A data-stream classification system for investigating terrorist threats
暂无分享,去创建一个
The role of cyber forensics in criminal investigations has greatly increased in recent years due to the wealth of data that is collected and available to investigators. Physical forensics has also experienced a data volume and fidelity revolution due to advances in methods for DNA and trace evidence analysis. Key to extracting insight is the ability to correlate across multi-modal data, which depends critically on identifying a touch-point connecting the separate data streams. Separate data sources may be connected because they refer to the same individual, entity or event. In this paper we present a data source classification system tailored to facilitate the investigation of potential terrorist activity. This taxonomy is structured to illuminate the defining characteristics of a particular terrorist effort and designed to guide reporting to decision makers that is complete, concise, and evidence-based. The classification system has been validated and empirically utilized in the forensic analysis of a simulated terrorist activity. Next-generation analysts can use this schema to label and correlate across existing data streams, assess which critical information may be missing from the data, and identify options for collecting additional data streams to fill information gaps.
[1] P. Gill,et al. Encoded evidence: DNA in forensic analysis , 2004, Nature Reviews Genetics.
[2] Rob Gillen,et al. Redeye Text Analysis Workbench: Actionable intelligence from non-actionable data , 2013, 2013 IEEE International Conference on Technologies for Homeland Security (HST).
[3] Jonathan Avooske. Joint Improvised-Threat Defeat Agency (JIDA) Technology Development/Identification, Acquisition and Support: An Exploratory Case Study , 2016 .