Investigative Data Mining for Security and Criminal Detection

Cover

Copyright Page

Contents

Introduction

Chapter 1. Precrime Data Mining

1.1 Behavioral Profiling

1.2 Rivers of Scraps

1.3 Data Mining

1.4 Investigative Data Warehousing

1.5 Link Analysis

1.6 Software Agents

1.7 Text Mining

1.8 Neural Networks

1.9 Machine Learning

1.10 Precrime

1.11 September 11, 2001

1.12 Criminal Analysis and Data Mining

1.13 Profiling via Pattern Recognition

1.14 Calibrating Crime

1.15 Clustering Burglars: A Case Study

1.16 The Future

1.17 Bibliography

Chapter 2. Investigative Data Warehousing

2.1 Relevant Data

2.2 Data Testing

2.3 The Data Warehouse

2.4 Demographic Data

2.5 Real Estate and Auto Data

2.6 Credit Data

2.7 Criminal Data

2.8 Government Data

2.9 Internet Data

2.10 XML

2.11 Data Preparation

2.12 Interrogating the Data

2.13 Data Integration

2.14 Security and Privacy

2.15 ChoicePoint: A Case Study

2.16 Tools for Data Preparation

2.17 Standardizing Criminal Data

2.18 Bibliography

Chapter 3. Link Analysis: Visualizing Associations

3.1 How Link Analysis Works

3.2 What Can Link Analysis Do?

3.3 What Is Link Analysis?

3.4 Using Link Analysis Networks

3.5 Fighting Wireless Fraud with Link Analysis: A Case Study

3.6 Types of Link Analysis

3.7 Combating Drug Trafficking in Florida with Link Analysis: A Case Study

3.8 Link Analysis Applications

3.9 Focusing on Money Laundering via Link Analysis: A Case Study

3.10 Link Analysis Limitations

3.11 Link Analysis Tools

3.12 Bibliography

Chapter 4. Intelligent Agents: Software Detectives

4.1 What Can Agents Do?

4.2 What Is an Agent?

4.3 Agent Features

4.4 Why Are Agents Important?

4.5 Open Sources Agents

4.6 Secured Sources Agents

4.7 How Agents Work

4.8 How Agents Reason

4.9 Intelligent Agents

4.10 A Bio-Surveillance Agent: A Case Study

4.11 Data Mining Agents

4.12 Agents Tools

4.13 Bibliography

Chapter 5. Text Mining: Clustering Concepts

5.1 What Is Text Mining?

5.2 How Does Text Mining Work?

5.3 Text Mining Applications

5.4 Searching for Clues in Aviation Crashes: A Case Study

5.5 Clustering News Stories: A Case Study

5.6 Text Mining for Deception

5.7 Text Mining Threats

5.8 Text Mining Tools

5.9 Bibliography

Chapter 6. Neural Networks: Classifying Patterns

6.1 What Do Neural Networks Do?

6.2 What Is a Neural Network?

6.3 How Do Neural Networks Work?

6.4 Types of Network Architectures

6.5 Using Neural Networks

6.6 Why Use Neural Networks?

6.7 Attrasoft Facial Recognition Classifications System: A Demonstration

6.8 Chicago Internal Affairs Uses Neural Network: A Case Study

6.9 Clustering Border Smugglers with a SOM: A Demonstration

6.10 Neural Network Chromatogram Retrieval System: A Case Study

6.11 Neural Network Investigative Applications

6.12 Modus Operandi Modeling of Group Offending: A Case Study

6.13 False Positives

6.14 Neural Network Tools

6.15 Bibliography

Chapter 7. Machine Learning: Developing Profiles

7.1 What Is Machine Learning?

7.2 How Machine Learning Works

7.3 Decision Trees

7.4 Rules Predicting Crime

7.5 Machine Learning at the Border: A Case Study

7.6 Extrapolating Military Data: A Case Study

7.7 Detecting Suspicious Government Financial Transactions: A Case Study

7.8 Machine-Learning Criminal Patterns

7.9 The Decision Tree Tools

7.10 The Rule-Extracting Tools

7.11 Machine-Learning Software Suites

7.12 Bibliography

Chapter 8. NetFraud: A Case Study

8.1 Fraud Detection in Real Time

8.2 Fraud Migrates On-line

8.3 Credit-Card Fraud

8.4 The Fraud Profile

8.5 The Risk Scores

8.6 Transactional Data

8.7 Common-Sense Rules

8.8 Auction Fraud

8.9 NetFraud

8.10 Fraud-Detection Services

8.11 Building a Fraud-Detection System

8.12 Extracting Data Samples

8.13 Enhancing the Data

8.14 Assembling the Mining Tools

8.15 A View of Fraud

8.16 Clustering Fraud

8.17 Detecting Fraud

8.18 NetFraud in the United Kingdom: A Statistical Study

8.19 Machine-Learning and Fraud

8.20 The Fraud Ensemble

8.21 The Outsourcing Option

8.22 The Hybrid Solution

8.23 Bibliography

Chapter 9. Criminal Patterns: Detection Techniques

9.1 Patterns and Outliers

9.2 Money As Data

9.3 Financial Crime MOs

9.4 Money Laundering

9.5 Insurance Crimes

9.6 Death Claims That Did Not Add Up: A Case Study

9.7 Telecommunications Crime MOs

9.8 Identity Crimes

9.9 A Data Mining Methodology for Detecting Crimes

9.10 Ensemble Mechanisms for Crime Detection

9.11 Bibliography

Chapter 10. Intrusion Detection: Techniques and Systems

10.1 Cybercrimes

10.2 Intrusion MOs

10.3 Intrusion Patterns

10.4 Anomaly Detection

10.5 Misuse Detection

10.6 Intrusion Detection Systems

10.7 Data Mining for Intrusion Detection: A Case Study from the Mitre Corporation

10.8 Types of IDSs

10.9 Misuse IDSs

10.10 Anomaly IDSs

10.11 Multiple-Based IDSs

10.12 Data Mining IDSs

10.13 Advanced IDSs

10.14 Forensic Considerations

10.15 Early Warning Systems

10.16 Internet Resources

10.17 Bibliography

Chapter 11. The Entity Validation System (EVS): A Conceptual Architecture

11.1 The Grid

11.2 GRASP

11.3 Access Versus Storage

11.4 The Virtual Federation

11.5 Web Services

11.6 The Software Glue

11.7 The Envisioned EVS

11.8 Needles in Moving Haystacks

11.9 Tracking Identities

11.10 The AI Apprentice

11.11 Incremental Composites

11.12 Machine Man

11.13 Bibliography

Chapter 12. Mapping Crime: Clustering Case Work

12.1 Crime Maps

12.2 Interactive Crime GIS

12.3 Crime Clusters

12.4 Modeling the Behavior of Offenders Who Commit Serious Sexual Assaults: A Case Study

12.5 Decomposing Signatures Software

12.6 Computer Aided Tracking and Characterization of Homicides and Sexual Assaults (CATCH)

12.7 Forensic Data Mining

12.8 Alien Intelligence

12.9 Bibliography

A: 1,000 Online Sources for the Investigative Data Miner

B: Intrusion Detection Systems (IDS) Products, Services, Freeware, and Projects

C: Intrusion Detection Glossary

D: Investigative Data Mining Products and Services

Index