Critique Paper for Semantics-Based Threat Structure Mining for Homeland Security

Amir Syafrudin 1306346771

ABSTRACT
Identifying actionable and credible knowledge to assess threat and vulnerability is a critical issue in
the homeland security domain. Nabil R. Adam et al. proposed a method to discover potential threats
and consequently identify threat patterns using threat structure mining based on semantic graphs.
While this is an interesting technique, the experiments performed by the authors were limited to
certain datasets. Additional experiments are required to verify the consistency, robustness, and
scalability of their methodology. Despite that, the method proposed by the authors should provide
sufficient guidance to benefit more from semantic-based techniques for threat and vulnerability
assessment.
INTRODUCTION
Identifying actionable and credible knowledge to assess threat and vulnerability is always a critical
issue in the homeland security domain. This task is difficult because it involves analyzing incoming
information collected from various monitoring devices used by different government agencies. As
the difficulty grows, there is an urgent need to find new ways to effectively understand all these
information and to be able to uncover potential threats for an effective prevention, response, and
recovery from incidents.
The paper Semantics-Based Threat Structure Mining for Homeland Security, by Nabil R. Adam et al.
focuses on this problem by proposing a method to analyze incoming information from various
government agencies through the use of Enhanced Semantic Graph (ESG). The ESG shows potentially
dangerous relations between seemingly disjoint information. By analyzing properties of the ESG such
as semantic centrality, semantic clique, and semantic isomorphism, they are able to discover not only
threat potentials, but also threat patterns that are difficult to find when information from each
agency are looked at independently.
The authors proposed an interesting approach for threat and vulnerability identification using
semantic-based data mining technique coupled by several enhancement methods. However, the
authors have limit their research by only experimenting on information regarding chemical
shipments crossing the borders from respective port and Port Authorities. Despite that, the
approach proposed by the authors might be a good prototype for further development in identifying
potential threat and vulnerability in the homeland security domain.
SUMMARY
The authors introduced the difficulties in identifying potential threats by giving real life example of
chemical shipments comprising of two shipments. The first shipment, whose destination is
Wintersburg, Arizona, contains Liquid Urea. This shipment information is recorded in the Newark
port database. The second shipment, whose destination is Phoenix, Arizona, contains Ammonium
Nitrate. This shipment information is recorded in the Los Angeles port database.
When looked at independently, both shipments appear to be benign. However, upon closer
observation, these two materials can be used to make explosives. If the destination of both

shipments are taken into consideration, i.e. Arizona, the chance of this situation materializing grew
higher. Such knowledge can be valuable to prevent such threats from happening. It is to acquire
such knowledge that the authors proposed the use of ESG.
The be able to use the ESG for the purpose of identifying potential threats, the overall process starts
from generating the Semantic Graph (SG). The SG is generated by identifying outliers and their
causal dimensions as nodes using collusion based distance metric. The authors choose this distance
metric because it improves both precision and recall in identifying outliers in high dimensional data
sets when compared to the Euclidean distance based outlier detection.
The next step in the process is to identify the edges that connect the nodes in the SG. This process
consists of two steps: (1) identifying the spatio-temporal relationships between the outliers and (2)
identifying the semantic weights in the relationships between the outliers. These two steps include
identifying the causal dimensions of each outlier, scoring the relationships between outlier
dimensions using a specific domain ontology, and removing (pruning) relationships that are not
supported by the ontology.
If scoring and pruning of relationships were properly executed, the ESG generated from the overall
process will have semantic properties such as semantic centrality, semantic clique, and semantic
isomorphism. Semantic centrality shows the sum of weights of all incident edges for each node.
Semantic clique shows the sum of weights in the relationships in a sub-graph with total connectivity
among the nodes. Semantic isomorphism shows the sum of weights from pairs of paths with the
same length of edges and nodes from the starting node to the end node. By analyzing these
semantic properties, the ESG can be used to show potentially dangerous relations between the
nodes. In the context of chemical shipments, the ESG can be used to show potentially dangerous
relations among individual chemical shipments.
CRITIQUE
In general, the content of the paper are consistent with the overview (abstract). The abstract
mentioned the difficulties in knowledge discovery for threat identification, the methods proposed to
handle the problems, and the limitations pertaining the experiments conducted by the authors. All
these topic are discussed in more details throughout the paper.
The paper starts by providing a brief introduction about the steps needed in the overall process of
threat identification, i.e. SG generation by outlier detection, ESG generation by spatio-temporal
relationship and semantic weight identification, and threat identification based on the ESG. Each of
these steps are explained in more details through the following sections in the paper. Not a single
step are omitted from being explained in the paper.
The explanation given for each step is quite clear. The structure of the paper made it even easier to
understand the flow of the process. The authors also provided references to new topics, e.g.
collusion distance metric, to refer readers to external publications related to the topic. This way
readers will have a better understanding on the topic being discussed. The authors also state that
they only conduct limited set of experiments with real life and simulated datasets. This is helpful to
prevent readers from assuming that their approach is directly applicable to other domains.

That being said, this paper is not without flaws. For instance, the paper failed to mention any issues
regarding the relationship detection in generating the ESG. If the ESG is used to identify potential
threats and threat patterns, then errors in detecting relationships in the ESG might result in false
identification of threats and threat patterns. Instead of being helpful in improving homeland
security, the knowledge represented in the ESG might be misleading.
Relationship detection to generate the ESG depends on domain expertise (through the use of
domain ontology) and is somewhat subjective or perhaps arbitrary. This subjectiveness introduces
biases into any algorithm that operates on semantic graphs (Barthlemy et al. 2005). This is a crucial
issue and the authors should have point out these biases in their paper or at least include any
references regarding this matter.
Another questionable aspect in this paper, albeit rather insignificant, is about triggering further
analysis against threat potentials, e.g. unusual financial transaction from originating companies. The
authors managed to mention this type of intriguing information in the introduction section, but they
fail to actually discuss this in the following sections of their paper. In my view, further explanation on
this matter might be an interesting subject as it describes follow-up actions in using the ESG for
threat identification.
CONCLUSION
Even though the authors managed to provide a good explanation of their methodology, omitting
subjectiveness and consequently biases in detecting relationship in the SG or the ESG can be
misleading. The authors should have discussed this issue in their paper so that they can provide a
better understanding of the strengths and weaknesses of their methodology. Other than that, the
content of this paper might be used as a starting point for future research in threat and vulnerability
assessment in the homeland security domain.
REFERENCES
Barthlemy, M., Chow, E., & Eliassi-Rad, T. (2005, March). Knowledge Representation Issues in
Semantic Graphs for Relationship Detection. In AAAI Spring Symposium: AI Technologies for
Homeland Security (pp. 91-98).