Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137297
T. D. Ng, Christopher C. Yang
Food safety issues often draw public attention after the discovery of suspected or confirmed cases of food poisoning and contamination. Food safety incidents reveal voids in existing food safety practices established by food science, governmental policies, and business processes. The vulnerability in food supply chain may yield room for potential food terrorism. This paper presents a framework for harnessing public wisdom from mass media to improve and advance existing practices to better ensure our food safety. The framework incorporates the use of content and social network analyses to distill important issues into food safety knowledge.
{"title":"A framework for harnessing public wisdom to ensure food safety","authors":"T. D. Ng, Christopher C. Yang","doi":"10.1109/ISI.2009.5137297","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137297","url":null,"abstract":"Food safety issues often draw public attention after the discovery of suspected or confirmed cases of food poisoning and contamination. Food safety incidents reveal voids in existing food safety practices established by food science, governmental policies, and business processes. The vulnerability in food supply chain may yield room for potential food terrorism. This paper presents a framework for harnessing public wisdom from mass media to improve and advance existing practices to better ensure our food safety. The framework incorporates the use of content and social network analyses to distill important issues into food safety knowledge.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123362769","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137295
Tianjun Fu, Chunneng Huang, Hsinchun Chen
Web 2.0 has become an effective grassroots communication platform for extremists to promote their ideas, share resources, and communicate among each other. As an important component of Web 2.0, online video sharing sites such as YouTube and Google video have also been utilized by extremist groups to distribute videos. This study presented a framework for identifying extremist videos in online video sharing sites by using user-generated text content such as comments, video descriptions, and titles without downloading the videos. Text features including lexical features, syntactic features and content specific features were first extracted. Then Information Gain was used for feature selection, and Support Vector Machine was deployed for classification. The exploratory experiment showed that our proposed framework is effective for identifying online extremist videos, with the F-measure as high as 82%.
Web 2.0已经成为极端分子宣传思想、共享资源、相互交流的有效草根交流平台。作为web2.0的重要组成部分,YouTube和Google视频等在线视频分享网站也被极端组织用来传播视频。本研究提出了一个框架,通过使用用户生成的文本内容,如评论、视频描述和标题,而无需下载视频,来识别在线视频共享网站中的极端主义视频。首先提取文本特征,包括词汇特征、句法特征和特定于内容的特征。然后利用信息增益进行特征选择,利用支持向量机进行分类。探索性实验表明,我们提出的框架对于识别网络极端主义视频是有效的,f值高达82%。
{"title":"Identification of extremist videos in online video sharing sites","authors":"Tianjun Fu, Chunneng Huang, Hsinchun Chen","doi":"10.1109/ISI.2009.5137295","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137295","url":null,"abstract":"Web 2.0 has become an effective grassroots communication platform for extremists to promote their ideas, share resources, and communicate among each other. As an important component of Web 2.0, online video sharing sites such as YouTube and Google video have also been utilized by extremist groups to distribute videos. This study presented a framework for identifying extremist videos in online video sharing sites by using user-generated text content such as comments, video descriptions, and titles without downloading the videos. Text features including lexical features, syntactic features and content specific features were first extracted. Then Information Gain was used for feature selection, and Support Vector Machine was deployed for classification. The exploratory experiment showed that our proposed framework is effective for identifying online extremist videos, with the F-measure as high as 82%.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124566020","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137268
Fatih Özgül, Z. Erdem, C. Bowerman
In this study, a novel model is proposed to predict perpetuators of some terrorist events which are remain unsolved. The CPM learns from similarities between terrorist attacks and their crime attributes then puts them in appropriate clusters. Solved and unsolved attacks are gathered in the same - all linked to each other - “umbrella” clusters; then CPM classifies all related terrorist events which are expected to belong to one single terrorist group. The developed model is applied to a real crime dataset, which includes solved and unsolved terrorist attacks and crimes in Turkey between 1970 and 2005. CPM predictions produced significant precision value for big terrorist groups and reasonable recall values for small terrorist groups.
{"title":"Prediction of past unsolved terrorist attacks","authors":"Fatih Özgül, Z. Erdem, C. Bowerman","doi":"10.1109/ISI.2009.5137268","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137268","url":null,"abstract":"In this study, a novel model is proposed to predict perpetuators of some terrorist events which are remain unsolved. The CPM learns from similarities between terrorist attacks and their crime attributes then puts them in appropriate clusters. Solved and unsolved attacks are gathered in the same - all linked to each other - “umbrella” clusters; then CPM classifies all related terrorist events which are expected to belong to one single terrorist group. The developed model is applied to a real crime dataset, which includes solved and unsolved terrorist attacks and crimes in Turkey between 1970 and 2005. CPM predictions produced significant precision value for big terrorist groups and reasonable recall values for small terrorist groups.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124284576","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137327
J. Ho, Ping Ji, Weifeng Chen, R. Hsieh
Instant messages and online chatting are the earliest forms of online social networking, and they remain as popular communication channels that people use to exchange information and socialize with each other through the Internet, even with the existence of the current diversified and various modern social networks such as mySpace and Facebook. This is especially the case for younger generations, who talk to each other by using text messages much more often than using phone calls and emails. The light-weight communication style of simple type-and-send-in-real-time is the main reason for online chatting (or instant messages) being favorable. However, similar with other sophisticated social networks, online chatting potentially faces the problem of being utilized by perpetrators or even pedophiles to conduct initial approach to innocent online users, who are in many situations children, which may lead to a dangerous crime. Therefore, in some cases, the investigation of victim's online chatting history may play an important role in identifying potential suspects. In this paper we study the aforementioned problem from the technical perspective and seek to conduct systematic approaches to retrieve user online chatting records from general Internet traces. Specifically, we conduct a preliminary study on identifying different types of Google Talk, one of the most popular online chatting software, by using Wireshark (or Ethereal). We describe in details the pattern of each type of online chat messages, and present the corresponding process of identifying the messages. Our experiments show that unencrypted Google Talk chat messages can be easily identified. This study is an initiation on conducting research to provide simple tools for facilitating online message investigations in the future.
{"title":"Identifying Google Talk packets","authors":"J. Ho, Ping Ji, Weifeng Chen, R. Hsieh","doi":"10.1109/ISI.2009.5137327","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137327","url":null,"abstract":"Instant messages and online chatting are the earliest forms of online social networking, and they remain as popular communication channels that people use to exchange information and socialize with each other through the Internet, even with the existence of the current diversified and various modern social networks such as mySpace and Facebook. This is especially the case for younger generations, who talk to each other by using text messages much more often than using phone calls and emails. The light-weight communication style of simple type-and-send-in-real-time is the main reason for online chatting (or instant messages) being favorable. However, similar with other sophisticated social networks, online chatting potentially faces the problem of being utilized by perpetrators or even pedophiles to conduct initial approach to innocent online users, who are in many situations children, which may lead to a dangerous crime. Therefore, in some cases, the investigation of victim's online chatting history may play an important role in identifying potential suspects. In this paper we study the aforementioned problem from the technical perspective and seek to conduct systematic approaches to retrieve user online chatting records from general Internet traces. Specifically, we conduct a preliminary study on identifying different types of Google Talk, one of the most popular online chatting software, by using Wireshark (or Ethereal). We describe in details the pattern of each type of online chat messages, and present the corresponding process of identifying the messages. Our experiments show that unencrypted Google Talk chat messages can be easily identified. This study is an initiation on conducting research to provide simple tools for facilitating online message investigations in the future.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129168982","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137269
M. J. Bourassa, D. Skillicorn
Predictors are often regarded as black boxes that treat all incoming records exactly the same, regardless of whether or not they resemble those from which the predictor was built. This is inappropriate, especially in adversarial settings where rare but unusual records are of critical importance and some records might occur because of deliberate attempts to subvert the entire process. We suggest that any predictor can, and should, be hardened by including three extra functions that watch for different forms of anomaly: input records that are unlike those previously seen (novel records); records that imply that the predictor is not accurately modelling reality (interesting records); and trends in predictor behavior that imply that reality is changing and the predictor should be updated. Detecting such anomalies prevents silent poor predictions, and allows for responses, such as: human intervention, using a variant process for some records, or triggering a predictor update.
{"title":"Hardening adversarial prediction with anomaly tracking","authors":"M. J. Bourassa, D. Skillicorn","doi":"10.1109/ISI.2009.5137269","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137269","url":null,"abstract":"Predictors are often regarded as black boxes that treat all incoming records exactly the same, regardless of whether or not they resemble those from which the predictor was built. This is inappropriate, especially in adversarial settings where rare but unusual records are of critical importance and some records might occur because of deliberate attempts to subvert the entire process. We suggest that any predictor can, and should, be hardened by including three extra functions that watch for different forms of anomaly: input records that are unlike those previously seen (novel records); records that imply that the predictor is not accurately modelling reality (interesting records); and trends in predictor behavior that imply that reality is changing and the predictor should be updated. Detecting such anomalies prevents silent poor predictions, and allows for responses, such as: human intervention, using a variant process for some records, or triggering a predictor update.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132940038","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137264
T. Yoneyama, M. Krishnamoorthy
Amazon.com is among the largest bookstores on the internet. It provides the sales rank of each book. Our hypothesis is as follows: if a book has low sales rank (i.e., it is well-sold), the related book also has a low sales rank. In the small world principle, if a network is connected, any two nodes are connected with relatively small number of links. If this hypothesis is true, any book can link to a bestseller book with small number of distance by linking some related books. In this paper, we design an algorithm to ascertain our hypothesis, and analyze the network structure of Amazon.com.
{"title":"Observation of network structure in Amazon.com","authors":"T. Yoneyama, M. Krishnamoorthy","doi":"10.1109/ISI.2009.5137264","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137264","url":null,"abstract":"Amazon.com is among the largest bookstores on the internet. It provides the sales rank of each book. Our hypothesis is as follows: if a book has low sales rank (i.e., it is well-sold), the related book also has a low sales rank. In the small world principle, if a network is connected, any two nodes are connected with relatively small number of links. If this hypothesis is true, any book can link to a bestseller book with small number of distance by linking some related books. In this paper, we design an algorithm to ascertain our hypothesis, and analyze the network structure of Amazon.com.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134255123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137273
Christopher C. Yang, T. D. Ng
Due to the advance of Web 2.0 technologies, a large volume of web opinions are available in computer-mediated communication sites such as forums and blogs. Many of these web opinions involve terrorism and crime related issues. For instances, some terrorist groups may use web forums to propagandize their ideology, some may post threaten messages, and some criminals may recruit members or identify victims through web social networks. Analyzing and clustering Web opinions are extremely challenging. Unlike regular documents, web opinions usually appear as short and sparse text messages. Using typical document clustering techniques on web opinions produce unsatisfying result. In this work, we propose the scalable distance-based clustering technique for web opinions clustering. We have conducted experiments and benchmarked with the density-based algorithm. It shows that it obtains higher micro and macro accuracy. This web opinions clustering technique is useful in identifying the themes of discussions in web social networks and studying their development as well as the interactions of active participants.
{"title":"Web opinions analysis with scalable distance-based clustering","authors":"Christopher C. Yang, T. D. Ng","doi":"10.1109/ISI.2009.5137273","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137273","url":null,"abstract":"Due to the advance of Web 2.0 technologies, a large volume of web opinions are available in computer-mediated communication sites such as forums and blogs. Many of these web opinions involve terrorism and crime related issues. For instances, some terrorist groups may use web forums to propagandize their ideology, some may post threaten messages, and some criminals may recruit members or identify victims through web social networks. Analyzing and clustering Web opinions are extremely challenging. Unlike regular documents, web opinions usually appear as short and sparse text messages. Using typical document clustering techniques on web opinions produce unsatisfying result. In this work, we propose the scalable distance-based clustering technique for web opinions clustering. We have conducted experiments and benchmarked with the density-based algorithm. It shows that it obtains higher micro and macro accuracy. This web opinions clustering technique is useful in identifying the themes of discussions in web social networks and studying their development as well as the interactions of active participants.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114748750","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137275
N. Ashish, Jay Lickfett, S. Mehrotra, N. Venkatasubramanian
This paper describes the development of the “EBox”, a system that provides integrated access to a wide variety of information sources relevant to providing situational awareness during emergency response situations. The EBox exemplifies a novel information integration approach in which both pre-existing data and real-time information streams are obtained from multiple sources and are rapidly and intelligently ingested and registered to faclilitate efficient and integrated access at a later time. We describe the design and development of the EBox, and the deployment experience in a drill and demonstration exercise. We further describe key technical challenges that remain and our ongoing research efforts in addressing such challenges.
{"title":"The software EBox: Integrated information for situational awareness","authors":"N. Ashish, Jay Lickfett, S. Mehrotra, N. Venkatasubramanian","doi":"10.1109/ISI.2009.5137275","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137275","url":null,"abstract":"This paper describes the development of the “EBox”, a system that provides integrated access to a wide variety of information sources relevant to providing situational awareness during emergency response situations. The EBox exemplifies a novel information integration approach in which both pre-existing data and real-time information streams are obtained from multiple sources and are rapidly and intelligently ingested and registered to faclilitate efficient and integrated access at a later time. We describe the design and development of the EBox, and the deployment experience in a drill and demonstration exercise. We further describe key technical challenges that remain and our ongoing research efforts in addressing such challenges.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130513854","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-08DOI: 10.1109/ISI.2009.5137330
Robert Lee, S. Lang, Kevin Stenger
Computer (digital) forensic examiners typically write a report to document the examination process, including tools used, major processing steps, summary of the findings, and a detailed listing of relevant evidence (files, artifacts) exported to external media (CD, DVD, hard copy) for the case investigator or attorney. However, proper interpretation of the significance of extracted evidence often requires additional consultation with the examiner. This paper proposes a practical methodology for transforming the findings in typical forensic reports to a graphical representation using Bayesian networks (BNs). BNs offer the following advantages: (1) Delineate the cause-effect relationship among relevant pieces of evidence described in the report; and (2) Use probability and established Bayesian inference rules to deal with uncertainty of digital evidence. A realistic forensic report is used to demonstrate this methodology.
{"title":"From digital forensic report to Bayesian network representation","authors":"Robert Lee, S. Lang, Kevin Stenger","doi":"10.1109/ISI.2009.5137330","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137330","url":null,"abstract":"Computer (digital) forensic examiners typically write a report to document the examination process, including tools used, major processing steps, summary of the findings, and a detailed listing of relevant evidence (files, artifacts) exported to external media (CD, DVD, hard copy) for the case investigator or attorney. However, proper interpretation of the significance of extracted evidence often requires additional consultation with the examiner. This paper proposes a practical methodology for transforming the findings in typical forensic reports to a graphical representation using Bayesian networks (BNs). BNs offer the following advantages: (1) Delineate the cause-effect relationship among relevant pieces of evidence described in the report; and (2) Use probability and established Bayesian inference rules to deal with uncertainty of digital evidence. A realistic forensic report is used to demonstrate this methodology.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126163075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-03-01DOI: 10.1109/ISI.2009.5137318
Ryan Layfield, B. Thuraisingham, L. Khan, Murat Kantarcioglu
Context-based anomaly tracking represents a new approach to security enhancement of communication streams. By creating a system that develops an understanding of normal and abnormal based on communication history, it is possible to detect fluctuations in an evolving social network. Although more research is necessary to overcome current obstacles, the combination of social network analysis and anomaly detection techniques yields a promising set of applications for enhancing communication security. In this paper we will describe a system for context-based anomaly detection and then describe experiments for message surveillance application.
{"title":"Design and implementation of a secure social network system","authors":"Ryan Layfield, B. Thuraisingham, L. Khan, Murat Kantarcioglu","doi":"10.1109/ISI.2009.5137318","DOIUrl":"https://doi.org/10.1109/ISI.2009.5137318","url":null,"abstract":"Context-based anomaly tracking represents a new approach to security enhancement of communication streams. By creating a system that develops an understanding of normal and abnormal based on communication history, it is possible to detect fluctuations in an evolving social network. Although more research is necessary to overcome current obstacles, the combination of social network analysis and anomaly detection techniques yields a promising set of applications for enhancing communication security. In this paper we will describe a system for context-based anomaly detection and then describe experiments for message surveillance application.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2009-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115768545","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: