Abstract
This is a chapter about what link analysis and data mining can do for criminal investigation. It is a long and complex chapter, in which a variety of techniques and topics are accommodated. It is divided in two parts, one about methods, and the other one about real-case studies. We begin by discussing social networks and their visualisation, as well as what unites them with or distinguishes them from link analysis (which itself historically arose from the disciplinary context of ergonomics). Having considered applications of link analysis to criminal investigation, we turn to crime risk assessment, to geographic information systems for mapping crimes, to detection, and then to multiagent architectures and their application to policing. We then turn to the challenge of handling a disparate mass of data, and introduce the reader to data warehousing, XML, ontologies, legal ontologies, and financial fraud ontology. A section about automated summarisation and its application to law is followed by a discussion of text mining and its application to law, and by a section on support vector machines for information retrieval, text classification, and matching. A section follows, about stylometrics, determining authorship, handwriting identification and its automation, and questioned documents evidence. We next discuss classification, clustering, series analysis, and association in knowledge discovery from legal databases; then, inconsistent data; rule induction (including in law); using neural networks in the legal context; fuzzy logic; and genetic algorithms. Before turning to case studies of link analysis and data mining, we take a broad view of digital resources and uncovering perpetration: email mining, computer forensics, and intrusion detection. We consider the Enron email database; the discovery of social coalitions with the SIGHTS text mining system, and recursive data mining. We discuss digital forensics, digital steganography, and intrusion detection (the use of learning techniques, the detection of masquerading, and honeypots for trapping intruders). Case studies include, for example: investigating Internet auction fraud with NetProbe; graph mining for malware detection with Polonium; link analysis with Coplink; a project of the U.S. Federal Defense Financial Accounting Service; information extraction tools for integration with a link analysis tool; the Poznan ontology model for the link analysis of fuel fraud; and fiscal fraud detection with the Pisa SNIPER project.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Richard Adderley is affiliated with the West Midlands Police, and P. B. Musgrove, with the University of Wolverhapton, in England. Their papers (Adderley & Musgrove, 2003a, 2003c) were incorporated into Mena’s (2003) good textbook, as sections 1.15 and 6.12. That paper reported about an application of self-organising maps (SOM, i.e., neural networks with unsupervised learning) to linking crimes to perpetrators. The application reported about was clustering offender description for bogus official burglaries (also called distraction burglaries), i.e., burglaries where the offender gains access to premises by deception, by posturing to somebody innocent (typically, the victim, and typically, elderly) as though they want to gain access for some legitimate purpose, in some false capacity. A commercial data mining package was resorted to (Clementine, from SPSS), using its SOM option. The output was a five-row-by-seven-column table (a map), and the input was 105 offender descriptions, measured by 46 binary variables. The clustering is in the 35 cells of the table: “This allows for a potential of 35 different offenders each committing three crimes. If there were more than 35 offenders, it would force offenders with similar descriptions to be clustered together. If there are fewer than 35 offenders the SOM algorithm could place descriptions of the same offender across a number of cells”, while typically some cells remain empty (Adderley & Musgrove, 2003b, pp. 30–31). A police sergeant received the table, and analysed individual cases, i.e., individual clusters, having been “given the brief to decide if there was sufficient evidence in the witness statements and for those crimes that had been solved to say whether there was a possible link between some of the crimes in each cluster” (ibid., p. 31).
- 2.
“Law-enforcement agencies across the US compile crime statistics using well-established standards such as the FBI’s Uniform Crime Reporting System and its successor, the National Incident-Based Reporting System (http://www.fbi.gov/hq/cjisd/ucr.htm), as well as other criteria defined by jurisdictional needs and requirements” (Chen et al., 2004).
- 3.
Also including, e.g., association rules, for which see fn 36 in Chapter 3.
- 4.
NETMAP is a tool of ALTA Analytics (http://www.altaanalytics.com/). It can query databases by using the SQL query language. “The main shapes of NETMAP link charts are those of a wagonweel format, with color conveying very important factors”, but is “also supports some additional layouts, including circular, column, row, row/column, bullseye, and Cartesian charts” (Mena, 2003, p. 101).
- 5.
Even though free-text may be inside a document that is itself divided into chapters and sections, and is therefore structured in that particular sense, such a body of text is nevertheless “unstructured” for the purposes of the search at hand. Structures has to emerge from the analysis.
- 6.
Values set in columns is what you get in a database relation, the columns corresponsing to the attributes which are each a header of a column. It is by contract to tabular database, that we can speak of free-text databases.
- 7.
Mena discusses NASA’s Perilog text mining tool that analysed thousands of free-form narrative reports on aviation accidents (Mena, 2003, pp. 128–130), and MITRE’s TopCat text mining tool that goes through a collection of documents, identifies different topics, and displays the key players for each topic (ibid., pp. 130–132). TopCat can also be used with a summarisation filter. Automated summarisation is an active area of research: Mani (2001) is a book on the subject; Nissan (2003h) is a long review of that book, and we adapted it into a section below.
- 8.
Pattern recognition is “The creation of categories from input data using implicit or explicit data relationships. Similarities among some data exemplars are contrasted with dissimilarities across the data ensemble, and the concept of data class emerges. Due to the imprecise nature of the process, it is no surprise that statistics has played a major role in the basic principles of pattern recognition” (Principe, Euliano, & Lefebvre, 2000, p. 643).
- 9.
Genetic algorithms (the subject of Section 6.1.16.1 in this book) are “Global search procedures, proposed by John Holland, that search the performance surface [as optimisation techniques are conceptualised as search in a multidimensional surface indeed], concentrating on the areas that provide better solutions. They use ‘generations’ of search points computed from the previous search points using the operators of crossover and mutation (hence the name)” (Principe et al., 2000, p. 642).
- 10.
Linear regression is the process of fitting a cloud of samples by a linear model. The fitting is done by minimising the sum of the square of the deviations.
- 11.
There exists many kinds of neural networks. For example, Principe et al. (2000) is a good textbook that comes along with a compact disk of computer simulations.
- 12.
Of course, neural networks are now part of the standard curriculum of computer science. But Mena explains nicely how the basic properties of neural networks are useful for investigative data mining: “A key concept about working with neural networks is that they [unless they are self-organising maps] must be trained, just as a child or a pet must, because this type of software is really about remembering observations. If provided an adequate sample of fraud or other criminal observations, it will eventually be able to spot new instances or situations of similar crimes. Training involves exposing a set of examples of the transaction patterns to a nneural-network algorithms; often thousands of sessions are recycled until the neural network learns the pattern. As a neural network is trained, it gradually becomes skilled at recognizing the patterns criminal behavior and features of offenders; this is actually done through an adjustment of mathematical formulas that are continuously changing, gradually converging into a formula of weights that can be used to detect new criminal behavior or other criminals” (Mena, 2003, p. 10). This kind of neural networks can be used for clustering individuals with similar profiles, and as mena points out, neural networks were used (recognising kerosene) in arson investigations in California, and more in general “to detect and match the chromatographic signature of chemical components” (ibid.).
- 13.
- 14.
See Section 6.1.13.14 below. Unsupervised learning in neural networks is the subject of a paper collection edited by Geoffrey Hinton and Terrence Sejnowski (1999). Duda, Hart, and Stork (2001b) provide a discussion of unsupervised learning and clustering. A nice concise formulation is found in the Wikipedia entry (http://en.wikipedia.org/wiki/Unsupervised_learning):
In machine learning, unsupervised learning refers to the problem of trying to find hidden structure in unlabeled data. Since the examples given to the learner are unlabeled, there is no error or reward signal to evaluate a potential solution. This distinguishes unsupervised learning from supervised learning and reinforcement learning.
Unsupervised learning is closely related to the problem of density estimation in statistics. However unsupervised learning also encompasses many other techniques that seek to summarize and explain key features of the data. Many methods employed in unsupervised learning are based on data mining methods used to preprocess data.
Approaches to unsupervised learning include:
-
clustering (e.g., k-means, mixture models, k-nearest neighbors, hierarchical clustering),
-
blind signal separation using feature extraction techniques for dimensionality reduction (e.g., Principal component analysis, Independent component analysis, Non-negative matrix factorization, Singular value decomposition).
Among neural network models, the self-organizing map (SOM) and adaptive resonance theory (ART) are commonly used unsupervised learning algorithms. The SOM is a topographic organization in which nearby locations in the map represent inputs with similar properties. The ART model allows the number of clusters to vary with problem size and lets the user control the degree of similarity between members of the same clusters by means of a user-defined constant called the vigilance parameter. ART networks are also used for many pattern recognition tasks, such as automatic target recognition and seismic signal processing.
-
- 15.
Self-organising maps were introduced by Kohonen (1990). Unlike most neural networks, Kohonen maps don’t need supervised training. That is to say, they don’t need to be taught what the correct output is. A tasks they are usually made to perform is clustering (by measuring distance), whereas other kinds of neural networks are rather suitable for classification. In applications to crime detection, neural networks with supervised training are “used when a sample of cases, profiles, or crimes is available for training a network to recognize the patterns of criminal behavior. For example, an auction site such as eBay.com could use this type of network to detect the probability of criminal activity because it probably has in its servers records of transactions where fraud was perpetrated” (Mena, 2003, p. 162). Solan, Horn, Ruppin, and Edelman (2005) described unsupervised learning of natural languages.
- 16.
Robert Callan pointed out (1999, p. 133): “The first decision to make when choosing a network model is the type of model, and this is dependent on whether or not the classification of training data is known. For example, training a system to recognize customers with poor credit rating is likely to involve supervised learning because a financial lender will have a record of whether a debt from a past customer has been paid. Sometimes there is no information as to the class into which data fall, and sometimes the classification is fuzzy. For instance, it is often difficult to give precisely the state of health of a machine such as a helicopter. Currently much effort is being devoted to monitoring the health condition of helicopters. On-board sensors log information which is later downloaded to a database on the ground for analysis. Assuming that a helicopter operates most of its time in a good state of health, the downloaded information can be analysed to see if it varies significantly from previous flights. If there is something different in the data then it might be time to examine the aircraft more closely to see if a fault exists. Cluster analysis is often used in such situations. The Kohonen self-organizing feature map is an unsupervised neural network that has much in common with statistical clustering.”
- 17.
Apart from traditional clustering techniques (see e.g. Kaufman & Rousseeuw, 2005), also consider approximate clustering, which is often appropriate for data mining, and includes fuzzy clustering (e.g., Joshi & Krishnapuram, 1998 for Web mining; and Feng & Chen, 2004 as used in image processing), and rough clustering (Lingras & Peters, 2011). These are respectively based on Lotfi Zadeh’s fuzzy set theory (Zadeh, 1965) and Zdzislaw Pawlak’s rough set theory (Pawlak, 1991). [Fuzzy approaches are the subject of Section 6.1.15 in thid book. Algorithms for rough set theory were presented by do Carmo Nicoletti and Quinteiro Uchõa (2001). Geng and Chan (2001) presented an algorithm for automatically generating a case base from a database by using similarity based rough approximation.] “Traditional clustering partitions a group of objects into a number of nonoverlapping sets based on a similarity measure. In real world, the boundaries of these sets or clusters may not be clearly defined. Some of the objects may be almost equidistant from the center of multiple clusters. Traditional set theory mandates that these objects be assigned to a single cluster. Rough set theory can be used to represent the overlapping clusters” (Lingras & Peters, 2011, p. 64). There also exists hybrid rough-fuzzy clustering (Maji & Pal, 2007; Mitra, Banka, & Pedrycz, 2006).
- 18.
- 19.
Lior Rokach and Oded Maimon’s (2008) is the first book entirely dedicated to decision trees in data mining.
- 20.
Tree-based methods such as decision trees or classification trees are popular in machine learning. Cf. Kothari and Dong (2002), Chen, Wang, and Zhang (2011). “Almost all classification tree construction algorithms such as ID3 [(Quinlan, 1986)], C4.5 [(Quinlan, 1993)], and CART [(Breiman, Friedman, Olshen, & Stone, 1984)] employ a top-down heuristic search using recursive partitioning because the enumeration of all 2n possible partitions is essentially intractable. Starting from a heterogeneous set (in terms of the variation in the class label or outcome variable) of training samples (root node), each feature (or predictor) is evaluated using a statistic to determine how well it classifies the training samples by itself. The best feature is selected to split the training samples to descendant nodes. The whole process is recursively repeated to split the descendant nodes until some prespecified stopping criteria are met. This search algorithm is greedy because it never backtracks to reconsider its previous choices. Usually, the tree-growing step is followed by a bottom-up pruning step, which removes unessential subree3 s to avoid overfitting. […] The critical step in tree growing is to select the best feature to split a node.” (Chen et al., 2011, pp. 55–56). Segal and Xiao remark (2011, p. 80): “Since the mid-1980s, tree-structured (or recursive partitioning) classification and regression methods have enjoyed widespread popularity. This followed the publication of the Classification and Regression Trees (CART) monograph [(Breiman et al., 1984)] that established a rigorous framework for such techniques, and convincingly illustrated one of their greatest virtues: interpretability. Tree-structured methods (TSM) produce interpretable prediction rules by subdividing data into subgroups that are homogenous with respect to both predictors and response. For continuous responses, as considered here, simple (terminal) subgroup summaries (typically means) serve as predictions. The interpretability of the attendant prediction rules derives from (1) the natural, recursive fashion by which predictors are employed in eliciting subgroups, (2) the accessibility of companion tree diagram schematics, and (3) the availability of predictor importance summaries. However, by the mid/late-1990s a serious deficiency of TSM was evident: modest predictive performance, especially in comparison with emerging, flexible competitors such as support vector machines (SVM) [on which, see in Sections 6.1.9.3, 6.2.1.3 and 8.7.3.1 in this book]. In a series of papers, Breiman developed a strategy for remedying this shortcoming: create an ensemble of trees, where each tree in the ensemble is grown in accordance with the realization of a random vector and obtain predictions by aggregating (voting) over the ensemble.” In fact, Segal and Xiao’s paper (2011) is about multivariate random forests. “Random forests seek to effect such correlation reduction [between the quantities being averaged] by a further injection of randomness. Instead of determining the optimal subdivision of a given subgroup of a (constituent) tree by evaluating all allowable partitions on all predictors, as is done with single-tree methods [as well as in a technique called] bagging [(Breiman, 1996)], a subset of the predictors drawn at random, is employed.” (Segal & Xiao, 2011, p. 80).
Let us say something more about bagging. “Bagging is a method for improving the predictive power of classifier learning systems. It forms a set of classifiers that are combined by voting, by generating replicated bootstrap samples of the data. Bagging produces replicate training sets by sampling with replacement from the training instances. The multiple classifiers are then combined by voting to form a composite classifier. In bagging, each component classifier has the same vote” (Stranieri & Zeleznikow, 2005b). Cf. fn 31 below. Another method is boosting. By contrast to bagging (ibid.): “Boosting improves the predictive power of classifier learning systems by adjusting the weights of training instances. It manipulates the training data in order to generate different classifiers. Boosting uses all instances at each repetition, but maintains a weight for each instance in the training set that reflects its importance; adjusting the weights causes the learner to focus on different instances and so leads to different classifiers. The multiple classifiers are then combined by voting to form a composite classifier.”
- 21.
- 22.
Marketers value, and the public sometimes resents another application of data mining: personalisation, resulting in potential customers being targeted with personalised promotion (making the right offer at the right time), suiting the profile generated about them from data provided willingly or unwittingly.
- 23.
A standard textbook is Wooldridge’s (2002) An Introduction to Multiagent Systems.
- 24.
For eigenvectors, see in fn 26 below.
- 25.
S.v. kernel methods, Stranieri and Zeleznikow (2005a, Glossary) provide this definition (from the perspective of machine learning): “Kernel estimates smooth out the contribution of each observed data point over a local neighbourhood of the point. Nearest neighbour and locally weighted regression are approaches for approximating target functions. Learning involves storing the presented training data and when a new query instance is encountered, a set of similar related instances is retrieved from memory and used to classify the new query instance. The kernel function is the function of distance that is used to determine the weight of each training example. Whereas kernel methods define the degree of smoothing in terms of a kernel function and bandwidth, nearest neighbour methods let the data determine the bandwidth by defining it in terms of the number of nearest neighbours.”
- 26.
Appendix A in Mena (2003, pp. 379–414) provides an amazing wealth of addresses on the Web, of interest to the subject of his book. That appendix is entitled “1,000 Online Sources for the Investigative Data Miner”.
- 27.
On social network analysis (SNA), see, e.g., Breiger’s overview (2004), Linton Freeman’s four-volume set (2007), Aggarwal (2011), Newman (2010), Scott (1991), Burt (1980), Newman (2003), Backstrom, Huttenlocher, Kleinberg, and Lan (2006), Kempe, Kleinberg, and Tardos (2003, 2005), and Lu, Korniss, and Szymanski (2009). Exploratory visualisation of social networks is the subject of, e.g., Brandes, Raab, and Wagner (2001), but within an application to decision-making research in a real-case study: they applied some SNA techniques for the study the patterns of decision making itself. They represented the process of decision making can be represented as the network of interactions between the actors involved in the process. This involved a mix of communication, policy network studies and status visualisation techniques. In their paper, Brandes et al. (2001) studied the privatisation, in East Germany, of the shipbuilding industry and of a major steel plant, EKO Stahl AG. Their aim was to find what kind of policy making structures evolved during the decision processes and how powerful are the actors’ positions in these networks. Brandes et al. (2001) identified the actors who could make an impact on decisions on the privatisation in these cases, such as the European Commission, the federal ministries of finance and economics, parties within the state parliament, the board of directors and the supervisory board of the Treuhandanstalt, the local governments with enterprise sites, the metal workers’ union, competitors in West Germany among others. Status visualisation was used in order to help to analyse the two types of ties which were identified as significant for policy making in these cases, namely “obligation of report” and “consideration of interest”. I drew this example from a report by Popov (2003), from a project (WaterTime) in which I was involved myself (Nissan et al., 2004).
- 28.
For the history of the discipline, see e.g. Linton Freeman’s (2004) The Development of Social Network Analysis: A Study in the Sociology of Science.
- 29.
Concerning centrality, also see, e.g., Pfeiffer and Neville (2011).
- 30.
For Sparrow’s (1991) identification of which notions of centrality is applied in practice in link analysis diagrams used by crime analysis, see the text citing fn 210 towards the end of Section 6.2.5. Also see fn 61, towards the end of Section 6.1.2.3. On notions of centrality, cf. e.g. Freeman (2008).
- 31.
This notion of the business of a node in a network was defined by Stephenson and Zelen (1989). Sparrow explains (1991, p. 265): “To obtain some precise numerical scale upon which to measure ‘business’, one can imagine all nodes firing (transmitting) along each of their links once per unit time. Choose some retransmission ratio (between zero and one), whereby every received transmission is retransmitted one period later but with some loss of intensity, by each node. Keep the system firing repeatedly until the total information content of each node and each link reaches equilibrium. This will occur asymptotycally and monotonically both for directed and undirected networks. Then measure each node’s total transmission intensity per unit time. The equilibrium transmission intensities represent useful relative, but not absolute, indicators of ‘how busy’ each node might be.”
- 32.
It is interesting to note that social networks can be extracted that are not necessarily about real-life characters. Within computational linguistics, David Elson, Nicholas Dames, and Kathleen McKeown, all of them from Columbia University in New York, reported (Elson, Dames, & McKeown, 2010) about a project which resulted in a method for extracting social networks from literary fiction. Their application was to 19th-century British novels and serials. One of the novels is a story of murder in a rural setting, namely, the third edition of Thomas Hardy’s Tess of the d’Urbevilles (1891). They also analysed the third edition of Oliver Twist by Charles Dickens (1837), which is of about a criminal gang; the first edition of Bram Stoker’s Dracula (1897); and the first edition of Robert Stevenson’s The Strange Case of Dr. Jekyll and Mr. Hyde (1987); for all three novels, they categorised the setting as being urban. “We present a method to automatically construct a network based on dialogue interactions between characters in a novel. Our approach includes components for finding instances of quoted speech, attributing each quote to a character, and identifying when certain characters are in conversation. We then construct a network where characters are vertices and edges signify an amount of bilateral conversation between those characters, with edge weights corresponding to the frequency and length of their exchanges. In contrast to previous approaches to social network construction, ours relies on a novel combination of pattern-based detection, statistical methods, and adaptation of standard natural language tools for the literary genre. We carried out this work on a corpus of 60 nineteenth-century novels and serials, including 31 authors such as Dickens, Austen and Conan Doyle. In order to evaluate the literary claims in question, we compute various characteristics of the dialogue-based social network and stratify these results by categories such as the novel’s setting. For example, the density of the network provides evidence about the cohesion of a large or small community, and cliques may indicate a social fragmentation. Our results surprisingly provide evidence that the majority of novels in this time period do not fit the suggestions provided by literary scholars, and we suggest an alternative explanation for our observations of differences across novels” (Elson et al., 2010, p. 138). In the visualisation produced by their software, those characters who loom large have their name enclosed in a large ellipse, whereas marginal characters appear in tiny ellipses. A shortcoming is that in order to read the name in the tiniest ellipse, I had to zoom to 800% in their paper’s .pdf file in order to read the name ‘Susan’ in their figure 1, which shows the automatically extracted conversation network for Jane Austen’s Mansfield Park.
- 33.
While discussing how crime analysts used to draw the social networks of organised crime, he mentioned that, among the other things, they were aiming at “representing ‘centrality’ within the organization by ‘centrality’ on the chart” (Sparrow, 1991, p. 256). Buth whereas he found this pictorially reasonable, he also pointed out: “But it employs a most unsophisticated concept of centrality, namely the selection of the point or points of ‘maximum degree’ (those with the most established connections). Moreover the context in which it is applied makes the use of maximum degree potentially misleading: the determination of centrality will depend upon who you know most about, rather than who is central or pivotal in any structural sense. The danger in this practice is that it may incline an agency to pay closest attention to those it already knows most about, individuals who may not in fact be the principal characters. The practice may therefore serve to perpetuate unfortunate and misleading biases in the initial intelligence collection” (ibid.).
- 34.
Writing around 1990, Sparrow pointed out: “Some network analysis algorithms do claim to be able to handle very sizeable networks. For example the NEGOPY program (Richards and Rice, 1981) claims to handle up to 30,000 links or so. But it contains an unfortunate reliance on a one-dimensional interim stage in the analysis of groups and cliques, which will inevitably render its results suspect when applied to networks of any complexity” (Sparrow, 1991, p. 262).
- 35.
Fuzzy in the ordinary lay sense, not in the sense of fuzzy set theory. Fuzzy logic is the subject of Section 6.1.15 in this book.
- 36.
“Meaningless” as usually understood. Beside the points raised in the debate on probabilities in law, we may tentatively glean some insight from the following concept from discrete mathematics. Fred Roberts, a mathematician from Rutgers University who has specialised in applying discrete mathematics to social and biological systems, has defined meanigless statements as follows; I am quoting from a seminar abstract: “A statement involving scales of measurement is called meaningless if its truth or falsity can depend on the particular versions of scales that are used in the statement”. He went on to “develop the mathematical foundations of a theory of measurement that will allow us to make the notion of meaningless statement precise”, and to “give a variety of examples of meaningless statements. For example”, he showed “that the conclusion that a given solution to a problem is optimal might be meaningless and in particular we will describe such results” from graph theory or operations research “for shortest path problems, for graph coloring problems arising from frequency assignments, and for scheduling problems”. Roberts also considered “limitations (through functional equations) on the possible averaging functions which allow meaningful comparisons in different applications such as choosing new technologies, comparing the abilities of different groups of students, etc.”
- 37.
Moreno’s classic book Who Shall Survive was originally published in 1934 and later in 1953 and 1978. It is still considered a must for serious psychodrama students. This work was in the vanguard of sociology and social psychology as it developed prior to, during and following the Second World War. Jacob Levy Moreno (1889–1974) is considered to have been the father of psychodrama, sociometry, and group psychotherapy. René Marineau authored a biography of Moreno (Marineau, 1989). Moreno was born in Bucharest (the son of Moreno Nissim Levy, a merchant from Pleven, Bulgaria, where a plaque marks J. L. Moreno’s ancestral home) and moved to Vienna as a child, where he became doctor of medicine. In his autobiography, Moreno claimed that while a medical student, in 1912, he told Sigmund Freud: “You meet people in the artificial setting of your office. I meet them on the street and in their homes, in their natural surroundings. You analyze their dreams. I give them the courage to dream again.” He moved to the United States in 1925, and worked in New York, at Columbia University, and also at the New School of Social Research. “In 1932, Dr. Moreno first introduced group psychotherapy to the Americal Psychiatric Association. For the next 40 years he developed and introduced his Theory of Interpersonal Relations and tools for social sciences he called ‘sociodrama’, ‘psychodrama’, ‘sociometry’, and ‘sociatry’. In his monograph entitled, ‘The Future of Man’s World’, he describes how he developed these sciences to counteract ‘the economic materialism of Marx, the psychological materialism of Freud, and the technological materialism’ of our modern industrial age” (http://en.wikipedia.org/wiki/Jacob_L._Moreno). In the centennial year of Moreno’s birth, 1989, the Journal of Group Psychotherapy, Psychodrama & Sociometry published its Vol. 42. Moreno’s Invitations to an Encounter, of 1914, is considered to have been influential for Martin Buber’s I-Thou philosophy. “Moreno is also widely credited as one of the founders of the discipline of social network analysis, the branch of sociology that deals with the quantitative evaluation of an individual’s role in a group or community by analysis of the network of connections between them and others. His 1934 book Who Shall Survive? contains some of the earliest graphical depictions of social networks” (Wikipedia, ibid.).
- 38.
- 39.
Incidentally, Cornell University computer scientist Jon Kleinberg and his collaborators have published the paper ‘Inferring Social Ties from Geographic Coincidences’ (Crandall et al., 2010). Among the other things, Kleinberg has also published about small-world phenomena from an algorithmic perspective (Kleinberg, 2000a, 2000b, 2001, 2004, 2006).
- 40.
40The advice network in the figure is from an example made by David Krackhardt.
- 41.
To account for all possible walks, one raises the sociomatrix to the power of infinity.
- 42.
In the jargon of matrix operations, one can say that the value of the attenuation factor α has to be chosen such that it is smaller than the reciprocal of the absolute value of the largest eigenvalue of the adjacency matrix of the network under consideration. Let us explain eigenvalue. Consider a square matrix, i.e., an array with as many columns as its rows. A vector is a matrix with only one column, or only one row. The eigenvectors of a square matrix are those non-zero vectors that, after being multiplied by that square matrix, at most only have their magnitude (their numeric value, their length when drawn as an arrow) modified, but not their direction (when interpreting vectors in the sense of having a magnitude, a direction, and either sense).
For each eigenvector, its eigenvalue is the factor (a scalar: just a number) by which the eigenvector changes when multiplied by the matrix. Let X be the square matrix. Then a non-zero vector v is an eigenvector of X if there is a scalar λ such that \({\textbf{X}} \cdot {\textbf{v}} = \lambda \cdot {\textbf{v}}\) We say that the scalar λ is the eigenvalue of Z corresponding to v. If we draw the vector v in the plane of the perpendicular horizonatal axis and vertical axis (i.e., in Cartesian coordinates), we can see that matrix X acts by stretching the vector v, not changing its direction, so v is an eigenvector of X. The usual tabulation of a matrix or a vector is interpreted in n dimensions, instead of just two dimensions. A vector written as a column of n numerical values has to be imagined as drawn in a space of n dimensions, and a square matrix of n rows and n columns also has n dimensions. Here is an example from Wikipedia (http://en.wikipedia.org/wiki/Eigenvalues_and_eigenvectors). Let the matrix be called A and let it be as follows:
Then the vector
$$\textrm{X} =\left[\begin{array}{l}\,\,\,\,\,3\\-3\end{array}\right] $$is an eigenvector with eigenvalue 1. Indeed,
Now, consider that the adjacency matrix of a graph is a square matrix. The eigenvalue of a graph is the eigenvalue of its adjacency matrix. In fact, one also speaks of eigenvalues of a matrix. Let I be the n × n identity matrix, that is to say, a square matrix in which all values are zeroes, except a diagonal of ones. By det, one means the determinant of a matrix. The eigenvalues of the matrix A are the solutions λ of the equation \(\det \left(A - {{\uplambda }}\;I\right) = 0\) This equation is called the characteristic equation of A. Suppose that A is the following diagonal matrix:
then the characteristic equation reads
The solutions to this equation are the eigenvalues \(\lambda _i = a_{i,i} \left(i = 1,\; \ldots ,\;n\right)\). The determinant det(A) or |A| of a square matrix A is a number encoding certain properties of the matrix. A matrix is invertible if and only if its determinant is nonzero. Its absolute value (i.e., regardless of sign) equals the area (in R 2, that is to say, the space in two dimensions of all real numbers) or volume (in R 3, that is to say, the space in three dimensions of all real numbers) “of the image of the unit square (or cube), while its sign corresponds to the orientation of the corresponding linear map: the determinant is positive if and only if the orientation is preserved. The determinant of 2-by-2 matrices is given by
When the determinant is equal to one, then the matrix represents an equi-areal mapping. The determinant of 3-by-3 matrices involves 6 terms (rule of Sarrus). The more lengthy Leibniz formula generalises these two formulae to all dimensions.” This quotation concerning determinants is from http://en.wikipedia.org/wiki/Matrix_(mathematics)
- 43.
- 44.
From Section “Damping Factor” in http://en.wikipedia.org/wiki/PageRank (accessed in May 2011).
- 45.
45“Though it works fine in this particular example, note that the above rule for vertical arrangement is error-prone in general, since the requirement of a maximum number of upward oriented connections may result in misleading visual explanations. A simple example of this kind is a network of actors whose connections form a directed cycle. Any one connection can be chosen as the single downward oriented one, but each choice results in a different vertical ordering of the actors” (Brandes et al., 2001). “Interpretation of relative status becomes unreliable, if not impossible, in visualizations based on a maximum number of upward pointing arcs, and only one notion of status is supported.” (ibid.). Brandes et al. (2001) discussed shortcomings of various algorithmic solutions when organising a graph for visualisation, and proposed remedies for them.
- 46.
Operations research is the branch of mathematics concerned with techniques of optimisation. Also some methods from artificial intelligence are concerned with heuristic optimisation (heuristic, as what is found is not guaranteed to be the global optimum).
- 47.
Quoted from http://en.wikipedia.org/wiki/Social_network
- 48.
“Links, as well as nodes, may have attributes specific to the domain or relevant to the method of collection. For example, link attributes might indicate the certainty or strength of a realtionship, the dollar value of a transaction, or the probability of an infection” (Mena, 2003, p. 83).
- 49.
New ways of making or superposing diagrams, in the kid 19th century, were intended to help human experts in inferring connections: “Cholera was a forcing ground for new modes of data presentation, as in this chart correlating cholera and diarrhea deaths with meteorological variables. It was hoped that novel presentations may suggest inferences that would not have been apparent otherwise” (Hamlin, 2009, p. 157, caption of figure 9). There was no correlation, between the 1848 epidemic in England and weather conditions, and we can say that much at present even just looking at the superposed diagrams in that chart.
- 50.
Mena (2003) also notes difficulties: “Link analysis is a very labor-intensive method of data mining” (ibid., p. 85). “While these visual-link networks have proven useful to investigators, their manual construction has proven difficult when it involves hundred of thousands of transactions” (ibid., p. 76). “As with all data mining projects, extracting and preparing the data for analysis is commonly a major task. Transactional databases more often than not contain incomplete or inconsistent information, or multiple instances of the same entities because they are designed and built for speed not analysis”, but: “In order to map associations correctly it is necessary to first identify accurately the right individual in a database” (ibid., p. 77). Consolidation and disambiguation of transactions or individuals are necessary operations in data preparation for the purposes of link analysis (ibid., p. 78). We may add that worldwide, mistakes of identity have sometimes caused individuals to be denied credit, to be denied a job or even to lose their job (because of postings on the Web that the employer disliked), or to end up in prison – and this because of manual misidentification, apparently not involving link analysis.
- 51.
See http://www.bairsoftware.com/atac.htm The acronym ATAC is short for Automated Tactical Analysis of Crime.
- 52.
http://www.i2.co.uk/home.html The British firm, i2, had their software adopted by the FBI.
- 53.
Shortest-path algorithms are a class within graph search algorithms. Shortest-path algorithms can identify the optimal paths between nodes in a graph, by examining link weights. Criminal networks in turn are represented as a graph.
- 54.
The priority-first-search algorithm “works by maintaining a shortest-path tree T rooted at a source node s. T contains nodes whose shortest distances from s are already known. Each node u in T has a parent, which is represented by p u . A set of labels, d u , is used to record the distances from the node u to s. Initially, T contains only s. At each step, we select from the candidate set Q a node with the minimum distance to s and add this node to T. Once T includes all nodes in the graph, the shortest paths from the source node s to all the other nodes have been found. PFS differs from the Dijkstra algorithm because it uses an efficient priority queue for the candidate set Q. With modifications, PFS can be used to compute the shortest paths from a single source node to a set of specified nodes in the graph.” (Xu & Chen, 2004, p. 479).
- 55.
- 56.
Mena (2003, pp. 100–101). See http://www.daisy.co.uk/daisy.html
- 57.
http://www.altaanalytics/com/ MAPLING is discussed by Mena (2003) on pp. 101–102 and, as applied to money laundering investigations, on pp. 84–85.
- 58.
- 59.
http://www.oriosci.com/productinfo/Magic.html. These ORION tools are discussed in Mena (2003, pp. 102–103).
- 60.
- 61.
We have seen in Section 6.1.2.1 that Sparrow (1991) listed six different concepts of network centrality, namely: degree; betweenness; closeness; Euclidean centrality after multidimensional scaling; point strength; and business. The boundaries of a criminal web are fuzzy, and Sparrow (1991) remarked: “The third and fourth (Closeness and Euclidean Centrality) become quite arbitrary if the network has arbitrary or fuzzy boundaries. But, in fact, Euclidean Centrality is probably closest to the reality of the Anacapa chart — where centrality on the chart equates with Euclidean centrality after a manual version of two-dimensional scaling — even though the practical determination of the starting (central) node was initially by its Degree” (ibid., p. 265). Moreover: “On balance it appears that the second, fifth and sixth notions of centrality (Betweenness, Point Strength, and Business) have greater relevance to the identification of network vulnerabilities than the others (Degree, Closeness, and Euclidean Centrality)” (ibid., p. 266).
- 62.
In applied psychology, there has been some criticism of false confidence in computerised geographical profiling methods. See Snook, Taylor, and Bennell (2005).
- 63.
In Britain, the spelling paedophile is usual; the prefix paedo- stands for ‘child’, whereas the prefix pedo- properly stands for ‘soil’, as in forensic pedology, which is about the examination of soil traces in criminal investigation.
- 64.
Napier and Baker (2005; 3rd edn. 2009) provide an overview of criminal personality profiling.
- 65.
Of course, the multitude of attributes can be expected to be subdivided into clusters corresponding to entities or relations in some good database design. But it has been especially relational database technology that has enhanced the possibilities for analysis, unfettered by a predetermined notion of which kinds of transactions are envisaged.
- 66.
In a police science journal, Badiru, Karasz, Karasz, and Holloway (1988) described the expert system AREST [sic]. Its application was to the profiling of suspects of armed robberies. In a technical report of the Canadian Police Research Centre, Valcour (1997) described InvestigAide B&E, an expert system whose purpose was to support the processing and investigation of breaking and entering cases, by assisting in gathering and recording case data, and providing such information as suspect characteristics.
- 67.
- 68.
Foresman (1998) collects essays by the pioneers of geographic information systems about the history of the field.
- 69.
Also Plewe (1997) is concerned with geographic information systems accessible online on the Internet.
- 70.
Effectiveness (less often, efficacy) denotes success at goal achievement. Efficiency denotes success at achieving goals while containing the expenditure of resources, including time.
- 71.
Using data from Britain, Adderley and Musgrove (2003b) used self-organising maps (i.e., Kohonen neural networks) in order to model the behaviour of offenders who commit serious sexual assaults. Clustering resulted in the formation of profiles of offenders, some of which were then confirmed independently: some of them belonged to convicted offenders, whereas other profiles resulted in further investigation. It took Adderley and Musgrove ten weeks to achieve results that using conventional methods, would have taken 2 years (as was the case of an in-house study of the police). “When a specified offense occurs within the United Kingdom the force in which the offense occurred has the remit to forward full details to the NCF [i.e., the National Crime Faculty of the National Police Staff College at Bramshill, Hampshire] for subsequent entry into the Violent Crime Linkage Analysis System (ViCLASS) system” (sic, ibid., p. 350), “a relational database developed in 1991 by the Royal Canadian Mounted Police comprising 53 tables, not all of which are used in the United Kingdom” (ibid.).
Adderley and Musgrove (2003b) point out that sometimes the data are ambiguous; for example, in a particular gang rape, there was the initial intention to pick up a prostitute, sop the question as to whether she was specifically targeted is yes, in that she was a prostitute, but no, in that it need not have been specifically her (ibid., p. 353). After data preparation, model building followed. “A self-organizing map was selected because it has the ability to cluster similar records into the same cell, while producing a two-dimensional topological map showing the relationship of those records to near neighbors. This can be used to form larger clusters by merging neighboring cells” (ibid., p. 355). In this sense, a map is obtained, even though it does not look as a geographical map. For example, in their figure 12.4 on p. 356, they showed the clustering of 2,370 crimes on a 20×20 grid, and by adding straight lines manually, one can see three different areas, according to how the offender approached the victim: three manners “broadly categorized as cons, surprise, and blitz” (ibid., p. 356). As a particular case, clustering could also be on a geographical basis, but clearly Adderley and Musgrove (2003b) is about data visualisation, not about geographical crime mapping. Their article was published as part of Mena’s (2003) chapter 12, “Mapping Crime”, and the same is true of Kangas et al. (2003).
- 72.
Self-organising maps (SOM), or Kohonen neural networks, were invented by Teuvo Kohonen (1982). The nodes of the network (i.e., artificial neurons) learn to map points in an input space to coordinate in an output space (that is to say, from the set of the input nodes to the set of the output nodes). Lebbah, Bennani, and Rogovschi (2009) proposed an approach that considers the automated learning of self-organising maps as a mixture of Markov models.
- 73.
Keppel (2005; 3rd edn. 2009) provides an overview of linking cases by modus operandi and signature of serial offenders.
- 74.
Rousseeuw and Hubert explain (2011, p.73) “In real data sets, it often happens that some observations are different from the majority. Such observations are called outliers. Outlying observations may be errors, or they could have been recorded under exceptional circumstances, or belong to another population. Consequently, they do not fit the model well. It is very important to be able to detect these outliers. In practice, one often tries to detect outliers using diagnostics starting from a classical fitting method. However, classical methods can be affected by outliers so strongly that the resulting fitted model does not allow to detect the deviating observations. This is called the masking effect. In addition, some good data points might even appear to be outliers, which is known as swamping. To avoid these effects, the goal of robust statistics is to find a fit that is close to the fit we would have found without the outliers. We can then identify the outliers by their large deviation from that robust fit.” Rousseeuw and Hubert (2011) present an overview of robust statistical methods for detecting outliers, and of outlier detection tools. Cf. Su and Tsai (2011). The concept of outlier is familiar from statistics. Barnett and Lewis (1994) is a book on the subject. The definition given by Grubbs (1969) is: “An outlying observation, or outlier, is one that appears to deviate markedly from other members of the sample in which it occurs.” Also see http://en.wikipedia.org/wiki/Outlier
- 75.
Mena (2003, pp. 280–281) points out that the use of techniques derived from AI research, i.e., data mining, for the purpose of monitoring wire transfer traffic (so that suspicious transfers, typically related to money laundering, may be detected) was rejected by the 1995 OTA report – a report from September 1995, prepared by the Office of Technology Assessment (OTA) and commissioned by the Permanent Subcommittee on Investigations of the U.S. Senate committee on Governmental Affairs. “The OTA report rejected the use of data mining due in part to a lack of useful profiles, high cost, and privacy issues, but, most importantly, the major challenges in constructing an effective wire transfer analysis was related to the incomplete, spotty, and poor condition of the data, not the AI technologies. ‘In several cases, technologies are available that would be appropriate for wire transfer analysis, but data and (government) expertise do not exist to make those technologies effective’” (Mena, 2003, p. 281). Mena claimed that however: “The post-9/11 environment is changing the priorities of years ago” (ibid.). The problem of the poor quality of the data, owing to ineffective standards, was being addressed by new legislation, with the data quality being improved enough for data mining being applied.
- 76.
Consider moreover that a truthful claim may be sometimes ambiguously formulated. Partridge (1991) provides an example of a U.S. insurer misunderstanding a claim: Partridge’s own son cut his knees (resulting in an injury that required several stitches), when on a trip to Gettysburg with the Boy Scouts. The father filled out an insurance form, and the insurer asked for confirmation because on the form, in the section where a short description of how the accident happened has to be supplied, the father had written: “Injury received while on the battlefield in Gettysburg, Pa.” The insurer was puzzled because of the assumption that if you received an injury at a battlefield, then you were one of the combatants, and because no one still alive, let alone a minor, could have fought at the battle of Gettysburg (1–3 July 1863). This is a nice example of an ambiguous description which an artificial intelligence program with natural-language processing capabilities could be made to explain out: it is possible to receive an injury at a place where a battle had taken place in 1863, but if the person injured is a child around the year 1990, then presumably this wasn’t during the famous battle. By itself, the claim may be quite truthful. Perhaps an employee at the insurer was taken aback, because of the expectation that some claims would be spurious, and perhaps this was a spurious claim making an outrageously false statement about the circumstances of the claimed injury, on the part of a claimant overconfident that anything goes.
Dan Sperber and Deirdre Wilson discussed the notion of loose talk (Sperber & Wilson, 1986), by means of an example they provide (Sperber & Wilson, 1990). “At a party in San Francisco, Marie meets Peter. He asks her where she lives, and she answers: ‘I live in Paris’.” Contrast this to a situation in which the location of the event when the occurance takes place is different: “Suppose Marie is asked where she lives, not at a party in San Francisco, but at an electoral meeting for a Paris local election”. There is a difference, concerning the truth value of Marie’s utterance, in terms of relevance. “It so happens that Marie lives in Issy-les-Moulineaux, a block away from the city limits of Paris. Her answer is literally false, but not blatantly so. If Peter presumed literalness, he will be misled”. Yet, assumptions are warranted, that in terms of artificial intelligence could be represented in terms of a nesting of beliefs that agents ascribe to each other. It is not precise that Marie lives in Paris, in the sense that this is inside the city limits.
In his autobiography, politician David Ben Gurion (who was born in Russia in 1886, and in 1948 proclaimed the independence of the State of Israel) claimed that his father had been a lawyer. It has been pointed out that his father had never graduated from high school, and was living in a region where he could not earn a university degree (the son instead earned a law degree in Constantinople, and for that purpose learned Turkish). Rather, the father used to write letters in good Russian for those who could not write in that language (but perhaps could write in Yiddish instead), and carried out the functions of a notary, drew up contracts, and so forth. Did Ben-Gurion try to aggrandise his family background, by claiming that his father had been a lawyer? Perhaps taking such a view would be anachronistic. In the United States in the first half of the 19th century, and in rural parts of Russia until much later, the professional profile of an ad hoc lawyer was commonplace. Such a lawyer used to carry out some of the functions of a lawyer, such as drawing up contracts, or settling border disputes between farmers, but they hadn’t a law degree. Claiming that an ad hoc lawyer was a lawyer is false, but historically it used to be a commonplace and non-malicious statement, other than in the big cities. But Ben-Gurion himself had earned a law degree at a university, so perhaps his claiming what he did claim about his father, yet not pointing out that his father, though for practical purposes “a lawyer”, had no degree, was not entirely innocent.
- 77.
Mena (2003, p. 288) remarks that in telecommunications crime, outside criminals use either unwitting company personnel, or unscrupulous or venal employees to defraud the phone company.
- 78.
Less heterogeneous than ensembles of data mining models, in committees of artificial neural networks (ANNs) – also known as committees of machines – it is only neural networks that are combined. Different neural networks together vote on a given example. They are typically used as classifiers, i.e., machines that automatically divide input data into classes. Committees are “Ensembles of ANNs trained with the same data, often with different topologies, whose output is interpreted as a vote for the classification. Committees are appealing because they decrease the variance of the final decision, which is considered one of the most severe problems in semiparametric classifiers” (Principe et al., 2000, p. 640).
The usefulness of committees of neural networks consists of stabilising the results, by avoiding going astray after just a single neural network, as individual neural networks are subject to finding local minima during optimisation, thus missing resolutions that are globally better. It is as though on a surface with hills and valleys, if we are looking for a maximum, because of narrow vision we were to climb on a hill to the top, and not climb a mountain in another area. Even if the topology (architecture) of the neural network is the same, if we start with the same architecture and training but using different initial random weights, it is often the case that the behaviours of networks would be vastly different. Committees are a remedy to such variation.
Using committees of machines is similar to the method of bagging in machine learning. The difference is that in a committee of neural networks, one obtains the necessary variety of machines in the committee by training from different random starting weights. By contrast, in bagging the variety is obtained by training on different randomly selected subsets of the training data.
- 79.
In the final section in his book, a section entitled ‘Alien Intelligence’, Mena remarks about such software that evolves, breeds solutions, and learns on its own (2003, p. 376): “Sometime we can’t follow its logic in detail, but we use these AI components because they are very accurate. This is what the renowned computer scientist and writer James Martin calls ‘alien intelligence’, which is a process executed on a computer that is so complex that a human can neither follow the logic step-by-step nor come to the same result by other means. We couldn’t write a conventional program, for example, to spot fraud on millions of accounts in real time; we need neural networks to help us”. The problem with neural networks is that they are notoriously opaque rather than transparent in how they run and reach results.
- 80.
Textbooks on multiagent systems include Ferber (1999), Weiss (1999), Wooldridge (2002, 2nd edn.: 2009). Multiagent systems are sometimes combined with representations and techniques from, e.g. logic and game theory — this was shown in a book by Shoham and Leyton-Brown (2009) — or algebra (Amigoni & Continanza, 2012).
- 81.
- 82.
A security application of this is the monitoring digital signatures provided by the use of swipe cards. If and when deviations from the norm are spotted, an alert is silently given, so that the card provider would monitor the card, just in case it was stolen.
- 83.
In fact, the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN), which tries to detect financial crimes, have a tool called FAIS (i.e., FinCEN Artificial Intelligence System), which “uses an agent to weed through this large data space” – namely, “all cash transactions involving dollar amounts of above $10,000”, about ten million transactions a year – “and search for abnormalities and fraud through the use of neural network and link analysis” (Mena, 2003, p. 107).
- 84.
Dijkstra et al. (2005, p. 133) explained the context of their project “This research is part of an ongoing research project ANITA (Administrative Normative Information Transaction Agents), which aims at performing the fundamental research needed to develop a multi-agent system for regulated information exchange in the police intelligence domain [(De Vey Mestdagh, 2003)].”
- 85.
- 86.
The earliest implementation of blackboard systems was in the 1970s. An edited volume on the subject was published by Engelmore and Morgan (1988), and it quoted (ibid., p. 16; cf. Wooldridge 2002, p. 307) the blackboard metaphor as originally proposed by Newell (1962): “Metaphorically we can think of a set of workers, all looking at the same blackboard: each is able to read everything that is on it, and to judge when he has something worthwhile to add to it. This conception is […] a set of demons, each independently looking at the total situation and shrieking in proportion to what they see fits their natures”.
- 87.
See for example the treatment of the concept (from economics) of incentive contracting in an artificial intelligence framework, in a paper by Kraus (1996) that provides both a survey and a model.
- 88.
There are limitations, and proposed improvements. Fan, Huang, and Jin stated (2008, p. 603): “The CNP is a powerful coordination mechanism in multi-agent systems. However, the performance of the CNP degrades when the number of agents increases or the announcement is of high frequency. Hence, it has a problem of applicability to large-scale multi-agent systems. In order to overcome this problem, a personal assistant that may evaluate the other agents is proposed. It can avoid an announcement sent to redundant bidders, and only the best bidder sends the bid proposal.”
- 89.
Fuzzy approaches are the subject of Section 6.1.15 in this book.
- 90.
DARPA is the United States’ Defense Advanced Research Projects Agency.
- 91.
Genetic algorithms are the subject of Section 6.1.16.1 in this book.
- 92.
Tsai and Chan (2007) discussed the detection of cyber security threats in weblogs by using probabilistic models.
- 93.
The popularity of XML (Extensible Markup Language) stems from its role as a standard within Web technology (it was endorsed institutionally), and is reflected in a multitude of coding languages and applications making use of it, as well as in a literature comprising textbooks or reference books (Light, 1997; Holzner, 1998; Nakhimovsky & Myers, 2002), conference proceedings (Fuhr, 2006; Bressan, 2003; XML, 2002), and dissertations (Minh, 2007), as well as in reports in the information media.
- 94.
- 95.
In the 1980s and later, this has also been the case of my own approach to nested relations: I advocated that the nesting should be deep and flexible, unlike in the mainstream of database design research into nested relations. This, along with the applicational thrust of what I had been developing, did not militate toward a favourable appreciation by the nested relations community of RAFFAELLO (my tool for retrieval from nested relations) and CuProS (Customization Production Systems) — itself, a ruleset- or formal grammar description of how the nesting of attributes is allowed to be within given types of nested relations). In retrospect, the applicational thrust of the RAFFAELLO project had been quite warranted: the quite similar concept of XML has at present a great appeal, for quite various applications, and the emergence of the World Wide Web has much favoured this.
Deep nested relations could be represented in some formal approaches from the 1980s and early 1990s, but it is the flexibility that eluded them. Nested relations emerged, in relational database design research, out of the desire to generalise flat relations, so that hierarchically structured objects could be modelled directly. Paper collections appeared (Abiteboul, Fischer, & Schek, 1989; Özsoyoğlu, 1988). Normal forms were introduced for nested relations (Özsoyoğlu & Yuan, 1987), in the tradition of normal forms from relational databases.
Mark Levene introduced important variants of nested relations (Levene, 1992; Levene & Loizou, 1990). In particular, he combined the universal relation model – which allows the user to view the database as though it was just one flat relation, in the space of all attributes of the database: it was the subject of my early research (Nissan, 1982, 1983, 1987c) – with nested relations, into an approach called the nested universal relation model (Levene, 1992). Levene’s model offered the following advantages: “Functional data dependencies and the classical notion of lossless decomposition are extended to nested relations and an extended chase procedure is defined to test the satisfaction of the data dependencies. The nested UR [i.e., universal relation] model is defined, and the classical UR model is shown to be a special case of the nested model.
This implies that an UR interface can be implemented by using the nested UR model, thus gaining the full advantages of nested relations over flat relations” (Levene, 1992, abstract). Levene’s formalisation incorporated null values into the model. Also see Levene and Loizou (1993, 1994). Incidentally, apart from relational databases, Levene has also done (with Poulovassilis) some work on a nested-graph database model for representing and manipulating complex objects (Poulovassilis & Levene, 1994).
More recent work on nested relations includes Bertino, Catania, and Wong (1999) and Garani (2004, 2008). Georgia Garani (whose 2004 Ph.D. is from Mark Levene’s department at Birkbeck College in London) distinguishes nested attributes as decomposable and non-decomposable (Garani, 2008). Overcoming a once popular maxim in nested relations research (“Unnesting and then nesting on the same attribute of a nested relation does not always yield the original relation”), Garani (2008) has proven that “for all nested relations, unnesting and then renesting on the same attribute yields the original relation subject only to the elimination of duplicate data”.
- 96.
- 97.
SGML’s and XML’s idea of trees of data, that can be conceived of as embedded parentheses with an unlimited depth of nesting, described in a meta-schema, was also separately attained in the 1980 in the RAFFAELLO representation language, with its CuProS meta-representation language – on which, see now Nissan (2010c) and Nissan & El-Sana (2012). They were originally described in Nissan (1986, 1987a, 1988, 1999). The original application was to lexical databases (Nissan, 1988, 1999), catering and terminal food-processing (Nissan, 1987b), and law (Nissan, 1992) – the latter application being a combined representation of Italy’s regional constitutions (Statuti Regionali).
As to the food processing project, this was a relatively minor project, punningly named Fidel Gastro (after gastronomy), and that I had my undergraduate students implement in 1987. It was considered valuable enough for a journal in hospitality management to publish a paper on this application to large kitchens. Fidel Gastro finds now a parallel in a function of the so-called Microsoft Home, introduced in 2004, and reportedly first inhabited by Bill Gates and his family. Even though the Microsoft Home uses radio-frequency identification tags for inventory tracking, the basic function is like that of my 1987 project. Barron (2004), describing the Microsoft Home, wrote: “The network knows, for example, what ingredients are available in the kitchen. If the makings for chocolate chip cookies are not at hand, it will suggest a recipe for oatmeal cookies, assuming these ingredients are on the shelf” – and this is precisely what Fidel Gastro was doing. Incidentally, bear in mind that catering is a subject complex enough to be taught at vocational schools, and that there exist textbooks, e.g. Kinton, Ceserani, and Foskett (1992).
- 98.
Munn and Smith (2008) try to relate ontologies as being structured, automated representations developed within knowledge engineering (their examples are from medicine and biology), to philosophical ontology: in philosophy, ontology is the discipline concerned with how things in the world are divided into categories, and how these categories are related.
- 99.
- 100.
- 101.
- 102.
- 103.
- 104.
See Calzolari, Monachini, Quochi, Socia, and Toral (2010), Hirst (2004), Aussenac-Gilles and Sörgel (2005), and Poesio (2005). In a special sense, the motivation for developing ontologies in computer applications has an important precedent in the work of corporate terminologists (e.g., at Airbus), as opposed to state institutions that in some countries (e.g., France and Israel) approve terminology. Unlike at such state institutions, the knowhow of corporate terminologists comes close to concepts that are current in ontology development. In artificial intelligence, the emergence of ontologies was contextually different from the emergence of semantic networks, even though without a grasp of the latter, ontologies would not have emerged. Namely, the need for ontologies was felt when developing very large knowledge bases. But no matter how simple your artificial intelligence application, you are not unlikely to be using a semantic network, and actually Prolog students often learn that language by first programming some rudimentary semantic network. The work of terminologists proper has benefited from the burgeoning state of the art of ontologies as being an area of computer science.
- 105.
Concerning WordNet, see Fellbaum (1998), and see http://wordnet.princeton.edu/ Besides, Lenci et al. (2000) discussed SIMPLE, a framework for the development of multilingual lexicons.
- 106.
Berners-Lee, Hendler, and Lassila (2001) is a popularistic introduction to the Semantic Web. Also see Michael Uschold’s (2003) “Where Are the Semantics in the Semantic Web?”. Maedche and Staab (2001) reported about ontology learning from the Semantic Web. Fensel, van Harmelen, Horrocks, McGuinness, and Patel-Schneider (2001) discussed an ontology infrastructure for the Semantic Web. AAAI (2002) is a paper collection about ontologies and the Semantic Web.
- 107.
It is important to realise that any positive integer number of variables may be associated with individual pixels, and one may have multivariate images, requiring multivariate image mining (or MVI mining). Herold, Loyek, and Nattkemper (2011) provide an overview. They explain (ibid., p. 2): “Because of recent advances in sensor technology and a rapid increase in storage capacities, a growing number of intensity values can be recorded and associated with pixel coordinates using new imaging technologies. This growth in dimension can be observed in different scientific areas and this new category of images is referred to as multivariate images (MVIs). In these images, an almost arbitrary number of variables is associated with each pixel that represent, for instance, signal values at different time points or for different spectral bands or for different imaging parameters or modalities. Thus, these images can no longer be interpreted as gray value images or red, green, blue color images, and new information technologies are needed.” Current applications are mainly to biomedical imaging. In particular, multivariate images result from different techniques, and include multispectral images in microscopy, multifluorescence imaging (or multicolour imaging: it “aims at precisely visualizing the location ofmolecules in a sample”), and multimodal imaging.
In multispectral imaging, a “biological sample is imaged for multiple wavelengths so that each signal, \(s_i \left(i \in \left[1,\;n\right]\right)\), represents the intensity of a pixel at a given wavelength λ i . In general, a red, green, blue (RGB) image can be regarded as the most simple multispectral image stack with only three bands. Modern spectral imaging systems, however, allow to image signals over a wide wavelength range, with small increments” (ibid., p. 2).
Multifluorescence images result as “multiple molecules are selectively labeled by molecule-specific antibodies fused with a fluorophore and imaged by fluorescence microscopy. Each signal, \(s_i \left(i \in \left[1,\;n\right]\right)\) thus, reflects the intensity of a pixel for one molecule m i . In recent years, the number of available specific antibodies has continuously been increasing, allowing to selectively label a large number of molecules. However, in most applications, only few molecules are labeled at once due to the spectral limitation of fluorescence microscopy” (ibid., pp. 2 –3).
“Both multivariate imaging strategies mentioned so far can be summarized as intramodular imaging techniques, as the same imaging modality is used and changes in their parametrization, i.e., recorded wavelength or labeled molecule is applied to acquire the set of n different signals. However, MVI data can also be acquired by applying different imaging modalities” (ibid., p. 3). One speak then of multimodal images. “For example, bright field imaging can be combined with images obtained by dark field, phase contrast, and fluorescence imaging” (ibid.). Both in multimodal imaging and in intramodular imaging (namely, multispectral imaging and multifluorescence imaging), “the acquired images hold the same resolution. This eases the process of image registration, i.e., spatially aligning all channels of the MVI to each other, which is the prerequisite for a meaningful MVI analysis” (ibid.). Moreover, “also modalities that acquire images of different spatial resolution can be combined such as optical microscopy and electron microscopy. Here, directly mapping the spatial location in different images is not possible, and sophisticated mapping techniques are required” (ibid.).
- 108.
Li, Yang, and Ramani (2009) described a methodology for engineering ontology acquisition and validation. Ciocoiu, Nau, and Grüninger (2001) were concerned with ontologies for integrating engineering applications. Grüninger and Delaval (2009) discussed a cutting process ontology for sheet metal parts. A paper by Paul van der Vet and Nicolaas Mars (1995) is a case study in ontologies for very large knowledge bases in materials science.
- 109.
Ding, Fensel, Klein, Omelayenko, and Schulten (2004) discussed the role of ontologies in E-commerce. A book by Gómez-Pérez et al. (2004) discussed applying ontologies to the areas of knowledge management, E-commerce, and the Semantic Web. Dieter Fensel published a book (2003) about ontologies for knowledge management and E-commerce.
- 110.
- 111.
Udo Hahn and Stefan Schulz (2004) discussed building a very large ontology from medical thesauri.
- 112.
Mitschick and Meissner (2008) are concerned with metadata generation and consolidation within an ontology-based document management system.
- 113.
The International Journal of Metadata, Semantics and Ontologies published a special issue entitled Agricultural Metadata and Semantics (Manouselis, Salokhe, & Johannes Keizer, 2009).
- 114.
By Ferrario and Oltramari (2004).
- 115.
- 116.
Gutiérrez et al. (2005, 2007). Cf. Garcia-Rojas et al. (2008a, 2008b). “The context of this work is the search for realism and believability of Virtual Humans. Our contribution to achieve this goal is to enable Virtual Humans (VH) to react to spontaneous events in virtual environments (VE). In order to reflect the individuality of each VH, these reactions have to be expressive and unique. In this paper we present firstly a model of reaction based on personality traits. The model was defined using statistical analysis of real people reacting to unexpected events. We also consider that the emotional state is involved in the modulation of reactions, thus we integrate a model of emotion update. Secondly, we present a semantic-based methodology to compose reactive animation sequences using inverse kinematics (IK) and key frame (KF) interpolation animation techniques. Finally, we present an application that demonstrates how Virtual Humans can produce different movements as reaction to unexpected stimuli, depending on their personality traits and emotional state” (from the abstract of Garcia-Rojas et al., 2008b).
Whereas Garcia-Rojas et al. (2008b) were concerned with reactive behaviour, with expressive animation, and with semantics, Garcia-Rojas et al. (2008a) were rather concerned with inhabited virtual environments, with ontologies, with an authoring tool, and with visual programming. To say it with the abstract: “The creation of virtual reality applications and 3D environments is a complex task that requires good programming skills and expertise in computer graphics and many other disciplines. The complexity increases when we want to include complex entities such as virtual characters and animate them. In this paper we present a system that assists in the tasks of setting up a 3D scene and configuring several parameters affecting the behavior of virtual entities like objects and autonomous virtual humans. Our application is based on a visual programming paradigm, supported by a semantic representation, an ontology for virtual environments. The ontology allows us to store and organize the components of a 3D scene, together with the knowledge associated with them. It is also used to expose functionalities in the given 3D engine. Based on a formal representation of its components, the proposed architecture provides a scalable VR system. Using this system, non-experts can set up interactive scenarios with minimum effort; no programming skills or advanced knowledge is required.”
- 117.
To give the flavour of what ontologies may look like, the following is excerpted from TGMA: The mosquito anatomy morphology (http://anobase.vectorbase.org/anatomy/mosquito_anatomy.obo), accessed in February 2009, and developed at IMBB in Greece for VectorBase (http://www.vectorbase.org is the homepage of the site where it is posted, with other such ontologies of ticks and malaria, at http://anobase.vectorbase.org/ontologies): id: TGMA:0000051 name: postfrontal suture def: "One of two sutures diverging from the coronal suture above the ocelli and separating the interocular space from the frons." [ISBN:0-937548-00-6] comment: Fig 02,04,07,08 Abbr: pfs in ISBN:0-937548-00-6. synonym: "frontal suture" RELATED [ISBN:0-937548-00-6] is_a: TGMA:0001828 ! anatomical line relationship: part_of TGMA:0000003 ! adult craniumid: TGMA:0000052 name: postfrontal ridge def: "The apodeme marked externally by the postfrontal suture." [ISBN:0-937548-00-6] comment: Fig 05 Abbr: PR in ISBN:0-937548-00-6. synonym: "frontal ridge" RELATED [ISBN:0-937548-00-6] relationship: part_of TGMA:0000003 ! adult craniumid: TGMA:0000053 name: adult postgena def: "The lateral and ventral parts of the cranium behind the compound eye." [ISBN:0-937548-00-6] comment: Fig 02,03,04,06 Abbr: PG in ISBN:0-937548-00-6. synonym: "cheek" RELATED [ISBN:0-937548-00-6] synonym: "gena" RELATED [ISBN:0-937548-00-6] synonym: "gula" RELATED [ISBN:0-937548-00-6] synonym: "gular region" RELATED [ISBN:0-937548-00-6] synonym: "Kehle" RELATED [ISBN:0-937548-00-6] synonym: "occiput" RELATED [ISBN:0-937548-00-6] synonym: "temple" RELATED [ISBN:0-937548-00-6] synonym: "tempus" RELATED [ISBN:0-937548-00-6] is_a: TGMA:0001835 ! compound organ component relationship: part_of TGMA:0000003 ! adult craniumid: TGMA:0000054 name: postgenal seta def: "One of the setae occurring in a group on the postgena at the posteroventral area of the cranium." [ISBN:0-937548-00-6] comment: Fig 02,04 Abbr: PgS in ISBN:0-937548-00-6. synonym: "gular bristle" RELATED [ISBN:0-937548-00-6] synonym: "gular chaeta" RELATED [ISBN:0-937548-00-6] synonym: "postgenal hair" RELATED [ISBN:0-937548-00-6] relationship: part_of TGMA:0000053 ! adult postgena
Another website worth visiting is http://www.ifomis.org/bfo/publications of Basic Formal Ontology (BFO).
- 118.
[A note by E. Nissan:] Valente (2005) has discussed types and roles of legal ontologies, and his paper followed in the same book an especially stimulating article on the use and reuse of legal ontologies by Breuker, Valente, and Winkels (2005). Also Gangemi, Sagri, and Tiscornia (2005), too, discussed legal ontologies. This was inside an edited volume that had legal ontologies in its subtitle. The volume editors were Benajmins, Casanovas, Breuker, and Gangemi (2005), and the papers in the volume were drawn from two meetings devoted to the Semantic Web and the legal domain: The International Workshop on Legal Ontologies and Web-Based Legal Information Management held in Edinburgh, Scotland, in June 2003 (John Zeleznikow had been directing a laboratory at the University of Edinburgh at the time), and the International Seminar on Law and the Semantic Web, held in Barcelona, Spain, in November 2003.
- 119.
- 120.
- 121.
- 122.
- 123.
- 124.
A book by Golan (2004) traces the history of scientific expert testimony in England and America.
- 125.
- 126.
In 2003, it was the subject of two workshop presentations by the present three authors (Leary et al., 2003a, 2003b), and this section is based on one of these (Leary et al., 2003b). Moreover, there also have been other publications about the same subject, including a journal article with the same title as Leary et al. (2003b), but by John Kingston, Burkhard Schafer, and Wim Vandenberghe (Kingston et al., 2004). Cf. Kingston et al. (2003), Kingston and Vandenberghe (2003), Vandenberghe, Schafer, and Kingston (2003).
- 127.
Commissione Nazionale per le Società e la Borsa (http://www.consob.it) and VATAT (http://www.vatat.com). They are respectively concerned with the share market, and with the Value Added Tax (VAT).
- 128.
- 129.
See CONSOB’s weekly newsletter (October 2001).
- 130.
This must be considered separately from the regulator’s ability to enforce its powers within such jurisdiction. For example, a securities regulator would first need to consider whether a security was being advertised or sold within its geographical jurisdiction and secondly, whether or not the person advertising the product was subject to their regulation.
- 131.
UML is the Unified Modeling Language. This is a widespread language for such purposes.
- 132.
- 133.
Resolving anaphora determines what determinative or possessive adjectives or pronouns (e.g. “this”, “my”, “yours”), or articles (“the”), or other indexicals (e.g., “yesterday”), refer to. Literally in Greek anaphora means “carrying back”, and anaphora in the narrow sense means a reference backwards by a determinative, as opposed to cataphora, which refers forwards. In the usual, broader sense, anaphora encompasses both backward and foreword references.
- 134.
Let us develop here that example, which Inderjeet Mani proposed yet not develop himself in context. Disambiguating “George Bush” is usually between the father and the son, as both of them were presidents of the United States. Consider in addition that in the 1830s, in New York there was a professor of Hebrew by that name. For sure a newspaper or a news magazine you may have been browsing between 1980 and 2010 has not been referring to that George Bush. And of the two politicians, international news mentioning George Bush in the 1980s and early 1990s are likely to have been referring to the elder Bush, but in a Texan context the son, who was a governor, may have been referred to. Elsewhere, the text is likely to have pointed out that the son was meant, rather than the father: “Ann Richards […] is running for reelection as Governor of Texas against George W. Bush, a Republican and the eldest son of the former President. […] She derides him as ‘all hat and no cattle’. […] Her followers hand out bumper stickers saying: ‘Don’t elect the son-of-a-Bush’. They call him ‘Shrub’”, as reported by Ian Brodie in the London Times of 20 October 1994, p. 15, under the title “Lone Star governor struggles to uproot the Shrub”.
Also in 1994, the 1830s George Bush was briefly discussed in a new scholary book from the United States (Ritterband & Wechsler, 1994). Columbia College (from the 1880s, Columbia University) suspended Hebrew instruction from 1799 “until 1830 when, perhaps responding to a movement to establish the rival University of the City of New York, it appointed the Rev. Samuel Turner, D.D. […] to a professorship of Hebrew language and literature” (ibid., p. 12), but then the rival new university “soon appointed George Bush and Isaac Nordheimer to Hebrew and Arabic chairs, respectively. Nordheimer, one of America’s first Jewish college professors, is oft noted for his Hebrew grammar. The work of Bush and Nordheimer allowed Turner to cease instruction at Columbia, though Nordheimer died within three years of his appointment” (ibid., p. 13). Endnote 54 on p. 243 explains: “The University of the City of New York apparently cornered the market on Hebrew instruction in New York. Turner wrote: ‘When Nordheimer became known as a good Hebrew teacher, I felt it less incumbent on me to devote my time to this object. [sic] Since then I have never been required to give lessons in Hebrew, so that the professorship has become a sinecure’ (quoted in Richard Gottheil, “Semitic Languages at Columbia”, Columbia University Bulletin 19 [March, 1898], 94). Bush, not Nordheimer, taught Hebrew at the new institution.” That much is related by Ritterband and Wechsler (1994) about that early George Bush.
In the Catalogue of the Officers, Alumni, and Students of the University of the City of New York, 1839–40, printed in New York by Hopkins and Jennings in 1840, and now accessible online (http://dspace.nitle.org/bitstream/handle/10090/1838/UnivofCityofNewYork1839_40_cat.PDF?sequence=1), one finds indeed: “GEORGE BUSH, Professor of Hebrew. ISAAC NORDHEIMER, P. D., Professor of the German Language and of Oriental Languages”, listed among the (few) “Professors not of the Governing Faculty.”
Another Web search retrieved facsimile excerpts from a book being advertised, with the following, further information. Goldman clarifies the scholarly relation of Bush to Nordheimer (2004, pp. 163–164 in chapter 8): “Nordheimer died too young to realize his full scholarly potential — at the age of thirty-three he succumbed to the tuberculosis that had weakened him since his adolescence — his life and writings had considerable influence on the leading American Protestant Hebraists of the first half of the nineteenth century: Moses Stuart of Andover Theological Seminary, George Bush of New York University, and Edward Robinson of Union Theological Seminary.”
This example of human-initiated search for information drives in the importance of incorporating some reasonably effective competence in natural-language analysis, not only in automatic summarization tools, but also in such text mining tools that demands on their output are not unambitious.
- 135.
Another computer scientist with a record of early involvement in research into summarization tools is Udo Hahn, who is also prominent in research about ontologies. In his preface, Mani (2001) actually credits Hahn (ibid., p. x) as having jointly taught conference tutorials, on which the introduction of Mani’s book is based. They co-authored Hahn and Mani (2000). When preparing the original draft of what is now the section you are reading, I chanced upon a copy of an old report by Hahn and Ulrich Reimer, ‘Heuristic text parsing in TOPIC: Methodological issues in a knowledge-based text condensation system’ (Bericht TOPIC–5/83, 2nd ed., Universität Konstanz), that was going to appear in the North-Holland Proceedings of the 5th International Research Forum in Information Science, Heidelberg, 1983. The task of TOPIC was described as being “the generation of condensates (abstracting)” (from German texts). “Parsing heuristics referring to cohesion and coherence of texts” were in the first place intended to generate indicative summaries. Mani’s book (2001) discusses TOPIC on pp. 148–150: “The system applies shallow methods of parsing noun phrases in the text, relying on a lexicon which maps to a knowledge base of domain concepts. The system increases the activation weights of frames, slots, and slot values whenever they are referred to in the text. TOPIC counts how frequently references are made to a frame itself, to a slot of a frame, or to the slot value. Thus, concept counting is carried out, rather than counting words, word-stems or discourse referents […]. For example, the salience of a slot is determined by the frequency of reference to that slot compared to the frequency of reference to all slots mentioned in the text. A frame is salient if the ratio of the number of its instances to the number of its active instances (an active frame is one which is referenced at least once in the text) is less than the number of its active instances. […] These patterns of salience are applied to individual paragraphs, and then topic descriptions are determined and aggregated over paragraphs, after which generalization operations are applied across the topic descriptions to create a hierarchical text graph. Using an interactive text graph navigation aid, a user is able to traverse the resulting text graph, varying the detail of the summaries [... O]ne can certainly ask how such a hypertext conceptual representation compares with a conventional text summary. [...] TOPIC could, in principle, certainly produce an extract summary, simply by weighting sentences based on the density of references to salient concepts”.
- 136.
- 137.
These are available in HTML at http://www.canlii.org/ca/cas/fct/
- 138.
- 139.
See Section 6.1.13.14 below.
- 140.
Statistical natural language processing is the subject of Manning and Schutze (1999).
- 141.
- 142.
Solka (2008) explained as follows the graph-based method (ibid., pp. 102–103): “One can cast the term-document matrix as a bipartite graph where the documents are on the left-hand-side of this graph, and the terms are on the right-hand-side. The graph is designated a bipartite graph because there are edges only between the documents and the terms. There are no edges between the documents or between the terms. Given this encoding one can view document clustering as a graph cut problem, where one attempts to divide a graph into two groups in such a way as to minimize the number of edges that pass between them. Approximate solutions to this problem can be obtained using a spectral decomposition of the graph Laplacian. A benefit of this approach is that it allows one to obtain a simultaneous clustering of terms and documents. This makes sense in that a clustering of terms would naturally induce a clustering of documents and a clustering of documents would induce a clustering of terms.”
- 143.
An older book on data mining is Han and Kamber (2001).
- 144.
The application to movie reviews was described by Pang et al. (2002), whereas Valitutti et al. (2005) were concerned with the development of affective lexical resources. Esxuli and Sebastiani (2010) reviewed sentiment-quantification methods (as opposed to sentiment classification) within opinion mining. Sentiment classification instead is the subject of Abbasi (2010). Also see, e.g., Argamon et al. (2009). Feldman, Fresko, Goldenberg, Netzer, and Ungar (2010) apply text mining to the analysis of product comparisons (concerning car models) on Web-supported product discussion boards:
There is increasing recognition that product reviews by consumers can provide important insight into how they view products, and that automated text analysis methods can be fruitfully used to extract such information [(Popescu & Etzioni, 2005; Dave, Lawrence, & Pennock, 2003)]. For example, the rapidly growing field of sentiment analysis looks to extract how authors feel about different products [(Kim & Hovy, 2006; Turney, 2002; Hu & Liu, 2004; Pang, Lee, & Vaithyanathan, 2002)]. Such work has tended to look at single products, in spite of the fact that many of the purchase decisions, and hence much of the marketing effort, is based on product comparisons. This paper describes a methodology for automatically analyzing products and comparisons between them. Given a (possibly ungrammatical) sentence such as “Sonata has soft ride similar to Camry and Accord” we automatically extract the products (Sonata, Camry and Accord) and what attributes they are compared on (“soft ride”). Our goal is to automatically determine which products are compared with each other, what attributes they are compared on, and which products are preferred on different attributes. We term this process “comparative sentiment analysis.”
- 145.
Cf. Christopher C. Yang’s (2008) ‘Knowledge Discovery and Information Visualization for Terrorist Social Networks’.
- 146.
- 147.
http://www.westlaw.com Accessed on 15 March 2004.
- 148.
- 149.
Also see more recent publications by Thorsten Joachims of Cornell University, e.g. Joachims, Hofmann, Yue, and Yu (2009).
- 150.
The C4.5 algorithm (Quinlan, 1993) is an enhancement of ID3 that includes tools to (a) To deal with missing values on attributes and missing data, (b) for pruning decision trees, (c) dealing with continuous variables, (d) dealing with rule accuracy, (e) providing alternative measures for selecting attributes. The C5.0 algorithm is an enhancement of C4.5 that includes (a) boosting techniques (see below), (b) sophisticated ways to measure errors, (c) methods to facilitate scaling uyp an algorithm to perform on large datasets. The ID3 algorithm was developed by Quinlan (1986), and is a machine learning algorithm which induces a decision tree for classification problems. The tree is derived from examples in a training set. The ID3 algorithm uses an entropy-based measure known as information gain, as a heuristic for selecting the attribute that will best separate the samples into individual classes. The attribute becomes the ‘test’ or ‘decision’ attribute at the node. A handy presentation of decision tree techniques in data mining is provided by Rokach and Maimon (2008).
Boosting (Quinlan, 1996) improves the predictive power of classifier learning systems by adjusting the weights of training instances. It manipulates the training data in order to generate different classifiers. Boosting uses all instances at each repetition, but maintains a weight for each instance in the training set that reflects its importance; adjusting the weights causes the learner to focus on different instances and so leads to different classifiers. The multiple classifiers are then combined by voting to form a composite classifier. Boosting assigns different voting strengths to component classifiers on the basis of their accuracy.
- 151.
There is a separate issue of how the authorial persona comes through, in a literary or other textual work, if it comes through at all. Consider for example Martial’s Liber spectaculorum about the cruel arena game under the Flavian dynasty in Rome: both the Emperor’s name, and the authorial persona are major absences from the Liber Spectaculorum (see Nissan, 2011d, section 2):
In Sec. 11 [of the general introduction to her book], Coleman [(2006)] addresses two features that set the Liber spectaculorum apart from the rest of Martial’s oeuvre. Firstly, the ‘I’ composing the book is absent: “we constantly hear the author’s voice, but his persona is entirely effaced” (lxxxii). The other term of the dual absence is that the epigrams were not received by a readership through the medium of a book (lxxxi): “Perhaps what caught [Titus’] approval was, instead, a libellus [i.e., booklet] that one day, together with similar libelli [booklets] celebrating spectacles under Domitian, would form the liber [i.e., book] from which our surviving collection was excerpted” (lxxxiv).
And as mentioned, there is the problem of identifying which Flavian emperor was the one relevant, among Vespasian’s two sons and successors, namely, Titus and Domitian:
In Sec. 6, Coleman tries to identify the emperor eulogised, but never identified in the epigrams: Titus? or Domitian? or both in turn? To Coleman, it “seems highly unlikely” that “a single emperor” was being honoured (lxxxiii). This “must remain a tantalizing puzzle” (lxiv). “[T]he atmosphere of immediacy in the second epigram is much better suited to Titus’ inauguration [of the Flavian amphitheatre in Rome: the Coliseum] than to an event several years later, [...] and, given the parallels between the events of the Liber spectaculorum and the extant sources for Titus’ inauguration, it seems perverse to postulate an entirely unattested ceremony under Domitian as the occasion celebrated in the book” (lix). Coleman dismisses another argument for ascription of the occasion to the reign of Domitian: “[T]he enmity towards Titus that is attributed to Domitian by hostile sources is a flimsy basis for supposing that he would object to the public circulation of a collection that celebrated spectacles associating both of them with” the Colosseum.
- 152.
- 153.
From an American perspective, Michael Risinger – a legal scholar who tends to be critical of expert testimony in especially criminal (Risinger, 2007a) and occasionally civil cases – surveys court cases involving the reliability of handwriting identification expertise (Risinger– 2007b; cf. Risinger, Saks, Thompson, & Rosenthal, 2002). His paper (2007b, p. 477) “seeks to collect and separately describe and analyze every explicit decision by an American court on the reliability of handwriting identification expertise since the decision in Daubert v. Merrell Dow Pharmaceuticals, Inc.”, i.e., 509 U.S. 579 (1993). “the cases listed here are by no means all of the cases since 1993 in whichhandwriting identification testimony by putative experts has been proffered or accepted” (Risinger, 2007b, p. 477). Risinger explained (ibid., pp. 478–479): “Most use of such expertise likely goes unremarked upon, or occurs in cases that never generate written opinions. In the vast majority of the reported cases involving such experts, the testimony is merely noted as part of a recitation of facts. These cases include substantial numbers of civil cases, often involving challenged signatures on wills or deeds, or insurance and other contract cases, but not uncommonly involving more complex issues. The volume should not be surprising. Estimates of the number of persons who offer such testimony in court, at least on occasion, ranges up to 5,000 or more, with some hundreds who do so regularly. The range of credentials and experience exhibited by these witnesses is also startling, and it is likely that most of the testimony that occurs in American courtrooms is by persons whose training and experience would be looked down upon by the accrediting body of the Osbornian establishment, the American Board of Forensic Document Examiners (ABFDE).”
Larry Miller (1984) expressed criticism of unintended bias on the part of forensic document examiners. He began his article by claiming (ibid., p. 407): “Questioned document examination, particularly handwriting/handprinting identification, lends itself readily to unintended bias on the part of the examiner. Questioned document examination is one of the few forensic science areas that depends primarily on a subjective analysis by the examiner. Most questioned document examiners atternpt to render analyses as objectively as poossible by using sophisticated measuring techniques. However, complete objectivity cannot be achieved because of (1) the situation in which the document examiner is summoned for analyses, and (2) the fact that most of the identification process involves a subjective opinion of the examiner.” Larry Miller (1987) pointed out procedural bias in forensic science examinations of human hair. Again, this was because such evaluations are subjective.
- 154.
The FEPL website is at http://www.latrobe.edu.au/humanbio/forensic/method_online.htm
- 155.
- 156.
- 157.
Don Foster’s stylometric analysis (see Foster, 2001, chapter 3) was important for identifying the Unabomber. The defence team attacked his five-page opinion (he had been instructed to keep it short) for giving no specific examples, and suggested that he hadn’t read the documents at all. In the same sweep, the defence included a second declaration by Robin Lakoff, in which she admitted she had only read an affidavit, as well as just two of the two hundred documents on which Fitzgerald’s analysis was based (Foster, 2001, p. 108).
Still, she claimed, her conclusions would not have been different. Understandably, Foster is bitter and sarcastic concerning this, in his book. Foster prepared a detailed opinion of fifty pages, that was not deemed necessary by the judge, who rejected the defence motion. There is a sense in which that decision of the court better established the credentials of stylometric analysis for judicial purposes, whereas Lakoff’s own opinion was not so much a stylometric analysis, as an attack on the evidentiary merits of stylometric analysis.
Also the Ted Kaczynski’s sister-in-law, Linda Patrik, a professor of philosophy, came to believe (during a stay of hers in Paris) she knew he was the Unabomber because of what he wrote and the way he wrote. Eventually Ted Kaczynski was quoted in the information press as blaming his brother David for being a Judas Iscariot.
- 158.
Supervisory Special Agent (SSA) James Fitzgerald of the FBI’s National Center for the Analysis of Violent Crime.
- 159.
The T-docs are Ted Kaczynski’s documents, whereas the U-docs are the Unabomber’s documents.
- 160.
FC is how the Unabomber signed himself in his manifesto.
- 161.
Gelernter had developed the LINDA network software. He was critically wounded, as was Epstein, in June 1993 (cf. Foster, 2001, pp. 136–137). Gelernter was nearly blinded by the explosion. It was just after Gelernter went back to the U.S. after giving a seminar at the Department of Mathematics and Computer Science at Bar-Ilan University, in the Greater Tel-Aviv area. I was in the audience, at that talk of his. In an email circulated to the department’s staff at Bar-Ilan, David Gelernter and his wife thanked us for our expression of solidarity, and suggested donations to the charity Esra.
- 162.
Here is an example of sheer coincidence: the name Snilly can be understood, in ancient Aramaic, to be a phrase of two words (sni li, a masculine singular passive participle followed by an inflected personal pronoun), meaning ‘hateful to me’. This would be onomastically quite apt for a character being a person whom Ted Kaczynski’s first-person narrator would want to blow up, and as the narrative was fiction, it is a name an author may aptly make up. But Kaczynski was utterly unlikely to know Aramaic, or that fine point from Aramaic.
- 163.
http://www.cedar.buffalo.edu/index.html CEDAR is the Center of Excellence in Document Analysis and Recognition at the University of Buffalo. Publications are listed at, and sometimes can be downloaded from, http://www.cedar.buffalo.edu/papers/publications.html
- 164.
Handwriting identification is the subject of Morris (2000).
- 165.
The literature on questioned documents includes Osborn (1929), Harrison (1958), Conway (1959), Hilton (1982), Huber and Headrick (1999), Ellen (2005), Morris (2000), Levinson (2001), Koppenhaver (2007), Köller, Nissen, Reiß, and Sadorf (2004)
At http://www.bka.de/vorbeugung/pub/probabilistische_schlussfolgerungen_in_schriftgutachten.pdf German and English versions of Köller et al. (2004) can be downloaded.
- 166.
- 167.
- 168.
Cf. Hobson and Slee (1993), for the application of networks in the legal domain.
- 169.
- 170.
(1984) 156 CLR 185
- 171.
Stare decisis is a fundamental principle in common law legal systems. The principle dictates that the reasoning, loosely, ratio decidendi , used in new cases must follow the reasoning used by decision-makers in courts at the same or higher level in the hierarchy. Stare decisis is unknown to civil law, where judgments rendered by judges only enjoy the authority of reason.
Traditional stare decisis is when the same decision has to be taken as a higher court judging about the same facts. Local stare decisis is when the same decision has to be taken as the same court judging about the same facts. Personal stare decisis is when the same decision has to be taken as the same judge judging about the same facts.
- 172.
(1977) Fam LR, cited in [Ingleby, 1993].
- 173.
(1980) 6 Fam LR.
- 174.
Such as neural networks or rule induction algorithms.
- 175.
For both completeness and to train the neural network .
- 176.
See the definition of stare decisis in fn 106 above.
- 177.
Arno Lodder and john Zeleznikow provided an overview of computer-assisted dispute resolution (as being an alternative to litigation) in a book (Lodder & Zeleznikow, 2010). Split Up is the subject of section 5.4 in that book. The hybrid rule–neural approach of Split Up was described in Stranieri et al. (1999). Bellucci and Zeleznikow (2005) is concerned with the Family Winner decision-support system that supports mediators in family law.
- 178.
In linear regression, data is modelled using a straight line of the form
$${\textrm{y}} = {\upalpha\textrm{x}} + {{\upbeta }}$$α and β are determined using the method of least squares. Polynomial regression models can be transformed to a linear regression model.
- 179.
Bentham (1748–1832) was a leading theorist in Anglo-American philosophy of law and one of the founders of utilitarianism. His most important theoretical work is the Introduction to the Principles of Morals and Legislation (1789), in which much of his moral theory – which he said reflected “the greatest happiness principle” – is described and developed.
- 180.
See the definition of stare decisis in fn 106 above.
- 181.
(1979) 5 Fam LR 719.
- 182.
In the case Mallet vs Mallet (1984) 156 CLR 185.
- 183.
See the definition of stare decisis in fn 106 above.
- 184.
Kennon V. Kennon FLC 92-757 (1997).
- 185.
See for example, the Royal Commission into Aboriginal Deaths in Custody’s National Report, vol. 1, p. 6 Accessible on at this website:
http://www.austlii.edu.au/cgi-bin/disp.pl/au/journals/AILR/1997/disp269
- 186.
See for example the court case of Farmer and Bramley [2000] FamCA 1615 (13 December 2000). This reference is to a case in the Family Court of Australia.
- 187.
In many legal domains, there is an onus on a specific party to prove its claims. For example, in criminal law, the prosecution must prove the defendant is guilty beyond reasonable doubt. In taxation law, the taxpayer must prove he met all the guidelines.
- 188.
Developed by William of Occam circa 1320.
- 189.
We are using some material especially from Stranieri and Zeleznikow (2005a).
- 190.
At http://en.wikipedia.org/wiki/Types_of_artificial_neural_networks many types of neural networks are briefly but usefully surveyed.
- 191.
At http://en.wikipedia.org/wiki/Types_of_artificial_neural_networks a few of the many kinds of neural networks are surveyed.
- 192.
Also see Rumelhart, Hinton, and Williams (1986b).
- 193.
The Usenet news group comp.ai.neural-nets maintains a monthly posting of a Frequently Asked Question (FAQ) that lists packages available. Regardless of the package used, the use of a neural network involves two main steps; defining the network and training it with data. These steps are discussed in the next two sections.
- 194.
A weight matrix “is used to list the weight values (strengths) that exist in the network. The position of a weight within the matrix will define which units the weight connects. Sometimes, more than one weight matrix is used to describe the way in which the units are connected in a network. For example, if units are placed in layers then a single matrix might be used to describe the connections between two layers” (Callan, 1999, p. 226).
- 195.
A nice exemplification of overtraining is found in the Wikipedia entry for “Artificial neural network” (http://en.wikipedia.org/wiki/Artificial_neural_network):
A common criticism of artificial neural networks, particularly in robotics, is that they require a large diversity of training for real-world operation. Dean Pomerleau, in his research presented in the paper “Knowledge-based Training of Artificial Neural Networks for Autonomous Robot Driving”, uses a neural network to train a robotic vehicle to drive on multiple types of roads (single lane, multi-lane, dirt, etc.). A large amount of his research is devoted to (1) extrapolating multiple training scenarios from a single training experience, and (2) preserving past training diversity so that the system does not become overtrained (if, for example, it is presented with a series of right turns — it should not learn to always turn right). These issues are common in neural networks that must decide from amongst a wide variety of responses.
- 196.
Historically within AI & Law, rule-based systems came under criticism because of too rigid interpretation of legislation, leaving no room for interpretation. Bench-Capon (1993a = 1994 [at a conference and a journal, both of them with Indira M. Carr as editor]) argued that rule-based representations of legal knowledge can nevertheless be acceptable, if the use made of the rules is sophisticated.
- 197.
For retrieving legal cases, see e.g. Zeng, Wang, Zeleznikow, and Kemp’s (2005) “Knowledge Representation for the Intelligent Legal Case Retrieval”.
- 198.
- 199.
Coherence in finite argument systems is the subject of Dunne and Bench-Capon (2002).
- 200.
For example, see George Christie’s (1964) “Vagueness and Legal Language”. It is not merely the terms that are vague. Some concepts as well are confused and confusing, he argued concerning the concept “due process of law”, in an article (Christie, 1984b) which aptly appeared in a book entitled Les notions à contenu variable en droit.
- 201.
It is not only terms that are vague. See Jonathan Yovel’s discussion of vagueness in Section 4.6.2.2 above, in the context of his treatment of relevance.
- 202.
More can be found s.v. “Transvaluationism” in the Glossary at the end of this book.
- 203.
Discretionary, as opposed to mandatory. In particular, as applied to judicial decision-making: what is up to the judge to decide, unfettered by mandatory rules, is discretionary. See Section 4.2.5. Meikle and Yearwood (2000) are concerned with the provision of support for the exercise of discretion, and how the need to avoid the risk of adversely affecting it when using a computer tool, inspired the structural design of EMBRACE, a decision support system for Australia’s Refugee Review Tribunal. Leith (1998) has warned about the risks, with AI applications to law, that judicial discretion be restricted, if computer tools come to be involved in the judicial decision-making process.
- 204.
“Legal realists are jurisprudes for whom the reliance on rules is an anathema. They argue that judges make decisions for a range of reasons which cannot be articulated or at least are not apparent on the face of the judgement given” (Stranieri & Zeleznikow, 2005a, Glossary). See, e.g., Rumble (1965), in the history of ideas. Wilfrid Rumble began his paper by stating (ibid., p. 547, his brackets):
Even now, the nature of American legal realism is the subject of widespread and often intense disagreement. Its significance has, to be sure, seldom been denied. Most jurists would agree with the evaluation of Mr. Justice Cardozo that “the most distinctive product of the last decade [the 1920’s] in the field of jurisprudence is the rise of a group of scholars styling themselves realists”. Nonetheless, the contours of this “product” are still not universally agreed upon. Even the legal realists were baffled. The confession of one — “I do not know what it [legal realism] means” — has been echoed by others.
- 205.
- 206.
Suppose that we have N tuples from k-dimensional space to compress. Han and Kamber (2001) say PCA searches for c k-dimensional orthogonal vectors that can be best used to represent the data, where c ≤ k. The original data is projected onto a much smaller space, resulting in data compression. PCA can be used as a form of dimensionality reduction. Unlike attribute subset selection, which reduces the attribute set size by retaining a subset of the initial set of attributes, PCA “combines” the essence of attributes by creating an alternative smaller set of variables. The initial data can then be projected onto this smaller set.
- 207.
- 208.
Email surveillance is the subject of, e.g., Browne and Berry (2005).
- 209.
Enron Email Dataset, http://www-2.cs.cmu.edu/enron/ and later on at http://www.cs.cmu.edu/~enron/ (maintained by W. W. Cohen). Moreover, the following is also available: Enron Employee Status Record, at http://isi.edu/~adibi/Enron/Enron Employee Status.xls
- 210.
- 211.
Role identification in a corpus of emails is a special case of automated text categorization.
- 212.
- 213.
“The user may have communication data existing in a variety of formats. SIGHTS handles the stand-alone input of a reasonable range of these formats in order to facilitate the introduction of new data into the program. Among these is a plain-text XML format which is well-documented. SIGHTS is also able to read from a database that is constructed according to specified guidelines. Blogs data is collected from LiveJournal.com blogs service provider. The semantic graph is constructed by creating a node for each blogger and the edge between any pair of bloggers who participated in the discussion in the comments of a post.” (from section 2 of Goldberg et al., 2008).
- 214.
“Blogs collector monitors LiveJournal.com update feed and records the permanent address of the post. Two weeks after the date of the initial post, the blogs collector visits the page of the post and collects the thread of comments using the screen-scraping techniques. Blogs collector allows the establishment of ‘interest filters’ that can narrow the data collection to posts on a certain topic. Blogs collector provides the interface for the analyst to tag posts as interesting and not interesting that will create the training set for the interest learning program. This information is also stored in the database and is accessible to other modules of the application” (from section 2 of Goldberg et al., 2008).
- 215.
Support vector machines are the subject of Section 6.1.9.3 in this book.
- 216.
http://en.wikipedia.org/wiki/Support_vector_machine (accessed in April 2011).
- 217.
Greg Stocksdale of the National Security Agency Information Systems Security Organization defined spoofing as “Pretending to be someone else. The deliberate inducement of a user or a resource to take an incorrect action. Attempt to gain access to an AIS [i.e., Automated Information System] by pretending to be an authorized user. Impersonating, masquerading, and mimicking are forms of spoofing” (Mena, 2003, p. 429). More precisely, Stocksdale defined mimicking as “Synonymous with impersonation, masquerading, or spoofing” (in Mena, 2003, p. 424). Moreover, Stocksdale gloassary also includes an entry for mockingbird, defined as “A computer program or process that mimics the legitimate behavior of a normal system feature (or other apparently useful function) but performs malicious activities once invoked by the user” (ibid.). Spoofing instead of masquerading sometimes occurs indeed in the terminology of the research literature. For example, Gosh et al. (2005) discussed InFilter, a tool whose teask is “predictive ingress filtering” for the purpose of detecting spoofed Internet Protocol (IP) traffic.
- 218.
We have said something about support vector machines at the end of Section 6.1.2.3.
- 219.
Computer forensics = French investigation informatique. Throughout this book, I haven’t tried to provide equivalent terminology across languages, but let us exemplify here how terminology differs, in the case of French: unless you are told or were already aware, you could not just guess the French term correctly, based on the English term.
- 220.
Data carrier = French support d’information.
- 221.
Digital evidence = French preuve numérique.
- 222.
Hash value = French empreinte numerique, or valeur de hachage.
- 223.
Chain of evidence = French rapport d’investigation.
- 224.
Chain of custody = French rapport de garde.
- 225.
Forensic copy = French copie-image.
- 226.
Kruse and Heiser (2002) is a book on computer forensics. As we couldn’t delve, here, in computer forensics any further, we confined ourselves to just providing a few definitions, that were loosely adapted from Lerti (2006). Handling digital evidence in relation to computer crime is the topic of Casey (2000 [new edn., 2004], 2001) and Kanellis et al. (2006). McHugh (2001) provides a historical and methodological overview of intrusion detection in computer security.
- 227.
Cf. Carrier & Spafford’s article (2004) “Event recostruction of digital crime scenes”.
- 228.
- 229.
I owe Dr. Jeimy Cano the information that the name digital anti-forensics has been in use (at least) since 2006, following an article at a conference by Harris (2006). Actually, the conference was at West Lafayette, Indiana, where Ryan Harris was based, pursuing a MS in information security from Purdue University.
- 230.
The New Technology File System (NTFS) is a file system developed and introduced by Microsoft in 1995 with Windows NT. As a replacement for the FAT file system, it quickly became the standard for Windows 2000, Windows XP and Windows Server 2003. NTFS keeps track of lots of time stamps. Each file has a time stamp for “Create”, “Modify”, “Access”, and “Entry Modified”. The latter refers to the time when the MFT entry itself was modified. These four values are commonly abbreviated as the MACE values. Other attributes in each NFT record may also contain timestamps that are of forensic value.
- 231.
http://en.wikipedia.org/wiki/Steganography “Generally, messages will appear to be something else: images, articles, shopping lists, or some other covertext and, classically, the hidden message may be in invisible ink between the visible lines of a private letter. The advantage of steganography, over cryptography alone, is that messages do not attract attention to themselves. Plainly visible encrypted messages — no matter how unbreakable — will arouse suspicion, and may in themselves be incriminating in countries where encryption is illegal. Therefore, whereas cryptography protects the contents of a message, steganography can be said to protect both messages and communicating parties.” (ibid.).
- 232.
“Until 1499 Trithemius’ reputation rested primarily on his monastic, mystical and humanist writings. Then, in that year, his magical notoriety burst onto the historical stage like a lightning bolt, signaled by a 1499 letter to a Carmelite friend, Arnold Bostius (1445–1499), announcing the birth of the art of steganography, a form of cryptography ostensibly invoking angels for the conveyance of secret messages. Far from having himself invented the art therein described, Trithemius assured Bostius, he had been instructed in its principles through a divine revelation. Inasmuch as the intended recipient had deceased prior to the letter’s arrival, the prior of his cloister gained access to its contents and, aghast at what he therein encountered, insti instigated the abbot’s necromantic legend. If the unforeseen disclosure of the Bostius epistle can be said to have delivered the first serious blow to Trithemius’s reputation, a second severe blow was inflicted in the following decade by the French scholar Carolus Bovillus (c. 1479–1553), who, following a 1503 Sponheim visit in which he was given access to the partially completed Steganographia, condemned its author in a widely circulated letter as a diabolically inspired sorcerer” (Brann, 2006, p. 1136).
- 233.
Of Trithemius’ Latin treatise Steganographia, hoc est, ars per occultam scripturam animi sui voluntatem absentibus aperiendi certa, published in Frankfurt on the Main “ex officina typographica Matthiae Beckeri, sumptibus Joannis Berneri”, in 1605, 1608, and 1621, there exists a partial English edition: The Steganographia of Johannes Trithemius, edited by Adam McLean, and translated by Fiona Tait, Christopher Upton and J. W. H. Walden. It was published in 1982 in Edinburgh, Scotland, in the Magnum Opus Hermetic Sourceworks.
- 234.
Generally speaking, concerning first responding officers, also called first responders (which strictly speaking is a broader category, as sometimes the earliest responders are members of the public), Miller (2003) writes: “The first responders at a crime scene are usually police officers, fire department personnel or emergency medical personnel. They are the only people who view the crime scene in its original condition. Their actions at the crime scene provide the basis for the successful or unsuccessful resolution of the investigation. They must perform their duties and remember that they begin the process that links victims to suspects to crime scenes and must never destroy the links” (ibid., p. 118).
- 235.
From http://www.sarc-wv.com/ This is the address of the site of the Steganography Analysis and Research Center within Backbone Security.
- 236.
- 237.
From http://www.sarc-wv.com/ This is the address of the site of the Steganography Analysis and Research Center within Backbone Security.
- 238.
See http://en.wikipedia.org/wiki/Chaffing_and_winnowing “Chaffing and winnowing is a cryptographic technique to achieve confidentiality without using encryption when sending data over an insecure channel. The name is derived from agriculture: after grain has been harvested and threshed, it remains mixed together with inedible fibrous chaff. The chaff and grain are then separated by winnowing, and the chaff is discarded. The technique was conceived by Ron Rivest. Although it bears similarities to both traditional encryption and steganography, it cannot be classified under either category. This technique is remarkable compared to ordinary encryption methods because it allows the sender to deny responsibility for encrypting their message. When using chaffing and winnowing, the sender transmits the message unencrypted, in clear text. Although the sender and the receiver share a secret key, they use it only for authentication. However, a third party can make their communication confidential by simultaneously sending specially crafted messages through the same channel.” An explanation of the workings (on which, variations exist) follows hereby (ibid.): “The sender (Alice) wants to send a message to the receiver (Bob). In the simplest setup, Alice enumerates the bits in her message and sends out each bit in a separate packet. Each packet contains the bit’s serial number in the message, the bit itself (both unencrypted), and a message authentication code (MAC) whose secret key Alice shares with Bob. Charles, who transmits Alice’s packets to Bob, interleaves the packets with corresponding bogus packets (called ‘chaff’) with corresponding serial numbers, the bits inverted, and a random number in place of the MAC. Charles does not need to know the key to do that. Bob uses the MAC to find the authentic messages and drops the ‘chaff’ messages. This process is called ‘winnowing’. Eve, an eavesdropper located between Alice and Charles, can easily read Alice’s message. But an eavesdropper between Charles and Bob would have to tell which packets are bogus and which are real (i.e., to winnow, or ‘separate the wheat from the chaff’). That is infeasible if the MAC used is secure and Charles does not leak any information on packet authenticity (e.g., via timing). When an adversary requires Alice to disclose her secret key, she can defend with the argument that she used the key merely for authentication and did not intend to make the message confidential. If the adversary cannot force Alice to disclose an authentication key (which knowledge would enable the adversary to forge messages from Alice), then her messages will remain confidential. On the other hand, Charles does not even possess any secret keys that he could be ordered to disclose.”
- 239.
http://en.wikipedia.org/wiki/Steganography “Contrary to the typical steganographic methods which utilize digital media (images, audio and video files) as a cover for hidden data, network steganography utilizes communication protocols’ control elements and their basic intrinsic functionality. As a result, such methods are harder to detect and eliminate” (ibid.).
- 240.
- 241.
- 242.
Halliwell et al. (2003) built upon the application of Bayesian networks (BNs) to inferring the probability of defence and prosecution statements based on forensic evidence. Halliwell et al. (2003) noted: “This is an important development as it helps to quantify the meaning of forensic expert testimony during court proceedings, for example, that there is ‘strong support’ for the defence or prosecution position. Due to the lack of experimental data, inferred probabilities often rely on subjective probabilities provided by experts. Because these are based on informed guesses, it is very difficult to express them accurately with precise numbers. Yet, conventional BNs can only employ probabilities expressed as real numbers.” (ibid., p. 42). This is oblivious to the critique of Bayesianism in law (see Sections 2.4 and 5.1 in this book). Halliwell et al. (2003) introduced an extension of probability theory, allowing to express subjective probabilities as fuzzy numbers.
- 243.
The GOMS (Goals, Operators, Methods, Selections) family of models of cognitive complexity includes the GOMS Keyboard-Level Model (KLM), developed by Kieras (2001), and which provides a tractable means of measuring human involvement in the operational process.
- 244.
John McHugh (2001) provides a historical and methodological overview of intrusion detection in computer security.
- 245.
The research literature about intrusion detection is vast. See, e.g., e volume edited by Kreibich and Jahnke (2010).
- 246.
Also see, e.g., Perdisci et al. (2009). They described the McPAD system.
- 247.
“It is not uncommon for the number of real attacks to be far below the false-alarm rate. Real attacks are often so far below the false-alarm rate that they are often missed and ignored” (http://en.wikipedia.org/wiki/Intrusion_detection_system).
- 248.
A signature is string of information that an intrusion detection sensor looks for in a packet sent through the network, and if the string matches the signature, then it is detected as an event in an intrusion detection context. Packets are small manageable pieces into which the data is broken up, so it could be sent through a network. A signature-based intrusion-detection system (IDS) “monitors packets in the Network and compares with preconfigured and predetermined attack patterns known as signatures. The issue is that there will be lag between the new threat discovered and Signature being applied in IDS for detecting the threat.During this lag time your IDS will be unable to identify the threat” (http://en.wikipedia.org/wiki/Intrusion_detection_system). “Many attacks are geared for specific versions of software that are usually outdated. A constantly changing library of signatures is needed to mitigate threats. Outdated signature databases can leave the IDS vulnerable to new strategies” (ibid.).
- 249.
- 250.
Misuse detection is the subject of, e.g., Kinder et al. (2005) and Meier et al. (2005).
- 251.
Anomaly detection within intrusion detection is the subject of, e.g., Valeur et al. (2005); Latendresse (2005); Agbaria and Friedman (2005). The research literature about this subject is vast. Bear in mind however that anomaly detection is a broader subject, as the more general topic looms large in data mining research. “Anomaly detection, also referred to as outlier detection, refers to detecting patterns in a given data set that do not conform to an established normal behavior. The patterns thus detected are called anomalies and often translate to critical and actionable information in several application domains. Anomalies are also referred to as outliers, surprise, aberrant, deviation, peculiarity, etc. Three broad categories of anomaly detection techniques exist. Supervised anomaly detection techniques learn a classifier using labeled instances belonging to normal and anomaly class, and then assign a normal or anomalous label to a test instance. Semi-supervised anomaly detection techniques construct a model representing normal behavior from a given normal training data set, and then test the likelihood of a test instance to be generated by the learnt model. Unsupervised anomaly detection techniques detect anomalies in an unlabeled test data set under the assumption that majority of the instances in the data set are normal” (http://en.wikipedia.org/wiki/Anomaly_detection). As to computer security: “Anomaly detection for IDS is normally accomplished with thresholds and statistics, but can also be done with soft computing [i.e., neural, genetic, or fuzzy techniques], and inductive learning. Types of statistics proposed by 1999 included profiles of users, workstations, networks, remote hosts, groups of users, and programs based on frequencies, means, variances, covariances, and standard deviations” (ibid.). It was Dorothy Denning (1986) who introduced anomaly detection for intrusion detection systems.
- 252.
Host-based intrusion detection is the subject of, e.g., Dreger et al. (2005).
- 253.
A document describing BSM is S.M. Inc.’s Sunshield Basic Security Module Guide, Solaris7 (Sun Part No. 8052635-10, October 1998).
- 254.
Available via anonymous FTP from ftp.ee.lbl.gov (by V. Jacobson, C. Leres, and S. McCanne, June 1989). ICP is the Transmission Control Protocol. The Internet is based (among the other things) on this protocol.
- 255.
A firewall is defined by Greg Stocksdale of the U.S. National Security Agency Information Systems security Organization as “A system or combination of systems that enforces a boundary between two or more networks. Gateway that limits access between networks in accordance with local security policy” (Mena, 2003, pp. 422–422). Stocksdale provided an example based on the UNIX operating systems: “The typical firewall is an inexpensive micro-based UNIX box kept clean of critical data, with many modems and public network ports on it, but just one carefully watched connection back to the rest of the cluster” (Mena 2003, p. 423). An application level gateway is defined by Stocksdale as “A firewall system in which service is provided by processes that maintain complete TCP [i.e., the Internet’s Transmission Control Protocol] connection state and sequencing. Application level firewalls often re-address traffic so that outgoing traffic appears to have originated from the firewall, rather than the internal host” (Mena 2003, p. 419).
- 256.
“Though they both relate to network security, an intrusion detection system (IDS) differs from a firewall in that a firewall looks outwardly for intrusions in order to stop them from happening. Firewalls limit access between networks to prevent intrusion and do not signal an attack from inside the network. An IDS evaluates a suspected intrusion once it has taken place and signals an alarm. An IDS also watches for attacks that originate from within a system. This is traditionally achieved by examining network communications, identifying heuristics and patterns (often known as signatures) of common computer attacks, and taking action to alert operators. A system that terminates connections is called an intrusion prevention system, and is another form of an application layer firewall” (http://en.wikipedia.org/wiki/Intrusion_detection_system).
- 257.
Yu et al. (2008) discussed biometric-based user authentication in mobile ad hoc networks. “In high security MANETs, continuous authentication is desirable so that a system can be monitored for the duration of the session to reduce the vulnerability. Biometrics provides some possible solutions to the authentication problem in MANETs, since it has direct connection with user identity” (ibid., p. 5). They proposed to use not just one biometric technology, but multimodal biometrics, in order “to exploit the benefits of one biometric while mitigating the inaccuracies of another. We propose an optimal multimodal biometric-based continuous authentication scheme in MANETs” (ibid.).
“Biometrics, which refers to identifying an individual based on his or her physiological or behavioral characteristics, has the capability to reliably distinguish between an authorized person and an imposter. A biometric system can be operated in two modes: (1) verification mode and (2) identification mode (Jain et al., 2000). The former is called person verification, or person authentication. A biometric system operating in the verification mode either accepts or rejects a user’s claimed identity, while a biometric system operating in the identification mode establishes the identity of the user without any claimed identity information” (Khuwaja, 2006, pp. 23–24). Jain et al. (1999) is a book on the subject. Bromby (2010) discussed how biometrics can aid certification of digital signatures. The most mature technique for person verification, or one of the most mature, is fingerprint-based identification. Other approaches are based on “face, hand geometry, iris, retina, signature, voice print, facial thermogram hand vein, gait, ear, odor, keystroke dynamics, etc.” (Khuwaja, 2006, p. 24). For example, iris recognition is the subject of Li et al. (2002), Yunhong et al. (2003). Retina recognition is discussed by Yoichi Seto (2009).
Biometric fusion (or information fusion in biometrics: Ross & Jain, 2003) is “[t]he general method of improving performance via collection of multiple samples” (Rattani, Mehrotra, & Gupta, 2008, p. 485). Multi-biometrics is “[t]he ability to utilize multiple biometrics modalities (multimodal), instances within a modality (multi-instance), and/or algorithms (multi-algorithmic) prior to making a sepecific verification / identification or enrollment decision” (ibid.), where enrollment is “[t]he initial process of collecting biometric data from a user and then storing it in a template for later use” (ibid., p. 484).
- 258.
In Canada, the joint editor of the Computational Intelligence journal, Ali Ghorbani, and his collaborators (Ren, Stakhanova, & Ghorbani, 2010) have described an online adaptive approach to alert correlation. Bear in mind that apart from machine learning (which is part of artificial intelligence), there also exist adaptive control (which is part of systems & control, historically a different discipline within the mathematics of engineering, concerned with the modelling of dynamic systems).
- 259.
Support vector machines (SVMs) are the subject of Section 6.1.9.3 in this book.
- 260.
Hu et al. (2003) presented an application robust support vector machines (RSVMs), to anomaly detection over noisy data. They described as follows the advantage of RSVMs for the purposes of intrusion detection: “RSVMs effectively address the over-fitting problem introduced by the noise in the training data set. With RSVMs, the incorporation of an averaging technique in the standard support vector machines makes the decision surface smoother and controls the amount of regularization automatically [...]. Moreover, the number of support vectors of RSVMs is significantly less compared to those of standard SVMs. Therefore, RSVMs have a faster testing time” (ibid., p. 168). RSVMs were introduced by Song et al. (2002), who applied them to bullet hole image classification.
- 261.
“Boosting improves the predictive power of classifier learning systems by adjusting the weights of training instances. It manipulates the training data in order to generate different classifiers. Boosting uses all instances at each repetition, but maintains a weight for each instance in the training set that reflects its importance; adjusting the weights causes the learner to focus on different instances and so leads to different classifiers. The multiple classifiers are then combined by voting to form a composite classifier” (Stranieri & Zeleznikow, 2005b).
- 262.
“AdaBoost, short for Adaptive Boosting, is a machine learning algorithm, formulated by Yoav Freund and Robert Schapire [(1997)]. It is a meta-algorithm, and can be used in conjunction with many other learning algorithms to improve their performance. AdaBoost is adaptive in the sense that subsequent classifiers built are tweaked in favor of those instances misclassified by previous classifiers. AdaBoost is sensitive to noisy data and outliers. However in some problems it can be less susceptible to the overfitting problem than most learning algorithms. AdaBoost calls a weak classifier repeatedly in a series of rounds t = 1, ...,T from a total T classifiers. For each call a distribution of weights D t is updated that indicates the importance of examples in the data set for the classification. On each round, the weights of each incorrectly classified example are increased (or alternatively, the weights of each correctly classified example are decreased), so that the new classifier focuses more on those examples” (http://en.wikipedia.org/wiki/AdaBoost).
- 263.
Wagging is the subject of section 7.4.2.2. in Rokach and Maimon (2008). “Wagging is a variant of Bagging [Bauer and Kohavi (1999)] in which each classifier is trained on the entire training set, but each instance is stochastically assigned a weight” (ibid., Rokach & Maimon’s brackets). Webb (2000, p. 161) explained wagging: “Wagging (Bauer & Kohavi, in press [1999]) is variant of bagging, that requires a base learning algorithm that can utilize training cases with differing weights. Rather than using random bootstrap samples to form the successive training sets, wagging assigns random weights to the cases in each training set. Bauer and Kohavi’s (in press [1999]) original formulation of wagging used Gaussian noise to vary the instance weights. However, this can lead to some instance weights being reduced to zero, effectively removing them from the training set. Instead, following a suggestion from J. R. Quinlan (personal communication, May 1998) the new technique uses the continuous Poisson distribution to assign random instance weights. As the assignment of instance weights by bagging can be modeled by the discrete Poisson distribution, use of the continuous Poisson distribution can be viewed as assigning instance weights using an equivalent distribution to bagging, but over a continuous rather than discrete space.”
- 264.
Contrast this to the theory of multiclass boosting of Indraneel Mukherjee and Robert Schapire (2011).
- 265.
Papers about the project are posted at the website of the Honeynet Project, under the rubric “Know Your Enemy” Whitepapers (http://www.honeynet.org/papers/).
- 266.
- 267.
By the late 2000s, Bill Cheswick was affiliated with the Department of Computer Science of Columbia University, in New York City.
- 268.
- 269.
http://en.wikipedia.org/wiki/Honeypot_(computing) At that webpage, a few types of honeypots are briefly described. For example, some honeypots are specilised as anti-spam tools. Moreover: “An e-mail address that is not used for any other purpose than to receive spam can also be considered a spam honeypot. Compared with the term spamtrap, the term ‘honeypot’ might better be reserved for systems and techniques used to detect or counter attacks and probes. Spam arrives at its destination ‘legitimately’ — exactly as non-spam e-mail would arrive” (ibid.). The Honeypot Project, which is open-source, “uses honeypot pages installed on websites around the world. These honeypot pages hand out uniquely tagged spamtrap e-mail addresses. E-mail address harvesting and spammers can then be tracked as they gather and subsequently send to these spamtrap e-mail addresses” (ibid.). Moreover, there also exist database honeypots: “Databases often get attacked by intruders using SQL Injection. Because such activities are not recognized by basic firewalls, companies often use database firewalls. Some of the available SQL database firewalls provide/support honeypot architectures to let the intruder run against a trap database while the web application still runs as usual” (ibid.).
- 270.
“Production honeypots are easy to use, capture only limited information, and are used primarily by companies or corporations; Production honeypots are placed inside the production network with other production servers by an organization to improve their overall state of security. Normally, production honeypots are low-interaction honeypots, which are easier to deploy. They give less information about the attacks or attackers than research honeypots do. The purpose of a production honeypot is to help mitigate risk in an organization. The honeypot adds value to the security measures of an organization. Research honeypots are run by a volunteer, non-profit research organization or an educational institution to gather information about the motives and tactics of the Blackhat community [see http://en.wikipedia.org/wiki/Black_hat] targeting different networks. These honeypots do not add direct value to a specific organization. Instead they are used to research the threats organizations face, and to learn how to better protect against those threats. This information is then used to protect against those threats. Research honeypots are complex to deploy and maintain, capture extensive information, and are used primarily by research, military, or government organizations” (ibid.).
- 271.
A worm is defined by Greg Stocksdale of the U.S. National Security Agency Information Systems security Organization as an “Independent program that replicates from machine to machine across network connections often clogging networks and information systems as it spreadsds” (Mena, 2003, p. 430). In contrast, a virus is “a program that can infect other programs by modifying them to include a possibly evolved copy of itself” (Stocksdale, in Mena, ibid.).
- 272.
The concept of a honeycomb was introduced by Christian Kreibich and Jon Crowcroft (2004). Kreibich has also been working on botnets (Caballero, Poosankam, Kreibich, & Song, 2009). Juan, Kreibich, Lin, and Paxson (2008), whose team also included Kreibich, discussed a tool for offline and live testing of evasion resilience in network intrusion detection systems. Cf. Dreger, Kreibich, Paxson, and Sommer (2005), on host-based intrusion detection.
- 273.
Honeyd is available as an open source, at http://www.honeyd.org
- 274.
When data is sent through a network, the data is broken up in to small manageable pieces called packets.
- 275.
Moreover (http://en.wikipedia.org/wiki/Application_protocol-based_intrusion_detection_system): “An application protocol-based intrusion detection system (APIDS) is an intrusion detection system that focuses its monitoring and analysis on a specific application protocol or protocols in use by the computing system. [...] An APIDS will monitor the dynamic behavior and state of the protocol and will typically consist of a system or agent that would typically sit between a process, or group of servers, monitoring and analyzing the application protocol between two connected devices. A typical place for an APIDS would be between a web server and the database management system, monitoring the SQL protocol specific to the middleware/business logic as it interacts with the database.” Monitoring dynamic behaviour on the part of an APIDS involves the following. “At a basic level an APIDS would look for, and enforce, the correct (legal) use of the protocol. However at a more advanced level the APIDS can learn, be taught or even reduce what is often an infinite protocol set, to an acceptable understanding of the subset of that application protocol that is used by the application being monitored/protected. Thus, an APIDS, correctly configured, will allow an application to be ‘fingerprinted’, thus should that application be subverted or changed, so will the fingerprint change” (ibid.). In general, regardless of their being protocol-based or otherwise, there is a class of intrusion detection systems that are known as middleware-level IDSs. For example, Naess, Frincke, McKinnon, and Bakken (2005) discussed configurable middleware-level intrusion detection for embedded systems.
- 276.
“Two or more honeypots on a network form a honeynet. Typically, a honeynet is used for monitoring a larger and/or more diverse network in which one honeypot may not be sufficient. Honeynets and honeypots are usually implemented as parts of larger network intrusion detection systems. A honeyfarm is a centralized collection of honeypots and analysis tools.” Quoted from http://en.wikipedia.org/wiki/Honeypot_(computing)
- 277.
http://en.wikipedia.org/wiki/Honeypot_(computing) citing Fred Cohen’s Deception Toolkit (in turn, accessed in 2006 at http://all.net/dtk/index.html).
- 278.
The source code of the nepenthes system is available from http://nepenthes.mwcollect.org
- 279.
“Shellcode parsing modules analyze the received payload and automatically extract relevant information about the exploitation attempt. Currently, only one shellcode parsing module is capable of analyzing all shellcodes received in the wild. The module works in the following way: First, it tries to decode the shellcode. Most shellcode is obfuscated with an XOR encoder. An XOR decoder is a common way to ‘encrypt’ the native shellcode in order to evade intrusion detection systems and string-processing functions. After decoding the code itself according to the computed key, this module then extracts more information from the shellcode (e.g., credentials). If enough information can be reconstructed to download the malware from a remote location, this information is passed to the next type of module” (Göbel et al., 2006, p. 20).
- 280.
- 281.
Ibid. Several such systems are briefly described at that webpage. So are several low-interaction client honeypots. “Low interaction client honeypots differ from high interaction client honeypots in that they do not utilize an entire real system, but rather use lightweight or simulated clients to interact with the server. (in the browser world, they are similar to web crawlers). Responses from servers are examined directly to assess whether an attack has taken place. This could be done, for example, by examining the response for the presence of malicious strings. Low interaction client honeypots are easier to deploy and operate than high interaction client honeypots and also perform better. However, they are likely to have a lower detection rate since attacks have to be known to the client honeypot in order for it to detect them; new attacks are likely to go unnoticed. They also suffer from the problem of evasion by exploits, which may be exacerbated due to their simplicity, thus making it easier for an exploit to detect the presence of the client honeypot” (ibid.).
- 282.
- 283.
- 284.
- 285.
Fraud, regalrdless of the Internet, has been approached within AI & Law in respect of ontologies: Vandenberghe, Leary, and Zeleznikow (2003) discussed the goal of developing a financial fraud ontology.
- 286.
- 287.
http://www.ebay.com This is a generalised auction site, in the sense that customers are allowed to put up many different kinds of items for sale on the auction site. But in respect of the mode of bidding, eBay has a forward auction facility. What distinguishes an auction from other forms of selling is that the seller puts up the items for sale, without giving a fixed price. Moreover, an auctioneer manages the process. “There are several different types of auctions, the most common ones being an increasing bid auction (English auction), a decreasing bid auction (Dutch auction), and a price quantity pair auction. Auctions found their way onto the internet as early as 1995” (Chan et al., 2001b, p. 384). On the Internet, increasing bid auctions are known as forward auctions, whereas decreasing bid auctions are known as reverse auctions. In a forward auction, “the seller puts up an item for sale and specifies an acceptable minimu price or reserve price that he is willing to accept. The item is then posted on the auction site together with the minimum price and the bidding is kept open for a specified period. During this period, potential buyers bid for the item and the latest high bid is displayed (but not the identity of the bidder). When the specified period lapses, the highest bidder is required to purchase the item at the bid price. There are clearly defined rules for the auction site that the bidder and the seller of the item are required to adhere to” (ibid., pp. 384–385).
By contrast, at a reverse auction “the seller puts up an item for sale at a high price. The price of this item is progressively reduced until a potential buyer accepts the bid and the items are then deemed to have been sold to the buyer” (ibid., p. 385). “An example of a decresing bid auction site is Klik klok, which auctions gold and jewellery” (ibid., p. 386). The third kind of auction is a price quantity pair auction: it “has potential buyers making a bid for a certain quantity of an item at a certain price and sellers offering to sell a given quantity at a specified price. The buyer’s bids are progressively increased and seller’s ‘asking’ price progressively decresed until matching bids are obtained and the requisite quantity is then deemed to have been sold to the buyer at the right bid price” (ibid., p. 385).
Sites like eBay are C2C auction sites, i.e., customer-to-customer sites, as opposed to B2B auctions, i.e., broker-to-broker auctions. One of the models of B2B auctions is “Use of a liquidation broker to sell excess items. In this case, the liquidation broker is essentially a third party auction site that does the auctioning for you” (ibid., p. 386). Otherwise, one may auction items at one’s own website, or one may resort to “the auction facility on a virtual market site that one is a participant in to auction excess inventory” (ibid.). These, too, are B2B models, according to Chan et al. (2001b). As to C2C auction sites, they are any of three types: generalised auction sites (such as eBay), specialised auction sites, or agent-based auction supporting sites, i.e. “agent based services or search engines that will allow a buyer to specify an item, and the mobile agent or search engine would then visit relevant new sites returning information on where the item can be found. An example of this is http://www.usaweb.com” (ibid., p. 386).
- 288.
From section “Online auction and retail schemes” at http://en.wikipedia.org/wiki/Internet_fraud Online auction fraud is akin to online retail fraud. “Online retail schemes involve complete online stores that appear to be legitimate. As with the auction scheme, when a victim places an order through such a site, their funds are taken but no goods are sent, or inferior goods are sent. In some cases, the stores or auctioneers were once legitimate, but eventually stopped shipping goods after accepting customer payments. Sometimes fraudsters will use phishing techniques to hijack a legitimate member accounts on an online auction site — typically an account with a strongly positive online reputation — and use it to set up a phony online store. In this case, the fraudster collects the money, while ruining the reputation of the conned eBay member. When victims complain that they have not received their goods, the legitimate account holder receives the blame. A more subtle variation of online auction fraud occurs when a seller ships an item to an incorrect address that is within the buyer’s ZIP code using the United States Postal Service’s Delivery Confirmation service. This service does not require the recipient to sign for the package, but offers confirmation that the Postal Service delivered the package within the specified ZIP code. The item shipped is usually an empty envelope with no return address and no recipient name, just a street address different from that of the victim. The delivery of the envelope with the Delivery Confirmation barcode attached suffices for the Postal Service to record the delivery as confirmed. The fraudster can then claim the package has been delivered, and offer the Delivery Confirmation receipt as proof to support the claim.” (ibid.).
- 289.
289Also consider PayPal fraud perpetrated by purchasers at eBay auctions. The following quotation is from section “PayPal fraud” at http://en.wikipedia.org/wiki/Internet_fraud “In a collection in person PayPal scheme, the scammer targets eBay auctions that allow the purchaser to personally collect the item from the seller, rather than having the item shipped, and where the seller accepts PayPal as a means of payment. The fraudster uses a fake address with a post office box when making their bids, as PayPal will allow such an unconfirmed address. Such transactions are not covered by PayPal’s seller protection policy. The fraudster buys the item, pays for it via PayPal, and then collects the item from the victim. The fraudster then challenges the sale, claiming a refund from PayPal and stating that they did not receive the item. PayPal’s policy is that it will reverse a purchase transaction unless the seller can provide a shipment tracking number as proof of delivery; PayPal will not accept video evidence, a signed document, or any form of proof other than a tracking number as valid proof of delivery. This form of fraud can be avoided by only accepting cash from buyers who wish to collect goods in person.”
- 290.
From a project report by C. Faloutsos, at http://www.cs.cmu.edu/~christos
- 291.
- 292.
See at http://en.wikipedia.org/wiki/Recommendation_system concerning recommender systems, also called recommendation systems. Cf. Leskovec, Singh, and Kleinberg (2006), “Patterns of Influence in a Recommendation Network”.
- 293.
For collaborative filtering, see at http://en.wikipedia.org/wiki/Collaborative_filtering
- 294.
The algorithm of PageRank (Brin & Page, 1998) was already outlined, it was eventually realised, in the notion of Katz centrality in a social network (Katz, 1953). See Section 6.1.2.1 in this book. a team in Seoul (Phuoc et al., 2009), interested in a good ranking system for World Wide Web search engines, compared the Katz status index, an old model, to PageRank.
- 295.
A different team, Yungchang Ku, Yuchi Chen and Chaochang Chiu, also proposed a data mining approach for detecting potential fraudsters at online auction sites (Ku et al., 2007a). Their approach is based on social network analysis and on a decision tree. The intended users are prospective buyers.
- 296.
A now old book about Markov random fields is the one by Ross Kindermann and J. Laurie Snell (1980). MRFs have been discussed in the artificial intelligence literature about belief propagation (e.g., Yedidia, Freeman, & Weiss, 2003). Moreover, MRFs can be used for a wide variety of machine vision or image processing problems, e.g. Mitchell (2010), Li (2009), Jin, Fieguth, and Winger (2005, cf. 2006), Kato and Pong (2001), Feng and Chen (2004). Yuri Boykov, Olga Veksler and Ramin Zabih (1998) combined MRFs with graph cuts: they reduced stereo vision to a multiway cut problem on a certain graph. Boykov et al. (1998) “focus on MRFs with two-valued clique potentials, which form a generalized Potts model. We show that the maximum a posteriori estimate of such an MRF can be obtained by solving a multiway minimum cut problem on a graph. We develop efficient algorithms for computing good approximations to the minimum multiway, cut. The visual correspondence problem can be formulated as an MRF in our framework” (ibid., from the abstract). They also applied their “techniques to MRFs with linear clique potentials” (ibid.).
Also see Wu and Chung (2005a, 2005b): they “introduce[d] a novel energy minimization method, namely iterated cross entropy with partition strategy (ICEPS), into the Markov random field theory. The solver, which is based on the theory of cross entropy, is general and stochastic. Unlike some popular optimization methods such as belief propagation (BP) and graph cuts (GC), ICEPS makes no assumption on the form of objective functions and thus can be applied to any type of Markov random field (MRF) models. Furthermore, compared with deterministic MRF solvers, it achieves higher performance of finding lower energies because of its stochastic property. We speed up the original cross entropy algorithm by partitioning the MRF site set and assure the effectiveness by iterating the algorithm. In the experiments, we apply ICEPS to two MRF models for medical image segmentation and show the aforementioned advantages of ICEPS over other popular solvers [...]” (Wu & Chung, 2005a, from the abstract).
Hiroshi Ishikawa (2003) proposed a method to solve exactly a first order Markov random field optimization problem, more generally than available before. “The MRF shall have a prior term that is convex in terms of a linearly ordered label set. The method maps the problem into a minimum-cut problem for a directed graph, for which a globally optimal solution can be found in polynomial time. The convexity of the prior function in the energy is shown to be necessary and sufficient for the applicability of the method” (ibid., from the abstract).
Du, Li, Chen, Zhang, and Yao (2006) combined MRFs with the well-known simulated annealing optimisation technique (itself inspired by annealing in metallurgy, which involves heating and controlled cooling) as well as with optimisation by means of a genetic algorithm, for the purposes of image segmentation. In annealing from metallurgy, the heat causes the atoms to become unstuck from their initial positions and wander randomly through states of higher energy. Their being cooled slowly gives them more chances of finding configurations with lower internal energy than the initial one. In simulated annealing, each step of the algorithm replaces the current solution by a nearby solution, chosen randomly with a probability that depends both on the difference between the corresponding function values and also on a global parameter called the temperature. The temperature is gradually decreased during the process. The dependency is such that the current solution changes almost randomly when the temperature is large, but increasingly downhill as the temperature goes to zero. Allowing uphill moves potentially saves the method from becoming stuck at local optima. (For convenience, this explanation is partly reworded from http://en.wikipedia.org/wiki/Simulated_annealing) Uphill and downhill belong to the standard terminology of operations research (i.e., optimisation techniques), as moving towards a minimum or a maximum is metaphorised as moving through rough terrain. The Boltzmann machine is a neural network that uses the idea of simulated annealing for updating the network’s state (Ackley, Hinton, & Sejnowski, 1985).
- 297.
This is so because enumerating all states would be exponential in time, and because of the lack of any known theoretic method that would solve this problem for a general MRF. Wu & Chung explained (2005a, p. 230), concerning various methods (including belief propagation, or alternatively simulated annealing, or iterated conditional modes, or graph cuts, or mean field approximation, or relaxation labelling, or graduated nonconvexity), as well as their own application of cross entropy:
One of the earliest efforts to optimize MRF objective functions was made by Kirkpatrick, Gellatt, and Vecchi [(1983)] who proposed the solver, simulated annealing (SA). SA can guarantee to converge to a global minimum as long as the temperature is decreasing slowly enough which makes SA too slow for practical use especially for clinical data. Another pioneering work was done by Besag [(Besag, 1986)], where the iterated conditional modes (ICM) was presented. This is a fast solver at the cost that it finds local optima in a neighborhood where only one site label is allowed to change. After those two methods, quite a few solvers were introduced [(Li, 2009, 3rd edn., this citation is to the previous edn. 2001)], such as mean field approximation (MFa), relaxation labeling (RL), graduated nonconvexity (GNC), etc. Recently two efficient and fairly accurate solvers, belief propagation (BP) [(Yedidia et al., 2003)] and graph cuts (GC) [(Boykov, Veksler, & Zabin, 2001)], were proposed. These two solvers are now often used for MRF models because they give good accuracy in an efficient way, which means they can find “global” optima within a rather large neighborhood while maintaining acceptable time complexity. [...] BP and GC are not applicable to all types of objective functions. They obtain their accuracy at the cost of function form restrictions. For example, standard BP is only proper for pairwise MRFs and generalized BP is either not for all functions [(Yedidia et al., 2003)]. So we cannot solve by BP such MRF models as FRAME [(Zhu, Wu, & Mumford, 1996, cf. 1998)] or multi-level logistic (MLL) with more than two sites in a clique [(Li, 2001)]. The same situation occurs for graph cuts because GC will work only when the energy function is regular [(Kolmogorov & Zabih, 2004)]. These may considerably limit the usage of the two popular solvers. In this paper, we proposed a new simple stochastic solver for MRF modeling, called cross entropy (CE). This idea is originated from the field of operations research to simulate rare events [(Rubinstein, 1997)]. This paper combines the idea of CE with MRF theory for the first time and applies the whole model to medical image segmentation. The CE solver is a general and stochastic optimization method that can be applied to any kind of MRF formulation. Unlike BP and GC, CE makes no assumption on the form of the objective function so it is able to solve more complicated MRF models. The efficient CE solver is completely insensitive to initialization and more importantly, as a stochastic method, CE tends to find more global optimum than deterministic solvers like BP.
- 298.
Brin and Page were affiliated with Stanford University when they published that paper, in which they explained how Google crawls and indexes the Web. They explained: “Google is designed to crawl and index the Web efficiently and produce much more satisfying search results than existing systems. The prototype with a full text and hyperlink database of at least 24 million pages is available at http://google.stanford.edu/ To engineer a search engine is a challenging task. Search engines index tens to hundreds of millions of web pages involving a comparable number of distinct terms. They answer tens of millions of queries every day. Despite the importance of large-scale search engines on the web, very little academic research has been done on them. Furthermore, due to rapid advance in technology and web proliferation, creating a web search engine today is very different from three years ago. This paper provides an in-depth description of our large-scale web search engine — the first such detailed public description we know of to date. Apart from the problems of scaling traditional search techniques to data of this magnitude, there are new technical challenges involved with using the additional information present in hypertext to produce better search results” (from the abstract of Brin & Page, 1998).
- 299.
In the conclusions section, Kleinberg (1998) stated, among the other things: “We began with the goal of discovering authoritative pages, but our approach in fact identifies a more complex pattern of social organization on the WWW [i.e., the World Wide Web], in which hub pages link densely to a set of thematically related authorities. This equilibrium between hubs and authorities is a phenomenon that recurs in the context of a wide variety of topics on the WWW. Measures of impact and influence in bibliometrics have typically lacked, and arguably not required, an analogous formulation of the role that hubs play; the www is very different from the scientific literature, and our framework seems appropriate as a model of the way in which authority is conferred in an environment such as the Web.”
- 300.
Zoltan Gyongyi, Hector Garcia-Molina, and Jan Pedersen has published that article while at Stanford University. They explained: “Web spam pages use various techniques to achieve higher-than-deserved rankings in a search engine’s results. While human experts can identify spam, it is too expensive to manually evaluate a large number of pages” (from the abstract of Gyongyi et al., 2004). As an alternative, the paper “propose[d] techniques to semi-automatically separate reputable, good pages from spam. We first select a small set of seed pages to be evaluated by an expert. Once we manually identify the reputable seed pages, we use the link structure of the web to discover other pages that are likely to be good. In this paper we discuss possible ways to implement the seed selection and the discovery of good pages” (ibid.). Experiments whose results were presented in the paper had been “run on the World Wide Web indexed by AltaVista and evaluate the performance of our techniques. Our results show that we can effectively filter out spam from a significant fraction of the web, based on a good seed set of less than 200 sites” (ibid.).
- 301.
Neville and Jensen (2003, p. 78): “In this paper, we introduce relational dependency networks (RDNs), an undirected graphical model for relational data. We show how RDNs can be learned and how RDNs and Gibbs sampling can be used for collective classification. Because they are undirected graphical models, RDNs can represent the cyclic dependencies required to express autocorrelation, and they can express a joint probability distribution, rather than only a single conditional distribution. In addition, they are relatively simple to learn and easy to understand. We show preliminary results indicating that collective inference with RDNs offers improved performance over non-collective inference that we term ‘individual inference’. We also show that RDNs applied collectively can perform near the theoretical ceiling achieved if all labels of neighbors are known with perfect accuracy. These results are very promising, indicating the potential utility of additional exploration of collective inference with RDNs.” In the example dataset from the movie domain, there are three types of objects: movies, studios, and actors (ibid., p. 83).
- 302.
Besides, Pandit et al. (2007, p. 203) considered graph mining to be more remotely related to their own research on NetProbe. In particular, whereas NetProbe carries out systematic, large-scale checks on auction site user transactions, in graph mining either topologies are uncovered on the Web, or then fast algorithms are devised with the task of searching and mining for specific, or frequent graph patterns. Examples of such graph mining algorithms are embodied in tools such as gSpan (Yan & Han, 2002) for mining frequent subgraph patterns (cf. Yan, Zhu, Yu, & Jan, 2006) – a task which falls within frequent pattern mining (of which Han et al., 2007 is a survey) – and the GraphMiner system (Wang et al., 2005). Related algorithms were described in Pei, Jiang, and Zhang (2005), Yan, Zhou, and Han (2005), and Zeng, Wang, Zhou, and Karypis (2006). The latter proiposed a graph mining algorithm called Cocain.
Temporal data mining was surveyed by Laxman and Sastry (2006). Discovering frequent patterns in an event sequence fits in that area, whereas episode mining fits in both that area, and graph mining. “Discovering patterns in a sequence is an important aspect of data mining. One popular choice of such patterns are episodes, patterns in sequential data describing events that often occur in the vicinity of each other. Episodes also enforce in which order events are allowed to occur” (Tatti & Cule, 2010, from the abstract). “A pattern in a sequence is usually considered to be a set of events that reoccurs in the sequence within a window of a specified length. Gaps are allowed between the events and the order in which the events occur is often also considered important. Frequency, the number of sliding windows in which the episode occurs, is monotonically decreasing” (ibid., section 1). “The order restrictions of an episode are described by a directed acyclic graph (DAG): the set of events in a sequence covers the episode if and only if each event occurs only after all its parent events (with respect to the DAG) have occurred […] Usually, only two extreme cases are considered. A parallel episode poses no restrictions on the order of events, and a window covers the episode if the events occur in the window, in any order. In such a case, the DAG associated with the episode contains no edges. The other extreme case is a serial episode. Such an episode requires that the events occur in one, and only one, specific order in the sequence. Clearly, serial episodes are more restrictive than parallel episodes. If a serial episode is frequent, then its parallel version is also frequent.” (ibid.). Also see Tatti (2009), Zhou et al. (2010), Gwadera et al. (2005a, 2005b), Casas-Garriga (2003), and Mannila, Toivonen, and Verkamo (1997).
- 303.
Neville et al. (2005) was jointly authored by a computer scientists team from the University of Massachusetts at Amherst (Jennifer Neville, Özgür Şimşek, and David Jensen), and a team from NASD, the National Association of Securities Dealers (John Komoroske, Kelly Palmer, and Henry Goldberg). In 2011, Jennifer Neville was affialiated with Purdue University in West Lafayette, Indiana.
- 304.
NASD is in Washington, D.C. It was established in 1939. “NASD has a nationwide staff of more than 2,000, and its regulatory responsibility now includes 5,200 securities firms that operate more than 100,000 branch offices and employ 660,000 individual securities brokers” (Neville et al., 2005, section 2.1).
- 305.
As stated by Neville et al. (2005, section 2.2): “CRD was established to aid in the licensing and registration of its broker-dealers and the brokers who work for them. CRD maintains information on all federally registered broker-dealers and brokers for the SEC [i.e., the U.S. Securities and Exchange Commission], NASD, the states, and other federally authorized private sector regulators, such as the New York Stock Exchange. Originally implemented in June 1981, CRD has grown to include data on approximately 3.4 million brokers, 360,000 branches, and 25,000 firms. For firms, CRD information includes data such as ownership and business locations. For individual brokers, CRD includes qualification and employment information. Information in CRD is self-reported by the registered firms and brokers, although incorrect or missing reports can trigger regulatory action by NASD.”
- 306.
The HRB model is NASD’s identification of high-risk brokers by handcrafted rules. Neville et al. explained (2005, section 3): “Currently, NASD generates a list of higher-risk brokers (HRB) using a set of handcrafted rules they have formed using their domain knowledge and experience. This approach has two weaknesses we aim to address. First, the handcrafted rules simply categorize the brokers as ‘higher-risk’ and ‘lower-risk’ rather than providing a risk-ordered ranking. A ranking would be more useful to examiners as it would allow them to focus their attention on brokers considered to have the highest risk. Second, NASD’s handcrafted rules use only information intrinsic to the brokers. In other words, they do not utilize relational context information such as the conduct of past and current coworkers. NASD experts believe that organizational relationships can play an important role in predicting serious violations. For example, brokers that have had serious violations in the past may influence their coworkers to participate in future schemes. Furthermore, some firms tend to be associated with continuous misconduct (i.e., they do not regulate their own employees and may even encourage violations). Lastly, higher-risk brokers sometimes move from one firm to another collectively, operating in clusters, which heightens the chance of regulatory problems. A model that is able to use relational context information has the potential to capture these types of behavior and provide more accurate predictions.”
- 307.
Neville et al. (2005, p. 457) also indicated some limitations: “That said, the available data provide only relatively weak abilities to exploit the relational aspects of the domain. In CRD, individual brokers are directly related only through firms. Even branch relationships have to be inferred from address information, although this limitation will be obviated beginning this October [2005] when each broker will be systematically linked to a branch. More importantly, we do not know which individual brokers work together directly, nor what other social or organizational relationships they may share. To enhance their knowledge of potential links among individuals, NASD is investigating other recent technologies, most notably the NORA (Non-Obvious Relationship Awareness) system produced by Systems Research and Development, a Nevada-based company recently acquired by IBM. Such relationships could add substantially to the data analyzed in the work reported here, which could only use branch and firm relations present in CRD. The work reported here also exemplifies a framework that may be useful to projects that seek to develop screening tools to aid field examiners working in other domains such as health care, insurance, banking, and environmental health and safety. In such cases, development of a labeled training set may be impractical in the initial stages of a project. While the most accurate class labels would be the judgments of examiners, examiners’ time is typically limited and organizations may be understandably skeptical about devoting large amount of examiners’ time to labelling data sets.”
- 308.
What is meant is that inside the graph which represents the online auction site, one expects to find such subsets of the nodes (i.e., such subsets of the users), that the given subset is a complete bipartite graph. That is to say, the given subset could be divided into two subsubsets, and each node in either subsubset has edges linking it to all nodes in the other subsubset. If we replace “all” with “one or more of the”, then we would have a bipartite graph that is not a complete bipartite graph. This is also a possibility that is relevant for detecting fraudsters and their accomplices at sites like eBay.
In the application at hand, which is to fraudsters at an online auction site, a fraudster is linked to all of his or her accomplices, but two or more fraudsters may share accomplices. If a particular fraudster is the only fraudster using his or her accomplices, that is to say, if the fraudster has exclusive use of his or her accomplices, then one of the two subsubsets in the (complete) bipartite core is a singleton set, i.e., such a set that it only contains one element. It may also be that if the subsubset comprising the fraudsters comprises more than one fraudster, then the bipartite core is not a complete bipartite graph, because it may be that one of the fraudsters in the fraudsters’ subsubset is only using some of the accomplices of another fraudster in that subsubset, and the former fraudster may be using as well some accomplices that the latter fraudster is not using.
- 309.
In fact, Prof. Christos Faloutsos (http://www.cs.cmu.edu/~christos), who supervised the development of NetProbe at Carnegie Mellon University, is also quite active in graph mining, and, in particular, in researching evolving graphs. See Section 6.2.4 below.
- 310.
In computer science, an incremental system is such that additions do not intrude into what was already there. This prevents having to do extensive changes to what one already had, once a new version is installed.
- 311.
- 312.
See a long slide presentation, graphMining.ptt, at the same website.
- 313.
In an overview of the application of tensor factorisations and decompositions in data mining, Morten Mørup explains (2011, p. 24): “Tensors, or multiway arrays, are generalizations of vectors (first-order tensors) and matrices (second-order tensors) to arrays of higher orders (N >2). Hence, a third-order tensor is an array with elements x i, j,k . Tensor decompositions are in frequent use today in a variety of fields ranging from psychology, chemometrics, signal processing, bioinformatics, neuroscience, web mining, and computer vision to mention but a few. Factorizing tensors have several advantages over two-way matrix factorization such as uniqueness of the optimal solution (without imposing constraints such as orthogonality and independence) and component identification even when only a relatively small fraction of all the data is observed (i.e., due to missing values). Furthermore, multiway decomposition techniques can explicitly take into account the multiway structure of the data that would otherwise be lost when analyzing the data by matrix factorization approaches by collapsing some of the modes. Tensor decompositions are in frequent use in psychometrics in order to address questions such as ‘which group of subjects behave differently on which variables under which conditions?’” Arguably, this may also be useful for data mining for investigative purposes or for criminal intelligence purposes.
- 314.
The projects of Faloutsos’ team mentioned in Section 6.2.4.1 were described in See Tong, Faloutsos, and Jia-Yu Pan (2006); Tong and Faloutsos (2006); Leskovec, Kleinberg, and Faloutsos (2005); Leskovec, Chakrabarti, Kleinberg, and Faloutsos (2005); Leskovec and Faloutsos (2007); Sun, Tao, and Faloutsos (2006); Sun, Xie, Zhang, and Faloutsos, 2007).
- 315.
Data mining has been applied to malware detection also by Muazzam Ahmed Siddiqui in his doctoral thesis discussed in Orlando, Florida (Siddiqui, 2008).
- 316.
The tool was probably named Polonium because of its association with the doctoral student “Polo” Chau, or at any rate the coincidence is apt, but the official explanation is that Polonium is an acronym for Propagation Of Leverage Of Network Influence Unearths Malware.
- 317.
- 318.
At http://www.symantec.com/norton/security_response/malware.jsp Symantec provides definitions for kinds of malware.
- 319.
Emphasis in the original.
- 320.
Social influence is the subject of the papers in Forgas and Williams (2001). LaFond and Neville (2010) carried out randomisation tests for distinguishing social influence and homophily effects. A clear case where social influence is posited, is in the NASD beliefs that for determining the reputation of sock brokers, association with disreputable brokers is tarnishing, because one may be influenced into behaving irregularly like them (Neville et al., 2005). See fn 189 sqq. above.
In artificial intelligence, Charlotte Gerritsen, Michel Klein and Tibor Bosse applied agent-based simulation to criminology: “A large group of offenders only shows criminal behaviour during adolescence. This kind of behaviour is largely influenced by the interaction with others, through social learning” (ibid., from the abstract). Their own study set to “to simulate social learning of adolescence-limited criminal behaviour, illustrated for a small school class. The model is designed in such a way that it can be compared with data resulting from a large scale empirical study” (ibid., from the abstract).
- 321.
See an explanation in fn 207 below.
- 322.
“The algorithm stops when the beliefs converge (within some threshold. 10–5 is commonly used), or a maximum number of iterations has finished. Although convergence is not guaranteed theoretically for generally graphs, except for those that are trees, the algorithm often converges in practice, where convergence is quick and the beliefs are reasonably accurate.” (Chau et al., 2010). In particular, in Polonium, there is a departure from how usually a belief propagation is made to terminate, and this involves how true positive rates (TPR) rather than false positive rates (FPR) are treated: “the Polonium algorithm’s termination criterion is goal-oriented, meaning the algorithm stops when the TPR does not increase any more (at the preset 1% FPR). This is in contrast to Belief Propagation’s convergence-oriented termination criterion. In our premise of detecting malware, the goal-oriented approach is more desirable, because our goal is to classify software into good or bad, at as high of a TPR as possible while maintaining low FPR — the convergence-oriented approach does not promise this; in fact, node beliefs can converge, but to undesirable values that incur poor classification accuracy. We note that in each iteration, we are trading FPR for TPR. That is, boosting TPR comes with a cost of slightly increasing FPR. When the FPR is higher than desirable, the algorithm stops” (ibid.).
- 323.
Coplink is accessible at http://ai.bpa.arizona.edu/coplink
- 324.
Also see Schroeder, Xu, Chen, and Chau (2007).
- 325.
Consider, within data mining, the task of frequent pattern mining, of which Han, Cheng, Xin, and Yan (2007) is a survey. They explained (ibid., p. 56): “Frequent patterns are itemsets, subsequences, or substructures that appear in a data set with frequency no less than a user-specified threshold. For example, a set of items, such as milk and bread, that appear frequently together in a transaction data set, is a frequent itemset. A subsequence, such as buying first a PC, then a digital camera, and then a memory card, if it occurs frequently in a shopping history database, is a (frequent) sequential pattern. A substructure can refer to different structural forms, such as subgraphs, subtrees, or sublattices, which may be combined with itemsets or subsequences. If a substructure occurs frequently in a graph database, it is called a (frequent) structural pattern. Finding frequent patterns plays an essential role inmining associations, correlations, and many other interesting relationships among data. Moreover, it helps in data indexing, classification, clustering, and other data mining tasks as well. Thus, frequent pattern mining has become an important data mining task and a focused theme in data mining research. Frequent pattern mining was first proposed by Agrawal et al. (1993) for market basket analysis in the form of association rule mining. It analyses customer buying habits by finding associations between the different items that customers place in their ‘shopping baskets’. For instance, if customers are buying milk, how likely are they going to also buy cereal (and what kind of cereal) on the same trip to the supermarket? Such information can lead to increased sales by helping retailers do selective marketing and arrange their shelf space. Since the first proposal of this new data mining task and its associated efficient mining algorithms, there have been hundreds of follow-up research publications, on various kinds of extensions and applications, ranging from scalable data mining methodologies, to handling a wide diversity of data types, various extended mining tasks, and a variety of new applications.”
- 326.
For these concepts, see in Section 6.1.2.1 above; cf. in fn 14.
- 327.
By messages, what is intended is incoming documents whose text is unformatted; that is to say, they are free-text. The arrival of such textual records is referred to as unformatted message traffick.
- 328.
DARPA is the United States’ Defense Advanced Research Projects Agency.
- 329.
Lee (1998, p. 63) pointed out that event types had to be more specific per area of application, than the entities to be stored in the relational database. Entities of interest as listed, included: Individuals, Organisations (government, commercial, military, extralegal, and so forth), Places (of various grainsizes, ranging from street addresses to entire continents), Facilities (such as factories, airports, hotels, or warehouses), Documents (such as passports, driver’s licenses, or bank book), Money, Vehicles (air, land, or sea), Drugs, and Weapons. By contrast (ibid.):
For Counter-Drug analysts, the events include:
-
• Processing, purchasing, transporting, etc of drugs
-
• Planning, meeting, or communicating about any of the above
-
• Arrest of traffickers or sezure of drugs, money, weapons, etc.
For Counter-Terrorism analysts, on the other hand, the events include:
-
• Killing, kidnapping, hostage-taking, etc of people
-
• Bombing, hijacking, etc of buildings and vehicles
-
• Buying, stealing, etc of weapons and money
-
• Training in weapons and tactics
-
• Arrest, conviction, punishment etc of terrorists
-
- 330.
Incidentally, e.g. Anne Alvesalo (2003) discusses the investigation of economic crime.
- 331.
They actually store the data in a relational database, and queries are in SQL (ibid., p. 85).
- 332.
Concerning nested relations, see in fn 47 above, and in the text citing that footnote.
- 333.
References
Abiteboul, S., Fischer, P. C., & Schek, H.-J. (Eds.). (1989). Nested relations and complex objects in databases. Lecture Notes in Computer Science, Vol. 361. Berlin: Springer.
Abrahams, A. S., Eyers, D. M., & Bacon, J. M. (2009). Structured storage of legal precedents using a minimal deontic ontology, for computer assisted legal document querying. International Journal of Metadata, Semantics and Ontologies, 4(3), 196–211.
Ackley, D. H., Hinton, G. E., & Sejnowski, T. J. (1985). A learning algorithm for Boltzmann machines. Cognitive Science, 9, 147–169.
Adderley, R., & Musgrove, P. (2003a). Modus operandi modeling of group offending: A case study. Section 6.12 In J. Mena (Ed.), Investigative data mining for security and criminal detection (pp. 179–195). Amsterdam & Boston: Butterworth-Heinemann (of Elsevier).
Adderley, R., & Musgrove, P. (2003b). Modeling the behavior of offenders who commit serious sexual assaults: A case study. Sec. 12.4 In J. Mena (Ed.), Investigative data mining for security and criminal detection (348–362). Amsterdam & Boston: Butterworth-Heinemann (of Elsevier).
Adderley, R., & Musgrove, P. B. (2003c). Clustering burglars: A case study. Section 1.15 In J. Mena (Ed.), Investigative data mining for security and criminal detection (pp. 24–37). Amsterdam & Boston: Butterworth-Heinemann (of Elsevier).
Adriaans, P., & Zantinge, D. (1996). Data mining. Reading, MA: Addison Wesley.
Aggarwal, C. C. (2011). Social network data analysis. Berlin: Springer.
Aikenhead, M. (1996). The uses and abuses of neural networks in law. Santa Clara Computer and High Technology Law Journal, 12(1), 31–70.
Alexander, R. (1992). Mediation, violence and the family. Alternative Law Journal, 17(6), 276–299.
Alvesalo, A. (2003). Economic crime investigators at work. Policing & Society, 13(2), 115–138 (Taylor & Francis).
Anouncia, S. M., & Saravanan, R. (2007). Ontology based process plan generation for image processing. International Journal of Metadata, Semantics and Ontologies, 2(3), 211–222.
Argamon, S., Bloom, K., Esuli, A., & Sebastiani, F. (2009). Automatically determining attitude type and force for sentiment analysis. In Z. Vetulani & H. Uszkoreit (Eds.), Responding to information society challenges: New advances in human language technologies (pp. 218–231). Lecture Notes in Artificial Intelligence, Vol. 5603. Berlin: Springer.
Arnold, K. (1971). Johannes Trithemius (1462–1516). Würzburg, West Germany: Kommissionsverlag Ferdinand Schoningh. 2nd edn. (1991).
Ashley, K. (1991). Modeling legal argument: Reasoning with cases and hypotheticals. Cambridge, MA: The MIT Press (Bradford Books).
Atib, H., & Zeleznikow, J. (2005). A methodology for constructing decision support systems for crime detection. In R. Khosla, R. J. Howlett, & L. C. Jain (Eds.), Knowledge-based intelligent information and engineering systems: Ninth international conference, KES 2005, Melbourne, Australia, September 14–16, 2005, Proceedings, Part IV (pp. 823–829). (Lecture Notes in Computer Science, Vol. 3684.) Berlin: Springer.
Baader, F., Calvanese, D., McGuinness, D. L., Nardi, D., & Patel-Schneider, P. F. (Eds.). (2003). The description logic handbook: Theory, implementation, and applications. Cambridge, England: Cambridge University Press.
Baeza-Yates, R., & Ribeiro-Neto, B. (1999). Modern information retrieval. Boston: Addison Wesley.
Barnett, V., & Lewis, T. (1994). Outliers in statistical data (3rd ed.). New York: Wiley.
Barzilay, R., & Elhadad, M. (1999). Using lexical chains for text summarization. In I. Many & M. T. Maybury (Eds.), Advances in automatic text summarization (pp. 111–121). Cambridge, MA: The MIT Press.
Batagelj, V., & Mrvar, A. (1998). Pajek: Program for large network analysis. Connections, 21(2), 47–57.
Bauer, E., & Kohavi, R. (1999). An empirical comparison of voting classification algorithms: Bagging, boosting, and variants. Machine Learning, 35, 1–38.
Baxendale, P. B. (1958). Machine-made index for technical literature: An experiment. IBM Journal of Research and Development, 2(4), 354–361.
Bellucci, E., & Zeleznikow, J. (2005). Developing negotiation decision support systems that support mediators: A case study of the Family_Winner system. Artificial Intelligence and Law, 13(2), 233–271.
Benenson, I., & Torrens, P. M. (2004). Geosimulation: Object-based modeling of urban phenomena. Computers, Environment and Urban Systems, 28(1/2), 1–8.
Benajmins, V. R., Casanovas, P., Breuker, J., & Gangemi, A. (Eds.). (2005). In Proceedings of law and the semantic web [2005]: Legal ontologies, methodologies, legal information retrieval, and applications. (Lecture Notes in Computer Science, Vol. 3369.) Berlin: Springer.
Bennett, K. P., & Campbell, C. (2000). Support vector machines: Hype or Hallelujah? SIGKDD Explorations, 2(2), 1–13. New York: ACM Press.
Berners-Lee, T., Hendler, J., & Lassila, O. (2001). The semantic web. Scientific American, 284(5), 34–43.
Berry, M., & Browne, M. (2005). Understanding search engines: Mathematical modeling and text retrieval (Software, Environments, Tools). Philadelphia, PA: SIAM.
Bertin, J. (1983). Semiology of graphics: Diagrams, networks, maps. Madison, WI: University of Wisconsin Press.
Bertino, E., Catania, B., & Wong, L. (1999). Finitely representable nested relations. Information Processing Letters, 70(4), 165–173.
Besag, J. (1986). On the statistical analysis of dirty pictures. Journal of the Royal Statistical Society, Series B, 48, 259–302.
Birkhoff, G. (1967). Lattice theory (3rd ed.) (Colloquium Publications, 25). Providence, RI: American Mathematical Society. Reprinted 1984.
Blueschke, A., & Lacis, A. (1996). Examination of line crossings by low KV scanning electron microscopy (SEM) using photographic stereoscopic pairs. Journal of Forensic Science, 41(1), 80–85.
Borgulya, I. (1999). Two examples of decision support in the law. Artificial Intelligence and Law, 7(2/3), 303–321.
Boykov, Y., Veksler, O., & Zabin, R. (2001). Fast approximate energy minimization via graph cuts. IEEE Transactions on Pattern Analysis and Machine Intelligence (IEEE PAMI), 23, 1222–1239.
Bradac, J. J., Hemphill, M. R., & Tardy, C. H. (1981). Language style on trial: Effects of ‘powerful’ and ‘powerless’ speech upon judgements of victims and villains. Western Journal of Speech Communication, 45, 327–341.
Brandes, U., Kenis, P., Raab, J., Schneider, V., & Wagner, D. (1999). Explorations into the visualization of policy networks. Journal of Theoretical Politics, 11(1), 75–106.
Brann, N. L. (1981). The Abbot Trithemius (1462–1516): The renaissance of monastic humanism. Leiden, The Netherlands: Brill.
Brann, N. L. (1999). Trithemius and magical theology: A chapter in the controversy over occult studies in early modern Europe. Albany, NY: SUNY Press.
Brann, N. L. (2006). Trithemius, Johannes. In W. J. Hanegraaff with A. Faivre, R. van den Broek, & J.-P. Brach (Eds.), Dictionary of Gnosis and Western esotericism (pp. 1135–1139). Leiden, The Netrherlands: Brill.
Breiman, L. (1996). Bagging predictors. Machine Learning, 24, 123–140.
Breiman L., Friedman J. H., Olshen, R. A., & Stone, C. J. (1984). Classification and regression trees. Belmont, CA: Wadsworth; New York: Chapman and Hall; San Mateo, CA: Morgan Kaufmann.
Bressan, S. (Ed.). (2003). Efficiency and effectiveness of XML tools and techniques [EEXTT] and data integration over the web: Revised papers from the VLDB workshop, at the 28th very large data bases international conference, Hong Kong, China, 2002. Berlin: Springer.
Breuker, J., Valente, A., & Winkels, R. (2005). Use and reuse of legal ontologies in knowledge engineering and information management. In V. R. Benajmins, P. Casanovas, J. Breuker, & A. Gangemi (Eds.), Proceedings of law and the semantic web [2005]: Legal ontologies, methodologies, legal information retrieval, and applications (pp. 36–64). (Lecture Notes in Computer Science, Vol. 3369.) Berlin: Springer.
Brkic, J. (1985). Legal reasoning: Semantic and logical analysis. New York: Peter Lang.
Bromby, M. (2010). Identification, trust and privacy: How biometrics can aid certification of digital signatures. International Review of Law, Computers and Technology, 24(1), 1–9.
Bryan, M. (1997). SGML and HTML explained (2nd ed.). Harlow, Essex: Addison Wesley Longman.
Burnett, D. G. (2007). Trying leviathan: The nineteenth-century New York court case that put the whale on trial and challenged the order of nature. Princeton, NJ: Princeton University Press.
Burt, R. S. (1980). Models of social structure. Annual Review of Sociology, 6, 79–141.
Caballero, J., Poosankam, P., Kreibich, C., & Song, S. X. (2009). Dispatcher: Enabling active botnet infiltration using automatic protocol reverse-engineering. In E. Al-Shaer, S. Jha, & A. D. Keromytis (Eds.), Proceedings of the 2009 [i.e., 16th] ACM conference on Computer and Communications Security (CCS 2009), Chicago, IL, November 9–13, 2009 (pp. 621–634). New York: ACM Press.
Callan, R. (1999). The essence of neural networks. Hemel Hempstead: Prentice Hall Europe.
Calzolari, N., Monachini, M., Quochi, V., Socia, C., & Toral, A. (2010). Lexicons, terminologies, ontologies: Reflections from experiences in resource construction. In N. Dershowitz & E. Nissan (Eds.), Language, culture, computation: Essays in honour of Yaacov Choueka, Vol. 2: Tools for text and language, and the cultural dimension (in press). Berlin: Springer.
Campbell, C., & Ying, Y. (2011). Learning with support vector machines. Synthesis Lectures on Artificial Intelligence and Machine Learning, 5(1), 1–95. Published online in .pdf in February 2011 by Morgan and Claypool in the United States.52 doi://10.2200/S00324ED1V01Y201102AIM010
Capobianco, M. F., & Molluzzo, J. C. (1979/80). The strength of a graph and its application to organizational structure. Social Networks, 2, 275–284.
Casey, E. (2000). Digital evidence and computer crime: Forensic science, computers, and the internet. London: Academic. New edn., 2004.
Catarci, T., & Sycara, K. (2004). Ontologies, databases, and applications of semantics (ODBASE) 2004 international conference. Berlin: Springer.
Chaoji, V., Hoonlor, A., & Szymanski, B. K. (2010). Recursive data mining for role identification in electronic communications. International Journal of Hybrid Information Systems, 7(3), 89–100. Also at: http://www.cs.rpi.edu/~szymansk/papers/ijhis.09.pdf
Chapanis, A. (1969). Research techniques in human engineering. Baltimore, MD: John Hopkins Press.
Chapanond, A., Krishnamoorthy, M. S., & Yener, B. (2005). Graph theoretic and spectral analysis of Enron email data. Computational & Mathematical Organization Theory, 11(3), 265–281.
Chau, “P.” [= D. H.] (2011). Catching bad guys with graph mining. In The Fate of Money. An issue of Crossroads: The ACM Magazine for Students, 17(3), 16–18.
Chau, M., Schroeder, J., Xu, J., & Chen, H. (2007). Automated criminal link analysis based on domain knowledge. Journal of the American Society for Information Science and Technology, 58(6), 842–855.
Chen, H., Chung, W., Xu, J. J., Wang, G., Qin, Y., & Chau, M. (2004). Crime data mining: A general framework and some examples. IEEE Computer, 37(4), 50–56.
Chen, H., Schroeder, J., Hauck, R., Ridgeway, L., Atabakhsh, H., Gupta, H., et al. (2003). COPLINK Connect: Information and knowledge management for law enforcement. In Digital Government: Technologies and Practices, special issue, Decision Support Systems, 34(3), 271–285.
Chen, H., Zeng, D., Atabakhsh, H., Wyzga, W., & Schroeder, J. (2003). COPLINK managing law enforcement data and knowledge. Communications of the ACM, 46(1), 28–34.
Chen, X., Wang, M., & Zhang, H. (2011). The use of classification trees for bioinformatics. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(1), 55–63. doi://10.1002/widm.14
Chen, Z. (2001). Data mining and uncertain reasoning: An integrated approach. New York: Wiley.
Choo, R. K. K. (2008). Organised crime groups in cyberspace: A typology. Trends in Organized Crime, 11, 270–295.
Christie, G. C. (1984b). Due process of law: A confused and confusing notion. In C. Perelman & R. Vande Elst (Eds.), Les notions à contenu variable en droit (Travaux du Centre National Belge de Recherche de Logique.) (pp. 57–79). Brussels: E. Bruylant.
Ciocoiu, M., Nau, D. S., & Grüninger, M. (2001). Ontologies for integrating engineering applications. Journal of Computing and Information Science and Engineering, 1(1), 12–22.
Cios, K. J., Pedrycz, W., & Swiniarski, R. (1998). Data mining methods for knowledge discovery. Boston: Kluwer.
Coady, W. F. (1985). Automated link analysis: Artificial Intelligence-based tool for investigators. Police Chief, 52(9), 22–23.
Coleman, K. M. (Ed.). (2006). Martial, Liber spectaculorum [so on the jacket, vs. frontispiece: M. Valerii Martialis Liber spectaculorum], edited with introduction, translation [from Latin into English] and commentary. Oxford: Oxford University Press.
Conway, J. V. P. (1959). Evidential documents. Springfield, IL: Charles C. Thomas.
Coull, S., & Szymanski, B. K. (2008). Sequence alignment for masquerade detection. Computational Statistics and Data Analysis, 52(8), 4116–4131.
Coulthard, M. (1992). Forensic discourse analysis. In M. Coulthard (Ed.), Advances in spoken discourse analysis (pp. 242–258). London: Routledge.
Crandall, D., Backstrom, L., Cosley, D., Suri, S., Huttenlocher, D., & Kleinberg, J. (2010, December 28). Inferring social ties from geographic coincidences. Proceedings of the National Academy of Sciences, 107(52), 22436–22441. http://www.pnas.org/content/early/2010/12/02/1006155107.full.pdf+html
Crandall, J. R., Wu, S. F., & Chong, F. T. (2005). Experiences using Minos as a tool for capturing and analyzing novel worms for unknown vulnerabilities. In K. Julisch & C. Krügel (Eds.), Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the second international conference (DIMVA 2005), Vienna, Austria, July 7–8, 2005 (pp. 32–50). (Lecture Notes in Computer Science, Vol. 3548.) Berlin: Springer.
Cybenko, G. (1989). Approximation by superpositions of a sigmoidal function. Mathematics of Control, Signals and Systems, 2, 303–314.
Darr, T., & Birmingham, W. (1996). An attribute-space representation and algorithm for concurrent engineering. Artificial Intelligence for Engineering Design, Analysis and Manufacturing (AI EDAM), 10(1), 21–35.
De Antonellis, V., Pozzi, G., Schreiber, F. A., Tanca, L., & Tosi, L. (2005). A Web-geographical information system to support territorial data integration. In M. Khosrow-Pour (Ed.), Encyclopedia of information science and technology (4 Vols., pp. 33–37). Hershey, PA: Idea Group Publishing. http://home.dei.polimi.it/schreibe/papers/encyclopedia deafin.pdf (sic: /schreibe/ not /schreiber/ )
DeJong, G. F. (1979). Skimming stories in real time: An experiment in integrated understanding. Ph.D. thesis, Technical Report YALE/DCS/tr158. Department of Computer Science, Yale University, New Haven, CT.
DeJong, G. F. (1982). An overview of the FRUMP system. In W. G. Lehnert & M. H. Ringle (Eds.), Strategies for natural language processing (pp. 149–176). Hillsdale, NJ: Erlbaum.
De Nicola, A., Missikoff, M., & Navigli, R. (2009). A software engineering approach to ontology building. Information Systems, 34(2), 258–275.
de Vel, O., Anderson, A., Corney, M., & Mohay, G. (2001). Mining E-mail content for author identification forensics. SIGMOD Record, 30(4), 55–64.
Di Battista, G., Eades, P., Tamassia, R., & Tollis, I. G. (1999). Graph drawing: Algorithms for the visualization of graphs. Englewood Cliffs, NJ: Prentice-Hall.
Dickey, A. (1990). Family law (2nd ed.). Sydney: The Law Book Company Ltd.
Dijkstra, P., Bex, F. J., Prakken, H., & De Vey Mestdagh, C. N. J. (2005). Towards a multi-agent system for regulated information exchange in crime investigations. Artificial Intelligence and Law, 13, 133–151. http://www.computing.dundee.ac.uk/staff/florisbex/Papers/AILaw05.pdf
Ding, Y., Fensel, D., Klein, M. C. A., Omelayenko, B., & Schulten, E. (2004). The role of ontologies in eCommerce. In S. Staab & R. Studer (Eds.), Handbook on ontologies (pp. 593–616). International Handbooks on Information Systems. Berlin: Springer.
do Carmo Nicoletti, M., & Quinteiro Uchõa, J. (2001). A family of algorithms for implementing the main concepts of the rough set theory. In A. Abraham & M. Köppen (Eds.), Hybrid information systems: Proceedings of the first international workshop on Hybrid Intelligent Systems (HIS 2001), Adelaide, Australia, December 11–12, 2001 (pp. 583–595). Advances in Soft Computing Series. Heidelberg: Physica-Verlag (of Springer-Verlag), 2002.
Dreger, H., Kreibich, C., Paxson, V., & Sommer, R. (2005). Enhancing the accuracy of network-based intrusion detection with host-based context. In K. Julisch & C. Krügel (Eds.), Detection of intrusions and malware, and vulnerability assessment: Proceedings of the Second International Conference (DIMVA 2005), Vienna, Austria, July 7–8, 2005 (pp. 206–221). Lecture Notes in Computer Science, Vol. 3548. Berlin: Springer.
Du, X., Li, Y., Chen, W., Zhang, Y., & Yao, D. (2006). A Markov random field based hybrid algorithm with simulated annealing and genetic algorithm for image segmentation. In L. Jiao, L. Wang, X. Gao, J. Liu, & F. Wu (Eds.), Advances in natural computation: Second international conference (ICNC 2006), Xi’an, China, September 24–28, 2006 (pp. 706–715). Proceedings, Part I. (Lecture Notes in Computer Science, Vol. 4221). Berlin: Springer.
Duda, R. O., Hart, P. E., & Stork, D. G. (2001a). Pattern classification (2nd ed.). New York: Wiley Interscience.
Duda, R. O., Hart, P. E., & Stork, D. G. (2001b). Unsupervised learning and clustering. Chapter 10 in their Pattern classification (2nd ed.). New York: Wiley Interscience.
Dunne, P. E., & Bench-Capon, T. J. M. (2002). Coherence in finite argument systems. Artificial Intelligence, 141(1/2), 187–203. http://www.csc.liv.ac.uk/~tbc/publications/ulcs 01 006.pdf
Durfee, E., Lesser, V., & Corkill, D. (1987). Coherent cooperation among communicating problem solvers. IEEE Transactions on Computers, 36(11), 1275–1291.
Eades, P. (1984). A heuristic for graph drawing. Congressus Numerantium, 42, 149–160.
Earl, L. L. (1970). Experiments in automatic extracting and indexing. Information Storage and Retrieval, 6, 313–334.
Eco, U. (1995). The search for the perfect language (in The Making of Europe series), Oxford: Blackwell; London: FontanaPress, 1997. English translation from La ricerca della lingua perfetta nella cultura europea. Rome: Laterza, 1993 (in the series Fare l’Europa), 1996 (Economica Laterza, 85). Other translations, Paris: du Seuil (French); Munich: Beck (German); Barcelona: Editorial Crítica (Spanish & Catalan).
Edmundson, H. P. (1969). New methods in automatic extracting. Journal of the Association for Computing Machinery, 16(2), 264–285.
Eliot, L. B. (1993). Prefilter your neurons. AI Expert, 8(7), 9.
Ellen, D. (2005). Scientific examination of documents: Methods and techniques (3rd ed.). Boca Raton, FL: CRC Press.
Endres-Niggermeyer, B. (1998). Summarizing information. Berlin: Springer.
Engelmore, R., & Morgan, T. (Eds.). (1988). Blackboard systems. Reading, MA: Addison-Wesley.
Erickson, B., Lind, A. E., Johnson, B. C., & O’Barr, W. M. (1978). Speech style and impression formation in a court setting: The effects of ‘powerful’ and ‘powerless’ speech. Journal of Experimental Social Psychology, 14, 266–279.
Esposito, A., Bratanić, M., Keller, E., & Marinaro, M. (2007). Fundamentals of verbal and nonverbal communication and the biometric issue. (NATO Security Through Science Series: Human and Societal Dynamics, 18.) Amsterdam: IOS Press.
Esuli, E., Fagni, T., & Sebastiani, F. (2008). Boosting multi-label hierarchical text categorization. Information Retrieval, 11(4), 287–313.
Evangelista, P. F., Embrechts, M. J., & Szymanski, B. K. (2006). Taming the curse of dimensionality in kernels and novelty detection. In A. Abraham, B. Baets, M. Koppen, & B. Nickolay (Eds.), Applied soft computing technologies: The challenge of complexity. Berlin: Springer.
Evett, I. W. (1993). Establishing the evidential value of a small quantity of material found at a crime scene. Journal of the Forensic Science Society, 33(2), 83–86.
Fahlman, S. E. (1989). Faster-learning variations on back-propagation: An empirical study. In D. Touretzky, G. Hinton, & T. Sejnowski (Eds.), Proceedings of the 1988 connectionist models summer school (pp. 38–51). San Mateo, CA: Morgan Kaufmann.
Feldman, R., Fresko, M., Goldenberg, J., Netzer, O., & Ungar, L. (2010). Analyzing product comparisons on discussion boards. In N. Dershowitz & E. Nissan (Eds.), Language, culture, computation: Essays in honour of Yaacov Choueka (2 vols.), Vol. 1: Theory, techniques, and applications to e science, law, narratives, information retrieval, and the cultural heritage (in press). Berlin: Springer.
Feldman, R., & Sanger, J. (2007). The text mining handbook: Advanced approaches in analyzing unstructured data. Cambridge: Cambridge University Press.
Fellbaum, C. (1998). WordNet: An electronic lexical database (Language, Speech, and Communication). Cambridge, MA: The MIT Press.
Feng, Y., & Chen, W. (2004). Brain MR image segmentation using fuzzy clustering with spatial constraints based on Markov random field theory. In G.-Z. Yang & T. Jiang (Eds.), Medical imaging and augmented reality: Proceedings of the second international workshop (MIAR 2004), Beijing, China, August 19–20, 2004 (pp. 188–195). Lecture Notes in Computer Science 3150. Berlin: Springer.
Ferber, J. (1999). Multiagent systems: An introduction to distributed artificial intelligence. Reading, MA: Addison-Wesley.
Findler, N. V. (Ed.). (1979). Associative networks: Representation and use of knowledge by computers. New York: Academic.
Fix, E., & Hodges, J. L. (1951). Discriminatory analysis, nonparametric discrimination consistency properties. Technical Report 4. Randolph Field, TX: U.S. Air Force.
Foresman, T. W. (Ed.). (1998). The history of geographic information systems: Perspectives from the pioneers. Upper Saddle River, NJ: Prentice Hall PTR.
Forgas, J. P., & Williams, K. D. (Eds.). (2001). Social influence: Direct and indirect processes. Lillington, NC: Psychology Press.
Foster, D. (2001). Author unknown: On the trail of anonymous. London: Macmillan; with respect to New York: Holt, 2000, the U.K. edition is corrected, and includes as well the new Ch. 7, on current British journalism.
François, A. R. J., Nevatia, R., Hobbs, J., & Bolles, R. C. (2005). VERL: An ontology framework for representing and annotating video events. IEEE MultiMedia, 12(4), 76–86.
Frank, O. (1978). Sampling and estimation in large social networks. Social Network, 1, 91–101.
Freeman, L. C. (1979). Centrality in social networks: Conceptual clarification. Social Networks, 1, 215–240.
Freeman, L. C. (2005). Graphical techniques for exploring social network data. In P. J. Carrington, J. Scott, & S. Wasserman (Eds.), Models and methods in social network analysis. Cambridge: Cambridge University Press. http://moreno.ss.uci.edu/86.pdf
Freeman, L. C. (2009). Methods of social network visualization. In R. A. Meyers (Ed.), Encyclopedia of complexity and systems science. Berlin: Springer. http://moreno.ss.uci.edu/89.pdf
Friedkin, N. (1981). The development of structure in random networks: An analysis of the effects of increasing network density on five measures of structure. Social Networks, 3, 41–52.
Furtado, V., Melo, A., Menezes, R., & Belchior, M. (2006). Using self-organization in an egent framework to model criminal activity in reponse to police patrol routes. In G. Sutcliffe & R. Goebel (Eds.), Proceedings of the 19th international florida artificial intelligence research society conference (pp. 68–73). Menlo Park, CA: AAAI Press.
Furtado, V., & Vasconcelos, E. (2007). Geosimulation in education: A system for teaching police resource allocation. International Journal of Artificial Intelligence in Education, 17, 57–81.
Gangemi A., Sagri, M. T., & Tiscornia, D. (2005). A constructive framework for legal ontologies. In V. R. Benajmins, P. Casanovas, J. Breuker, & A. Gangemi (Eds.), Proceedings of law and the semantic web [2005]: Legal ontologies, methodologies, legal information retrieval, and applications (pp. 97–124). (Lecture Notes in Computer Science, Vol. 3369). Berlin: Springer.
Garani, G. (2004). A temporal database model using nested relations. Ph.D. Dissertation, Computer Science and Information Systems Engineering. London: Birkbeck College, University of London.
Garani, G. (2008). Nest and unnest operators in nested relations. Data Science Journal, 7, 57–64.
Garcia-Rojas, A., Gutiérrez, M., & Thalmann, D. (2008a, July). Visual creation of inhabited 3D environments: An ontology-based approach. The Visual Computer, 24(7–9), 719–726. Also, Report VRLAB ARTICLE 2008 062. Lausanne: Virtual Reality Lab at the Swiss Federal Institute of Technology.
Gelfand, M., Mironov, A., & Pevzner, P. (1996). Gene recognition via splices sequence alignment. Proceedings of the National Academy of Sciences USA, 93, 9061–9066.
Geng, L., & Chan, C. W. (2001). An algorithm for automatic generation of a case base from a database using similarity-based rough approximation. In A. Abraham & M. Köppen (Eds.), Hybrid information systems: Proceedings of the first international workshop on Hybrid Intelligent Systems (HIS 2001), Adelaide, Australia, December 11–12, 2001 (pp. 571–582). Advances in Soft Computing Series. Heidelberg: Physica-Verlag (of Springer-Verlag), 2002.
Gerkey, B., & Mataric, M. (2004). A formal analysis and taxonomy of task allocation in multi-robot systems. International Journal of Robotics Research, 23(9), 939–954.
Gibbons, B., Busch J., & Bradac J. (1991). Powerful versus powerless language: Consequences for persuasion, impression formation, and cognitive response. Journal of Language and Social Psychology, 10(2), 115–133.
Gibbons, J. (1994). Language and the law. (Language in Social Life Series). London: Longman.
Gilbreth, F. B., & Gilbreth, L. M. (1917). Applied motion study. New York: Sturgis and Walton.
Goad, W., & Kanehisa, M. 1982). Pattern recognition in nucleic acid sequences: A general method for finding local homologies and symmetries. Nucleic Acids Research, 10, 247–263.
Golan, T. (2004). Laws of men and laws of nature: The history of scientific expert testimony in England and America. Cambridge, MA: Harvard University Press.
Gómez-Pérez, A., Fernández-López, M., & Corcho, O. (2004). Ontological engineering: With examples from the areas of knowledge management, e commerce and the semantic web. Berlin: Springer.
Gregg, D. G., & Scott, J. E. (2008). A typology of complaints about eBay sellers. Communications of the ACM, 51(4), 69–74.
Grubbs, F. E. (1969). Procedures for detecting outlying observations in samples. Technometrics, 11, 1–21.
Gruber, T. R. (1993). A translation approach to portable ontology specifications. Knowledge Acquisition, 5(2), 199–220.
Gruber, T. R. (1995). Towards principles for the design of ontologies used for knowledge sharing. International Journal of Human-Computer Studies, 43(5–6), 907–928. (Originally in N. Guarino & R. Poli (Eds.). (1993). International workshop on formal ontology, Padova, Italy. Revised August 1993. Technical report KSL-93-04, Knowledge Systems Laboratory, Stanford University, Stanford, CA. Often cited, without page-numbers, as though it appeared in N. Guarino & R. Poli (Eds.), Formal ontology in conceptual analysis and knowledge representation. Dordrecht: Kluwer. Actually published in a special issue on Formal Ontology in Conceptual Analysis and Knowledge Representation (ed. N. Guarino & R. Poli), International Journal of Human-Computer Studies, 43(5–6), 907–928)
Grüninger, M., & Lee, J. (2002). Ontology applications and design: Introduction. In a special issue of Communications of the ACM, 45(2), 39–41.
Gutiérrez, M., García-Rojas, A., Thalmann, D., Vexo, F., Moccozet, L., Magnenat-Thalmann, N., et al. (2007). An ontology of virtual humans: Incorporating semantics into human shapes. The Visual Computer, 23(3), 207–218.
Guyon, I., & Elisseeff, A. (2003). An introduction to variable and feature selection. Journal of Machine Learning Research, 3, 1157–1182.
Gwadera, R., Atallah, M. J., & Szpankowski, W. (2005a). Reliable detection of episodes in event sequences. Knowledge and Information Systems, 7(4), 415–437.
Hahn, U., & Mani, I. (2000). The challenges of automatic summarization. IEEE Computer, 33(11), 29–36.
Halliwell, J., Keppens, J., & Shen, Q. (2003). Linguistic Bayesian Networks for reasoning with subjective probabilities in forensic statistics. In G. Sartor (Ed.), Proceedings of the ninth International Conference on Artificial Intelligence and Law (ICAIL 2003), Edinburgh, Scotland, 24–28 June 2003 (pp. 42–50). New York: ACM Press.
Hamlin, C. (2009). Cholera: The biography. (Biographies of Disease Series). Oxford: Oxford University Press.
Han, J., Cheng, H., Xin, D., & Yan, X. (2007). Frequent data mining: Current status and future directions. In Data Mining and Knowledge Discovery, 10th Anniversary Issue, of Data Mining and Knowledge Discovery, 15, 55–86. http://www.cs.ucsb.edu/~xyan/papers/dmkd07_frequentpattern.pdf
Han, J., & Kamber, M. (2001). Data mining: Concepts and techniques. San Francisco: Morgan Kaufmann.
Hand, D. J., Mannila, H., & Smyth, P. (2001). Principles of data mining (Adaptive computation and machine learning). Cambridge, MA: MIT Press.
Hanlein, H. (1998). Studies in authorship recognition: A corpus-based approach. (European University Studies, Series 14: Anglo-Saxon Language and Literature, 352). Frankfurt/M: Peter Lang, 1999. (Originally: doctoral dissertation, Universität Augsburg, 1998.)
Harder, C. (1998). Serving maps on the internet. Redland, CA: ESRI Press.
Harper, W. R., & Harris, D. H. (1975). The application of link analysis to police intelligence. Human Factors, 17(2), 157–164.
Harris, D. H., & Chaney, F. B. (1969). Human factors in quality assurance. New York: Wiley.
Harrison, W. R. (1958). Suspect documents: Their scientific examination. New York: Praeger.
Hart, H. L. A. (1994). The concept of law (2nd ed.). Oxford: Clarendon Press.
Hauck, R. V., Atabakhsh, H., Ongvasith, P., Gupta, H., & Chen, H. (2002). COPLINK concept space: An application for criminal intelligence analysis. In Digital Government, special issue of IEEE Computer, 35(3), 30–37.
Hayes-Roth, B. (1983). The blackboard architecture: A general framework for problem solving. Report No. HPP 83 30, Stanford Heuristic Programming Project (which was to become the Knowledge Systems Laboratory, in Palo Alto), of Stanford, CA: Stanford University.
Haygood, R. C., Teel, K. S., & Greening, C. P. (1964). Link analysis by computer. Human Factors, 6, 63–70.
Haykin, S. (1994). Neural networks: A comprehensive foundation. New York: Macmillan.
Hecht-Nielson, R. (1990). Neurocomputing. Reading, MA: Addison-Wesley.
Hendrix, G. G. (1979). Encoding knowledge in partitioned networks. In N. V. Findler (Ed.), Associative networks: Representation and use of knowledge by computers (pp. 51–92). New York: Academic.
Herold, J., Loyek, C., & Nattkemper, T. W. (2011). Multivariate image mining. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(1), 2–13. doi://10.1002/widm.4
Hilton, O. (1982). Scientific examination of questioned documents. Amsterdam & New York: Elsevier Science Publishing Co.
Hirst, G. (2004). Ontology and the lexicon. In S. Staab & R. Studer (Eds.), Handbook on ontologies (pp. 209–230). (International Handbooks on Information Systems). Berlin: Springer.
Hobson, J. B., & Slee, D. (1993). Rules, cases and networks in a legal domain. Law, Computers & Artificial Intelligence, 2(2), 119–135.
Holzner, S. (1998). XML complete. New York: McGraw-Hill.
Howlett, J. B. (1980). Analytical investigative techniques: Tools for complex criminal investigations. Police Chief, 47(12), 42–45.
Huber R. A., & Headrick A. M. (1999). Handwriting identification: Facts and fundamentals. Boca Raton, FL: CRC Press.
Hunter, D. (1994). Looking for law in all the wrong places: Legal theory and neural networks. In H. Prakken, A. J. Muntjewerff, A. Soeteman, & R. Winkels (Eds.), Legal knowledge based systems: Foundations of legal knowledge systems (Jurix’94) (pp. 55–64). Lelystad, The Netherlands: Koninklijke Vermende.
Idika, N., & Mathur, A. P. (2007). a survey of malware detection techniques. Technical report, Department of Computer Science, West Lafayette, IN: Purdue University.
Ishikawa, H. (2003). Exact optimization for markov random fields with convex priors. IEEE Transactions on Pattern Analysis and Machine Intelligence (IEEE PAMI), 25(10), 1333–1336. http://doi.ieeecomputersociety.org/10.1109/TPAMI.2003.1233908
Ishikawa, H., Yokohama, S., Ohta, M., & Katayama, K. (2005). On mining XML structures based on statistics. In R. Khosla, R. J. Howlett, & L. C. Jain (Eds.), Knowledge-based intelligent information and engineering systems: 9th international conference, KES 2005, Melbourne, Australia, September 14–16, 2005, Proceedings, Part I (pp. 379–390). (Lecture Notes in Computer Science, Vol. 3684). Berlin: Springer.
Jain, A. K., Bolleand, R., & Pankanti, S. (1999). Biometrics: Personal identification in networked society. Norwell, MA & Dordrecht, Netherlands: Kluwer.
Jain, A. K., Prabhakar, S., Hong, L., & Pankanti, S. (2000). Filterbank-based fingerprint matching. IEEE Transactions on Image Processing, 9(5), 846–859.
Jedrzejek, C., Falkowski, M., & Smolenski, M. (2009). Link analysis of fuel laundering scams and implications of results for scheme understanding and prosecutor strategy. In G. Governatori (Ed.), Proceedings of legal knowledge and information systems: JURIX 2009, The twenty-second annual conference, 25 July 2009 (pp. 79–88). Amsterdam: IOS Press.
Jin, F., Fieguth, P., & Winger, L. (2005). Image denoising using complex wavelets and Markov prior models. In M. Kamel & A. Campilho (Eds.), Image analysis and recognition: Proceedings of the second International Conference (ICIAR 2005), Toronto, Canada, September 28–30, 2005 (pp. 73–80). (Lecture Notes in Computer Science, 3656). Berlin: Springer.
Joachims, T., Hofmann, T., Yue, Y., & Yu, C.-N. (2009). Predicting structured objects with support vector machines. Communications of the ACM, 52(11), 97–104.
Jøsang, A., Ismail, R., & Boyd, C. (2007). A survey of trust and reputation systems for online service provision. Decision Support Systems, 43(2), 618–644. doi://10.1016/j.dss.2005.05.019. http://persons.unik.no/josang/papers/JIB2007 DSS.pdf
Jung, C., Han, I., & Suh, B. (1999). Risk analysis for electronic commerce using case-based reasoning. International Journal of Intelligent Systems in Accounting, Finance & Management, 8, 61–73.
Kahn, D. (1967). The codebreakers: The story of secret writing. New York: Scribner. 2nd edn., 1996.
Kalera, M. K., Srihari, S. N., & Xu, A. (2004). Offline signature verification and identification using distance statistics. International Journal of Pattern Recognition and Artificial Intelligence, 18(7), 1339–1360.
Kanellis, P., Kiountouzis, E., Kolokotronis, N., & Martakos, D. (2006). Digital crime and forensic science in cyberspace. Hershey, PA: Idea Press.
Kangas, L. J., Terrones, K. M., Keppel, R. D., & La Moria, R. D. (2003). Computer aided tracking and characterization of homicides and sexual assaults (CATCH). Sec. 12.6 In J. Mena (Ed.), Investigative data mining for security and criminal detection (pp. 364–375). Amsterdam & Boston: Butterworth-Heinemann (of Elsevier).
Kato, Z., & Pong, T.-C. (2001). A Markov random field image segmentation model using combined color and texture features. In W. Skarbek (Ed.), Computer Analysis of Images and Patterns: Proceedings of the 9th international conference (CAIP 2001), Warsaw, Poland, September 5–7, 2001 (pp. 547–554). (Lecture Notes in Computer Science, 2124). Berlin: Springer.
Katz, L. (1953). A new status index derived from sociometric analysis. Psychometrika, 18(1), 39–43.
Kaufman, L., & Rousseeuw P. J. (2005). Finding groups in data: An introduction to cluster analysis (2nd ed.). New York: Wiley. The 1st edn. was of 1990.
Kaufmann, M., & Wagner, D. (Eds.). (2001). Drawing graphs: Methods and models. (Lecture Notes in Computer Science, Vol. 2025). Berlin: Springer.
Keppel, R. D. (1995a). Signature murders: A report of several related cases. Journal of Forensic Sciences, 40(4), 658–662.
Keppel, R. D. (1995b). The riverman: Ted Bundy and I Hunt the Green Rover Killer. New York: Pocket Books.
Keppel, R. D. (1997). Signature killers. New York: Pocket Books.
Keppel, R. D. (2005). Serial offenders: Linking cases by modus operandi and signature. Chapter 30 In S. H. James & J. J. Nordby (Eds.), Forensic science: An introduction to scientific and investigative techniques (2nd ed.). Boca Raton, FL: CRC Press. Also in 3rd edition, 2009.
Keppel, R. D., & Weis, J. P. (1997). Time and distance as solvability factors in murder cases. Journal of Forensic Sciences, 39(2), 386–401.
Khuwaja, G. A. (2006). A multimodal biometric identification system using compressed finger images. Cybernetics and Systems, 37(1), 23–46.
Kim, D. S., & Park, J. S. (2003). Network-based intrusion detection with support vector machines. In H.-K. Kahng (Ed.), Information networking, networking technologies for enhanced internet services international conference (ICOIN 2003), Cheju Island, Korea, February 12–14, 2003 (pp. 747–756). (Lecture Notes in Computer Science, Vol. 2662.) Heidelberg & Berlin: Springer.
Kinder, J., Katzenbeisser, S., Schallhart, C., & Veith, H. (2005). Detecting malicious code by model checking. In K. Julisch & C. Krügel (Eds.), Detection of intrusions and malware, and vulnerability assessment: Proceedings of the second international conference (DIMVA 2005), Vienna, Austria, July 7–8, 2005 (pp. 174–187). (Lecture Notes in Computer Science, Vol. 3548.) Berlin: Springer.
Kingston, J., & Vandenberghe, W. (2003). A comparison of a regulatory ontology with existing legal ontology frameworks. In OTM Workshops 2003 = R. Meersman & Z. Tari (Eds.), On The Move to Meaningful Internet Systems 2003: [Proceedings of the] OTM 2003 Workshops, OTM Confederated International Workshops, HCI-SWWA, IPW, JTRES, WORM, WMS, and WRSM 2003, Catania, Sicily, Italy, 3–7 November 2003 (pp. 648–661). (Lecture Notes in Computer Science, Vol. 2889). Berlin: Springer.
Kingston, J., Schafer, B., & Vandenberghe, W. (2004). Towards a financial fraud ontology: A legal modelling approach. Artificial Intelligence and Law, 12, 419–446.
Kinton, R., Ceserani, V., & Foskett, D. (1992). The theory of catering (7th ed.). London: Hodder & Stoughton.
Kirkpatrick, S., Gellatt, D., & Vecchi, M. (1983). Optimization by simulated annealing. Science, 220, 671–680.
Kleinberg, J. (2000a). Navigation in a small world. Nature, 406, 845. http://www.cs.cornell.edu/home/kleiber/nat00.pdf
Klovdahl, A. S. (1981). A note on images of networks. Social Networks, 3, 197–214.
Klusch, M., & Sycara, K. (2001). Brokering and matchmaking for coordination of agent societies: A survey. Chapter 8 In A. Omicini, F. Zambonell, M. Klusch, & R. Tolksdorf (Eds.), Coordination of internet agents: Models, technologies, and applications (pp. 197–224). Berlin: Springer.
Kobayashi, M., & Ito, T. (2008). A transactional relationship visualization system in Internet auctions. Studies in Computational Intelligence, 110, 87–99.
Kohonen, T. (1982). Self-organised formation of topologically correct feature maps. Biological Cybernetics, 43, 59–69.
Kohonen, T. (1990). The self-organizing map. Proceedings of the IEEE, 78(9), 1464–1480.
Kolmogorov, V., & Zabih, R. (2004). What energy functions can be minimized via graph cuts? IEEE Transactions on Pattern Analysis and Machine Intelligence (IEEE PAMI), 26, 147–159.
Kompatsiaris, Y., & Hobson, P. (Eds.). (2008). Semantic multimedia and ontologies: Theory and applications. Berlin: Springer.
Koppenhaver, K. (2007). Forensic document examination, principles and practice. Totowa, NJ: Humana Press.
Kort, F. (1964). Simultaneous equations and Boolean Algebra. In G. Schubert (Ed.), Judicial behaviour: A reader in theory and research (pp. 477–491). Chicago, IL: Rand McNally and Company.
Kosala, R., & Blockeel, H. (2000). Web mining research: A survey. ACM SIGKDD Explorations, 2(1), 1–15.
Kothari, R., & Dong, M. (2002). Decision trees for classification: A review and some new results. In S. K. Pal & A. Pla (Eds.), Pattern Recognition from classical to modern approaches (pp. 169–186). Singapore: World Scientific.
Kovacs, D. (1992). Family property proceedings in Australia. Sydney: Butterworths.
Krackhardt, D. (1996). Social networks and the liability of newness for managers. In C. L. Cooper & D. M. Rousseau (Eds.), Trends in organizational behavior (Vol. 3, pp. 159–173). New York & Chichester, West Sussex, England: John Wiley & Sons.
Krackhardt, D., Blythe, J., & McGrath, C. (1994). KrackPlot 3.0: An improved network drawing program. Connections, 17(2), 53–55.
Kraus, S. (1996). An overview of incentive contracting. Artificial Intelligence, 83(2), 297–346.
Kreibich, C., & Jahnke, M. (Eds.). (2010). Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the seventh international conference (DIMVA 2010), Bonn, Germany, July 8–9, 2010. (Lecture Notes in Computer Science, Vol. 6201). Berlin: Springer.
Kruse, W., & Heiser, J. (2002). Computer forensics: Incident response essentials. Reading, MA: Addison-Wesley.
Kruskal, J. B., & Wish, M. (1978). Multidimensional scaling. Beverly Hills, CA & London: Sage.
Ku, Y., Chen, Y.-C., & Chiu, C. (2007). A proposed data mining approach for internet auction fraud detection. In C. C. Yang, D. Zeng, M. Chau, K. Chang, Q. Yang, X. Cheng, et al. (Eds.), Intelligence and security informatics: Proceedings of the Pacific Asia Workshop, PAISI 2007, Chengdu, China, April 11–12, 2007 (pp. 238–243). (Lecture Notes in Computer Science, 4430). Berlin: Springer.
Ku, Y., Chen, Y.-C., Wu., K.-C., & Chiu, C. (2007). An empirical analysis of online gaming crime characteristics from 2002 to 2004. In C. C. Yang, D. Zeng, M. Chau, K. Chang, Q. Yang, X. Cheng, et al. (Eds.), Intelligence and security informatics: Proceedings of the Pacific Asia Workshop, PAISI 2007, Chengdu, China, April 11–12, 2007 (pp. 34–45). (Lecture Notes in Computer Science, 4430). Berlin: Springer.
Kwan, M., Chow, K. P., Law, F., & Lai, P. (2008). Reasoning about evidence using Bayesian networks. In I. Ray & S. Shenoy (Eds.), Advances in Digital Forensics IV, International Federation for Information Processing (IFIP), Tokyo, January 2008 (pp. 142–155). Berlin: Springer.
Lam, S. C. J. (2007). Methods for resolving inconsistencies in ontologies. Ph.D. thesis. Department of Computing Science, University of Aberdeen, Aberdeen, Scotland.
Latendresse, M. (2005). Masquerade detection via customized grammars. In K. Julisch & C. Krügel (Eds.), Detection of intrusions and malware, and vulnerability assessment: Proceedings of the second international conference (DIMVA 2005), Vienna, Austria, July 7–8, 2005 (pp. 141–159). Lecture Notes in Computer Science, Vol. 3548. Berlin: Springer.
Laxman, S., & Sastry, P. S. (2006). A survey of temporal data mining. SADHANA, Academy Proceedings in Engineering Sciences, 31(2), 173–198.
Leary, R. M. (2004). Evidential reasoning and analytical techniques in criminal pre-trial fact investigation. Ph.D. thesis, University College, London.
Lee, J.-M., & Hwang, B.-Y. (2005). Two-phase path retrieval method for similar XML document retrieval. In R. Khosla, R. J. Howlett, & L. C. Jain (Eds.), Knowledge-based intelligent information and engineering systems: 9th international conference, KES 2005, Melbourne, Australia, September 14–16, 2005, Proceedings, Part I (pp. 967–971). (Lecture Notes in Computer Science, Vol. 3684.) Berlin: Springer.
Lee, R. (1998). Automatic information extraction from documents: A tool for intelligence and law enforcement analysts. In D. Jensen & H. Goldberg (Eds.), Artificial intelligence and link analysis: Papers from the 1998 fall symposium (pp. 63–65). Menlo Park, CA: AAAI Press.
Legrand, J. (1999). Some guidelines for fuzzy sets application in legal reasoning. Artificial Intelligence and Law, 7(2/3), 235–257.
Lehmann, F. (Ed.). (1992). Semantic networks in artificial intelligence. Oxford: Pergamon Press. Also published as a special issue of Computers and Mathematics with Applications, 23(6–9).
Leith, P. (1998). The judge and the computer: How best ‘decision support’? Artificial Intelligence and Law, 6, 289–309.
Lenat, D., & Guha, R. V. (1990). Building large knowledge-based systems: Representation and inference in the CYC project. Reading, MA: Addison Wesley.
Lenci, A., Bel, N., Busa, F., Calzolari, N., Gola, E., Monachini, M., et al. (2000). SIMPLE: A general framework for the development of multilingual lexicons. International Journal of Lexicography, 13(4), 249–263.
Lengers, R. J. C. (1995). Evolving artificial neural networks: A design approach. Masters Thesis. Tilburg, The Netherlands: Tilburg University.
Lenzi, V. B., Biagioli, C., Cappelli, A., Sprugnoli, R., & Turchi, F. (2009). The LME project: Legislative metadata based on semantic formal models. International Journal of Metadata, Semantics and Ontologies, 4(3), 154–164.
Levene, M. (1992). The nested universal relation database model. (Lecture Notes in Computer Science, Vol. 595.) Berlin: Springer.
Levene, M., & Loizou, G. (1990). The nested relation type model: An application of domain theory to databases. The Computer Journal, 33(1), 19–30.
Levene, M., & Loizou, G. (1993). Semantics of null extended nested relations. ACM Transactions on Database Systems, 18, 414–459.
Levene, M., & Loizou, G. (1994). The nested universal relation data model. Journal of Computer and System Sciences, 49, 683–717.
Levi, J. N. (1994). Language as evidence: The linguist as expert witness in North American courts. Forensic Linguistics, 1(1), 1–26.
Levinson, J. (2000). Questioned documents: A lawyer’s handbook. London & San Diego, CA: Academic.
Li, Ch.-Ts. (2008). Multimedia forensics and security. Hershey, PA: IGI Global.
Li, J., Zheng, R., & Chen, H. (2006). From fingerprint to writeprint. Communications of the ACM, 49(4), 76–82.
Li, M., Yunhong, W., & Tan, T. (2002). Iris recognition using circular symmetric filters. IEEE International Conference on Pattern Recognition (ICPR 2002), 2, 414–417.
Li, Q., Niu, X., Wang, Zh., Jiao, Y., & Sun, Sh. H. (2005). A verifiable fingerprint vault scheme. In R. Khosla, R. J. Howlett, & L. C. Jain (Eds.), Knowledge-based intelligent information and engineering systems: 9th international conference, KES 2005, Melbourne, Australia, September 14–16, 2005, Proceedings, Part III (pp. 1072–1078). (Lecture Notes in Computer Science, Vol. 3684.) Berlin: Springer.
Li, S. Z. (2009). Mathematical MRF models. In S. Z. Li (Ed.), Markov random field modeling in image analysis (3rd ed.) (Advances in Computer Vision and Pattern Recognition series; originally published in the series: Computer Science Workbench). Both softcover and hardcover editions, 2009, pp. 1–28. Previous edition (also cited), Tokyo: Springer, 2001.
Li, Z., Yang, M. C., & Ramani, K. (2009). A methodology for engineering ontology acquisition and validation. Artificial Intelligence for Engineering Design, Analysis and Manufacturing, 23(1), 37–51.
Liang, T., & Moskowitz, H. (1992). Integrating neural networks and semi markov processes for automated knowledge acquisition: An application to real-time scheduling. Decision Sciences, 23(6), 1298–1314.
Light, R. (1997). Presenting XML. Indianapolis, IN: Sams.net
Lingras, P., & Peters, G. (2011). Rough clustering. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(1), 64–72. doi://10.1002/widm.16
Liu, H., & Motoda, H. (1998). Feature selection for knowledge discovery and data mining. Dordrecht, The Netherlands: Kluwer.
Lodder, A. R., & Zeleznikow, J. (2010). Enhanced dispute resolution through the use of information technology. Cambridge: Cambridge University Press.
Loh, W.-Y. (2011). Classification and regression trees. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(1), 14–23. doi://10.1002/widm.8
Longley, P. A., Goodchild, M. F., Maguire, D. J., & Rhind, D. W. (2001). Geographic information systems and science. New York: Wiley.
Lu, Q., Korniss, G., & Szymanski, B. K. (2009). The naming game on social networks: Community formation and consensus engineering. Journal of Economic Interaction and Coordination, 4(2), 221–235.
Luhn, H. P. (1958). The automatic creation of literature abstracts. IBM Journal of Research and Development, 2, 159–165.
MacLane, S., & Birkhoff, G. (1979). Algebra. London: Macmillan.
Maedche, A., & Staab, S. (2001). Ontology learning for the Semantic Web. IEEE Intelligent Systems, 16(2), 72–79.
Magnenat Thalmann, N., & Thalmann, D. (Eds.). (1996). Interactive computer animation. London: Prentice Hall.
Magnenat Thalmann, N., & Thalmann, D. (Eds.). (2001). Deformable avatars. Dordrecht, The Netherlands: Kluwer.
Mahesh, K. (1996). Ontology development for machine translation: Ideology and methodology. Memoranda in Computer and Cognitive Science, MCCS-96-292. Las Cruces, NM: New Mexico State University, Computing Research Laboratory.
Maida, A. S., & Shapiro, S. C. (1982). Intensional concepts in propositional semantic networks. Cognitive Science, 6(4), 291–330.
Maji, P., & Pal, S. K. (2007). RFCM: A hybrid clustering algorithm using rough and fuzzy sets. Fundamenta Informaticae, 80, 477–498.
Mani, I. (2001). Automatic summarization. (Natural Language Processing, 3). Amsterdam: Benjamins.
Mannila, H., Toivonen, H., & Verkamo, A. I. (1997). Discovery of frequent episodes in event sequences. Data Mining and Knowledge Discovery, 1(3), 259–289.
Manning, C., & Schutze, H. (1999). Foundations of statistical natural language processing. Cambridge, MA: The MIT Press.
Marineau, R. F. (1989). Jacob Levy Moreno, 1889–1974: Father of psychodrama, sociometry, and group psychotherapy. London: Routledge.
McCormick, E. J. (1964). Human factors engineering. New York: McGraw-Hill.
McCulloch, W. S., & Pitts, W. (1943). A logical calculus of the ideas imminent in nervous activity. Bulletin of Mathematical Biophysics,65 5(4), 115–133. doi://10.1007/BF02478259
McGrath, C., Blythe, J., & Krackhardt, D. (1997). The effect of spatial arrangement on judgments and errors in interpreting graphs. Social Networks, 19(3), 223–242.
McHugh, J. (2001). Intrusion and intrusion detection. International Journal of Information Security, 1(1), 14–35. Berlin: Springer.
McMenamin, G. R. (Ed.). (1993). Forensic stylistics. Amsterdam: Elsevier. Also: special issue, Forensic Science International, 58(1/2), 1993.
Me, G. (2008). Investigation strategy for the small pedophiles world. In M. Quigley (Ed.), Encyclopedia of information ethics and security (pp. 418–425). Hershey, PA: IGI Global (formerly Idea Group).
Melnik, M., & Alm, J. (2002). Does a seller’s ecommerce reputation matter? Evidence from eBay auctions. Journal of Industrial Economics, 50, 337–349.
Mena, J. (2003). Investigative data mining for security and criminal detection. Amsterdam & Boston (Newton, MA): Butterworth-Heinemann (of Elsevier).
Merkl, D., Schweighofer, E., & Winiwarter, W. (1999). Exploratory analysis of concept and document spaces with connectionist networks. Artificial Intelligence and Law, 7(2/3), 185–209.
Michie, D., Spiegelhalter, D. J., & Taylor, C. C. (Eds.). (1994). Machine learning, neural and statistical classification. West Sussex. England: Ellis Horwood.
Miikkulainen, R. (1993). Subsymbolic natural language processing. Cambridge, MA: MIT Press. The book is based on a dissertation posted at: http://ftp://ftp.cs.utexas.edu/pub/neuralnets/papers/miikkulainen.diss.tar
Miller, L. S. (1984). Bias among forensic document examiners: A need for procedural changes. Journal of Police Science and Administration, 12(4), 407–411.
Miller, L. S. (1987). Procedural bias in forensic science examinations of human hair. Law and Human Behavior, 11(2), 157–163.
Miller, M. T. (2003). Crime scene investigation. Chapter 8 In S. H. James & J. J. Nordby (Eds.), Forensic science: An introduction to scientific and investigative techniques (1st ed.). Boca Raton, FL: CRC Press. Also as Chapter 10 in 2nd edition, 2005. Also published in the 3rd edition, 2009.
Minh, T. T. H. (2007). Approaches to XML schema matching. Ph.D. Thesis. Norwich, England: University of East Anglia.
Minsky, M., & Papert, S. (1969). Perceptrons: An introduction to computational geometry. Cambridge, MA: MIT Press.
Misra, S., Abraham, K. I., Obaidat, M. S., & Krishna, P. V. (2009). LAID: A learning automata-based scheme for intrusion detection in wireless sensor networks. Security in Wireless Sensor Networks,66 2(2), 105–115.
Mitchell, H. B. (2010). Markov random fields. Chapter 17 In H. B. Mitchell, Image fusion: Theories, techniques and applications (pp. 205–209). Berlin: Springer. doi://10.1007/978-3-642-11216-4_17
Mitchell, T. M. (1997). Machine learning. New York: McGraw-Hill.
Mitra, S., Banka, H., & Pedrycz, W. (2006). Rough-fuzzy collaborative clustering. IEEE Transactions on Systems, Man & Cybernetics, B, 36, 795–805.
Mitschick, A., & Meissner, K. (2008). Metadata generation and consolidation within an ontology-based document management system. International Journal of Metadata, Semantics and Ontologies, 3(4), 249–259.
Mizanur Rahman, S. M., Nasser, N., Inomata, A., Okamoto, T., Mambo, M., & Okamoto, E. (2009). Anonymous authentication and secure communication protocol for wireless mobile ad hoc networks. Security in Wireless Sensor Networks, 1(2), 179–189.
Moens, M.-F. (2000). Automatic indexing and abstracting of document texts. Dordrecht, The Netherlands: Kluwer.
Moens, M.-F. (2001). Legal text retrieval. Artificial Intelligence and Law, 9(1), 29–57.
Moreno, J. L. (1953). Who shall survive: Foundations of sociometry, group psychotherapy, and sociodrama. Boston, MA: Beacon House. (Originally published in 1934 and later in 1953 and 1978)
Morris, R. N. (2000). Forensic handwriting identification: Fundamental concepts and principles. London & San Diego, CA: Academic.
Morzy, M. (2008). New algorithms for mining the reputation of participants of online auctions. Algorithmica, 52, 95–112.
Munn, K., & Smith, B. (Eds.). (2008). Applied ontology: An introduction. (Metaphysical Research, 9.) Frankfurt/M: Germany: Ontos Verlag.
Nagel, S. (1964). Testing empirical generalisations. In G. Schubert (Ed.), Judicial behaviour: A reader in theory and research (pp. 518–529). Chicago, IL: Rand McNally & Company.
Nakhimovsky, A., & Myers, T. (2002). XML programming: Web applications and web services with JSP and ASP. (The Expert’s Voice Series.) Berkeley, CA: Apress.
Napier, M. R., & Baker, K. P. (2005). Criminal personality profiling. Chapter 31 In S. H. James & J. J. Nordby (Eds.), Forensic science: An introduction to scientific and investigative techniques (2nd ed.). Boca Raton, FL: CRC Press. Also in 3rd edition, 2009.
Newell, A. (1962). Some problems of the basic organisation in problem solving programs. In M. C. Yovits, G. T. Jacobi & G. D. Goldstein (Eds.), Proceedings of the second conference on self-organizing systems (pp. 393–423). Washington, DC: Spartan Books.
Newman, M. E. (2003). The structure and function of complex networks. SIAM Review, 45(2), 167–256.
Newman, M. E. (2010). Networks: An introduction. Oxford: Oxford University Press.
Nigro, H. O., González Císaro, S. E., & Xodo, D. H. (Eds.). (2008). Data mining with ontologies: implementations, findings and frameworks. Hershey, PA: Information Science Reference.
Nirenburg, S., & Raskin, V. (1996). Ten choices for lexical semantics. Memoranda in Computer and Cognitive Science, MCCS-96-304. Las Cruces, NM: New Mexico State University, Computing Research Laboratory.
Nirenburg, S., & Raskin, V. (2004). Principles of ontological semantics. Cambridge, MA: MIT Press.
Nissan, E. (1982). Proprietà formali nel progetto logico-concettuale di basi di dati. (Italian: Formal properties in the logical and conceptual design of databases.) 2 vols., 400+200 pages. Tesi di Laurea in Ingegneria Elettronica, Dipartimento di Elettronica. Milan: Politecnico di Milano (= Technical University of Milan). Awarded the Burroughs Italiana Prize.
Nissan, E. (1986). The frame-definition language for customizing the RAFFAELLO structure-editor in host expert systems. In Z. Raś & M. Zemankova (Eds.), Proceedings of the first International Symposium on Methodologies for Intelligent Systems (ISMIS’86), Knoxville, TN. New York: ACM SIGART Press, pp. 8–18.
Nissan, E. (1987a). Nested-relation based frames in RAFFAELLO. Representation & meta-representation structure & semantics for knowledge engineering. In H. J. Schek & M. Scholl (Eds.), International workshop on theory and applications of nested relations and complex objects, Darmstadt, Germany, 1987. Report. Rocquencourt, France: INRIA, 1987, pp. 95–99.
Nissan, E. (1987b). The wining and dining project. Part II: An expert system for gastronomy and terminal food-processing. In a special issue on information technology, International Journal of Hospitality Management, 6(4), 207–215.
Nissan, E. (1987c). Data analysis using a geometrical representation of predicate calculus. Information Sciences, 41(3), 187–258.
Nissan, E. (1988). ONOMATURGE: An expert system in word-formation. Ph.D. Dissertation (Computer Science). 3 vols., ca. 600 pages (in English). Beer-Sheva, Israel: Ben-Gurion University of the Negev. Project awarded the 1988 IPA Award in Computer Science.
Nissan, E. (1992). Deviation models of regulation: A knowledge-based approach. Informatica e Diritto, year 18 (= 2nd series, vol. 1), (1/2), 181–212.
Nissan, E. (2003 h). Review of Mani (2001). Cybernetics & Systems, 34(4/5), 559–569.
Nissan, E. (2010c). Multilingual lexis, semantics, and onomasiology. Terminological database modelling, by using the CuProS metarepresentation language: An XML-compatible XML-precursor enabling flexible nested-relation structures. In N. Dershowitz & E. Nissan (Eds.), Language, culture, computation: Essays in honour of Yaacov Choueka. Vol. 2: Tools for text and language, and the cultural dimension (in press). Berlin: Springer.
Nissan, E., & El-Sana, J. (2011). A retrospective of a pioneering project. Earlier than XML, other than SGML, still going: CuProS metadata for deeply nested relations, and navigating for retrieval in RAFFAELLO. In N. Dershowitz & E. Nissan (Eds.), Language, culture, computation: Essays in honour of Yaacov Choueka. Vol. 2: Tools for text and language, and the cultural dimension (in press). Berlin: Springer.
Nissan, E., Galperin, A., Soper, A., Knight, B., & Zhao, J. (2001). Future states for a present-state estimate, in the contextual perspective of in-core nuclear fuel management. International Journal of Computing Anticipatory Systems, 9, 256–271.
Nissan, E., Hall, D., Lobina, E., & de la Motte, R. (2004). A formalism for a case study in the WaterTime project: The city water system in Grenoble, from privatization to remunicipalization. Applied Artificial Intelligence, 18(3/4), 367–389.
Oatley, G., & Ewart, B. (2003). Crimes analysis software: ‘Pins in Maps’, clustering and Bayes net prediction. Expert Systems with Applications, 25(4), 569–588.
Oatley, G., Ewart, B., & Zeleznikow, J. (2006). Decision support systems for police: Lessons from the application of data mining techniques to ‘soft’ forensic evidence. Journal of Artificial Intelligence and Law, 14(1/2), 35–100.
Oatley, G., Zeleznikow, J., & Ewart, B. (2004). Matching and predicting crimes. In A. Macintosh, R. Ellis, & T. Allen (Eds.), Applications and innovations in intelligent systems XII. Proceedings of AI2004, the 24th SGAI international conference on knowledge based systems and applications of artificial intelligence (pp. 19–32). Berlin: Springer.
O’Barr, W. M. (1982). Linguistic evidence: Language, power and strategy in the courtroom. New York: Academic.
Ochaeta, K. E. (2008). Fraud detection for internet auctions: A data mining approach. PhD thesis. Hsinchu, Taiwan: National Tsing-Hua University.
Onyshkevych, B., & Nirenburg, S. (1995). A lexicon for knowledge-based MT. Machine Translation, 10(1/2), 5–57.
Orgun, M. A., & Meyer, T. (Eds.). (2008). Advances in ontologies. Oxford: Blackwell.
Osborn, A. S. (1929). Questioned documents (2nd ed.). Albany, NY: Boyd Printing Company. Reprinted, Chicago: Nelson-Hall Co.
Overill, R. E. (2009). Development of Masters modules in computer forensics and cybercrime for computer science and forensic science students. International Journal of Electronic Security & Digital Forensics, 2(2), 132–140. http://www.dcs.kcl.ac.uk/staff/richard/IJESDF_2009.pdf
Özsoyoğlu, Z. M. (Ed.). (1988). Nested relations. Special issue of The IEEE Data Engineering Bulletin, 11(3), September. New York: IEEE.
Özsoyoğlu, Z. M., & Yuan, L. Y. (1987). A new normal form for nested relations. ACM Transactions on Database Systems, 12, 111–136.
Papadimitriou, C. H. (1994). Computational complexity. Reading, MA: Addison-Wesley.
Pawlak, Z. (1991). Rough sets: Theoretical aspects of reasoning about data. (Theory and Decision Library, 9. System Theory, Knowledge Engineering, and Problem Solving, Series D). Dorrdrecht, The Netherlands: Kluwer.
Perdisci, R., Ariu, D., Fogla, P., Giacinto, G., & Lee, W. (2009). McPAD: A multiple classifier system for accurate payload-based anomaly detection. In a special issue on Traffic Classification and Its Applications to Modern Networks of Computer Networks, 5(6), 864–881. http://3407859467364186361-a-1802744773732722657-s-sites.googlegroups.com/site/robertoperdisci/publications/publication-files/McPAD-revision1.pdf
Philipps, L. (1991). Distribution of damages in car accidents through the use of neural networks. Cardozo Law Review, 13(2/3), 987–1001.
Philipps, L. (1999). Approximate syllogisms: On the logic of everyday life. Artificial Intelligence and Law, 7(2/3), 227–234.
Phillips, L., & Sartor, G. (1999). From legal theories to neural networks and fuzzy reasoning. Artificial Intelligence and Law, 7(2/3), 115–128.
Phua, C., Lee, V., Smith-Miles, K., & Gayler, R. (2005). A comprehensive survey of data-mining-based fraud detection research. Clayton, VIC: Clayton School of Information Technology, Monash University; 2005. In 2010, it was accessible at: http://clifton.phua.googlepages.com/
Plewe, B. (1997). GIS online: Information retrieval, mapping, and the internet. Santa Fe, NM: Onword Press.
Poesio, M. (2005). Domain modelling and NLP: Formal ontologies? Lexica? Or a bit of both? Applied Ontology, 1(1), Amsterdam: IOS Press, pp. 27–33.
Popov, V. (2003). Social network analysis in decision making: A literature review. WaterTime Background Paper, PSIRU. London: University of Greenwich, January.
Pouget, F., & Holz, T. (2005). A pointillist approach for comparing honeypots. In K. Julisch & C. Krügel (Eds.), Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the Second International Conference (DIMVA 2005), Vienna, Austria, July 7–8, 2005 (pp. 51–68). Lecture Notes in Computer Science, Vol. 3548. Berlin: Springer.
Poulovassilis, A., & Levene, M. (1994). A nested-graph model for the representation and manipulation of complex objects. ACM Transactions on Information Systems, 12, 35–68.
Prakken, H. (1993a). Logical tools for modelling legal argument. Ph.D. thesis. Amsterdam: Vrije University.
Principe, J. C., Euliano, N. R., & Lefebvre, W. C. (2000). Neural and adaptive systems: Fundamentals through simulations. New York: Wiley.
Provos, N., & Holz, T. (2007). Virtual honeypots: From Botnet tracking to intrusion detection. Reading, MA: Addison-Wesley.
Pühretmair, F., & Wöβ, W. (2001). XML-based integration of GIS and heterogeneous tourism information. In K. Dittrich, A. Geppert, & M. Norrie (Eds.), Advanced information systems engineering (pp. 346–358). Berlin: Springer.
Purchase, H. C., Cohen, R. F., & James, M. (1997). An experimental study of the basis for graph drawing algorithms. ACM Journal of Experimental Algorithmics, 2(4), 4 es.
Pyle, D. (1999). Data preparation for data mining. San Francisco: Morgan Kaufmann.
Quinlan, J. R. (1986). Induction of decision trees. Machine Learning, 1, 81–106.
Quinlan, J. R. (1993). C4.5: Programs for machine learning. San Mateo, CA: Morgan Kaufmann.
Rahman, H. (2009). Prospects and scopes of data mining applications in society development activities. Chapter 9 In H. Rahman (Ed.), Data mining applications for empowering knowledge societies (pp. 162–213). Hershey, PA: Information Science Reference (IGI Press).
Raskin, V. (1987). Semantics of lying. In R. Crespo, B. Dotson-Smith, & H. Schultink (Eds.), Aspects of language: Studies in honour of Mario Alinei, Vol. 2: Theoretical and applied semantics (pp. 443–469). Amsterdam: Rodopi.
Raskin, V., Atallah, M. J., Hempelmann, C. F., & Mohamed, D. H. (2001). Hybrid data and text system for downgrading sensitive documents. Technical Report, Center for Education and Research in Information Assurance and Security. West Lafayette, IN: Purdue University. https://http://www.cerias.purdue.edu/assets/pdf/bibtex_archive/2001 154.pdf
Ratcliffe, J. H. (2005). The effectiveness of police intelligence management: A New Zealand case study. Police Practice and Research, 6(5), 435–451.
Rattani, A., Mehrotra, H., & Gupta, P. (2008). Multimodal biometric systems. In M. Quigley (Ed.), Encyclopedia of information ethics and security (pp. 478–485). Hershey, PA: IGI Global (formerly Idea Group), 2008 (but available from June 2007).
Reis, D., Melo, A., Coelho, A. L., & Furtado, V. (2006). GAPatrol: An evolutionary multiagent approach for the automatic definition of hotsports and patrol routes. In J. S. Sichman, H. Coelho, & S. O. Rezende (Eds.), Advances in artificial intelligence – IBERAMIA-SBIA 2006, 2nd International Joint Conference, 10th Ibero-American Conference on AI, 18th Brazilian AI Symposium (pp. 118–127). (Lecture Notes in Computer Science, 4140). Berlin: Springer.
Ren, A., Stakhanova, N., & Ghorbani, A. A. (2010). An online adaptive approach to alert correlation. In C. Kreibich & M. Jahnke (Eds.), Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the seventh international conference (DIMVA 2010), Bonn, Germany, July 8–9, 2010 (pp. 153–172). (Lecture Notes in Computer Science, Vol. 6201.) Berlin: Springer.
Rendell, K. W. (1994). Forging history: The detection of fake letters & manuscripts. Norman, OK: University of Oklahoma Press.
Resnick, P., Zeckhauser, R., Friedman, E., & Kuwabara. K. (2000). Reputation systems. Communications of the ACM, 43(12), 45–48. http://www.si.umich.edu/~presnick/papers/cacm00/reputations.pdf
Richards, W. D., & Rice, R. E. (1981). The NEGOPY network analysis program. Social Networks, 3(3), 215–223.
Ricordel, P., & Demazeau, Y. (2000). From analysis to deployment: A multi-agent platform survey. In A. Omicini, R. Tolksdorf, & F. Zambonelli (Eds.), Proceedings of the first international workshop on Engineering Societies in the Agents World (ESAW), ECAI2000 (pp. 93–105). Lectures Notes in Artificial Intelligence, Vol. 1972. Berlin: Springer.
Ripley, B. D. (1996). Pattern recognition and nueral networks. Cambridge: Cambridge University Press.
Risinger, D. M. (2007b). Appendix: Cases involving the reliability of handwriting identification expertise since the decision in Daubert. Tulsa Law Review, 43(2), 477–596. http://www.bioforensics.com/sequential_unmasking/Risinger Appendix.pdf
Risinger, D. M., Saks, M. J., Thompson, W. C., & Rosenthal, R. (2002). The Daubert/Kumho implications of observer effects in forensic science: Hidden problems of expectation and suggestion. California Law Review, 90(1), 1–56. http://www.bioforensics.com/sequential_unmasking/observer_effects.pdf
Rissland, E. L., & Skalak, D. B. (1991). CABARET: Statutory interpretation in a hybrid architecture. International Journal of Man-Machine Studies, 34, 839–887.
Ritterband, P., & Wechsler, H. S. (1994). Jewish learning in American universities: The first century. Bloomington, IN: Indiana University Press.
Rokach, L., & Maimon, O. Z. (2008). Data mining with decision trees: Theory and applications. (Series in Machine Perception and Artificial Intelligence, Vol. 69.) Singapore: World Scientific.
Rosenblatt, F. (1958). The perceptron: A probabilistic model for information storage and organization in the brain. Psychological Review, 65, 386–408.
Ross, A., & Jain, A. K. (2003). Information fusion in biometrics. Pattern Recognition Letters, 24(13), 2115–2125.
Ross, T. (1995). Fuzzy logic with engineering applications. New York: McGraw-Hill.
Rousseeuw, P. J., & Hubert, M. (2011). Robust statistics for outlier detection. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(1), 73–79. doi://10.1002/widm.2
Rubinstein, R. (1997). Optimization of computer simulation models with rare events. European Journal of Operations Research, 99, 89–112.
Rumble, W. E., Jr. (1965). Legal realism, sociological jurisprudence and Mr. Justice Holmes. Journal of the History of Ideas, 26(4), 547–566.
Rumelhart, D. E., Hinton, G. E., & Williams, R. (1986a). Learning internal representations by error propagation. In D. E. z & J. L. McClelland (Eds.), Parallel distributed processing: Explorations in the microstructure of cognition. Cambridge, MA: MIT Press.
Rumelhart, D. E., Hinton, G. E., & Williams, R. (1986b, October 9). Learning representations by back-propagating errors. Letters to Nature (Nature), 323, 533–536.
Salton, G. (1989). Automatic text processing: The transformation, analysis, and retrieval of information by computer. Reading, MA: Addison-Wesley Publishing Company.
Salton, G., & Buckley, C. (1988). Term-weighting approaches in automatic text retrieval. Information Processing and Management, 24(5), 513–523.
Sammes, T., & Jenkinson, B. (2000). Forensic computing: A practitioner’s guide. London & Heidelberg: Springer.
Schild, U. J. (1998). Criminal sentencing and intelligent decision support. Artificial Intelligence and Law, 6(2–4), 151–202.
Schneider, S. A. (2001). The B-method: An introduction. Palgrave Cornerstones in Computer Science. London: Palgrave Macmillan.
Schonlau, M., DuMouchel, W., Ju, W., Karr, A. F., Theus, M., & Vardi, Y. (2001). Computer intrusion: Detecting masquerades. Statistical Science, 16(1), 58–74.
Schreiber, T. J., Akkermanis, A. M., Anjewierden, A. A., de Hoog, R., Shadbolt, A., Van de Velde, W., et al. (1999). Knowledge engineering and management: The common Kads methodology. Cambridge, MA: MIT Press.
Schreiber, F. A., Belussi, A., De Antonellis, V., Fugini, M. G., Pozzi, G., Tanca, L., et al. (2003). The design of the DEAFIN web-geographical information system: An experience in the integration of territorial reclamation support services. In A. Dahanayake & W. Gerhardt (Eds.), Web-enabled systems integration: Practice and challenges (pp. 142–168). Hershey, PA: Idea Group Publishing.
Schroeder, J., Xu, J., Chen, H., & Chau, M. (2007). Automated criminal link analysis based on domain knowledge. Journal of the American Society for Information Science and Technology, 58(6), 842–855. doi://10.1002/asi.v58:6
Schum, D. A. (1987). Evidence and inference for the intelligence analyst (2 Vols.). Lanham, MD: University Press of America.
Sebastiani, F. (2002). Machine learning in automated text categorization. ACM Computing Surveys, 34(1), 1–47.
Segal, M., & Xiao, Y. (2011). Multivariate random forests. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(1), 80–87. doi://10.1002/widm.12
Shannon, C. E., & Weaver, W. (1949). A mathematical theory of communication. Urbana, IL: University of Illinois Press.
Shapira, R. (1999). Fuzzy measurements in the Mishnah and Talmud. Artificial Intelligence and Law, 7(2/3), 273–288.
Shetty, J., & Adibi, J. (2004). The Enron email dataset database schema and brief statistical report. Los Angeles, CA: University of Southern California, Information Sciences Institute. http://www.isi.edu/adibi/Enron/Enron_Dataset_Report.pdf
Shoham, Y., & Leyton-Brown, K. (2009). Multiagent systems: Algorithmic, game-theoretic, and logical foundations. Cambridge: Cambridge University Press.
Shuy, R. W. (1993). Language crimes: The use and abuse of language evidence in the courtroom. Oxford: Blackwell.
Siddiqui, M. A. (2008). Data mining methods for malware detection. Ph.D. dissertation in Modeling and Simulation (supervised by M.C. Wang). Orlando, FL: College of Sciences, University of Central Florida. http://etd.fcla.edu/CF/CFE0002303/Siddiqui_Muazzam_A_200808_PhD.pdf
Singh, M., & Huhns, M. (2005). Service-oriented computing: Semantics, processes, agents. New York: Wiley.
Skabar, A., Stranieri, A., & Zeleznikow, J. (1997). Using argumentation for the decomposition and classification of tasks for hybrid system development. In N. Kasabov, R. Kozma, K. Ko, R. O’Shea, G. Coghill, & T. Gedeon (Eds.), Progress in connectionist based information systems (pp. 814–818). Proceedings of the 1997 international conference on neural information processing and intelligent information systems, Singapore. Berlin: Springer.
Smith, J. C., Gelbart, D., MacCrimmon, K., Atherton, B., McClean, J., Shinehoft, M., et al. (1995). Artificial intelligence and legal discourse: The Flexlaw legal text management system. Artificial Intelligence and Law, 3, 55–95.
Smith, J. M. (1992). SGML and related standards: Document description and processing languages. Ellis Horwood Series in Computers and Their Applications. New York & London: Ellis Horwood.
Smith, R. G. (1980a). The contract net protocol: High-level communication and control in a distributed problem solver. IEEE Transactions on Computers, C 29(12), 1104–1113.
Smith, T. F., & Waterman, M. S. (1981). Identification of common molecular subsequences. Journal of Molecular Biology, 147, 195–197.
Snook, B., Taylor, P. J., & Bennell C. (2005). False confidence in computerised geographical profiling [a reply to Rossmo]. Applied Cognitive Psychology, 19, 655–661.
Solan, Z., Horn, D., Ruppin, E., & Edelman, S. (2005). Unsupervised learning of natural languages. Proceedings of the National Academy of Sciences, USA, 102(33), 11629–11634.
Solka, J. L. (2008). Text data mining: Theory and methods. Statistics Surveys, 2, 94–112. Accessible online by searching the journal’s site at http://www.i-journals.org/ss/search.php
Song, C. H., Koo, Y. H., Yoo, S. J., & Choi, B. H. (2005). An ontology for integrating multimedia databases. In R. Khosla, R. J. Howlett, & L. C. Jain (Eds.), Knowledge-based intelligent information and engineering systems: 9th international conference, KES 2005, Melbourne, Australia, September 14–16, 2005, Proceedings, Part III (pp. 157–162). (Lecture Notes in Computer Science, Vol. 3684.) Berlin: Springer.
Song, Q., Hu, W., & Xie, W. (2002). Robust support vector machine for bullet hole image classification. IEEE Transaction on Systems, Man and Cybernetics, Part C, 32(4), 440–448.
Sowa, J. F. (Ed.). (1991). Principles of semantic networks: Explorations in the representation of knowledge. San Mateo, CA: Morgan Kaufmann Publishers.
Sowa, J. (1994). Conceptual structures: Information processing in mind and machine. Reading, MA: Addison Wesley.
Sowa, J. (1995). Top-level ontological categories. International Journal of Human-Computer Studies, 43(5–6), 669–686.
Sparrow, M. K. (1991). The application of network analysis to criminal intelligence: An assessment of the prospects. Social Networks, 13, 251–274.
Sperber, D., & Wilson, D. (1986). Loose talk. Proceedings of the Aristotelian Society, New Series, 86, 153–171. Reprinted in Davis, S. (Ed.). (1991). Pragmatics: A reader. Oxford: Oxford University Press.
Spitzner, L. (2002). Honeypots tracking hackers. Reading, MA: Addison-Wesley Professional.
Spitzner, L. (2003a). The honeynet project: Trapping the hackers. IEEE Security and Privacy, 1(2), 15–23.
Spivak, J. (1996). The SGML primer. Cambridge, MA: CTI.
Srihari, R. K. (2009). Unapparent information revelation: Text mining for counter-terrorism. In S. Argamon & N. Howard (Eds.), Computational methods for counterterrorism. Berlin: Springer.
Srihari, S. N., Ball, G. R., & Srinivasan, H. (2008). Versatile search of scanned arabic handwriting. In D. Doermann & S. Jaeger (Eds.), Arabic and chinese handwriting recognition. SACH 2006 Summit, College Park, MD, USA, September 27–28, 2006: Selected Papers (pp. 57–69). Lecture Notes in Computer Science, Vol. 4768. Berlin: Springer.
Srihari, S. N., Collins, J., Srihari, R. K., Srinivasan, H., & Shetty, S. (2008). Automatic scoring of short handwritten essays in reading comprehension tests. Artificial Intelligence, 172(2/3), 300–324.
Srihari, S. N., Srinivasan, H., & Beal, M. (2008). Machine learning for signature verification. In S. Marinai & H. Fujisawa (Eds.), Machine learning in document analysis and recognition (pp. 387–408). (Studies on Computational Intelligence, Vol. 90). Berlin: Springer.
Srihari, S. N., Srinivasan, H., & Desai, K. (2007). Questioned document examination using CEDAR FOX. Journal of Forensic Document Examination, 18(2), 1–20.
Staab, S., & Studer, R. (Eds.). (2009). Handbook on ontologies. (International Handbooks on Information Systems.) Berlin: Springer, 2004; 2nd edn., 2009.
Stephenson, K., & Zelen, M. (1989). Rethinking centrality: Methods and examples. Social Networks, 11(1), 1–38.
Stevens, R., Wroe, C., Lord, P. W., & Goble, C. A. (2004). Ontologies in bioinformatics. In S. Staab & R. Studer (Eds.), Handbook on ontologies (pp. 635–658). (International Handbooks on Information Systems.) Berlin: Springer.
Steyvers, M., & Tenenbaum, J. B. (2005). The large-scale structure of semantic networks: Statistical analyses and a model of semantic growth. Cognitive Science, 29(1), 41–78.
Stranieri, A., Yearwood, J., & Meikl, T. (2000). The dependency of discretion and consistency on knowledge representation. International Review of Law, Computers and Technology, 14(3), 325–340.
Stranieri, A., & Zeleznikow, J. (2005a). Knowledge discovery from legal databases. (Springer Law and Philosophy Library, 69.) Dordrecht, The Netherlands: Springer.
Stranieri, A., Zeleznikow, J., Gawler, M., & Lewis, B. (1999). A hybrid rule–neural approach for the automation of legal reasoning in the discretionary domain of family law in Australia. Artificial Intelligence and Law, 7(2/3), 153–183.
Su, X., & Tsai, Ch.-L. (2011). Outlier detection. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(3), 261–268. doi://10.1002/widm.19
Tesauro, G., Kephart, J., & Sorkin, G. (1996). Neural networks for computer virus recognition. IEEE Expert, 11(4), 5–6.
Thagard, P. (1989). Explanatory coherence. Behavioural and Brain Sciences, 12(3), 435–467. Commentaries and riposte up to p. 502.
Teufel, S., & Moens, M. (2002). Summarising scientific articles: Experiments with relevance and rhetorical status. Computational Linguistics, 28(4), 409–445.
Toppano, E., Roberto, V., Giuffrida, R., & Buora, G. B. (2008). Ontology engineering: Reuse and integration. International Journal of Metadata, Semantics and Ontologies, 3(3), 233–247.
Tsai, F. S., & Chan, K. L. (2007). Detecting cyber security threats in weblogs using probabilistic models. In C. C. Yang, D. Zeng, M. Chau, K. Chang, Q. Yang, X. Cheng, et al. (Eds.), Intelligence and security informatics: Proceedings of the Pacific Asia workshop, PAISI 2007, Chengdu, China, April 11–12, 2007 (pp. 46–57). Lecture Notes in Computer Science, Vol. 4430. Berlin: Springer.
Turvey, B. (1999). Criminal profiling: An introduction to behavioral evidence analysis. San Diego, CA: Academic.
Uschold, M. (2005). An ontology research pipeline. Applied Ontology, 1(1), 13–16. Amsterdam: IOS Press.
Uschold, M., & Grüninger, M. (1996). Ontologies: Principles, methods and applications. Knowledge Engineering Review, 11(2), 93–136. We quoted from the previous version (accessed on the Web in 2009): Technical Report AIAI TR 191. Edinburgh, Scotland: Artificial Intelligence Applications Institute (AIAI), University of Edinburgh, February 1996.
Uschold, M., & Grüninger, M. (2004). Ontologies and semantics for seamless connectivity. In the special section on Semantic Integration. ACM SIGMOD Record, 33(4), 58–64.
Valente, A. (1995). Legal knowledge engineering: A modeling approach. Amsterdam: IOS Press.
Valente, A. (2005). Types and roles of legal ontologies. In V. R. Benajmins, P. Casanovas, J. Breuker, & A. Gangemi (Eds.), Proceedings of law and the semantic web [2005]: Legal ontologies, methodologies, legal information retrieval, and applications (pp. 65–76). (Lecture Notes in Computer Science, Vol. 3369.) Berlin: Springer. http://lib.dnu.dp.ua:8001/l/%D0%9A%D0%BE%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D1%8B%D0%98%D1%81%D0%B5%D1%82%D0%B8/_Lecture%20Notes%20in%20Computer%20Science/semantic/Law%20and%20the%20Semantic%20Web..%20Legal%20Ontologies,%20Methodologies,%20Legal%20Information%20Retrieval,%20and%20Applications(LNCS3369,%20Springer,%202005)(ISBN%203540250638)(258s)_CsLn_.pdf#page=75
Valeur, F., Mutz, D., & Vigna, G. (2005). A learning-based approach to the detection of SQL attacks. In K. Julisch & C. Krügel (Eds.), Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the second international conference (DIMVA 2005), Vienna, Austria, July 7–8, 2005 (pp. 123–140). (Lecture Notes in Computer Science, Vol. 3548.) Berlin: Springer.
Valitutti, A., Strapparava, C., & Stock, O. (2005). Developing affective lexical resources. Psychnology Journal, 2(1), 61–83. http://www.psychnology.org/File/PSYCHNOLOGY_JOURNAL_2_1_VALITUTTI.pdf
Van Cott, H. P., & Kinkade, R. G. (Eds.). (1972). Human engineering guide to equipment design. New York: McGraw-Hill.
van Kralingen, R. W. (1995). Frame based conceptual models of statute law. Dordrecht, The Nertherlands: Kluwer Law International (now Springer).
Vapnik, V. N. (1995). The nature of statistical learning theory. New York & Berlin: Springer.
Vapnik, V. N. (1998). Statistical learning theory: Adaptive and learning systems for signal processing, communications, and control. New York: Wiley.
Viegas, E., & Raskin, V. (1998). Computational semantic lexicon acquisition: Methodology and guidelines. Memoranda in Computer and Cognitive Science, MCCS-98-315. Las Cruces, NM: New Mexico State University, Computing Research Laboratory.
Visser, P. R. S. (1995). Knowledge specification for multiple legal tasks: A case study of the interaction problem in the legal domain. Kluwer Computer/Law Series, Vol. 17. Dordrecht, The Netherlands: Kluwer (now Springer).
Vossos, G., Zeleznikow, J., & Hunter, D. (1993). Building intelligent litigation support tools through the integration of rule based and case based reasoning. Law, Computers and Artificial Intelligence, 2(1), 77–93.
Vrochidis, S., Doulaverakis, C., Gounaris, A., Nidelkou, E., Makris, L., & Kompatsiaris, I. (2008). A hybrid ontology and visual-based retrieval model for cultural heritage multimedia collections. International Journal of Metadata, Semantics and Ontologies, 3(3), 167–182.
Walker, D. P. (1958). Spiritual and demonic magic from Ficino to Campanella. London: Warburg Institute.
Walker, R. F., Oskamp, A, Schrickx, J. A., Opdorp, G. J., & van den Berg P. H. (1991). PROLEXS: Creating law and order in a heterogeneous domain. International Journal of Man–Machine Studies, 35(1), 35–68.
Wang, P., & Gedeon, T. D. (1995). A new method to detect and remove the outliers in noisy data using neural networks: Error sign testing. Systems Research and Information Science, 7(1), 55–67.
Wang, W., Guo, W., Luo, Y., Wang, X., & Xu, Z. (2005). The study and application of crime emergency ontology event model. In R. Khosla, R. J. Howlett, & L. C. Jain (Eds.), Knowledge-based intelligent information and engineering systems: 9th international conference, KES 2005, Melbourne, Australia, September 14–16, 2005, Proceedings, Part IV (pp. 806–812). Lecture Notes in Computer Science, Vol. 3684. Berlin: Springer.
Warner, D. (1994). A neural network-based law machine: The problem of legitimacy. Law, Computers & Artificial Intelligence, 2(2), 135–147.
Wasserman, S., & Faust, K. (1994). Social network analysis: Methods and applications. Cambridge: Cambridge University Press.
Weatherford, M. (2002). Mining for fraud. IEEE Intelligent Systems, 17, 4–6.
Webb, G. I. (2000). MultiBoosting: A technique for combining boosting and wagging. Machine Learning, 40(2), 159–196.
Weiss, G. (1999). Multiagent systems: A modern approach to distributed artificial intelligence. Cambridge, MA: The MIT Press.
Weiss, S., & Kulikowski, C. (1992). Computer systems that learn: Classification and prediction methods from statistics, neural nets, machine learning and expert systems. San Mateo, CA: Morgan Kaufmann Publishers Inc.
Werbos, P. (1974). Beyond regression: New tools for prediction and analysis in the behavioural sciences. Ph.D. dissertation. Cambridge, MA: Harvard University.
Witten, I. H., & Frank, E. (2000). Data mining: Practical machine learning tools and techniques with java implementations. San Francisco: Morgan Kaufmann Publishers.
Woods, W. A. (1975). What’s in a link: Foundations for semantic networks. In D. G. Bobrow & A. Collins (Eds.), Representation and understanding (pp. 35–82). New York: Academic.
Wooldridge, M. (2002). An introduction to multiagent systems. Chichester: Wiley 2nd edition, 2009. [Page numbers as referred to in this book are to the 1st edition.]
Wooldridge, M., & Jennings, N. R. (1995). Intelligent agents: Theory and practice. The Knowledge Engineering Review, 10(2), 115–152.
Worboys, M. F., & Duckham, M. (2004). GIS: A computing perspective (2nd ed.). Boca Raton, FL: CRC Press.
Wu, J., & Chung, A. C. S. (2005a). Cross entropy: A new solver for markov random field modeling and applications to medical image segmentation. In J. S. Duncan & G. Gerig (Eds.), Medical image computing and computer-assisted intervention: MICCAI 2005, 8th international conference, Palm Springs, CA, USA, October 26–29, 2005, Proceedings, Part I (pp. 229–237). Lecture Notes in Computer Science, Vol. 3749. Berlin: Springer.
Xiang, Y., Chau, M., Atabakhsh, H., & Chen, H. (2005). Visualizing criminal relationships: Comparisons of a hyperbolic tree and a hierachical list. Decision Support System, 41, 69–83. doi://10.1016/j.dss.2004.02.006
Xu, J. J., & Chen, H. (2004). Fighting organized crimes: using shortest-path algorithms to identify associations in criminal networks. Decision Support Systems, 38, 473–487. doi://10.1016/S0167-9236(03)00117 9
Xu, M., Kaoru, H., & Yoshino, H. (1999). A fuzzy theoretical approach to case-based representation and inference in CISG. Artificial Intelligence and Law, 7(2/3), 115–128.
Yager, R. R., & Zadeh, L. A. (1994). Fuzzy sets, neural networks and soft computing. New York: Van Nostrand Reinhold.
Yan, X., Zhu, F., Yu, P. S., & Jan, J. (2006). Feature-based substructure similarity search. ACM Transactions on Database Systems, 31(4), 1418–1453. Pre final version posted at: http://www.cs.ucsb.edu/~xyan/papers/tods06_similarity.pdf
Yang, C. C. (2008). Knowledge discovery and information visualization for terrorist social networks. In H. Chen & C. C. Yang (Eds.), Intelligence and security informatics (pp. 45–64). Studies in Computational Intelligence, Vol. 135. Berlin: Springer. doi://10.1007/978 3 540 69209 6
Yang, C. C., & Wang, F. L. (2008). Hierarchical summarization of large documents. Journal of the American Society for Information Science and Technology (JASIST), 59(6), 887–902.
Yearwood, J., & Wilkinson, R. (1997). Retrieving cases for treatment advice in nursing using text representation and structured text retrieval. Artificial Intelligence in Medicine, 9(1), 79–99.
Yedidia, J. S., Freeman, W. T., & Weiss, Y. (2003). Understanding belief propagation and its generalizations. In G. Lakemeyer & B. Nebel (Eds.), Exploring artificial intelligence in the new millennium (pp. 239–269). San Francisco: Morgan Kaufmann Publishers. Previously, Technical Report TR 2001 22, Mitsubishi Electric Research, 2001.
Yu, F.-R., Tang, T., Leung, V.-C.-M., Liu, J., & Lung, C-H. (2008). Biometric-based user authentication in mobile ad hoc networks. Security in Wireless Sensor Networks,74 1(1), 5–16.
Zadeh, L. A. (1965). Fuzzy sets. Information and Control, 8, 338–353.
Zahedi, F. (1993). Intelligent systems for business. Belmont, CA: Wadsworth.
Zeleznikow, J. (2002b). Using web-based legal decision support systems to improve access to justice. Information and Communications Technology Law, 11(1), 15–33.
Zeleznikow, J., Vossos, G., & Hunter, D. (1994). The IKBALS project: Multimodal reasoning in legal knowledge based systems. Artificial Intelligence and Law, 2(3), 169–203.
Zhang, B., & Srihari, S.N. (2004). Handwriting identification using multiscale features. Journal of Forensic Document Examination, 16, 1–20.
Zhong Ren, P., & Ming Hsiang, T. (2003). Internet GIS. New York: Wiley.
Zurada, J. M. (1992). Introduction to artificial neural networks. New York: West Publishing.
Choudhary, A.N., Honbo, D., Kumar, P., Ozisikyilmaz, B., Misra, S., & Memik, G. (2011). Accelerating data mining workloads: Current approaches and future challenges in system architecture design. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(1), 41–54. doi://10.1002/widm.9
Lucas, R. (1986). An expert system to detect burglars using a logic language and a relational database. Fifth British National Conference on Databases, Canterbury, Kent, England.
Charles, J. (1998). AI and law enforcement. IEEE Intelligent Systems, January–February, 77–80.
Stranieri, A., & Zeleznikow, J. (2005b). Knowledge discovery from legal databases. Tutorial given at Tenth International Conference on Artificial Intelligence and Law (ICAIL 2005), in Bologna, Italy.
Feu Rosa, P. V. (2000). The Electronic Judge. In Proceedings of the AISB’00 symposium on artificial intelligence & legal reasoning, 17 April 2000 (at the 2000 Convention of the Society for the Study of Artificial Intelligence and the Simulation of Behaviour), Birmingham, England, 17 April 2000, pp. 33–36.
Brandes, U., Raab, J., & Wagner, D. (2001). Exploratory network visualization: Simultaneous display of actor status and connections. Journal of Social Structure, 2(4). http://www.cmu.edu/joss/content/articles/volume2/BrandesRaabWagner.html
Freeman, L. C. (2000a). Visualizing social networks. Journal of Social Structure, 1(1). This article is posted at Freeman’s website at http://moreno.ss.uci.edu/79.pdf and also at the journal’s website at http://www.cmu.edu/joss/content/articles/volume1/Freeman.html http://www.heinz.cmu.edu/project/INSNA/joss/vsn.html
Freeman, L. C. (2000b). Visualizing social groups. In American Statistical Association 1999 Proceedings of the Section on Statistical Graphics, 2000, pp. 47–54. http://moreno.ss.uci.edu/80.pdf
Kleinberg, J. (2000b). The small-world phenomenon: An algorithmic perspective. In Proceedings of the 32nd ACM symposium on theory of computing. Also appears as Cornell Computer Science Technical Report 99-1776 (October 1999). http://www.cs.cornell.edu/home/kleiber/swn.pdf
Pfeiffer III, J., & Neville, J. (2011). Methods to determine node centrality and clustering in graphs with uncertain structure. In Proceedings of the Fifth International AAAI Conference on Weblogs and Social Media. http://www.cs.purdue.edu/homes/neville/papers/pfeiffer-icwsm2011.pdf
Richards, W. D. (1999). MultiNet. [Software tool.] At http://www.sfu.ca/~richards/Multinet/
Scott, M. S. (2000). Problem-oriented policing: Reflections on the first 20 years. Washington, DC: Office of Community Oriented Policing Services [COPS Office], U.S. Department of Justice. http://www.popcenter.org/Library/RecommendedReadings/Reflections.pdf
Freeman, L. C. (2004). The development of social network analysis: A study in the sociology of science. Vancouver, BC: Empirical Press. Translated into Japanese by R. Tsuji and published as
. Tokyo: NTT Publishing Co., 2007. Translated into Italian by R. Memoli and published as Lo sviluppo dell’analisi delle reti sociali. Uno studio di sociologia della scienza. Milano: Franco Angeli, 2007. Translated into Chinese by Wang Weidong and published as 
. Beijing: China Renmin University Press, 2008.Freeman, L. C. (2008). Going the wrong way on a one-way street: Centrality in physics and biology. Journal of Social Structure, 9(2). This article is posted at Freeman’s website at http://moreno.ss.uci.edu/joss.pdf and also at the journal’s website at http://www.cmu.edu/joss/content/articles/volume9/Freeman.html
Kleinberg, J. (2001). Small-world phenomena and the dynamics of information. Advances in Neural Information Processing Systems (NIPS), 14. http://www.cs.cornell.edu/home/kleiber/nips14.pdf
Kleinberg, J. (2004). The small-world phenomenon and decentralized search. A short essay as part of Math Awareness Month 2004, appearing in SIAM News, 37(3), April 2004. http://www.mathaware.org/mam/04/essays/smallworld/html
Kleinberg, J. (2006). Complex networks and decentralized search algorithms. In Proceedings of the International Congress of Mathematicians (ICM), 2006. http://www.cs.cornell.edu/home/kleiber/icm06-swn.pdf
Sinai, J. (2006). Combating terrorism insurgency resolution software. In Proceedings of the IEEE International Conference on Intelligence and Security Informatics (ISI 2006), pp. 401–406.
Elson, D. K., Dames, N., & McKeown, K. R. (2010). Extracting social networks from literary fiction. In Proceedings of the 48th annual meeting of the association for computational linguistics, Uppsala, Sweden, 11–16 July 2010, pp. 138–147.
Phuoc, N. Q., Kim, S.-R., Lee, H.-K., & Kim, H. S. (2009). PageRank vs. Katz Status Index, a theoretical approach. In Proceedings of the Fourth International Conference on Computer Sciences and Convergence Information Technology (ICCIT’09), Seoul, South Korea, 24–26 November 2009, pp. 1276–1279.
Brin, S., & Page, L. (1998). The anatomy of a large-scale hypertextual web search engine. In WWW 1998: Proceedings of the seventh international conference on world wide web, pp. 107–117.
Altman, A., & Tenneholtz, M. (2005). Ranking systems: The PageRank axioms. In EC ’05: Proceedings of the 6th ACM conference on Electronic Commerce (EC’05), Vancouver, Canada, 5–8 June 2005, pp. 1–8. http://stanford.edu/~epsalon/pagerank.pdf
Leskovec, J., Singh, A., & Kleinberg, J. (2006). Patterns of influence in a recommendation network. In Proceedings of the Pacific-Asia Conference on Knowledge Discovery and Data Mining (PAKDD), 2006. http://www.cs.cornell.edu/home/kleiber/pakdd06-cascade.pdf
Fitts, P. M., Jones, R. E., & Milton, J. L. (1950, February). Eye movements of aircraft pilots during instrument landing approaches. Aeronautical Engineering Review, 9.
Horn, R., Birdwell, J. D., & Leedy, L. W. (1997). Link discovery tool. In Proceedings of the counterdrug technology assessment center’s ONDCP/CTAC international symposium, Chicago, IL, August 18–22.
Channell, R. C., & Tolcott, M. A. (1954). Arrangement of equipment. In supplement to Human Factors in Undersea Warfare. Washington, DC: National Academy of Sciences, National Research Council.
Bayse, W. A., & Morris, C. G. (1987). FBI automation strategy: Development of AI applications for national investigative programs. Signal Magazine, May.
Goldberg, H. G., & Wong, R. W. H. (1998). Restructuring transactional data for link analysis in the FinCEN AI system. In D. Jensen & H. Goldberg (Eds.), Artificial intelligence and link analysis. Papers from the AAAI Fall Symposium, Orlando, FL.
Goldberg, M., Hayvanovych, M., Hoonlor, A., Kelley, S., Magdon-Ismail, M., Mertsalov, K., et al. (2008). Discovery, analysis and monitoring of hidden social networks and their evolution. At the IEEE Homeland Security Technologies Conference, Boston, MA, May 12–13, 2008, pp. 1–6.
Badiru, A. B., Karasz, J. M., & Holloway, R. T. (1988). Arest: [sic] Armed robbery eidetic suspect typing expert system. Journal of Police Science and Administration, 16(3), 210–216.
Valcour, L. (1997). Investigate B & E: Break & enter expert system. Technical Report TR-11-97, Canadian Police Research Centre.
Monmonier, M. S. (1996). How to lie with maps. Chicago: University of Chicago Press.
O’Looney, J. (2000). Beyond maps: GIS and decision making in local government. Redlands, CA: ESRI Press.
Lebbah, M., Bennani, Y., & Rogovschi, N. (2009). Learning self-organizing maps as a mixture Markov models. In Proceedings of the third International Conference on Complex Systems and Applications (ICCSA’09), Le Havre, Normandy, France, June 29–July 02, 2009. pp. 54–59.
Harris, R. (2006). Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem. At the Digital Forensic Research Workshop 2006: The 6th annual DFRWS 2006, Lafayette, Indiana, 14–16 August 2006. Article published in Digital Investigation, 3S, pp. S44–S49 (Amsterdam: Elsever). http://www.dfrws.org/2006/proceedings/6-Harris.pdf
Partridge, R. E. (1991). Battle scarred. [A two-paragraph item.] Reader’s Digest (U.S, edition), April 1991, p. 120.
Amigoni, F., & Continanza, L. (2010). A lattice-based approach to the problem of recruitment in multiagent systems. Submitted.
Pandit, S., Chau, D. H., Wang, S., & Faloutsos, C. (2007). NetProbe: A fast and scalable system for fraud detection in online auction networks. In WWW 2007: Proceedings of the 16th International Conference on World Wide Web, Banff, AB, Track: Data Mining, Session: Mining in Social Networks. New York: ACM, pp. 201–210.
Kleinberg, J. (1998). Authoritative sources in a hyperlinked environment. In Proceedings of the ninth ACM-SIAM symposium on discrete algorithms. New York: ACM, & Philadelphia, PA: SIAM. Extended version in Journal of the ACM, 46 (1999). Also appears as IBM Research Report RJ 10076, May 1997. http://www.cs.cornell.edu/home/kleinber/auth.pdf
Neville, J., Simsek, O., Jensen, D., Komoroske, J., Palmer, K., & Goldberg, H. (2005). Using relational knowledge discovery to prevent securities fraud. In Proceedings of the 11th ACM SIGKDD international conference on Knowledge Discovery and Data Mining (KDD’05), Chicago, IL, 21–24 August 2005. New York: ACM Press, pp. 449–458. http://www.cs.purdue.edu/homes/neville/papers/neville-et-al-kdd2005.pdf
Chau, D. H., Pandit, S., & Faloutsos, C. (2006). Detecting fraudulent personalities in networks of online auctioneers. In Proceedings of the European Conference on Machine Learning (ECM) and Principles and Practice of Knowledge Discovery in Databases (PKDD) 2006, Berlin, 18–22 September 2006, pp. 103–114.
Kwan, M. Y. K., Overill, R. E., Chow, K. P., Silomon, J. A. M., Tse, H., Law, F. Y. W., et al. (2010). Internet auction fraud investigations. Chapter 7 in Advances in Digital Forensics VI: Proceedings of the 6th annual IFIP WG 11.9 international conference on digital forensics, Hong Kong, 3–6 January 2010. Berlin: Springer, on behalf of the International Federation for Information Processing (IFIP), pp. 95–106. http://www.kcl.ac.uk/staff/richard/IFIP_2010
Neville, J., & Jensen, D. (2003). Collective classification with relational dependency networks. In S. Džeroski, L. De Raedt, & S. Wrobel (Eds.), Proceedings of the second Multi-Relational Data Mining workshop (MRDM-2003), Washington, DC, 27 August 2003, at the Ninth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD’03), pp. 77–91. http://www.cs.purdue.edu/homes/neville/papers/neville-jensen-mrdm2003.pdf
Gyongyi, Z., Molina, H. G., & Pedersen, J. (2004). Combating web spam with TrustRank. In Proceedings of the 30th Very Large Data Bases international conference (VLDB 2004), Toronto, Canada, August 29–September 3, 2004. An older version of that paper had appeared as a technical report of Stanford University.
Yan, X., & Han, J. (2002). gSpan: Graph-based substructure pattern mining. In Proceedings of the 2002 International Conference on Data Mining (ICDM 2002), pp. 721–724. Expanded Version, UIUC Technical Report, UIUCDCS-R-2002-2296. Department of Computer Science, University of Illinois at Urbana-Champaign.
Yan, X., Zhou, X. J., & Han, J. (2005). Mining closed relational graphs with connectivity constraints. In Proceedings of the 2005 International Conference on Knowledge Discovery and Data Mining (KDD 2005), Chicago, IL, August 2005, pp. 324–333.
Pei, J., Jiang, D., & Zhang, A. (2005). On mining cross-graph quasi-cliques. In Proceedings of the 2005 International Conference on Knowledge Discovery and Data Mining (KDD 2005), Chicago, IL, August 2005, pp. 228–238.
Zeng, Z., Wang, J., Zhou, L., & Karypis, G. (2006). Coherent closed quasi-clique discovery from large dense graph databases. In Proceedings of the 12th ACM Conference on Knowledge Discovery and Data Mining (SIG KDD 2006), Philadelphia, PA, August 20–23, 2006, pp. 797–802.
Tatti, N. (2009). Significance of episodes based on minimal windows. In Proceedings of the Ninth IEEE International Conference on Data Mining (ICDM-2009), 2009, pp. 513–522.
Tatti, N., & Cule, B. (2010). Mining closed strict episodes. In Proceedings of the Tenth IEEE International Conference on Data Mining (ICDM-2010), pp. 501–510.
Zhou, W., Liu, H., & Cheng, H. (2010). Mining closed episodes from event sequences efficiently. In Proceedings of the 14th Pacific-Asia Conference on Knowledge Discovery and Data Mining, Vol. 1, pp. 310–318.
Gwadera, R., Atallah, M. J., & Szpankowski, W. (2005b). Markov models for identification of significant episodes. In Proceedings of the SIAM International Conference on Data Mining (SDM 2005), pp. 404–414.
Casas-Garriga, G. (2003). Discovering unbounded episodes in sequential data. In Proceedings of the Seventh European Conference on Principles and Practice of Knowledge Discovery in Databases (PKDD 2003), pp. 83–94.
Cortes, C., Pregibon, D., & Volinsky, C. (2001). Communities of interest. In Proceedings of the fourth international symposium of intelligent data analysis.
Mørup, M. (2011). Applications of tensor (multiway array) factorizations and decompositions in data mining. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(1), 24–40. doi://10.1002/widm.1
Tong, H., & Faloutsos, F. (2006). Center-piece subgraphs: Problem definition and fast solutions. Proceedings of KDD 2006, Philadelphia, PA. http://www.cs.cmu.edu/~christos/PUBLICATIONS/kdd06CePS.pdf
Tong, H., Faloutsos, C., & Jia-Yu Pan, J.-Y. (2006). Fast random walk with restart and its applications. In Proceedings of ICDM 2006, Hong Kong. http://www.cs.cmu.edu/~christos/PUBLICATIONS/icdm06-rwr.pdf
Leskovec, J., Kleinberg, J., & Faloutsos, C. (2005). Graphs over time: Densification laws, shrinking diameters and possible explanations. In Proceedings of the 2005 international conference on Knowledge Discovery and Data mining (KDD 2005), Chicago, IL, August 2005. http://www.cs.cmu.edu/~christos/PUBLICATIONS/icdm05-power.pdf
Leskovec, J., Chakrabarti, D., Kleinberg, J., & Faloutsos, C. (2005). Realistic, mathematically tractable graph generation and evolution, using Kronecker multiplication. In Proceedings of ECML/PKDD 2005, Porto, Portugal, 2005. http://www.cs.cmu.edu/~jure/pubs/kronecker-pkdd05.pdf http://ecmlpkdd05.liacc.up.pt
Leskovec, J., & Faloutsos, C. (2007). Scalable modeling of real graphs using Kronecker multiplication. In Proceedings of ICML 2007, Corvallis, OR.
Sun, J., Tao, D., & Faloutsos, C. (2006). Beyond streams and graphs: Dynamic tensor analysis. In Proceedings of KDD 2006, Philadelphia, PA. http://www.cs.cmu.edu/~christos/PUBLICATIONS/kdd06DTA.pdf
Sun, J., Xie, Y., Zhang, H., & Faloutsos, C. (2007). Less is more: Compact matrix decomposition for large sparse graphs. In Proceedings of SDM, Minneapolis, MN, April 2007. http://www.cs.cmu.edu/~jimeng/papers/SunSDM07.pdf
Esmaili, M., Safavi-Naini, R., Balachandran, B., & Pieprzyk, J. (1996). Case-based reasoning for intrusion detection. At the IEEE twelfth annual computer security applications conference, pp. 214–223.
Chau, D. H., Nachenberg, C., Wilhelm, J., Wright, A., & Faloutsos, C. (2010). Polonium: Tera-scale graph mining for malware detection. In Proceedings of the second workshop on Large-scale Data Mining: Theory and Applications (LDMTA 2010), Washington, DC, 25 July 2010. http://www.ml.cmu.edu/current_students/DAP_chau.pdf
Kephart, J., & Arnold, W. (1994). Automatic extraction of computer virus signatures. At the 4th Virus Bulletin International Conference, pp. 178–184.
Schultz, M., Eskin, E., Zadok, E., & Stolfo, S. (2001). Data mining methods for detection of new malicious executables. At the 2001 IEEE Symposium on Security and Privacy, pp. 38–49.
Zeng, Y., Wang, R., Zeleznikow, J., & Kemp, E. (2005). Knowledge representation for the intelligent legal case retrieval. In R. Khosla, R. J. Howlett, & L. C. Jain (Eds.), Knowledge-based intelligent information and engineering systems: 9th international conference, KES 2005, Melbourne, Australia, September 14–16, 2005, Proceedings, Part I (pp. 339–345). Lecture Notes in Computer Science, Vol. 3684. Berlin: Springer.
Agrawal, R., Imielinski, T., & Swami, A. (1993). Mining association rules between sets of items in large databases. In Proceedings of the 1993 ACM SIGMOD international conference on management of data (SIGMOD’93), Washington, DC, pp. 207–216.
Chen, H., & Lynch, K. J. (1992). Automatic construction of networks of concepts characterizing document databases. IEEE Transactions on Systems, Sept./Oct. 1992, 885–902.
Vafaie, H., Abbott, D. W., Hutchins, M., & Matkovskly, I. P. (2000). Combining multiple models across algorithms and samples for improved results. At The Twelfth International Conference on Tools with Artificial Intelligence, Vancouver, BC, Canada, 13–15 November 2000.
Kingston, J., Schafer, B., & Vandenberghe, W. (2004). Towards a financial fraud ontology: A legal modelling approach. Artificial Intelligence and Law, 12(4), 419–446.
Lee, R. (1995). An NLToolset-based system for MUC-6. In Proceedings of the sixth Message Understanding Conference (MUC-6). Columbia, MD: DARPA, and San Mateo, CA: Morgan Kaufmann Publishers, pp. 249–261.
Basta, S., Giannotti, F., Manco, G., Pedreschi, D., & Spisanti, L. (2009). SNIPER: A Data mining methodology for fiscal fraud detection. In Mathematics for Finance and Economy, special issue of ERCIM News, 78 (July), 27–28. Accessible at the webpage http://ercim-news.ercim.org/ of the European Research Consortium for Informatics and Mathematics.
Joshi, A., & Krishnapuram, R. (1998). Robust fuzzy clustering methods to support web mining. In Proceedings of the 15th workshop on data mining and knowledge discovery (SIGMOD ’98), Seattle, WA, June 2–4 1998. Seattle, WA and New York: ACM, 1998, pp. 1–8.
Backstrom, L., Huttenlocher, D., Kleinberg, J., & Lan, X. (2006). Group formation in large social networks: Membership, growth, and evolution. In Proceedings of the 12th ACM SIG KDD international conference on knowledge discovery and data mining (pp. 44–54).
Kempe, D., Kleinberg, J., & Tardos, E. (2003). Maximizing the spread of influence through a social network. In Proceedings of the ninth ACM SIG KDD interantional conference on knowledge discovery and data mining, pp. 137–146.
Kempe, D., Kleinberg, J. M., & Tardos, E. (2005). Influential nodes in a diffusion model for social networks. In Proceedings of ICALP, pp. 1127–1138.
Hamill, J. T. (2006). Analysis of layered social networks. Ph.D. dissertation. Report AFIT/DS/ENS/06 03. Graduate School of Engineering and Management, Air Force Institute of Technology (Air University). Available online at both these addresses: http://www.afit.edu/en/docs/ENS/dissertations/Hamill.pdf http://www.au.af.mil/au/awc/awcgate/afit/hamill_layered_social_networks.pdf
Bivens, A., Gao, L., Hulber, M. F., & Szymanski, B. (1999). Agent-based network monitoring. In Proceedings of the autonomous agents99 conference, workshop 1, agent based high performance computing: Problem solving applications and practical deployment, Seattle, WA, May 1999, pp. 41–53.
Szymanski, B. K., & Chung, M.-S. (2001). A method for indexing Web pages using Web bots. In Proceedings of the International Conference on Info-Tech & Info-Net, ICII’2001, Beijing, China, November 2001, IEEE Computer Society Press, pp. 1–6.
Liu, D., Yue, J., Wang, X., Raja, A., & Ribarsky, W. (2008). The role of blackboard-based reasoning and visual analytics in RESIN’s predictive analysis. In Proceedings of 2008 IEEE/WIC/ACM international conference on Intelligent Agent Technology (IAT 2008), Sydney, December 9–12, 2008, pp 508–511. An extended version is: CVC Technical Report CVC-UNCC-08-29, Charlotte: University of North Carolina, July 2008. http://www.sis.uncc.edu/~anraja/PAPERS/IAT08-Final.pdf
Yue, J., Raja, A., Liu, D., Wang, X., & Ribarsky, W. (2009). A blackboard-based approach towards predictive analytics. In Proceedings of AAAI Spring Symposium on Technosocial Predictive Analytics, Stanford University, CA, March 23–25, 2009, pp. 154–161. http://www.sis.uncc.edu/~anraja/PAPERS/TPA_JYue.pdf
Yue, J., Raja, A., & Ribarsky, B. (2010). Predictive analytics using a blackboard-based reasoning agent. Short Paper in Proceedings of 2010 IEEE/ WIC/ ACM International Conference on Intelligent Agent Technology (IAT-2010), Toronto, Canada, pp. 97–100. http://www.sis.uncc.edu/~anraja/PAPERS/IAT10Visual.pdf
Oskamp, A., Walker, R. F., Schrickx, J. A., & van den Berg, P. H. (1989). PROLEXS divide and rule: A legal application. In J. C. Smith & R. T. Franson (Eds.), Proceedings of the second International Conference on Artificial Intelligence and Law (ICAIL’89) (pp. 54–62). New York: ACM Press. doi://10.1145/74014.74022
Fan, G., Huang, H., & Jin, Sh. (2008). An extended contract net protocol based on the personal assistant. In ISECS international colloquium on computing, communication, control, and management, 2008. CCCM ’08. Guangzhou, China, 3–4 August 2008. Los Alamitos, CA: IEEE, Vol. 2, pp. 603–607.
Hartley, J. R. M., & Varley, G. (2001). The design and evaluation of simulations for the development of complex decision-making skills. In T. Okamoto, R. Hartley, Kinshuk & J. P. Klus (Eds.), Proceedings of the IEEE international conference on advanced learning technology: Issues, achievements and challenge (pp. 145–148). IEEE Computer Society.
Leff, L. (2001). Automated reasoning with legal XML documents. In Proceedings of the eighth international conference on artificial intelligence and law, St. Louis, MO. New York: ACM Press, pp. 215–216.
Fuhr, N. (Ed.). (2006). Advances in XML information retrieval and evaluation: 4th international workshop of the initiative for the evaluation of XML retrieval, INEX 2005, Dagstuhl Castle, Germany, November 28–30, 2005. Revised and Selected Papers. (Lecture Notes in Computer Science, Vol. 3977.) Berlin: Springer.
Nissan, E. (1999). Using the CuProS metarepresentation language for defining flexible nested-relation structures for monolingual and multilingual terminological databases. [Proceedings of the EAFT] Conference on co-operation in the field of terminology in Europe, Paris, 17–19 May 1999. Paris: Union Latine, 2000, pp. 337–343.
Barron, J. (2004). In a futuristic house, speak clearly and carry a manual. Daily Telegraph, London, 28 October 2004, on p. 7 in The New York Times selection supplement.
Sowa, J. F. (2006). Semantic networks. Last revised in 2006 (posted at http://www.jfsowa.com/pubs/semnet.htm). Revised and extended version of an article In: Shapiro, S. C. (Ed.). (1987). Encyclopedia of artificial intelligence. New York: Wiley; 2nd edn., 1992.
Arrigoni Neri, M., & Colombetti, M. (2009). Ontology-based learning objects search and courses generation. In E. Nissan, G. Gini, & M. Colombetti (Eds.), Marco Somalvico memorial issue, Special issue of Applied Artificial Intelligence, 23(3), 233–260.
Astrova, I., & Kalja, A. (2008). Storing OWL ontologies in SQL3 object-relational databases. In Proceedings of the eighth conference on applied informatics and communications, Rhodes, Greece, August 20–22, 2008, pp. 99–103.
Sattler, U. (2003). Description logics for ontologies. In Proceedings of the International Conference on Conceptual Structures (ICCS 2003). (Lecture Notes in AI, Vol. 2746.) Berlin: Springer.
ODBASE. (2005). Ontologies, databases and applications of semantics (ODBASE) 2005 international conference. Berlin: Springer.
Goranson, H. T., Chu, B. T., Grüninger, M., Ivezic, N., Kulvatunyou, B., Labrou, Y., et al. (2002). Ontologies as a new cost factor in enterprise integration. In Proceedings of ICEIMT 2002, pp. 253–263.
Wache, H., Voegele, T., Visser, U., Stuckenschmidt, H., Schuster, G., Neumann, H., et al. (2001). Ontology-based integration of information: A survey of existing approaches. In Proceedings of the IJCAI-01 Workshop on Ontologies and Information Sharing, Seattle, WA, August 4–5, 2001, pp. 108–118.
Wahab, M. S. (2004). E-commerce and internet auction fraud: The E-Bay community model. Computer Crime Research Center, 29 April 2004. http://www.crime-research.org/
Aussenac-Gilles, N., & Sörgel, D. (2005). Text analysis for ontology and terminology engineering. Applied Ontology, 1(1), Amsterdam: IOS Press, pp. 35–46.
Uschold, M. (2003). Where are the semantics in the Semantic Web? AI Magazine, 24(3), 25–36.
AAAI. (2002). Ontologies and the semantic web: Papers from the AAAI workshop, Edmonton, AB, Canada, July 2002. American Association for Artificial Intelligence. Edmonton, AB: AAAI Press.
Leary, R. M., VanDenBerghe, W., & Zeleznikow, J. (2003a). User requirements for financial fraud modeling. In Proceedings of BILETA 2003: British & Irish Law, Education & Technology Association 18th annual conference.
Leary, R. M., Vandenberghe, W., & Zeleznikow, J. (2003b). Towards a financial fraud ontology: A legal modelling approach. Presentation at the ICAIL Workshop on Legal Ontologies and Web Based Legal Information Management. Originally a technical report; Edinburgh, Scotland: Joseph Bell Centre for Forensic Statistics and Legal Reasoning, School of Law, University of Edinburgh. http://www.forensic-pathways.com/PDFs/Leary-Ontology.pdf
Grüninger, G., & Delaval, A. (2009). A first-order cutting process ontology for sheet metal parts. In Proceedings of FOMI 2009, pp. 22–33.
van der Vet, P. E., & Mars, N. J. I. (1995). Ontologies for very large knowledge bases in materials science: A case study. In N. J. I. Mars (Eds.), Towards very large knowledge bases: Knowledge building and knowledge sharing 1995 (pp. 73–83). Amsterdam: IOS Press.
Garcia-Rojas, A., Gutiérrez, M., & Thalmann, D. (2008b). Simulation of individual spontaneous reactive behavior. In Proceedings of the seventh international conference on Autonomous Agents and Multiagent Systems (AAMAS), Estoril, Portugal, May 12–16, 2008, pp. 143–150. Also, Report VRLAB-CONF-2008-150. Lausanne: Virtual Reality Lab at the Swiss Federal Institute of Technology. http://infoscience.epfl.ch/getfile.py?recid=125120&mode=best
Ferrario, R., & Oltramari, A. (2004). Towards a computational ontology of mind. In Proceedings of the international conference on Formal Ontology in Information Systems (FOIS 2004), November 2004. Amsterdam: IOS Press, pp. 287–297.
Güven, S., Podlaseck, M., & Pingali, G. (2005). PICASSO: Pervasive information chronicling, access, search, and sharing for organizations. In Proceedings of the IEEE 2005 Pervasive Computing conference (PerCom 2005). Los Alamitos, CA: IEEE Computer Society Press.
Magnenat Thalmann, N., & Thalmann, D. (Eds.). (2005). Virtual humans: Thirty years of research, what next? The Visual Computer, 21(12), 997–1015.
Bench-Capon, T. J. M., & Visser P. R. S. (1997). Ontologies in legal information systems: The need for explicit specifications of domain conceptualizations. In Proceedings of the sixth International Conference on Artificial Intelligence and Law (ICAIL’97), New York: ACM Press, pp. 132–141.
Bench-Capon, T. J. M. (1993b). Neural networks and open texture. In Proceedings of the fourth International Conference on Artificial Intelligence and Law (ICAIL’93). New York: ACM Press, pp. 292–297.
Breuker, J., Elhag, A., Petkov, E., & Winkels, R. (2002). Ontologies for legal information serving and knowledge management. In Proceedings of Jurix 2002: 15th annual conference on legal knowledge and information systems. Amsterdam, The Netherlands: IOS Press, pp. 73–82.
van Engers, T. M., & Glasee, E. (2001). Facilitating the legislation process using a shared conceptual model. IEEE Intelligent Systems, 50–57.
Hayes, P. J., Knecht, L. E., & Cellio, M. J. (1988). A news story categorization system. In Proceedings of the second ACL conf. on applied natural language processing, 1988, pp. 9–17. Reprinted in K. Sparck Jones & P. Willett (Eds.). (1997). Readings in information retrieval. San Francisco: Morgan Kaufmann, pp. 518–526.
Uyttendaele, C., Moens, M.-F., & Dumortier, J. (1998). SALOMON: Automatic abstracting of legal cases for effective access to court decisions. Artificial Intelligence and Law, 6(1), 59–79.
Moens, M.-F., Uyttendaele, C., & Dumortier, J. (1999). Abstracting of legal cases: The potential of clustering based on the selection of representative objects. Journal of the American Society for Information Science, 50(2), 151–161.
Moens, M.-F., Uyttendaele, C., & Dumortier, J. (1997). Abstracting of legal cases: The SALOMON experience. In Proceedings of the sixth international conference on artificial intelligence and law. Melbourne, Australia. New York: ACM Press, pp. 114–122.
Grover, C., Hachey, B., Hughson, I., & Korycinski, C. (2003). Automatic summarisation of legal documents. In Proceedings of the ninth International Conference on Artificial Intelligence and Law (ICAIL 2003), Edinburgh, Scotland. New York: ACM Press, pp. 243–251.
Gelbart, D., & Smith, J. C. (1993). FLEXICON: An evaluation of a statistical model adapted to intelligent text management. In the Proceedings of the fourth international Conference on Artificial Intelligence and Law (ICAIL’93), Amsterdam. New York: ACM Press, pp. 142–151.
Farzindar, A., & Lapalme, G. (2004). Legal texts summarization by exploration of the thematic structures and argumentative roles. In Text summarization branches out conference held in conjunction with the association for computational linguistics 2004, Barcelona, Spain, July 2004. http://www.iro.umontreal.ca/~farzinda/FarzindarAXL04/pdf
Radev, D. R., Jing, H., & Budzikowska, M. (2000). Summarization of multiple documents: Clustering, sentence extraction, and evaluation. In Proceedings of the Workshop of Automatic Text Summarization, New Brunswick, NJ: Association for Computational Linguistics, pp. 21–30.
Merlino, A., Morey, D., & Maybury, M. T. (1997). Broadcast news navigation using story segments. In Proceedings of ACM Multimedia ’97, pp. 381–391.
Sparck Jones, K. (1993). What might be in a summary? In Proceedings of Information Retrieval ’93, Konstanz, Germany, Konstanz: Universitätsverlag, pp. 9–26.
Berry, M. W. (2003). Survey of text mining: Clustering, classification, and retrieval. Berlin: Springer.
Pang, B., Lee, L., & Vaithyanathan, S. (2002). Thumbs up? Sentiment classification using machine learning techniques. In Proceedings of EMNLP 02, 7th Conference on Empirical Methods in Natural Language Processing, Association for Computational Linguistics, Morristown, US, pp. 79–86. http://www.cs.cornell.edu/home/llee/papers/sentiment.pdf
Abbasi, A. (2010, July/August). Intelligent feature selection for sentiment classification. In H. Chen (Ed.), AI and opinion mining, part 2, under the rubric Trends & Controversies. IEEE Intelligent Systems, 25(4), 75–79.
Popescu, A.-M., & Etzioni, O. (2005). Extracting product features and opinions from reviews. In Proceedings of HLT-EMNLP, pp. 339–346.
Dave, K., Lawrence, S., & Pennock, D. M. (2003). Mining the peanut gallery: Opinion extraction and semantic classification of product reviews. In WWW 2003: Proceedings of the 12th international conference on world wide web.
Kim, S.-M., & Hovy, E. (2006). Identifying and analyzing judgment opinions. In Proceedings of HLT/NAACL-2006, New York City, NY, pp. 200–207.
Turney, P. D. (2002). Thumbs up or thumbs down? Semantic orientation applied to unsupervised classification of reviews. In Proceedings of ACL-2002.
Hu, M., & Liu, B. (2004). Mining and summarizing customer reviews. In Proceedings of the 10th ACM SIG KDD international conference on knowledge discovery and data mining, pp. 168–177.
Klimt, B., & Yang, Y. (2004b). Introducing the Enron corpus. At the First Conference on Email and Anti-Spam. CEAS 2004. Mountain View, CA.
Thompson, P. (2001). Automatic categorization of case law. In Proceedings of the Eighth International Conference on Artificial Intelligence and Law (ICAIL 2001), May 21–25, 2001, St. Louis, Missouri. New York: ACM Press, pp. 70–77.
Daniels, J. J., & Rissland, E. L. (1997). Finding legally relevant passages in case opinions. In Proceedings of the sixth international conference on artificial intelligence and law, Melbourne, Australia. New York: ACM Press, pp. 39–46.
Tang, Y., & Daniels, T. E. (2005). A simple framework for distributed forensics. At the Second International Workshop on Security in Distributed Computing Systems (SDCS), in: Proceedings of the 25th International Conference on Distributed Computing Systems Workshops (ICDCS 2005 Workshops), 6–10 June 2005, Columbus, OH. IEEE Computer Society, pp. 163–169.
Dozier, C., Jackson, P., Guo, X., Chaudhary, M., & Arumainayagam, Y. (2003). Creation of an expert witness database through text mining. In Proceedings of the nineth international conference on artificial intelligence and law, Edinburgh, Scotland. New York: ACM Press, pp. 177–184.
Joachims, T. (1998). Text categorization with support vector machines: Learning with many relevant features. In Proceedings of the European Conference on Machine Learning (ECML). Berlin: Springer.
Merkl, D., & Schweighofer, D. (1997). The exploration of legal text corpora with hierarchical neural networks: A guided tour in public international law. In Proceedings of sixth International Conference on Artificial Intelligence and Law (ICAIL’97), Melbourne, Australia. New York: ACM Press, pp. 98–105.
Phillips, L. (1993). Vague legal concepts and fuzzy logic: An attempt to determine the required period of waiting after traffic accidents. In Proceedings of the Computer and Vagueness: Fuzzy Logic and Neural Nets, Munich. In Informatica e diritto (Florence), 2, 37–51.
Zhao, J., Knight, B., Nissan, E., Petridis, M., & Soper, A. J. (1998). The FUELGEN alternative: An evolutionary approach. The architecture. In E. Nissan (Ed.), Forum on refuelling techniques for nuclear power plants, in New Review of Applied Expert Systems, 4, 177–183.
Pannu, A. S. (1995). Using genetic algorithms to inductively reason with cases in the legal domain. In Proceedings of Fifth International Conference on Artificial Intelligence and Law. New York: ACM Press, pp. 175–184.
Kelly, J., & Davis, L. (1991). Hybridizing the genetic algorithm and the K-nearest neighbour. In Proceedings of the fourth international conference on genetic algorithms and their applications. San Mateo, CA: Morgan Kaufman, pp. 377–383.
Gray, G. L., & Debreceny, R. (2006). Continuous assurance using text mining. At the 12th world continuous auditing & reporting symposium. Posted at the Rutgers Accounting Web (raw.rutgers.edu): http://raw.rutgers.edu/docs/wcars/12wcars/Continuous_Assurance_Text_Mining.pdf
Minkov, E., & Cohen, W. W. (2006). An email and meeting assistant using graph walks. In Third Conference on Email and Anti-Spam CEAS 2006, Palo Alto, CA. New York: ACM, pp. 14–20.
Stolfo, S. J., Creamer, G., & Hershkop, S. (2006). A temporal based forensic analysis of electronic communication. At the 2006 National Conference on Digital Government Research.
Wilson, G., & Banzhaf, W. (2009). Discovery of email communication networks from the Enron corpus with a genetic algorithm using social network analysis. In Proceedings of the Eleventh Conference on Evolutionary Computation, May 18–21, 2009, Trondheim, Norway, pp. 3256–3263.
Klimt, B., & Yang, Y. (2004a). The Enron corpus: A new dataset for email classification research. In Proceedings of the European Conference on Machine Learning (ECML), 2004, pp. 217–226.
Keila, P. S., & Skillicorn, D. B. (2005). Structure in the Enron email dataset. In Proceedings of the SIAM international conference on data mining, SIAM workshop on link analysis, counterterrorism and security. Philadelphia, PA: SIAM.
Diesner, J., & Carley, K. (2005). Exploration of communication networks from the Enron email corpus. In Proceedings of the SIAM international conference on data mining, SIAM workshop on link analysis, counterterrorism and security. Philadelphia, PA: SIAM.
McCallum, A., Corrada-Emmanuel, A., & Wang, X. (2005). The author-recipient-topic model for topic and role discovery in social networks, with application to Enron and academic email. In Proceedings of the SIAM international conference on data mining, SIAM workshop on link analysis, counterterrorism and security. Philadelphia, PA: SIAM.
Priebe, C. E., Conroy, J. M., Marchette, D. J., & Park, Y. (2005). Scan statistics on Enron graphs. In Proceedings of the SIAM International Conference on Data Mining, SIAM Workshop on Link Analysis, Counterterrorism and Security. Philadelphia, PA: SIAM.
Chaoji, V., Hoonlor, A., & Szymanski, B. K. (2008a). Recursive data mining for author and role identification. In Proceedings of the third Annual Inormation Assuarance Workshop ASIA’08, Albany, NY, June 4–5, 2008, pp. 53–62.
Chaoji, V., Hoonlor, A., & Szymanski, B. K. (2008b). Recursive data mining for role identification. In Proceedings of the fifth international Conference on Soft Computing as Transdisciplinary Science and Technology CSTST’08, Paris, France, October 27–31, 2008, pp. 218–225.
Steinwart, I., & Christmann, A. (2008). Support vector machines. New York: Springer.
Elsayed, T., & Oard, D. W. (2006). Modeling identity in archival collections of email: A preliminary study. At the Third Conference on Email and Anti-Spam, CEAS 2006, Mountain View, CA, July 27–28, 2006.
Carrier, B. (2005). File system forensic analysis. Upper Saddle River, NJ: Addison-Wesley Professional.
Shirani, B. (2002). Anti-forensics. High Technology Crime Investigation Association. http://www.aversion.net/presentations/HTCIA-02/anti-forensics.ppt
Rogers, M. (2005). Anti-forensics. http://www.cyberforensics.purdue.edu/docs/Lockheed.ppt
Lerti (2006). Note d’information 4, version 0.94, dated 23 September 2006, produced in France by Lerti: La preuve informatique. Accessible on the Web.
Goel, A., Feng, W.-C., Maier, D., Feng, W.-C., & Walpole, J. (2005). Forensix: A Robust, high-performance reconstruction system. At the Second International Workshop on Security in Distributed Computing Systems (SDCS), In: Proceedings of the 25th International Conference on Distributed Computing Systems Workshops (ICDCS 2005 Workshops), 6–10 June 2005, Columbus, OH. IEEE Computer Society, pp. 155–162.
Overill, R. E, Silomon, J. A. M., Kwan, Y. K., Chow, K.-P., Law, Y. W., & Lai, K. Y. (2010). Sensitivity analysis of a Bayesian network for reasoning about digital forensic evidence. In Proceedings of the Fourth International Workshop on Forensics for Future Generation Communication environments (F2GC-2010), Cebu, Philippines, 11–13 August 2010. http://www.dcs.kcl.ac.uk/staff/richard/F2GC_2010.pdf
Overill, R. E, Silomon, J. A. M., & Chow, K.-P. (2010). A complexity based model for quantifying forensic evidential probabilities. In Proceedings of the Third International Workshop on Digital Forensics (WSDF 2010), Krakow, Poland, 15–18 February 2010, pp. 671–676. http://www.dcs.kcl.ac.uk/staff/richard/F2GC_2010.pdf
Kieras, D. (2001). Using the keystroke-level model to estimate execution times. University of Michigan. http://www.cs.loyola.edu/~lawrie/CS774/S06/homework/klm.pdf
Coull, S., Branch, J., Szymanski, B. K., & Breimer, E. (2003). Intrusion detection: A bioinformatics approach. In Proceedings of the 19th annual computer security applications conference, Las Vegas, NV, December 2003, pp. 24–33.
Zhang, L., Zhu, Z., Jeffay, K., Marron, S., & Smith, F. D. (2008). Multi-resolution anomaly detection for the internet. In Proceedings of the IEEE Workshop on Network Management, Phoenix, AZ, 13–18 April 2008. IEEE INFOCOM Workshops, 2008, pp. 1–6. doi://10.1109/INFOCOM.2008.4544618
Hu, W., Liao, Y., & Vemuri, V. R. (2003). Robust support vector machines for anomaly detection in computer security. In Proceedings of the International Conference on Machine Learning and Application (ICMLA 2003), pp. 168–174. doi://10.1.1.87.4085
Bie, R., Jin, X., Chen, C., Xu, C., & Huang, R. (2007). Meta learning intrusion detection in real time network. In Proceedings of the 17th international conference on artificial neural networks, Porto, Portugal. Berlin: Springer, pp. 809–816.
Mukherjee, I., & Schapire, R. E. (2011). A theory of multiclass boosting. Advances in Neural Information Processing Systems, 23. http://www.cs.princeton.edu/~schapire/papers/multiboost.pdf
Maxion, R. A., & Townsend, T. N. (2002). Masquerade detection using truncated command lines. In Proceeedings of the International Conference on Dependable Systems and Networks (DSN-02), Washington, DC, June 2002. Los Alamitos, CA: IEEE Computer Society Press, pp. 219–228.
Branch, J., Bivens, A., Chan, C.-Y., Lee, T.-K., & Szymanski, B. (2002). Denial of service intrusion detection using time dependent deterministic finite automata. In Proceedings of research conference. Troy, NY, October 2002.
Cheswick, B. (1992). An evening with Berferd: In which a cracker is lured, endured, and studied. In Proceedings of the Winter Usenix Conference, San Francisco, 1992, pp. 163–174. Published again in several places elsewhere. Retrieved in May 2011 http://www.cheswick.com/ches/papers/berferd.pdf
Göbel, J., Hektor, J., & Holz, T. (2006). Advanced honeypot-based intrusion detection. In Login: (sic), December 2006, pp. 17–25. http://www.usenix.org
Oudot, L. (2003). Fighting spammers with honeypots: Part 1. http://www.securityfocus.com/
Oudot, L., & Holz, T. (2004). Defeating honeypots: Network issues, Part 1. http://www.securityfocus.com/
Dulaunoy, A. (2010). Honeynets: Introduction to Honeypot/Honeynet technologies and its historical perspective. ASBL CSRRT-LU (Computer Security Research and Response Team, Luxembourg) http://www.csrrt.org/ January 15, 2010 http://www.foo.be/cours/dess-20092010/honeynet-intro.pdf (accessed in May 2011).
Kreibich, C., & Crowcroft, J. (2004). Honeycomb: Creating intrusion detection signatures using honeypots. Computer Communication Review, 34(1), 51–56.
Juan, L., Kreibich, C., Lin, C. H., & Paxson, V. (2008). A tool for offline and live testing of evasion resilience in network intrusion detection systems. In Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the fifth international conference (DIMVA 2008). Berlin: Springer, pp. 267–278.
MITRE. (2001). Stopping traffic: Anti drug network (ADNET). MITRE digest archives. http://www.mitre.org/news/digest/archives/2001/adnet.html
Chae, M., Shim, S., Cho, H., & Lee, B. (2007). An empirical analysis of fraud detection in online auctions: Credit card phantom transactions. In HICSS 2007: Proceedings of the 40th annual Hawaii international conference on system sciences.
Chua, C. H., & Wareham, J. (2002). Self-regulation for online auctions: An analysis. In ICIS 2002: Proceedings of international conference on information systems.
Sakurai, Y., & Yokoo, M. (2003). A false-name-proof double auction protocol for arbitrary evaluation values. In AAMAS 2003: Proceedings of the Second International Joint Conference on Autonomous Agents and Multiagent Systems.
Gu, J. (2007). Consumer rights protection on the online auction website – Situations and solutions: A Case study of EBay. BILETA 2007 Annual Conference, University of Hertfordshire, 16–17 April 2007. British and Irish Law, Education and Technology Association (BILETA). 8 pages. http://www.bileta.ac.uk/Document%20Library/1/Consumer%20Rights%20Protection%20on%20the%20Online%20Auction%20Website%20-Situations%20and%20Solutions%20-%20A%20Case%20Study%20of%20EBay.pdf
Wu, J., & Chung, A. C. S. (2005b). A segmentation method using compound Markov random fields based on a general boundary model. In Proceedings of the 2005 International Conference on Image Processing (ICIP 2005), Genoa, Italy, September 11–14, 2005. Vol. 2: Display Algorithms: Image Processing for New Flat Panel Displays. New York: IEEE, pp. 1182–1185.
Zhu, S. C., Wu, Y., & Mumford, D. (1998). Filters, random fields and maximum entropy (FRAME): Towards a unified theory for texture modeling. International Journal of Computer Vision, 27(2), 107–126.
De Vey Mestdagh, C. N. J. (2003). Administrative Normative Information Transaction Agents (ANITA): Legitimacy and information technology, the best of two worlds. In Access to knowledge and its enhancements: Proceedings of the ToKeN2000 symposium, Delft University of Technology, Delft, The Netherlands, 21 February 2003.
Aleven, V., & Ashley, K. D. (1997). Evaluating a learning environment for case-based argumentation skills. In Proceedings of the sixth international conference on artificial intelligence and law. New York: ACM Press, pp. 170–179.
Smith, R. G. (1977). The CONTRACT NET: A formalism for the control of distributed problem solving. In Proceedings of the Fifth International Joint Conference on Artificial Intelligence (IJCAI 77), Cambridge, MA. http://ijcai.org/search.php
Smith, R. G. (1980b). A framework for distributed problem solving. Ph.D. Dissertation, University of Stanford. Available from UMI Research Press.
Parunak, H., Ward, A., Fleischer, M., & Sauter, J. (1997). A marketplace of design agents for distributed concurrent set-based design. In Proceedings of the Fourth ISPE International Conference on Concurrent Engineering: Research and Applications (ISPE/CE97), Troy, MI.
Pour Ebrahimi, B., Bertels, K., Vassiliadis, S., & Sigdel, K. (2004). Matchmaking within multiagent systems. In Proceedings of ProRisc2004, Veldhoven, The Netherlands, pp. 118–124.
Ogston, E., & Vassiliadis, S. (2002). Unstructured agent matchmaking: Experiments in timing and fuzzy matching. In Proceedings of the special track on coordination models, languages and applications of the 17th ACM symposium on applied computing, Madrid, Spain, pp. 300–305.
XML. (2002). XML and information retrieval: Proceedings of the 2nd workshop, Tampere, Finland, August 2002. ACM Special Interest Group on Information Retrieval. New York: ACM, 2002.
Nissan, E. (1983). The info-spatial derivative: A new formal tool for database design. In Proceedings of the AICA’83 conference, Naples, Vol. 2, pp. 177–182.
Goldfarb, C. F. (1990). The SGML handbook, edited and introduced by Y. Rubinsky. Oxford: Clarendon Press, 1990, repr. 2000.
Hahn, U., & Schulz, S. (2004). Building a very large ontology from medical thesauri. In S. Staab & R. Studer (Eds.), Handbook on ontologies (pp. 133–150). (International Handbooks on Information Systems). Berlin: Springer.
Manouselis, N., Salokhe, G., & Johannes Keizer, J. (2009). Agricultural metadata and semantics. Special issue of the International Journal of Metadata, Semantics and Ontologies, 4(1–2).
NRC. (1995). National Review Council (U.S.) Committee on Declassification of Information for the Department of Energy Environmental Remediation and Related Programs 1995. A Review of the Department of Energy Classification Policy and Practice. Washington, DC: National Academic Press.
DPRC. (2000). Website of the Declassification Productivity Research Center, George Washington University, Washington, DC. http://dprc.seas.gwu.edu/dprc5/research_projects/dwpa_n.htm
Hochberg, J. (1999). Statistical approaches to automatic identification of classified documents. Paper delivered at the CRL/NMSU International Symposium on New Paradigms in Knowledge and Information Processing, Las Cruces, NM, December 13. Cited in a quotation from Raskin et al. (2001).
Hochberg, J. (2000). Automatic identification of classified documents. Paper delivered at the CERIAS Security Seminar, Purdue University, West Lafayette, IN, February 25. Cited in a quotation from Raskin et al. (2001).
Demelas-Bohy, M.-D., & Renaud, M. (1995). Instability, networks and political parties: A political history expert system prototype. In E. Nissan & K. M. Schmidt (Eds.), From information to knowledge: Conceptual and content analysis by computer (pp. 228–260). Oxford: Intellect Books.
Bruninghaus, S., & Ashley, K. (2003). Predicting outcomes of casebased legal arguments. In Proceedings of the ninth international conference on artificial intelligence and law, Edinburgh, Scotland. New York: ACM Press, pp. 233–242.
Gonçalves, T., & Quaresma, P. (2003). A preliminary approach to the multilabel classification problem of Portuguese juridical documents. In Proceedings of EPIA’03, the Eleventh Portugese Conference on Artificial Intelligence, Beja, Portugal, 4–7 December 2003. (Lecture Notes in Computer Science.) Berlin: Springer, pp. 435–444.
Quinlan, J. R. (1996). Bagging Boosting and C4.5. In Proceedings of the Thirteenth National Conference on Artificial Intelligence (AAAI 96), Portland, OR. American Association for Artificial Intelligence, pp. 725–730.
Al-Kofahi, K., Tyrrell, A., Vachher, A., & Jackson, P. (2001). A machine learning approach to prior case retrieval. In Proceedings of the eighth International Conference on Artificial Intelligence and Law (ICAIL’01), St. Louis, MO. New York: ACM Press, pp. 89–93.
Yunhong, W., Tan, T., & Jain, A. K. (2003). Combining face and iris biometrics for identity verification. In Proceedings of the Fourth International Conference on Audio and Video-Based Biometric Person Authentication (AVBPA), Guildford, UK, pp. 805–813.
Aked, J. P. (1994). Individual constancies in written language expression. Ph.D. Thesis, University of Glasgow.
Marinai, S., & Fujisawa, H. (Eds.). (2008). Machine learning in document analysis and recognition. (Studies on Computational Intelligence, 90). Berlin: Springer.
Ball, G. R., Kasiviswanathan, H., Srihari, S. N., & Narayanan, A. (2010). Analysis of line structure in handwritten documents using the Hough transform. In Proceedings of the SPIE 17th conference on document recognition and retrieval, San José, CA, January 2010, pp. DRR 1–10.
Srihari, S. N., & Leedham, G. (2003). A survey of computer methods in forensic document examination. In Proceedings of the International Graphonomics Society Conference, Phoenix, AZ, November 2003, pp. 278–282.
Pu, D., & Srihari, S. N. (2010). A probabilistic measure for signature verification based on Bayesian learning. In Proceedings of the 20th International Conference on Pattern Recognition, Istanbul, Turkey, August 23–26, 1010.
Ball, G. R., Stittmeyer, R., & Srihari, S. N. (2010). Writer verification in historical documents. In Proceedings of the SPIE 17th conference on document recognition and retrieval, San José, CA, January 2010. Downloadable from http://www.cedar.buffalo.edu/papers/publications.html
Rudman, J. (1997). The state of authorship attribution studies: Some problems and solutions. Computers and the Humanities, 31(4), 351–365. Dordrecht: Kluwer.
Srihari, S. N., Ball, G. R., & Ramakrishnan, V. (2009). Identification of forgeries in handwritten petitions for ballot propositions. In Proceeedings of the SPIE 16th Conference on Document Recognition and Retrieval, San José, CA, January 2009, pp. 7247OS 1–8.
Köller, N., Nissen, K., Reiß, M., & Sadorf, E. (2004). Probabilistische Schlussfolgerungen in Schriftgutachten./Probability conclusions in expert opinions on handwriting. Munich, Germany: Luchterhand. This document, available in German & English, can be downloaded from: http://www.bka.de/vorbeugung/pub/probabilistische_schlussfolgerungen_in_schriftgutachten.pdf
Danet, B. (1994). Review of R. W. Shuy, Language crimes: The use and abuse of language evidence in the courtroom (Oxford: Blackwell, 1993), in the Journal of Language and Social Psychology, 13(1), 73–78.
Wilkins, D., & Pillaipakkamnatt, K. (1997). The effectiveness of machine learning techniques for predicting time to case disposition. In Proceedings of Sixth International Conference on Artificial Intelligence and Law, Melbourne, Australia. New York: ACM Press, pp. 39–46.
Hearst, M. (1999). Untangling text data mining. In Proceedings of the 37th annual meeting for computational linguistics (pp. 3–10). New York: ACM Press.
Ivkovic, S., Yearwood, J., & Stranieri, A. (2003). Visualising association rules for feedback within the legal system. In Proceedings of the ninth International Conference on Artificial Intelligence and Law (ICAIL 2003), Edinburgh, Scotland. New York: ACM Press, pp. 214–223.
Dworkin, R. (1977). Taking rights seriously. Cambridge, MA: Harvard University Press.
Dworkin, R. (1986). Law’s empire. London: Duckworth.
Schild, U. J. (1995). Intelligent computer systems for criminal sentencing. In The Fifth International Conference on Artificial Intelligence and Law: Proceedings of the Conference, Washington, DC. New York: ACM Press, pp. 229–239.
Borges, F., Borges, R., & Bourcier, D. (2002). A connectionist model to justify the legal reasoning of the judge. In Proceedings of fifteenth international conference on legal knowledge based system. Amsterdam: IOS Publications, pp. 113–122.
Borges, F., Borges, R., & Bourcier, D. (2003). Artificial neural networks and legal categorization. In Proceedings of sixteenth international conference on legal knowledge based system. Amsterdam: IOS Publications, pp. 11–20.
Bench-Capon, T. J. M. (1994). In defence of rule based representations for legal knowledge based systems. Law, Computers and Artificial Intelligence, 3(1), 15–28. Cf. Bench-Capon (1993a).
Horgan, T. (2010). Transvaluationism about vagueness: A progress report. The Southern Journal of Philosophy, 48(1), 67–94.
Meikle, T., & Yearwood, J. (2000). A framework for designing a decision support system to support discretion. At Intelligent Decision Support for Legal Practice (IDS 2000). In Proceedings of the International ICSC Congress “Intelligent Systems & Applications” (ISA 2000), Wollongong, NSW, Australia, December 2000. Wetaskiwin, AB, Canada: ICSC Academic Press, Vol. 1, pp. 101–108.
Baumes, J., Goldberg, M., Hayvanovych, M., Magdon-Ismail, M., & Wallace, W. A. (2006). Finding hidden groups in a stream of communications. In Proceedings of the IEEE international conference on Intelligence and Security Informatics (ISI–2006), pp. 201–212.
Camptepe, A., Goldberg, M., Magdon-Ismail, M., & Krishnamoorthy, M. (2005). Detecting conversing groups of chatters: A model, algorithms and tests. In Proceedings of the IADIS international conference on applied computing 2005, pp. 145–157.
Foster, J. C., & Liu, V. (2005). Catch me if you can. In Blackhat briefings. http://www. blackhat.com/presentations/bh usa 05/bh us 05-foster liu update.pdf
Peron C. S. J, & Legary, M. (2005). Digital anti-forensics: Emerging trends data transformation techniques. http://www.seccuris.com/documents/papers/Seccuris Antiforensics.pdf
Grugq. (2005). The art of defiling: Defeating forensic analysis. In Blackhat briefings 2005. http://www.blackhat.com/presentations/bh usa 05/bh us-05 grugq.pdf
Casey, E. (Ed.). (2001). Handbook of computer crime investigation: Forensic tools and technology. London: Academic.
Agbaria, A., & Friedman, R. (2005). A replication- and checkpoint-based approach for anomaly-based intrusion detection and recovery. At the second international workshop on Security in Distributed Computing Systems (SDCS). In Proceedings of the 25th International Conference on Distributed Computing Systems Workshops (ICDCS 2005 Workshops), 6–10 June 2005, Columbus, OH. IEEE Computer Society 2005, pp. 137–143.
Denning, D. (1986). An intrusion detection model. In Proceedings of the seventh IEEE symposium on security and privacy, May 1986, pp. 119–131.
Zhang, Z., & Shen, H. (2004). Online training of SVMs for real-time intrusion detection. In Proceedings of the 18th International Conference on Advanced Information Networking and Applications, March 29–31, 2004, p. 568.
Freund, Y., & Schapire, R. E. (1997). A decision-theoretic generalization of on-line learning and an application to boosting. Journal of Computer and System Sciences, 55(1), 119–139.
Bivens, A., Palagiri, C., Smith, R., Szymanski, B., & Embrechts, M. (2002). Network-based intrusion detection using neural networks. In Proceedings of intelligent engineering systems through Artificial Neural Networks ANNIE-2002, St. Louis, MO, Vol. 12. New York: ASME Press, 2002, pp. 579–584.
Spitzner, L. (2003b). Honeypots: Definitions and value of honeypots. http://www.tracking hackers.com
Spitzner, L. (2004). Problems and challenges with honeypots. http://www.securityfocus.com/
O’Shea, C. (2005). Intrusion detection with honeypots. Course presentation [a student project, supervised by K. Jeffay], COMP 290, Spring 2005. Department of Computer Science. Chapel Hill: The University of North Carolina. [A slideshow turned into .pdf] http://www.cs.unc.edu/~jeffay/courses/nidsS05/slides/12 Honeypots.pdf http://www.cs.unc.edu/~jeffay/courses/nidsS05/slides/Student Project Summaries.pdf
Naess, E., Frincke, D. A., McKinnon, A. D., &. Bakken, D. E. (2005). Configurable middleware-level intrusion detection for embedded systems. At the Second International Workshop on Security in Distributed Computing Systems (SDCS), In: Proceedings of the 25th International Conference on Distributed Computing Systems Workshops (ICDCS 2005 Workshops), 6–10 June 2005, Columbus, OH, USA. IEEE Computer Society 2005, pp. 144–151.
Resnick, P., Zeckhauser, R., Swanson, J., & Lockwood, K. (2003). The value of reputation on eBay: A controlled experiment. Technical report.
Kindermann, R., & Snell, J. R. (1980). Markov random fields and their applications. (Contemporary Mathematics, 1.) Providence, RI: American Mathematical Society.
Boykov, Y., Veksler, O., & Zabin, R. (1998). Markov random fields with efficient approximations. In Proceedings of the IEEE conference on Computer Vision and Pattern Recognition (CVPR), Santa Barbara, CA, 23–25 June 1998. New York: IEEE Computer Society, pp. 648–655.
LaFond, T., & Neville, J. (2010). Randomization tests for distinguishing social influence and homophily effects. In Proceedings of the International World Wide Web Conference (WWW). http://www.cs.purdue.edu/homes/neville/papers/lafond neville www2010.pdf
Kou, Y., Lu, C. T., Sirwongwattana, S., & Huang Y. P. (2004). Survey of fraud detection techniques. In Proceedings of the 2004 International Conference on Networking, Sensing, and Control, Taipei, Taiwan, 2004, pp. 749–754.
Bench-Capon, T. J. M. (1997). Argument in artificial intelligence and law. Artificial Intelligence and Law, 5, 249–261.
Gimblett, H. R. (2002). Integrating geographic information systems and agent-based modelling techniques for simulating social and ecological processes. Oxford: Oxford University Press.
Hadzic, M., & Chang, E. (2008). Using coalgebra and coinduction to define ontology-based multi-agent systems. International Journal of Metadata, Semantics and Ontologies, 3(3), 197–209.
Hinton, G., & Sejnowski, T. J. (Eds). (1999). Unsupervised learning: Foundations of neural computation. Cambridge, MA: MIT Press.
Ingleby, R. (1993). Family law and society. Sydney: Butterworths.
Levinson, J. (2001). Questioned documents: A lawyer’s handbook. San Diego, CA: Academic Press.
Sperber, D., & Wilson, D. (1986). Loose talk. Proceedings of the Aristotelian Society, New Series , 86, 153–171. (Reprinted from Pragmatics: A reader, by S. Davis, Ed. 1991, Oxford: Oxford University Press).
Zhang, X., & Hexmoor, H. (2002). Algorithms for utility-based role exchange. In M. Gini, W. Shen, C. Torras, & H. Yuasa (Eds.), Intelligent autonomous systems 7 (pp. 396–403). Amsterdam: IOS Press.
Oatley, G., & Ewart, B. (2011). Data mining and crime analysis. Wiley Interdisciplinary Reviews (WIREs): Data Mining and Knowledge Discovery, 1(2), 147–153. doi://10.1002/widm.6
Esuli, A., & Sebastiani, F. (2010). Sentiment quantification. In H. Chen (Ed.), AI and opinion mining, part 2, under the rubric Trends & Controversies. IEEE Intelligent Systems, 25(4), July/August 2010, 72–75.
Risinger, D. M. (2007a). Goodbye to all that, or a fool’s errand, by one of the fools: How I stopped worrying about court responses to handwriting identification (and “forensic science” in general) and learned to love misinterpretations of Kumho Tire v. Carmichael. Tulsa Law Review, 43(2), 447–475. With an Appendix, being Risinger (2007b).
Bolelli, T. (1993). Figlio mio figlio di cane. In his L’italiano e gli italiani: Cento stravaganze linguistiche (pp. 126–128). Vicenza, Italy: Neri Pozza Editore. (Originally, in La Stampa Turin, 11 January 1991)
Chen, P. (2000a). An automatic system for collecting crime on the Internet. The Journal of Information, Law and Technology (JILT), 3 (online). http://elj.warwick.ac.uk/jilt/00-3/chen.html
Rissland, E. L., & Friedman, M. T. (1995). Detecting change in legal concepts. In Proceedings of the Fifth International Conference on Artificial Intelligence and Law (ICAIL’95). New York: ACM Press, pp. 127–136.
Christie, G. C. (1964). Vagueness and legal language. Minnesota Law Review, 48, 885–911.
Hayes-Roth, B. (1985). A blackboard architecture for control. Artificial Intelligence, 26, 251–321.
Seto, Y. (2009). Retina recognition. In S. Z. Li & A. K. Jain (Eds.), Encyclopedia of biometrics (pp. 1128–1130). New York: Springer.
Carrier, B., & Spafford, E. (2004). Defining event reconstruction of digital crime scenes. Journal of Forensic Sciences, 49(6), 1291–1298.
Chua, C. H., & Wareham, J. (2004). Fighting internet auction fraud: An assessment and proposal. IEEE Computer, 37(10), 31–37.
. Tokyo: NTT Publishing Co., 2007. Translated into Italian by R. Memoli and published as Lo sviluppo dell’analisi delle reti sociali. Uno studio di sociologia della scienza. Milano: Franco Angeli, 2007. Translated into Chinese by Wang Weidong and published as 
. Beijing: China Renmin University Press, 2008.Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2012 Springer Science+Business Media B.V.
About this chapter
Cite this chapter
Nissan, E. (2012). Accounting for Social, Spatial, and Textual Interconnections. In: Computer Applications for Handling Legal Evidence, Police Investigation and Case Argumentation. Law, Governance and Technology Series, vol 5. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-8990-8_6
Download citation
DOI: https://doi.org/10.1007/978-90-481-8990-8_6
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-8989-2
Online ISBN: 978-90-481-8990-8
eBook Packages: Humanities, Social Sciences and LawSocial Sciences (R0)