Semantics-Based Threat Structure Mining for Homeland Security
Within the Homeland Security domain, it is critical to be able to identify actionable and credible knowledge for the prevention of, response to, and recovery from incidents. This also allows threat and vulnerability assessment. Today’s National and Interstate border control agencies are flooded with alerts generated from various monitoring devices. In such an environment, the difficulty of knowledge discovery is compounded by the fact that data is collected by heterogeneous sources having different semantics within various agencies operating in disparate mission spaces. There is an urgent need to uncover potential threats to effectively respond to an event. In this chapter, we present a Semantics-based Threat Mining approach that uses the semantic and spatio-temporal contextual relationships among data sources and data flows (events) to identify alerts with potentially dangerous collusion relationships. We use Semantic Graphs to represent the potentially dangerous collusion relationships, and further score and prune the edges with semantic weights using a domain specific ontology of known dangerous relationships, resulting in an Enhanced Semantic Graph (ESG). The analysis of such an ESG using graph’s characteristics of centrality, cliques and isomorphism further enables to mine the global threat patterns that are difficult to see when alerts or clusters of alerts are looked at independently. In the context of shipments crossing the border, which are under the jurisdiction of the respective ports and Port Authorities, we present a Semantic Threat Mining prototype system in the domain of known dangerous combinations of chemicals used in explosives.
KeywordsOutlier Detection Description Logic Domain Ontology Homeland Security Semantic Relationship
Unable to display preview. Download preview PDF.