Detecting Emergent Terrorism Events: Finding Needles in Information Haystacks

Terrorist groups tend to develop unconventional ways to disrupt or destroy economic and critical infrastructures. Examples of unconventional methods include setting up cyberattack cells to disrupt critical infrastructures; using unmonitored financial resources to disrupt or bankrupt national economies; and establishing organizations within countries to desensitize the population to terrorist objectives. Sometimes there are patterns, but most often there are no obvious patterns. This presentation addresses the detection of emergent terrorist events by finding critical pieces of information buried in large volumes of data spanning many disparate data sources. The first part of this talk defines the needle in the haystack problem and discusses the associated informatics issues. Disciplines such as computer science, law enforcement, intelligence, and health, are shown to have common technical issues such as searching through large volumes of unstructured text and across confidential databases as well as to have unique technical issues. The second part of this presentation explores various example terrorist threats and how needles in the information haystack space could be identified; how hypothesis development and vetting techniques can lay a foundation for data collection using data mining approaches; and how analysis shaped by plausible means can be contrasted with the vulnerabilities and accessibilities of the terrorist objectives. The last part of this presentation focuses on future research areas needed to expand the ability to detect needles in haystacks. The suggested research areas span the informatics domain and include new policies, hypothesis-based analysis, and data access techniques. In summary, the presentation addresses the identification of unknown and unexpected needles in information haystacks for the purpose of identifying emergent terrorist activities. Specific examples and suggested research areas are provided.