Using graphs for intelligence analysis

Using graphs for intelligence analysis

Using graphs for intelligence analysis

The identification and monitoring of terrorist or criminal networks are imperatives to detect threats and defeat attacks. Let’s see how Linkurious and graph visualizations can help identify and track potential dangerous individuals and networks.

Criminal or terrorist activities are rarely the acts of isolated individuals. Behind these activities we find more or less centralized organizations or networks. Intelligence experts are in charge of identifying every actors of such groups, despite their strategies to hide their connections to the networks (encrypted communication services, numerous middlemen, fake identities, etc). Getting the whole picture of the network is essential to monitor suspect activities, prevent attacks or detected potential threats.

Countering such activities is also about gathering as much information as possible, from any possible sources. The more data intelligence and security organisms are able to obtain, the easier it is to track and anticipate criminal or terrorist activities. This means that analysts and investigators have to handle large sets of heterogeneous data.

Read Also:
CEOs & CIOs Must Work Together For Data Analytics Success

Graph analysis is particularly suited to this sort of challenge. Graph databases allow organizations to store and query in near real-time the relationships between billions of entities. Let’s see how these systems, combined to tools like Linkurious, can help intelligence analysts identify and investigate threats.

We will dive into the investigation of a potential terrorism threat and explore how Linkurious can help identify and investigate suspicious networks.

For this purpose, we have created a dataset with fictitious data about people, including addresses, phone numbers and travel information. This data can easily be modeled as a graph:

To keep our analysis understandable we chose a very simple model with only a limited volume of data. An authentic situation will definitely involve larger volumes and a wider range of data types.

Data entities, such as individual, email, phone, are modeled as nodes. Relationships between entities are symbolized with edges, labeled with the nature of the connection. The data then forms a network.

Read Also:
Iyka dS Big Data Analytics Platform for Financial Institutions Uncovers Nearly $130 Million in Uncollected Funds

In our graph model we have five types of nodes: people, countries, addresses and phone numbers, and as many types of edges, or relationships. Let’s start our investigation by trying to detect suspicious patterns in our data.

When dealing with large datasets, we need to find ways to focus the analysts’ attention on relevant information. Here, we want to detect potential terrorist cells. We are going to try to detect groups of at least three people who 1) visited an at-risk country (in our case Syria) and 2) are indirectly in contact (via their addresses or phone communications).

 



Chief Analytics Officer Spring 2017

2
May
2017
Chief Analytics Officer Spring 2017

15% off with code MP15

Read Also:
Managing Big Data for Organizations is Made Easy

Big Data and Analytics for Healthcare Philadelphia

17
May
2017
Big Data and Analytics for Healthcare Philadelphia

$200 off with code DATA200

Read Also:
The Importance of IT Operations in the Big Data Era
Read Also:
Building smart business on the four pillars of predictive analytics

SMX London

23
May
2017
SMX London

10% off with code 7WDATASMX

Read Also:
MIT makes breakthrough in morality-proofing artificial intelligence

Data Science Congress 2017

5
Jun
2017
Data Science Congress 2017

20% off with code 7wdata_DSC2017

Read Also:
How to Use Business Intelligence in Sales Acceleration

AI Paris

6
Jun
2017
AI Paris

20% off with code AIP17-7WDATA-20

Read Also:
Four ways insurance benefits from business intelligence

Leave a Reply

Your email address will not be published. Required fields are marked *