How many false documents (forged and counterfeited) cross the border undetected? What is the real extent of the phenomenon of document fraud at the border? How good are border officers and their technical equipment at detecting fraud in the first line? How can we measure the impact of capacity-building measures (training and technology) in the field of document fraud detection? This paper proposes to approach the traditional problem of "known unknown" of risk analysis by taking the performance of detection capabilities - human and machine-supported - seriously. It argues that capability-based vulnerabilities need to be systematically assessed quantitatively and qualitatively in order to make sense of the risk and to devise, test, and measure the effectiveness of countermeasures. The paper reports the preliminary results of an exercise simulating the first line of document inspection at the border. European document experts and automated document inspection systems were challenged to recognize genuine and false documents under a very tight time constraint. Although the experiment suffered of many methodological weaknesses due to the limitations of the context in which it was conducted, a number of initial observations can be drawn on the importance of human skills and experience, the strengths and shortcomings of automated systems, and the need to further test and study how human and machine capabilities can be improved and combined in order to increase their detection effectiveness and thus strengthen border security.
{"title":"Document Fraud Detection at the Border: Preliminary Observations on Human and Machine Performance","authors":"Monica Gariup, G. Soederlind","doi":"10.1109/EISIC.2013.62","DOIUrl":"https://doi.org/10.1109/EISIC.2013.62","url":null,"abstract":"How many false documents (forged and counterfeited) cross the border undetected? What is the real extent of the phenomenon of document fraud at the border? How good are border officers and their technical equipment at detecting fraud in the first line? How can we measure the impact of capacity-building measures (training and technology) in the field of document fraud detection? This paper proposes to approach the traditional problem of \"known unknown\" of risk analysis by taking the performance of detection capabilities - human and machine-supported - seriously. It argues that capability-based vulnerabilities need to be systematically assessed quantitatively and qualitatively in order to make sense of the risk and to devise, test, and measure the effectiveness of countermeasures. The paper reports the preliminary results of an exercise simulating the first line of document inspection at the border. European document experts and automated document inspection systems were challenged to recognize genuine and false documents under a very tight time constraint. Although the experiment suffered of many methodological weaknesses due to the limitations of the context in which it was conducted, a number of initial observations can be drawn on the importance of human skills and experience, the strengths and shortcomings of automated systems, and the need to further test and study how human and machine capabilities can be improved and combined in order to increase their detection effectiveness and thus strengthen border security.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132721768","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
When dealing with information extraction or data mining for security, one of the prerequisite is the data cleaning process, a process that influence deeply the final result. This is particularly true in case of data scraped automatically from online sources (web pages) that contain geographical or geo-referenced information. In this paper we present a model, and a first partial implementation, for location resolution of string descriptions. The domain is the monitoring and analysis of maritime container traffic, relying on the status messages generated by container carriers. The model is based on the usage of three different data dimensions: string similarity, trajectories similarity and most frequent patterns. The realized interface, through a map-based view, provide an integration of the three dimensions. This functionality supports human experts in associating a location to the string description provided in the raw record, in order to improve the numbers of messages usable for route-based analysis.
{"title":"Contextualisation of Geographical Scraped Data to Support Human Judgment and Classification","authors":"Luca Mazzola, A. Tsois, T. Dimitrova, E. Camossi","doi":"10.1109/EISIC.2013.33","DOIUrl":"https://doi.org/10.1109/EISIC.2013.33","url":null,"abstract":"When dealing with information extraction or data mining for security, one of the prerequisite is the data cleaning process, a process that influence deeply the final result. This is particularly true in case of data scraped automatically from online sources (web pages) that contain geographical or geo-referenced information. In this paper we present a model, and a first partial implementation, for location resolution of string descriptions. The domain is the monitoring and analysis of maritime container traffic, relying on the status messages generated by container carriers. The model is based on the usage of three different data dimensions: string similarity, trajectories similarity and most frequent patterns. The realized interface, through a map-based view, provide an integration of the three dimensions. This functionality supports human experts in associating a location to the string description provided in the raw record, in order to improve the numbers of messages usable for route-based analysis.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134210310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In international security, there are many cases of inter-group conflict where violence persists and conflict-oriented policies dominate at the expense of a more mutually beneficial allocation of societal goods. What are the barriers to successful negotiation in such scenarios, and why are conflict management policies difficult to achieve? Most studies of conflict focus on high-level political, economic, or sociological causes, however, psychological influences on decision-making, such as threat and personal motivation, play a large role in impeding conflict resolution or negotiation. In this paper, we analyze the psychological dynamics of threat perception and vested interests on the persistence or desistence of conflict. Threat perception can cause sudden and dramatic shifts in opinion and political choices, an effect which can be further amplified by media reporting. Leaders with a vested personal interest in continued conflict-"spoilers"-can manipulate this phenomenon to derail a peace process. We present a dynamic game theoretic framework of parallel inter-group negotiation and conflict models that incorporates this feedback between threat perception, motivations, leadership decisions, and the success of negotiations, explicitly representing the psychological components of conflict. A prototype implementation is used in empirical simulations to identify cases of conflict persistence and desistence.
{"title":"Threats to Peace: Threat Perception and the Persistence or Desistance of Violent Conflict","authors":"A. Sliva, M. Malyutov, G. Pierce, Xin Li","doi":"10.1109/EISIC.2013.41","DOIUrl":"https://doi.org/10.1109/EISIC.2013.41","url":null,"abstract":"In international security, there are many cases of inter-group conflict where violence persists and conflict-oriented policies dominate at the expense of a more mutually beneficial allocation of societal goods. What are the barriers to successful negotiation in such scenarios, and why are conflict management policies difficult to achieve? Most studies of conflict focus on high-level political, economic, or sociological causes, however, psychological influences on decision-making, such as threat and personal motivation, play a large role in impeding conflict resolution or negotiation. In this paper, we analyze the psychological dynamics of threat perception and vested interests on the persistence or desistence of conflict. Threat perception can cause sudden and dramatic shifts in opinion and political choices, an effect which can be further amplified by media reporting. Leaders with a vested personal interest in continued conflict-\"spoilers\"-can manipulate this phenomenon to derail a peace process. We present a dynamic game theoretic framework of parallel inter-group negotiation and conflict models that incorporates this feedback between threat perception, motivations, leadership decisions, and the success of negotiations, explicitly representing the psychological components of conflict. A prototype implementation is used in empirical simulations to identify cases of conflict persistence and desistence.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128415156","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Throughout the last 40 years, the security breach caused by human error is often disregarded. To relief the latter problem, this article introduces a new class of biometrics that is founded on processing physiological personal features, as opposed to physical and behavioral features. After an introduction on authentication, physiological signals are discussed, including their advantages, disadvantages, and initial directives for obtaining them. This new class of authentication methods can increase biometrics' robustness and enables cross validation. I close this article with a brief discussion in which a recap of the article is provided, law, privacy, and ethical issues are discussed, some suggestions for the processing pipeline of this new class of authentication methods are done, and conclusions are drawn.
{"title":"Physiological Signals: The Next Generation Authentication and Identification Methods!?","authors":"E. V. D. Broek, Martijn Spitters","doi":"10.1109/EISIC.2013.35","DOIUrl":"https://doi.org/10.1109/EISIC.2013.35","url":null,"abstract":"Throughout the last 40 years, the security breach caused by human error is often disregarded. To relief the latter problem, this article introduces a new class of biometrics that is founded on processing physiological personal features, as opposed to physical and behavioral features. After an introduction on authentication, physiological signals are discussed, including their advantages, disadvantages, and initial directives for obtaining them. This new class of authentication methods can increase biometrics' robustness and enables cross validation. I close this article with a brief discussion in which a recap of the article is provided, law, privacy, and ethical issues are discussed, some suggestions for the processing pipeline of this new class of authentication methods are done, and conclusions are drawn.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122743112","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper presents an algorithm for performing name searches using various metrics. Parallelism in the algorithm is exploited in order to obtain an implementation running on GPUs.
本文提出了一种使用各种度量执行名称搜索的算法。该算法的并行性被利用,以获得在gpu上运行的实现。
{"title":"Fast Name Searching on GPU","authors":"V. M. Pais, D. Ciobanu","doi":"10.1109/EISIC.2013.49","DOIUrl":"https://doi.org/10.1109/EISIC.2013.49","url":null,"abstract":"This paper presents an algorithm for performing name searches using various metrics. Parallelism in the algorithm is exploited in order to obtain an implementation running on GPUs.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"144 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132918656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The modern welfare state faces significant challenges to be able to sustain a systematic cyber conflict that pursues the institutional destabilization of the targeted state. Cyber defense in these advanced democracies are limited, unstructured, and focused on anecdotal cyber interchanges of marginal geopolitical value. The factual reach of government activities once a conflict is initiated is likely to be miniscule. Therefore the information security activities, and assessments leading to cyber defense efforts, have to be strategically pre-event coordinated within the state. This coordination should be following a framework that ensures institutional stability, public trust, and limit challenges to the state. The paper presents a case to use societal cyber war theory to create a public sector cyber defense strategy beforehand facing a massive state actor initiated automated systematic cyber attacks to limit the risk for a societal system shock. Societal cyber war theory utilizes a theoretical framework created by political scientist Dwight Waldo for government stability, turns it upside down, and uses the theory to identify cyber targets and aim points. As a theory it can be used in cyber defense and offense as the institutional weaknesses can be either attacked or defended. According to societal cyber war theory the aim points to be targeted by an automated premeditated systematic attack that will cripple the targeted nation is the five pillars that upholds the state - legitimacy, authority, knowledge, control, and confidence. The failure to protect the institutional stability could undermine the state's ability to avoid submission to foreign power.
{"title":"Societal Cyberwar Theory Applied: The Disruptive Power of State Actor Aggression for Public Sector Information Security","authors":"Jan Kallberg, B. Thuraisingham, Erik Lakomaa","doi":"10.1109/EISIC.2013.47","DOIUrl":"https://doi.org/10.1109/EISIC.2013.47","url":null,"abstract":"The modern welfare state faces significant challenges to be able to sustain a systematic cyber conflict that pursues the institutional destabilization of the targeted state. Cyber defense in these advanced democracies are limited, unstructured, and focused on anecdotal cyber interchanges of marginal geopolitical value. The factual reach of government activities once a conflict is initiated is likely to be miniscule. Therefore the information security activities, and assessments leading to cyber defense efforts, have to be strategically pre-event coordinated within the state. This coordination should be following a framework that ensures institutional stability, public trust, and limit challenges to the state. The paper presents a case to use societal cyber war theory to create a public sector cyber defense strategy beforehand facing a massive state actor initiated automated systematic cyber attacks to limit the risk for a societal system shock. Societal cyber war theory utilizes a theoretical framework created by political scientist Dwight Waldo for government stability, turns it upside down, and uses the theory to identify cyber targets and aim points. As a theory it can be used in cyber defense and offense as the institutional weaknesses can be either attacked or defended. According to societal cyber war theory the aim points to be targeted by an automated premeditated systematic attack that will cripple the targeted nation is the five pillars that upholds the state - legitimacy, authority, knowledge, control, and confidence. The failure to protect the institutional stability could undermine the state's ability to avoid submission to foreign power.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"85 6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123283696","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
G. Backfried, Johannes Göllner, G. Quirchmayr, K. Rainer, G. Kienast, G. Thallinger, Christian Schmidt, Andreas Peer
In this paper we describe work in progress on a cross-media content analysis approach and framework, which is currently being developed within the QuOIMA project. We describe the role of media, and how possible links between social and traditional media and terminology and communication patterns are envisioned to be connected to the different phases of a disaster model. The paper continues with a discussion of potential benefits for decision makers and planners and concludes with an outlook on further planned activities and developments.
{"title":"Integration of Media Sources for Situation Analysis in the Different Phases of Disaster Management: The QuOIMA Project","authors":"G. Backfried, Johannes Göllner, G. Quirchmayr, K. Rainer, G. Kienast, G. Thallinger, Christian Schmidt, Andreas Peer","doi":"10.1109/EISIC.2013.31","DOIUrl":"https://doi.org/10.1109/EISIC.2013.31","url":null,"abstract":"In this paper we describe work in progress on a cross-media content analysis approach and framework, which is currently being developed within the QuOIMA project. We describe the role of media, and how possible links between social and traditional media and terminology and communication patterns are envisioned to be connected to the different phases of a disaster model. The paper continues with a discussion of potential benefits for decision makers and planners and concludes with an outlook on further planned activities and developments.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126156848","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper describes the possible threats of cyber crime in privately held information systems. Privately held information systems contain large amounts of personal data and are owned by organizations. Data breaches through which confidential and personal information is stolen from these privately held information systems happen more often than we know. Some examples of data breaches are presented in this paper, together with an overview of the means to perform these data breaches, the impact these data breaches have on organizations and individuals and possible measures that could be taken to prevent data breaches to occur.
{"title":"Cyber Crime in Privately Held Information Systems: Personal Data at Stake","authors":"M. Hengst, M. Warnier","doi":"10.1109/EISIC.2013.25","DOIUrl":"https://doi.org/10.1109/EISIC.2013.25","url":null,"abstract":"This paper describes the possible threats of cyber crime in privately held information systems. Privately held information systems contain large amounts of personal data and are owned by organizations. Data breaches through which confidential and personal information is stolen from these privately held information systems happen more often than we know. Some examples of data breaches are presented in this paper, together with an overview of the means to perform these data breaches, the impact these data breaches have on organizations and individuals and possible measures that could be taken to prevent data breaches to occur.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126431026","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
John V. Monaco, Ned Bakelman, Sung-Hyuk Cha, C. Tappert
This study focuses on the development and evaluation of a new classification algorithm that halves the previously reported best error rate. Using keystroke data from 119 users, closed system performance was obtained as a function of the number of keystrokes per sample. The applications of interest are authenticating online student test takers and computer users in security sensitive environments. The authentication process operates on keystroke data windows as short as 1/2 minute. Performance was obtained on 119 test users compared to the previous maximum of 30. For each population size, the performance increases, and the equal error rate decreases, as the number of keystrokes per sample increases. Performance on 14, 30, and 119 users was 99.6%, 98.3%, and 96.3%, respectively, on 755-keystroke samples, indicating the potential of this approach. Because the mean population performance does not give the complete picture, the varied performance over the population of users was analyzed.
{"title":"Recent Advances in the Development of a Long-Text-Input Keystroke Biometric Authentication System for Arbitrary Text Input","authors":"John V. Monaco, Ned Bakelman, Sung-Hyuk Cha, C. Tappert","doi":"10.1109/EISIC.2013.16","DOIUrl":"https://doi.org/10.1109/EISIC.2013.16","url":null,"abstract":"This study focuses on the development and evaluation of a new classification algorithm that halves the previously reported best error rate. Using keystroke data from 119 users, closed system performance was obtained as a function of the number of keystrokes per sample. The applications of interest are authenticating online student test takers and computer users in security sensitive environments. The authentication process operates on keystroke data windows as short as 1/2 minute. Performance was obtained on 119 test users compared to the previous maximum of 30. For each population size, the performance increases, and the equal error rate decreases, as the number of keystrokes per sample increases. Performance on 14, 30, and 119 users was 99.6%, 98.3%, and 96.3%, respectively, on 755-keystroke samples, indicating the potential of this approach. Because the mean population performance does not give the complete picture, the varied performance over the population of users was analyzed.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"384 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132474737","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
G. Duckworth, Archibald Owen, Jerry Worsley, Henry Stephenson
The OptaSense® Distributed Acoustic Sensing (DAS) technology turns any cable with single-mode optical fiber into a very large and densely sampled acoustic/seismic sensor array, covering up to a 50-kilometer aperture per system with """"virtual"""" sensor separations as small as one eter. The system uses Rayleigh scattering from the mperfections in the fiber to return optical signals measuring local fiber strain from seismic, air and water acoustic disturbances. The scalable system architecture can provide border monitoring over long distances at low cost, high sensitivity, and high location accuracy. This paper presents system performance examples for detection, localization, and classification of multiple threats (e.g. digging and tunneling, personnel footsteps, gunshots, and aircraft) in a variety of environments, including snow cover.
{"title":"OptaSense® Distributed Acoustic and Seismic Sensing Performance for Multi-threat, Multi-environment Border Monitoring","authors":"G. Duckworth, Archibald Owen, Jerry Worsley, Henry Stephenson","doi":"10.1109/EISIC.2013.70","DOIUrl":"https://doi.org/10.1109/EISIC.2013.70","url":null,"abstract":"The OptaSense® Distributed Acoustic Sensing (DAS) technology turns any cable with single-mode optical fiber into a very large and densely sampled acoustic/seismic sensor array, covering up to a 50-kilometer aperture per system with \"\"\"\"virtual\"\"\"\" sensor separations as small as one eter. The system uses Rayleigh scattering from the mperfections in the fiber to return optical signals measuring local fiber strain from seismic, air and water acoustic disturbances. The scalable system architecture can provide border monitoring over long distances at low cost, high sensitivity, and high location accuracy. This paper presents system performance examples for detection, localization, and classification of multiple threats (e.g. digging and tunneling, personnel footsteps, gunshots, and aircraft) in a variety of environments, including snow cover.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133661499","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: