Investigative Data Mining for Security and Criminal Detection

Investigative Data Mining for Security and Criminal Detection

Jesús Mena

An imprint of Elsevier Science

Amsterdam Boston London New York Oxford Paris San Diego San Francisco • Singapore • Sydney Tokyo

Copyright © 2003, Elsevier Science (USA).

All rights reserved.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher.

All trademarks found herein are property of their respective owners.

Recognizing the importance of preserving what has been written, Elsevier Science prints its books on acid-free paper whenever possible.

Library of Congress Cataloging-in-Publication Data

A catalog record for this book is available from the Library of Congress.

ISBN: 0-7506-7613-2

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library.

The publisher offers special discounts on bulk orders of this book.

For information, please contact:

Manager of Special Sales
Elsevier Science
200 Wheeler Road
Burlington, MA 01803
Tel: 781-313-4700
Fax: 781-313-4882

For information on all Butterworth Heinemann publications available, contact our World Wide Web home page at:

10 9 8 7 6 5 4 3 2 1

Printed in the United States of America

To Deirdre


During congressional hearings regarding the intelligence failures of the 9/11 attacks, FBI director Robert S. Mueller indicated that the primary problem the top law enforcement agency in the world had was that it focused too much on dealing with crime after it had been committed and placed too little emphasis on preventing it. The director said the bureau has been too involved in investigating, and not involved enough in analyzing the information its investigators gathered—which is what this book is specifically about: the prevention of crime and terrorism before it takes place (precrime), using advanced data mining technologies, tools, and techniques.

The FBI director went on to tell Congress that the bureau would shift its focus from reacting to crime to preventing it, acknowledging that this could be done only with better technology, which, again, is what this book is about, specifically:

  • Data integration for access to multiple and diverse sources of information

  • Link analysis for visualizing criminal and terrorist associations and relations

  • Software agents for monitoring, retrieving, analyzing, and acting on information

  • Text mining for sorting through terabytes of documents, Web pages, and e-mails

  • Neural networks for predicting the probability of crimes and new terrorist attacks

  • Machine-learning algorithms for extracting profiles of perpetrators and graphical maps of crimes

This book strives to explain the technologies and their applications in plain English, staying clear of the math, and instead concentrating on how they work and how they can be used by law enforcement investigators, counter-intelligence and fraud specialists, information technology security personnel, military and civilian security analysts, and decision makers responsible for protecting property, people, systems, and nations—individuals who may have experience in criminology, criminal analysis, and other forensic and counter-intelligence techniques, but have little experience with data and behavioral analysis, modeling, and prediction. Whenever possible, case studies are provided to illustrate how data mining can be applied to precrime.

Ironically, a week after this manuscript was submitted to the publisher, this headline appeared in Federal Computer Week: "Investigative Data Mining Part of Broad Initiative to Fight Terrorism" (June 3, 2002). The story went on to announce:

The FBI has selected 'investigative data warehousing' as a key technology to use in the war against terrorism. The technique uses data mining and analytical software to comb vast amounts of digital information to discover patterns and relationships that indicate criminal activity.

Investigative data mining in an increasingly digital and networked world will become crucial in the prevention of crime, not only for the bureau, but also for other investigators and analysts in private industry and government, where the focus will be on more and better analytical capabilities, combining the intelligence of humans and machines. The precision of this type of data analysis will ensure that the privacy and security of the innocent are protected from intrusive inquiries. This is the first book on this new type of forensic data analysis, covering its technologies, tools, techniques, modus operandi, and case studies—case studies that will continue to be developed by innovative investigators and analysts, from whom I would like to hear at:

  • <>

Data mining and information sharing techniques are principal components of the White House's national strategy for homeland security.