Table Of ContentLecture Notes in Computer Science 5477
CommencedPublicationin1973
FoundingandFormerSeriesEditors:
GerhardGoos,JurisHartmanis,andJanvanLeeuwen
EditorialBoard
DavidHutchison
LancasterUniversity,UK
TakeoKanade
CarnegieMellonUniversity,Pittsburgh,PA,USA
JosefKittler
UniversityofSurrey,Guildford,UK
JonM.Kleinberg
CornellUniversity,Ithaca,NY,USA
AlfredKobsa
UniversityofCalifornia,Irvine,CA,USA
FriedemannMattern
ETHZurich,Switzerland
JohnC.Mitchell
StanfordUniversity,CA,USA
MoniNaor
WeizmannInstituteofScience,Rehovot,Israel
OscarNierstrasz
UniversityofBern,Switzerland
C.PanduRangan
IndianInstituteofTechnology,Madras,India
BernhardSteffen
UniversityofDortmund,Germany
MadhuSudan
MassachusettsInstituteofTechnology,MA,USA
DemetriTerzopoulos
UniversityofCalifornia,LosAngeles,CA,USA
DougTygar
UniversityofCalifornia,Berkeley,CA,USA
GerhardWeikum
Max-PlanckInstituteofComputerScience,Saarbruecken,Germany
Hsinchun Chen Christopher C.Yang
Michael Chau Shu-Hsing Li (Eds.)
Intelligence and
Security Informatics
Pacific Asia Workshop, PAISI 2009
Bangkok, Thailand, April 27, 2009
Proceedings
1 3
VolumeEditors
HsinchunChen
TheUniversityofArizona,Tucson,AZ,USA
E-mail:[email protected]
ChristopherC.Yang
DrexelUniversity,Philadelphia,PA,USA
E-mail:[email protected]
MichaelChau
TheUniversityofHongKong,HongKong,China
E-mail:[email protected]
Shu-HsingLi
NationalTaiwanUniversity,Taipei,Taiwan,R.O.C.
E-mail:[email protected]
LibraryofCongressControlNumber:Appliedfor
CRSubjectClassification(1998):H.4,H.3,C.2,H.2,D.4.6,K.4.1,K.5,K.6
LNCSSublibrary:SL4–SecurityandCryptology
ISSN 0302-9743
ISBN-10 3-642-01392-9SpringerBerlinHeidelbergNewYork
ISBN-13 978-3-642-01392-8SpringerBerlinHeidelbergNewYork
Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis
concerned,specificallytherightsoftranslation,reprinting,re-useofillustrations,recitation,broadcasting,
reproductiononmicrofilmsorinanyotherway,andstorageindatabanks.Duplicationofthispublication
orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,1965,
initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Violationsareliable
toprosecutionundertheGermanCopyrightLaw.
springer.com
©Springer-VerlagBerlinHeidelberg2009
PrintedinGermany
Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India
Printedonacid-freepaper SPIN:12657988 06/3180 543210
Preface
Intelligence and Security Informatics (ISI) is concerned with the study of the devel-
opment and use of advanced information technologies and systems for national, inter-
national, and societal security-related applications. The annual IEEE International
Conference series on ISI was started in 2003 and the first four meetings were held in
the United States. In 2006, the Workshop on ISI (http://isi.se.cuhk.edu.hk/2006/) was
held in Singapore in conjunction with the Pacific Asia Conference on Knowledge
Discovery and Data Mining, with over 100 contributors and participants from all over
the world. PAISI 2007 (http://isi.se.cuhk.edu.hk/2007/) was then held in Chengdu,
China and PAISI 2008 (http://isi.se.cuhk.edu.hk/2008/) was held in Taiwan. These ISI
conferences have brought together academic researchers, law enforcement and intelli-
gence experts, information technology consultants and practitioners to discuss their
research and practice related to various ISI topics including ISI data management,
data and text mining for ISI applications, terrorism informatics, deception and intent
detection, terrorist and criminal social network analysis, public health and bio-security,
crime analysis, cyber-infrastructure protection, transportation infrastructure security,
policy studies and evaluation, and information assurance, among others. We continued
the stream of ISI conferences by organizing the 2009 Pacific Asia Workshop on ISI
(PAISI 2009) in conjunction with the Pacific Asia Conference on Knowledge Discov-
ery and Data Mining (PAKDD 2009). PAISI 2009 was hosted by the University of
Arizona, Drexel University, the University of Hong Kong, and the National Taiwan
University. In addition to traditional ISI topics, we also broadened our scope to in-
clude research relating to enterprise risk management and information systems secu-
rity. The one-day program included a keynote speech by Bhavani Thuraisingham and
presentations of ten long papers and seven short papers. We hope PAISI can continue
to provide a stimulating forum for ISI researchers in Pacific Asia and other regions of
the world to exchange ideas and report research progress. We wish to express our
gratitude to all the workshop Program Committee members, who provided valuable
and constructive review comments.
April 2009 Hsinchun Chen
Christopher C. Yang
Michael Chau
Shu-Hsing Li
Organization
Workshop Co-chairs
Hsinchun Chen The University of Arizona, USA
Christopher C. Yang Drexel University, USA
Michael Chau The University of Hong Kong, HKSAR China
Shu-Hsing Li National Taiwan University, Taiwan ROC
Program Committee Members
Kuo-Tay Chen National Taiwan University, Taiwan ROC
Tsai-Jyh Chen National Chengchi University, Taiwan ROC
Reynold Cheng The University of Hong Kong, HKSAR China
Vladimir Estivill-Castro Griffith University, Australia
Uwe Glasser Simon Fraser University, Canada
Raymond Hsieh California University of Pennsylvania, USA
Hsiang-Cheh Huang National University of Kaohsiung, Taiwan ROC
Ming-Hui Huang National Taiwan University, Taiwan ROC
Shi-Ming Huang National Chung Cheng University, Taiwan ROC
Eul Gyu Im Hanyang University, Republic of Korea
Paul W.H. Kwan The University of New England, Australia
Kai Pui Lam The Chinese University of Hong Kong, HKSAR
China
Wai Lam The Chinese University of Hong Kong, HKSAR
China
Sheau-Dong Lang University of Central Florida, USA
Mark Last Ben-Gurion University of the Negev, Israel
Ickjai Lee James Cook University, Australia
You-lu Liao Central Police University, Taiwan ROC
Ee-peng Lim Nanyang Technological University, Singapore
Hongyan Liu Tsinghua University, China
Anirban Majumdar SAP Research
Byron Marshall Oregon State University, USA
Dorbin Ng The Chinese University of Hong Kong, HKSAR
China
Jialun Qin The University of Massachusetts Lowell, USA
Dmitri Roussinov University of Strathclyde, UK
Raj Sharman State University of New York, Buffalo, USA
Aixin Sun Nanyang Technological University, Singapore
Paul Thompson Dartmouth College, USA
Alan Wang Virginia Tech University, USA
VIII Organization
Jau-Hwang Wang National Central Police University, Taiwan ROC
Ke Wang Simon Fraser University, Canada
Philips Wang City University of Hong Kong, HKSAR China
Shiuh-Jeng Wang Central Police University, Taiwan ROC
Chih-Ping Wei National Tsing Hua University, Taiwan ROC
Jennifer Xu Bentley College, USA
Wei Yan Trend Micro
Justin Zhan Carnegie Mellon University, USA
Yilu Zhou George Washington University, USA
William Zhu The University of Auckland, New Zealand
Table of Contents
Keynote
Building a Geosocial Semantic Web for Military Stabilization and
Reconstruction Operations ........................................ 1
Bhavani Thuraisingham, Murat Kantarcioglu, and Latifur Khan
Terrorism Informatics and Crime Analysis
Criminal Cross Correlation Mining and Visualization ................. 2
Peter Phillips and Ickjai Lee
A Cybercrime Forensic Method for Chinese Web Information
Authorship Analysis.............................................. 14
Jianbin Ma, Guifa Teng, Yuxin Zhang, Yueli Li, and Ying Li
Prediction of Unsolved Terrorist Attacks Using Group Detection
Algorithms...................................................... 25
Fatih Ozgul, Zeki Erdem, and Chris Bowerman
Enterprise Risk Management
Exploring Fraudulent Financial Reporting with GHSOM.............. 31
Rua-Huan Tsaih, Wan-Ying Lin, and Shin-Ying Huang
Identifying Firm-Specific Risk Statements in News Articles............ 42
Hsin-Min Lu, Nina WanHsin Huang, Zhu Zhang, and Tsai-Jyh Chen
Predicting Future Earnings Change Using Numeric and Textual
Information in Financial Reports................................... 54
Kuo-Tay Chen, Tsai-Jyh Chen, and Ju-Chun Yen
Emergency Response and Surveillance
When Generalized Voronoi Diagrams Meet GeoWeb for Emergency
Management .................................................... 64
Christopher Torpelund-Bruin and Ickjai Lee
E3TP: A Novel Trajectory Prediction Algorithm in Moving Objects
Databases....................................................... 76
Teng Long, Shaojie Qiao, Changjie Tang,
Liangxu Liu, Taiyong Li, and Jiang Wu
X Table of Contents
Information Access and Security
A User-Centered Framework for Adaptive Fingerprint Identification .... 89
Paul W.H. Kwan, Junbin Gao, and Graham Leedham
Design of a Passport Anti-forgery System Based on Digital Signature
Schemes ........................................................ 101
Lei Shi, Shenghui Su, and Zhengrong Xiang
A ChronologicalEvaluation of Unknown Malcode Detection .......... 112
Robert Moskovitch, Clint Feher, and Yuval Elovici
Data and Text Mining
Relation Discovery from Thai News Articles Using Association Rule
Mining ......................................................... 118
Nichnan Kittiphattanabawon and Thanaruk Theeramunkong
Discovering Compatible Top-K Theme Patterns from Text Based on
Users’ Preferences................................................ 130
Yongxin Tong, Shilong Ma, Dan Yu, Yuanyuan Zhang,
Li Zhao, and Ke Xu
Juicer: Scalable Extraction for Thread Meta-information of Web
Forum.......................................................... 143
Yan Guo, Yu Wang, Guodong Ding, Donglin Cao, Gang Zhang, and
Yi Lv
A Feature-Based Approach for Relation Extraction from Thai News
Documents...................................................... 149
Nattapong Tongtep and Thanaruk Theeramunkong
An Incremental-Learning Method for Supervised Anomaly Detection
by Cascading Service Classifier and ITI Decision Tree Methods ........ 155
Wei-Yi Yu and Hahn-Ming Lee
Quantifying News Reports to Proxy “Other Information” in ERC
Models ......................................................... 161
Kuo-Tay Chen, Jian-Shuen Lian, and Yu-Ting Hsieh
Author Index.................................................. 169
Building a Geosocial Semantic Web for Military
Stabilization and Reconstruction Operations
Bhavani Thuraisingham, Murat Kantarcioglu, and Latifur Khan
The University of Texas at Dallas
The United States and its Allied Forces have had tremendous success in combat op-
erations. This includes combat in Germany, Japan and more recently in Iraq and Af-
ghanistan. However not all of our stabilization and reconstruction operations (SARO)
have been as successful. Recently several studies have been carried out on SARO by
National Defense University as well as for the Army Science and Technology. One of
the major conclusions is that we need to plan for SARO while we are planning for
combat. That is, we cannot start planning for SARO after the enemy regime has
fallen. In addition, the studies have shown that security, power and jobs are key in-
gredients for success during SARO. For example, it is essential that security be main-
tained. Furthermore, it is important to give powerful positions to those from the fallen
regime provided they are trustworthy. It is critical that investments are made to stimu-
late the local economies. The studies have also analyzed the various technologies that
are needed for successfully carrying out SARO which includes sensors, robotics and
information management. In our research we are focusing on the information man-
agement component for SARO. As stated in the work by the Naval Postgraduate
School, we need to determine the social, political and economic relationships between
the local communities as well as determine who the important people are. This work
has also identified the 5Ws (Who, When, What, Where and Why) and the (H).
To address the key technical challenges for SARO, our goal is to utilize the exten-
sive research we have carried out at the University of Texas at Dallas in geospatial
information management, social networking and knowledge discovery and develop
novel technologies for SARO. In particular, we have defined a Life cycle for SARO
and subsequently developing a Temporal Geosocial Service Oriented Architecture
System (TGS-SOA) that utilizes Temporal Geosocial Semantic Web (TGS-SW) tech-
nologies for managing this lifecycle. We are developing techniques for representing
temporal geosocial information and relationships, integrating such information and
relationships, querying such information and relationship and finally reasoning about
such information and relationships so that the commander can answer questions re-
lated to the 5Ws and H.
The presentation will discuss the challenges of SARO and our solutions to SARO
that integrates semantic web, social networking, knowledge discovery, geospatial and
security and privacy technologies. We will discuss our approach to developing a
geosocial semantic web for SARO. Our project has tremendous applications not only
in SARO but for many other applications including in emergency response and public
health.
H. Chen et al. (Eds.): PAISI 2009, LNCS 5477, p. 1, 2009.
© Springer-Verlag Berlin Heidelberg 2009
Criminal Cross Correlation Mining and
Visualization
Peter Phillips and Ickjai Lee
Discipline of IT
James Cook University
Australia
{peter.phillips,ickjai.lee}@jcu.edu.au
Abstract. Criminalsarecreaturesofhabitandtheircrimeactivitiesare
geospatially, temporally and thematically correlated. Discovering these
correlationsisacorecomponentofintelligence-ledpolicingandallowsfor
adeeperinsight intothecomplex natureof criminal behavior.Aspatial
bivariate correlation measure should be used to discover these patterns
from heterogeneous data types. We introduce a bivariate spatial corre-
lation approach for crime analysis that can beextended to extract mul-
tivariate cross correlations. It is able to extract the top-k and bottom-k
associative features from areal aggregated datasets and visualize there-
sultingpatterns.Wedemonstrateourapproachwithrealcrimedatasets
and provide a comparison with other techniques. Experimental results
reveal theapplicability and usefulness of the proposed approach.
1 Introduction
Since criminals are creatures of habit, law enforcement agencies can be more
effective if they learn from historical data to better understand perpetrators
habits and locations they choose to commit crimes. Police and policy makers
needanintelligentcrimeanalysismachinethatisabletocapturetheconnections
that exist between places and events based on past crimes. These patterns can
thenbeusedtocharacterizecriminalbehavioranddiscoverwhere,whenandwhy
particularcrimesarelikelytooccur.Discoveringcorrelationsbetweencrimeand
spatialfeatures is a core componentof intelligence-ledpolicing, and allowsfor a
deeperinsightintothecomplexnatureofcriminalbehavior.Crimeactivitiesare
geospatially,temporallyandthematicallycorrelatedthereforeavarietyoffactors
can contribute to the formulation of crime. These factors need to be considered
when interpreting crime datasets.
Several crime data mining techniques have been developed over recent years
[1,2,3,4],howeverreasoningaboutcrimedatasetshasreceivedlessattention[5,6].
One of the drawbacksof these approachesis that they cantypically only reason
about positive associative features whereas negative associative features can be
justasimportant.Severalworksusingspatialassociationrulesmininghavebeen
proposedinordertominespatialassociationsingeospatialdatabases[7,8,9].The
H.Chenetal.(Eds.):PAISI2009,LNCS5477,pp.2–13,2009.
(cid:2)c Springer-VerlagBerlinHeidelberg2009
