12 May 2016 A data-stream classification system for investigating terrorist threats
Author Affiliations +
The role of cyber forensics in criminal investigations has greatly increased in recent years due to the wealth of data that is collected and available to investigators. Physical forensics has also experienced a data volume and fidelity revolution due to advances in methods for DNA and trace evidence analysis. Key to extracting insight is the ability to correlate across multi-modal data, which depends critically on identifying a touch-point connecting the separate data streams. Separate data sources may be connected because they refer to the same individual, entity or event. In this paper we present a data source classification system tailored to facilitate the investigation of potential terrorist activity. This taxonomy is structured to illuminate the defining characteristics of a particular terrorist effort and designed to guide reporting to decision makers that is complete, concise, and evidence-based. The classification system has been validated and empirically utilized in the forensic analysis of a simulated terrorist activity. Next-generation analysts can use this schema to label and correlate across existing data streams, assess which critical information may be missing from the data, and identify options for collecting additional data streams to fill information gaps.
© (2016) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Alexia Schulz, Alexia Schulz, Joshua Dettman, Joshua Dettman, Jeffrey Gottschalk, Jeffrey Gottschalk, Michael Kotson, Michael Kotson, Era Vuksani, Era Vuksani, Tamara Yu, Tamara Yu, "A data-stream classification system for investigating terrorist threats", Proc. SPIE 9851, Next-Generation Analyst IV, 98510L (12 May 2016); doi: 10.1117/12.2224104; https://doi.org/10.1117/12.2224104

Back to Top