IBM i2/G2 Demonstration

Analysing tracking data usingICU Workbench and IBM i2

Problem: Surveillance activities generate large volumes of tracking data from covert GPS tags, navigation systems, cellular phones, cellular carriers (CDR/CCR records), geo-located financial transactions, ANPR data – but there is no way to easily increase the value of the i2 analysis with this valuable tracking data.

ICU Workbench quickly analyzes tracking data, turning it into valuable information that can be imported into i2’s Analyst Notebook increasing the value and completeness of the Analysts Notebook solution substantially.

The spatial context (analysed track) of targets, when mated with other i2 data entities, is a very powerful and unique aid to complex investigations.

These slides accompany a video that demonstrates how tracking data can be quickly analysed by G2 Research's ICU Workbench software and made available to IBM’s i2 Analysts Notebook in order to surface non-obvious linkages between a networks of suspects.

Situation

• A criminal gang in California has been under surveillance for 6 months where they have been sighted in and around the County court house. Data is based on various GPS/cellular tracking devices.

• Local law enforcement have received a complaint regarding a “Walter Rogers” from an anonymous court house source.

• We have been asked to investigate using the ICU Workbench and i2 Toolset.

• There are no connections apparent using the i2 platform and datasources.

Load Data to G2 ICU WorkBench

Load Criminal Gang location based tracking data into ICU Workbench

Load 6 months of data across the entire network of surveillance targets

Pattern of Life Analysis highlights unusual behaviour

Analysing Walter Rogers pattern of life reveals unusual working hours

Multi Target Correlation reveals who the subject might have been meeting

Correlate all the data subjects to see who has had the potential to talk to who

Analysis reveals Walter Rogers has the potential to meet a number of gang members

Export Multi Target Correlation results to i2 for further analysis/correlation

Export Data into i2 Analysis Warehouse

IBM i2 Intelligence Repository

IBM i2 Analyst’s Notebook

i2 Visualises who Walter Rogers has had the opportunity to talk to

Use the i2 tools to find Walter Rogers in the repository.

Once found create a visualisation of all the potential meetings

Find Walter Rogers

Chart helps visualise:•4 potential interactions at the County Courthouse•5 potential targets

i2 Highlights Walter Rogers potential meetings

The i2 tools help give context to people on the chart.

The Activity View quickly reveals the pattern of the potential meetings Walter Rogers was involved with.

Two of the five targets are known gang members: Barny Leeson and Ralphie Barrow

The activity view highlights unusual behaviour from the gang member

Barny Leeson, it looks possible he is monitoring Walter Rogers

Visualizing the ICU Workbench results in i2 reveals a hidden link

Find and map the gang member Barny Leeson’s known locations, confirm where he has been going

Further analysis shows Barny

Leeson and Charles Campbell have

been visiting all the same locations

i2 finds a relationship between the places Barney Leeson has been going and a court official named Charles Campbell. Charles has been visiting the same places.

Analysing the hidden link

i2 uncovers that the hidden link (Campbell) resolves to another meeting, i2 Analysis shows us it is with another known gang member (Ralphie Barrow) outside a DIY store

Link analysis reveals Charles’ relationship to Ralphie Barrow

The Activity View shows Charles and Ralphie to have visited the store

location at exactly the same times.

Making the Connection

Search IAP for Charles Campbell

Also finds an Automated Money Laundering record showing Campbell

making a large cash deposit

Finds a report highlighting Campbell going to a bank shortly

after the Burrows meeting

Search IAP for Ralphie Barrow Existing i2 chart stored in repository reveals a phone call

between the Gang Leader, Desmond Martinez, Ralphie Barrow and a large cash withdrawal on the day of the

Campbell meeting

Using the ICU Workbench results, mated with i2’s integration with other data stores, we can now find relationships that were impossible before.

The Connection Explained

Walter Rogers

Barney Leeson

Ralphie Barrows Charles

Campbell

Desmond Martinez

ICU Workbench identifies Pattern of Life is peculiar.

Investigation begins.

Barney Appears to

be following Walter

Cell phone call

meets with

I2 finds Financial Transactions indicating bribery between Charles Campbell and the Gang Leader, Desmond.

This connection could not have been found without

using the tracking data inside i2 to identify that Ralphie met with Charles at Home

Depot.

Court Reporter

Gang Member

I2 finds Cellular phone calls between Ralphie

and Desmond

ICU Workbench finds meetings between

individuals by analyzing GPS tracking

data

meets with

meets with

Scenario Summary

Analysed geo-temporal data provides valuable intelligence to public safety agencies. The ICU Workbench’s extension to the Analyst Notebook complements our conventional processes and data repositories to deliver an enriched link analysis product. The inclusion of this extension provides analytical capability on tracking data that was not previously accessible in the Analyst Notebook.