Detecting and tracking isolated malicious activities

Detecting and tracking isolated malicious activities
Data Analytics

Overview

Detecting, characterizing, tracking and forecasting rare events in multi-sourced networks: An application in analyzing isolated malicious activities

This project targets the challenging problem of combating diverse Isolated, Malicious Activities (IMAs), or "lone wolf" attacks, such as homegrown violent extremist attacks. Although IMAs seem completely isolated from one another, without outside direction or communication, IMAs share some common traits when examined under the proper lens (e.g., from the right/relevant data sources, in the subspace spanned by the right/relevant activities and/or at the right/relevant time steps). Thus, IMAs form a specific type of group, i.e., so-called "familiar strangers," where people with similar intentions, who do not have direct connections, may share common traits. Some known common traits include sympathetic discourse toward known terror organizations on public social networks or frequent visits to places with ties to known radical elements.

Solution

Using geo-coded data from multiple dynamic and heterogeneous information sources, such as money laundering networks, email exchange networks, human trafficking and smuggling networks, postal service networks, terrorist networks and online black markets, this project looks to build new theories and algorithms to (1) detect IMAs with common traits, (2) characterize the context of those rare individuals who execute IMAs, i.e., identify common traits in the form of relevant networks, relevant attributes and active time steps and (3) track and predict their activities over time.

Impact

Detecting and tracking Isolated malicious activities

Working directly with DHS, CBP, I&A and TSA, deployable technology is being created that will give law enforcement the ability to determine rare signals that indicate and identify activities from IMAs such as violent extremists and insider threats at airports. Providing this valuable information will help the intelligence community predict activities and plan to prevent future attacks.

Research Leadership Team

Principal Investigator: Jingrui He, Arizona State University
Co-PI:  Hanghang Tong