Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284299
M. Habibi
In a surveillance system the huge volume of recorded multidimensional data poses a great challenge to the user in performing meaningful analysis in efficient and coherent manner, especially in a human-vehicle or human-object interaction domain. To address this concern a semi automated data analysis concept is developed for feature extraction, object detection, trajectory determination and cluster identification. In addition this paper presents an algorithmic basis for significantly improved correlation and association of features, and events of interest in a timely and sound manner. The uncertainty associated with the operator's interpretation of data is tackled by proposing an acceptable hypothesis by the analyst based on human intelligence and experience. Experimental results and graphs are also presented in this paper.
{"title":"Data exploitation using visual analytics","authors":"M. Habibi","doi":"10.1109/ISI.2012.6284299","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284299","url":null,"abstract":"In a surveillance system the huge volume of recorded multidimensional data poses a great challenge to the user in performing meaningful analysis in efficient and coherent manner, especially in a human-vehicle or human-object interaction domain. To address this concern a semi automated data analysis concept is developed for feature extraction, object detection, trajectory determination and cluster identification. In addition this paper presents an algorithmic basis for significantly improved correlation and association of features, and events of interest in a timely and sound manner. The uncertainty associated with the operator's interpretation of data is tackled by proposing an acceptable hypothesis by the analyst based on human intelligence and experience. Experimental results and graphs are also presented in this paper.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"2015 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132532949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284275
S. Suthaharan
A simple, yet effective, unit-circle algorithm for an intrusion detection system is presented. It defines normal and abnormal classes using the normalized “standard scores” of the traffic data with a novel unit-circle representation. In this approach, the feature values of the traffic data are first standardized to reduce statistical dependencies of local structural variations within a class and then normalized to isolate statistical inaccuracies between classes. A unit-circle is then constructed using two selected features. The unit-circle algorithm reveals that the normal and the back attack traffic in NSL-KDD datasets fall inside the normal and the abnormal classes respectively. Hence we have robust definitions for the back attack and normal traffic activities in a computer network based on NSL-KDD dataset.
{"title":"A unit-circle classification algorithm to characterize back attack and normal traffic for intrusion detection","authors":"S. Suthaharan","doi":"10.1109/ISI.2012.6284275","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284275","url":null,"abstract":"A simple, yet effective, unit-circle algorithm for an intrusion detection system is presented. It defines normal and abnormal classes using the normalized “standard scores” of the traffic data with a novel unit-circle representation. In this approach, the feature values of the traffic data are first standardized to reduce statistical dependencies of local structural variations within a class and then normalized to isolate statistical inaccuracies between classes. A unit-circle is then constructed using two selected features. The unit-circle algorithm reveals that the normal and the back attack traffic in NSL-KDD datasets fall inside the normal and the abnormal classes respectively. Hence we have robust definitions for the back attack and normal traffic activities in a computer network based on NSL-KDD dataset.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129053158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284103
K. Glass, R. Colbaugh
A frame in social theory is a schema of interpretation that individuals rely upon to understand and respond to events. Collective action frames are persuasive communications constructed during mobilization campaigns, frequently to call attention to a perceived problem or issue, itemize steps to resolve the issue, and motivate others regarding the issue's urgency and the importance of taking action [e.g. 1]. There is substantial empirical evidence that framing rhetoric influences the success or failure of social movements, and that movement members are increasingly relying upon social media to communicate their frames. Consequently, there is considerable interest within the security informatics community to develop methods for detecting framing rhetoric in social (and other) media [2]. Particularly valuable would be computational methods capable of distinguishing framing from non-framing content using only limited labeled examples of framing discourse, because generating such labels typically requires experienced analysts and is an expensive and time-consuming undertaking.
{"title":"Agile detection of framing rhetoric in social media","authors":"K. Glass, R. Colbaugh","doi":"10.1109/ISI.2012.6284103","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284103","url":null,"abstract":"A frame in social theory is a schema of interpretation that individuals rely upon to understand and respond to events. Collective action frames are persuasive communications constructed during mobilization campaigns, frequently to call attention to a perceived problem or issue, itemize steps to resolve the issue, and motivate others regarding the issue's urgency and the importance of taking action [e.g. 1]. There is substantial empirical evidence that framing rhetoric influences the success or failure of social movements, and that movement members are increasingly relying upon social media to communicate their frames. Consequently, there is considerable interest within the security informatics community to develop methods for detecting framing rhetoric in social (and other) media [2]. Particularly valuable would be computational methods capable of distinguishing framing from non-framing content using only limited labeled examples of framing discourse, because generating such labels typically requires experienced analysts and is an expensive and time-consuming undertaking.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125246746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284088
Xiaofeng Wang, Donald E. Brown, M. Gerber
Personal and property crimes create large economic losses within the United States. To prevent crimes, law enforcement agencies model the spatio-temporal pattern of criminal incidents. In this paper, we present a new modeling process that combines two of our recently developed approaches for modeling criminal incidents. The first component of the process is the spatio-temporal generalized additive model (STGAM), which predicts the probability of criminal activity at a given location and time using a feature-based approach. The second component involves textual analysis. In our experiments, we automatically analyzed Twitter posts, which provide a rich, event-based context for criminal incidents. In addition, we describe a new feature selection method to identify important features. We applied our new model to actual criminal incidents in Charlottesville, Virginia. Our results indicate that the STGAM/Twitter model outperforms our previous STGAM model, which did not use Twitter information. The STGAM/Twitter model can be generalized to other applications of event modeling where unstructured text is available.
{"title":"Spatio-temporal modeling of criminal incidents using geographic, demographic, and twitter-derived information","authors":"Xiaofeng Wang, Donald E. Brown, M. Gerber","doi":"10.1109/ISI.2012.6284088","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284088","url":null,"abstract":"Personal and property crimes create large economic losses within the United States. To prevent crimes, law enforcement agencies model the spatio-temporal pattern of criminal incidents. In this paper, we present a new modeling process that combines two of our recently developed approaches for modeling criminal incidents. The first component of the process is the spatio-temporal generalized additive model (STGAM), which predicts the probability of criminal activity at a given location and time using a feature-based approach. The second component involves textual analysis. In our experiments, we automatically analyzed Twitter posts, which provide a rich, event-based context for criminal incidents. In addition, we describe a new feature selection method to identify important features. We applied our new model to actual criminal incidents in Charlottesville, Virginia. Our results indicate that the STGAM/Twitter model outperforms our previous STGAM model, which did not use Twitter information. The STGAM/Twitter model can be generalized to other applications of event modeling where unstructured text is available.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122171131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284297
D. Le, Taeyoel Jeong, H. Roman, J. W. Hong
We propose a novel approach to detect anomalous network traffic by analyzing communication patterns in time series. The method is based on graph theory concepts such as degree distribution and maximum degree, and we introduce the new concept of dK-2 distance [1]. In our approach, we use traffic dispersion graphs (TDGs) to extract communication structure [2]. By analyzing differences of TDG graphs in time series we are able to detect anomalous events such as botnet command and control communications, which cannot be identified by using volume-based approaches or flows/packets counters. We evaluate our approach with the 1999 DARPA intrusion detection data set and the network trace from POSTECH on July 2009.
{"title":"Communication patterns based detection of anomalous network traffic","authors":"D. Le, Taeyoel Jeong, H. Roman, J. W. Hong","doi":"10.1109/ISI.2012.6284297","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284297","url":null,"abstract":"We propose a novel approach to detect anomalous network traffic by analyzing communication patterns in time series. The method is based on graph theory concepts such as degree distribution and maximum degree, and we introduce the new concept of dK-2 distance [1]. In our approach, we use traffic dispersion graphs (TDGs) to extract communication structure [2]. By analyzing differences of TDG graphs in time series we are able to detect anomalous events such as botnet command and control communications, which cannot be identified by using volume-based approaches or flows/packets counters. We evaluate our approach with the 1999 DARPA intrusion detection data set and the network trace from POSTECH on July 2009.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125337862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284311
S. Kaza, Hsin-Min Lu, D. Zeng, Hsinchun Chen
Border safety is a critical part of national and international security. The Department of Homeland Security (DHS) searches vehicles entering the country at land borders for drugs and other contraband. However, this process is time-consuming and operational efficiency is needed for smooth operations at the border. To aid in the screening of vehicles, we propose to examine traffic patterns at checkpoints using burst detection algorithms. Our results show that the overall traffic at the border shows bursting patterns attributable to week days and the holiday seasons. In addition, using local law-enforcement data we also find that traffic with prior contacts with law-enforcement shows a bursting pattern distinct from other traffic. We also find that such bursts in suspicious traffic can be attributable to increases in vehicular traffic associated with certain kinds of criminal activity. This information can be used to specifically target vehicles searches during primary screening at ports and in the surrounding areas.
{"title":"Using burst detection techniques to identify suspicious vehicular traffic at border crossings","authors":"S. Kaza, Hsin-Min Lu, D. Zeng, Hsinchun Chen","doi":"10.1109/ISI.2012.6284311","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284311","url":null,"abstract":"Border safety is a critical part of national and international security. The Department of Homeland Security (DHS) searches vehicles entering the country at land borders for drugs and other contraband. However, this process is time-consuming and operational efficiency is needed for smooth operations at the border. To aid in the screening of vehicles, we propose to examine traffic patterns at checkpoints using burst detection algorithms. Our results show that the overall traffic at the border shows bursting patterns attributable to week days and the holiday seasons. In addition, using local law-enforcement data we also find that traffic with prior contacts with law-enforcement shows a bursting pattern distinct from other traffic. We also find that such bursts in suspicious traffic can be attributable to increases in vehicular traffic associated with certain kinds of criminal activity. This information can be used to specifically target vehicles searches during primary screening at ports and in the surrounding areas.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127823938","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284298
Neal Wagner, Vikas Agrawal
A key activity in emergency management is preparation for natural and man-made disasters. This paper presents a prototype of a computer simulation system that uses agent-based modeling to simulate an emergency environment with crowd evacuation and provides for testing of multiple disaster scenarios at virtually no cost.
{"title":"Emergency decision support using an agent-based modeling approach","authors":"Neal Wagner, Vikas Agrawal","doi":"10.1109/ISI.2012.6284298","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284298","url":null,"abstract":"A key activity in emergency management is preparation for natural and man-made disasters. This paper presents a prototype of a computer simulation system that uses agent-based modeling to simulate an emergency environment with crowd evacuation and provides for testing of multiple disaster scenarios at virtually no cost.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114640633","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284315
I. Sakharova
Payment card fraud is causing billions of dollars in losses for the card payment industry. Besides direct losses, the brand name can be affected by loss of consumer confidence due to the fraud. As a result of these growing losses, financial institutions and card issuers are continually seeking new techniques and innovation in payment card fraud detection and prevention. This paper provides an overview of payment card fraud and begins with payment card statistics and the definition of payment card fraud. It also describes various methods used by identity thieves to obtain personal and financial information for the purpose of payment card fraud. In addition, relationship between payment card fraud detection and terrorism funding is provided. Finally, some solutions for detecting payment card fraud are also given.
{"title":"Payment card fraud: Challenges and solutions","authors":"I. Sakharova","doi":"10.1109/ISI.2012.6284315","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284315","url":null,"abstract":"Payment card fraud is causing billions of dollars in losses for the card payment industry. Besides direct losses, the brand name can be affected by loss of consumer confidence due to the fraud. As a result of these growing losses, financial institutions and card issuers are continually seeking new techniques and innovation in payment card fraud detection and prevention. This paper provides an overview of payment card fraud and begins with payment card statistics and the definition of payment card fraud. It also describes various methods used by identity thieves to obtain personal and financial information for the purpose of payment card fraud. In addition, relationship between payment card fraud detection and terrorism funding is provided. Finally, some solutions for detecting payment card fraud are also given.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114782726","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284091
Yue Zhang, Donald E. Brown
Police patrols play an important role in public safety. The patrol district design is an important factor affecting the patrol performances, such as average response time and workload variation. The redistricting procedure can be described as partitioning smaller geographical units into several larger districts with the constraints of contiguity and compactness. The size of the possible sample space is large and the corresponding graph-partitioning problem is NP-complete. In our approach, the patrol districting plans generated by a parameterized redistricting procedure are evaluated using an agent-based simulation model we implemented in Java Repast in a geographic information system (GIS) environment. The relationship between districting parameters and response variables is studied and better districting plans can be generated. After in-depth evaluations of these plans, we perform a Pareto analysis of the outputs from the simulation to find the non-dominated set of plans on each of the objectives. This paper also includes a case study for the police department of Charlottesville, VA, USA. Simulation results show that patrol performance can be improved compared with the current districting solution.
{"title":"Police patrol district design using agent-based simulation and GIS","authors":"Yue Zhang, Donald E. Brown","doi":"10.1109/ISI.2012.6284091","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284091","url":null,"abstract":"Police patrols play an important role in public safety. The patrol district design is an important factor affecting the patrol performances, such as average response time and workload variation. The redistricting procedure can be described as partitioning smaller geographical units into several larger districts with the constraints of contiguity and compactness. The size of the possible sample space is large and the corresponding graph-partitioning problem is NP-complete. In our approach, the patrol districting plans generated by a parameterized redistricting procedure are evaluated using an agent-based simulation model we implemented in Java Repast in a geographic information system (GIS) environment. The relationship between districting parameters and response variables is studied and better districting plans can be generated. After in-depth evaluations of these plans, we perform a Pareto analysis of the outputs from the simulation to find the non-dominated set of plans on each of the objectives. This paper also includes a case study for the police department of Charlottesville, VA, USA. Simulation results show that patrol performance can be improved compared with the current districting solution.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134109933","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-11DOI: 10.1109/ISI.2012.6284306
Wingyan Chung, Wen Tang
As the trend of domestic terrorism grows rapidly, using web collections to support online surveillance should help intelligence and security personnel track down the sinister activities on the web. In this research, we have developed a collection of U.S. domestic terrorism websites and have conducted preliminary analysis of the sites' content and usage. We developed a novel approach to extracting textual, hyperlink, and usage information from websites. Our ongoing works include discovering hidden patterns from a collection of U.S. domestic terrorism websites and uncovering interesting usage and content patterns. This work should contribute to the area of online security surveillance using website data.
{"title":"Building a web collection for online surveillance of U.S. domestic terrorism","authors":"Wingyan Chung, Wen Tang","doi":"10.1109/ISI.2012.6284306","DOIUrl":"https://doi.org/10.1109/ISI.2012.6284306","url":null,"abstract":"As the trend of domestic terrorism grows rapidly, using web collections to support online surveillance should help intelligence and security personnel track down the sinister activities on the web. In this research, we have developed a collection of U.S. domestic terrorism websites and have conducted preliminary analysis of the sites' content and usage. We developed a novel approach to extracting textual, hyperlink, and usage information from websites. Our ongoing works include discovering hidden patterns from a collection of U.S. domestic terrorism websites and uncovering interesting usage and content patterns. This work should contribute to the area of online security surveillance using website data.","PeriodicalId":199734,"journal":{"name":"2012 IEEE International Conference on Intelligence and Security Informatics","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116129710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: