, H. Chen, and H. Atabakhsh, "Automatically Detecting Deceptive Criminal Identities," Communications of the ACM, Volume 47, Number 3, Pages 71-76, 2004.
  • G. Wang, H. Chen, and H. Atabakhsh, "Criminal Identity Deception and Deception Detection in Law Enforcement," Group Decision and Negotiation, Volume 13, Number 2, Pages 111-127, 2004.
  • H. Chen, W. Chung, J. Xu, G. Wang, Y. Qin, and M. Chau, "Crime Data Mining: A General Framework and Some Examples," IEEE Computer, Volume 37, Number 4, Pages 50-56, 2004.
  • C. Lin, P. J. Hu, and H. Chen, "Technology Implementation Management in Law Enforcement: COPLINK System Usability and User Acceptance Evaluations," Social Science Computer Review (SSCR) special issue on Digital Government, Volume 22, Number 1, Pages 24-36, 2004.
  • J. Xu and H. Chen, "Fighting Organized Crimes: Using Shortest-Path Algorithms to Identify Associations in Criminal Networks," Decision Support Systems, Volume 38, Number 3, Pages 473-488, 2004.
  • H. Chen, F. Y. Wang, and D. Zeng, "Intelligence and Security Informatics for Homeland Security: Information, Communication, and Transportation," IEEE Transactions on Intelligent Transportation Systems, Volume 5, Number 4, Pages 329-341, 2004.
  • H. Chen, D. Zeng, H. Atabakhsh, W. Wyzga, J. Schroeder, "COPLINK: Managing Law Enforcement Data and Knowledge," Communications of the ACM, Volume 46, Number 1, Pages 28-34, January 2003.
  • H. Chen, J. Schroeder, R. V. Hauck, L. Ridgeway, H. Atabakhsh, H. Gupta, C. Boarman, K. Rasmussen, and A. W. Clements, "COPLINK Connect: Information and Knowledge Management for Law Enforcement," Decision Support Systems, Special Issue on Digital Government, Volume 34, Number 3, Pages 271-286, February 2003.
  • R. V. Hauck, H. Atabakhsh, P. Ongvasith, H. Gupta, and H. Chen, "Using Coplink to Analyze Criminal-Justice Data," IEEE Computer, Volume 35, Number 3, Pages 30-37, 2002.

 

Conference Papers and Proceedings

2012

  • V. Benjamin and H. Chen, “Securing Cyberspace: Identifying Key Actors in Hacker Communities,” Proceedings of 2012 IEEE International Conference on Intelligence and Security Informatics, ISI 2012, Washington, DC, June 2012.
  • S. Kaza and H. Chen, “Using Burst Detection Techniques to Identify Suspicious Vehicular Traffic at Border Crossings,” Proceedings of 2012 IEEE International Conference on Intelligence and Security Informatics, ISI 2012, Washington, DC, June 2012.
  • D. Zeng, I. Gotham, K. Komatsu, C. Lynch, M. Thurmond, D. Madigan, B. Lober, J. Kvach, and H. Chen, (Eds.), Intelligence and Security Informatics: Biosurveillance, Proceedings the Second NSF Workshop, BioSurveillance 2007, Lecture Notes in Computer Science (LNCS 4506), Springer-Verlag, 2007.

2003-2007

  • C. Yang, D. Zeng, M. Chau, K. Chang, Q. Yang, X. Cheng, J. Wang, F. Wang, and H. Chen. (Eds.), Intelligence and Security Informatics, Proceedings the Pacific-Asia Workshop, PAISI 2007, Lecture Notes in Computer Science (LNCS 4430), Springer-Verlag, 2007.
  • S. Mehrotra, D. Zeng, H. Chen, B. Thursaisingham, and F. Wang (Eds.), Intelligence and Security Informatics, Proceedings the IEEE International Conference on Intelligence and Security Informatics, ISI 2006, Lecture Notes in Computer Science (LNCS 3975), Springer-Verlag, 2006.
  • H. Chen, F. Wang, C. Yang, D. Zeng, M. Chau, and K. Chang (Eds.), Intelligence and Security Informatics, Proceedings the Workshop on Intelligence and Security Informatics, WISI 2006, Lecture Notes in Computer Science (LNCS 3917), Springer-Verlag, 2006.
  • P. Kantor, G. Muresan, F. Roberts, D. Zeng, F. Wang, H. Chen, and R. Merkle (Eds.), Intelligence and Security Informatics, Proceedings the IEEE International Conference on Intelligence and Security Informatics, ISI 2005, Lecture Notes in Computer Science (LNCS 3495), Springer-Verlag, 2005.
  • H. Chen, R. Moore, D. Zeng, and J. Leavitt (Eds.), Intelligence and Security Informatics, Proceedings of the Second Symposium on Intelligence and Security Informatics, ISI 2004, Lecture Notes in Computer Science (LNCS 3073), Springer-Verlag, 2004.
  • H. Chen, R. Miranda, D. Zeng, T. Madhusudan, C. Demchak, and J. Schroeder (Eds.), Intelligence and Security Informatics, Proceedings of the First NSF/NIJ Symposium on Intelligence and Security Informatics, ISI 2003, Lecture Notes in Computer Science (LNCS 2665), Springer-Verlag, 2003.