Novel Techniques for Threat Detection

Year
2017
Author(s)
Steven S. Streetman - Data Architecture Solutions, Inc.
Abstract
To protect against threats to a nuclear or related facility or transportation, it is necessary to gain an understanding of what threats exist. Recent advances in natural language processing (NLP) provide novel approaches to assessing threat. Insider threat can be assessed by reviewing company email and internal documents as well as open source information to identify entities, relationships, sentiment, times, locations, etc. NLP is much more effective than keyword searches because it views people, places, and things in context and will have many fewer false alarms. In addition, NLP can be used to mine unstructured open source data to detect outside threats to a facility. These detections can be provided as reports to facility security personnel on a regular basis to alert them to potential attackers, proposed attacks, or intent to attack nuclear facilities. As with the insider threat, an NLP based detection approach will be much more effective than keyword searches (as is done now for news services) because NLP understands the keywords in context and can ensure that the text is actually about the subject not just mentioning it. Using NLP to improve dynamic threat assessment to nuclear facilities is a novel approach that has enormous potential to improve nuclear security situational awareness.