Skip to main content
SpringerLink
Log in

Computational approaches to suspicion in adversarial settings

  • Published:
Information Systems Frontiers Aims and scope Submit manuscript

Abstract

Intelligence and law enforcement agencies collect large datasets, but have difficulty focusing analyst attention on the most significant records and structures within them. We address this problem using suspicion, which we interpret as relevant anomaly, as the measure associated with data records and individuals. For datasets collected about widespread activities in which the signs of adversarial activity are rare, we suggest ways to build predictive models of suspicion. For datasets collected as the result of lawful interception, we suggest a model of suspicion spreading using the social network implied by the intercepted data.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. Actually, the connection between an individual and a channel being intercepted is potentially weak—an email address or web browser may be used by a number of people within a home or internet cafe. This further complicates the analysis.

References

  • Baker, W., & Faulkner, R. (1993). The social organization of conspiracy: Illegal networks in the heavy electrical equipment industry. American Sociological Review, 58, 837–860.

    Article  Google Scholar 

  • Bell, T., Witten, I., & Cleary, J. (1989). Modeling for text compression. ACM Computing Surveys, 21(4), 557–591.

    Article  Google Scholar 

  • Bishop, C. (1995). Neural networks for pattern recognition. Oxford University Press.

  • Dempster, A., Laird, N., & Rubin, D. (1977). Maximum likelihood from incomplete data via the EM algorithm. Journal of the Royal Statistical Society, Series B, 39, 138.

    Google Scholar 

  • Dickey, C. (2009). Securing the city. Simon and Schuster.

  • Dutrisac, J., & Skillicorn, D. (2008a). Hiding clusters in adversarial settings. In 2008 IEEE intelligence and security informatics (pp. 185–187).

  • Dutrisac, J., & Skillicorn, D. (2008b). Subverting prediction in adversarial settings. In 2008 IEEE intelligence and security informatics (pp. 19–24).

  • Ester, M., Kriegel, H. P., Sander, J., & Xu, X. (1996). A density-based algorithm for discovering clusters in large spatial databases with noise. In 2nd international conference on knowledge discovery and data mining (KDD’96). Portland: AAAI Press.

    Google Scholar 

  • European Parliament (2001). Final report on the existence of a global system for the interception of private and commercial communications (ECHELON interception system). Tech. rep., European Parliament Temporary Committee on the ECHELON Interception System.

  • Golub, G., & van Loan, C. (1996). Matrix computations (3rd ed.). Johns Hopkins University Press.

  • Jonas, J., & Harper, J. (2006). Effective counterterrorism and the limited role of predictive data mining. Policy Analysis, 584, 1–12.

    Google Scholar 

  • Kannan, R., Vempala, S., & Vetta, A. (2000). On clusterings: Good, bad and spectral. In Proceedings of the 41st foundations of computer science (FOCS ’00) (p. 367).

  • Liben-Nowell, D., & Kleinberg, J. (2003). The link prediction problem for social networks. In Proceedings of the twelfth international conference on information and knowledge management (pp. 556–559).

  • MacQueen, J. (1967). Some methods for classification and analysis of multivariate observations. In Proceedings of 5th Berkeley symposium on mathematical statistics and probability (Vol. 1, pp. 281–297). University of California Press.

  • Pietronero, L., Tosattib, E., Tosattib, V., & Vespignani, A. (2001). Explaining the uneven distribution of numbers in nature: The laws of Benford and Zipf. Physica A: Statistical Mechanics and its Applications, 1–2, 297–304.

    Article  Google Scholar 

  • Skillicorn, D. (2006). Social network analysis via matrix decompositions. In R. Popp, & J. Yen (Eds.), Emergent information technologies and enabling policies for counter-terrorism. IEEE press series on computational intelligence (Chap. 19, pp. 367–392).

  • Skillicorn, D. (2007). Detecting anomalies in graphs. In 2007 IEEE international conference on intelligence and security informatics (pp. 209–216).

  • Tax, D. (2000). One class classification. PhD thesis, Technical University Delft.

  • van Meter, K. (2002). Terrorists/liberators: Researching and dealing with adversary social networks. Connections, 24(3), 66–78.

    Google Scholar 

  • von Luxburg, U. (2006). A tutorial on spectral clustering. Tech. rep. 149, Max Plank Institute for Biological Cybernetics.

Download references

Author information

Authors and Affiliations

  1. School of Computing, Queen’s University, Kingston, Ontario, Canada

    David B. Skillicorn

Authors
  1. David B. Skillicorn
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to David B. Skillicorn.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Skillicorn, D.B. Computational approaches to suspicion in adversarial settings. Inf Syst Front 13, 21–31 (2011). https://doi.org/10.1007/s10796-010-9279-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10796-010-9279-4

Keywords

Search

Navigation