Unclassified // FOUO

Unclassified // FOUO

Unclassified

Unclassified

CTTSO Overview

Unclassified // FOUO

Unclassified // FOUO

MissionUnclassified

Unclassified

Vision:

Identify requirements to combat terrorism and provide solutions to warfighters, first responders, and other front-line users as rapidly as possible.

Mission:

Identify and develop capabilities to combat terrorism and irregular adversaries and to deliver

these capabilities to DoD components and interagency partners through rapid research and

development, advanced studies and technical innovation, and provision of support to U.S.

military operations.

Objectives:

• Support the National Defense Strategy

• Provide forums to coordinate R&D requirements for combating terrorism

• Sponsor advanced technology development and deliver prototypes for operational tests and evaluations

• Promulgate technology & information transfer

• Influence policy – identify enablers

• Guide technology based research

Unclassified // FOUO

Unclassified // FOUO

AAC Mission and MembershipUnclassified

Unclassified

Mission: Identify, prioritize, and execute research and development projects that enhance the capabilities and processes of DoD and Interagency operators, including their intelligence and planning support, by integrating analytic tools, models, and data to enable faster, better decision-making.

MembershipDepartment of Defense Department of Homeland SecurityDepartment of StateIntelligence Community

Unclassified // FOUO

Unclassified // FOUO

AAC Focus AreasUnclassified

Unclassified

Anticipatory Analytics & ForesightDevelop and integrate new anticipatory analytic tools to the full spectrum of the operational environment. Develop and integrate strategic foresight analytical methods, systems, capabilities, and tools to strategic planning.

Big Data, Algorithms, and DecisionsIntegrate big data, algorithms, and decision making tools to enhance tactical-to-strategic decision making.

Decision, Planning, and Analytical ToolsDevelop stand-alone tools, models, and enabling technologies that provide new capabilities for improved military and interagency sense making. Successful technologies may be transitioned as an independent capability and/or integrated into larger systems.

Battlefield Analytics At the EdgeDevelop and integrate means for distilling tactically or operationally useful metrics and analysis from information gathered on the battlefield, giving a warfighter informational advantages with real-time or near real-time updates that do not necessarily require connectivity to the cloud.

Hybrid WarfareVANE Project Background

Overt State Involvement

No/Covert State Involvement

Coerce Persuade

Nuclear War

State-on-state War

Conventional Warfare

Hybrid Warfare

Limited Strikes

Terrorism

Cyber Attacks

Diplomacy

Sanctions

Insurgency

Stabilization

Information Campaigns

Transnational Crime

Protests

Hacking

Civil Unrest

From David Connery’s “Matrix of Conflict Types”

• Increasing amount of sensor data, especially from new domains, means current number of analysts aren’t enough to detect and monitor threats

New ProblemsVANE Project Background

Hybrid Warfare makes foresight problems more acute

• More threats are subtle and difficult to discern (like fake news)

• Current simulation methods are human-resource intensive, limiting utility

• Human bias may inhibit discernment

• Usefulness of insights from anticipatory intelligence limited by cognitive burden on decision makers, requiring explanation and interpretation

• Threats develop rapidly through network effects

• What does the future hold for X?

User StoriesVANE Accomplishments

VANE answers compelling questions

• How does the future change if X occurs?

• Is anything interesting predicted to happen?

• What is has been happening with X?

• What relationships indicate future outcomes?

• How likely is the future where X occurs?

• What sensors are observing activities?

Virtual Anticipation Network (VANE):

Interactive decision support and anticipatory intelligence through inductive machine learning fusing sensor across multiple domains

• 13 Sources

• 20M+ Data Points (by country, month)

• 660+ Measures

Multi-domain SensorsVANE Modeling

Data-driven modeling needs historical and current data

Data Source Topic Coverage Example Measures

Breach Level Index Cyber Intrusions • Count of Intentional Intrusions

Energy Information Agency Energy Market • Price of oil• Number of oil rigs

Global Database of Events, Language, and Tone (GDELT)

Global news topics, sentiment, and events identified through NLP

• Count of assault events• Average cooperation sentiment

Global Terrorism Database Terror events • Number of bombings• Number of casualties

International Foundation of Electoral Systems (IFES)

Election schedules and results • Time until next election

International Monetary Fund (IMF) Currency exchange rates • Exchange rate of the ruble

TOR Project Anonymous Internet Access • Number of anonymous connections

National Oceanographic and Atmospheric Agency (NOAA)

Weather • Average temperature• Average precipitation

Organization for Economic Co-operation and Development (OECD)

Demographics (specifically migration)

• Number of incoming migrants• Number of outgoing migrants

United Nations (UN) Demographics and Crime • Number of homicides

World Bank Demographic, Economic, and Social Statistics

• Energy usage• Arms imports

World Trade Organization Trade • Magnitude of exports

Blockchain Cryto-currency Statistics • Number of Bitcoin Transactions• Active Bitcoin Wallets

• Sensors are often error-prone

• Obfuscation (like “Fake News”) and measurement gaps

• VANE can’t create or wait for pristine data

• Behaviors have “ripple effects” across domains

• Context between sources (domains) can help correct error

• Correlating “ripples” can help reconstruct behavior

• Tensor Completion is built for cross-domain

• From the math invented for quantum mechanics

• Learns relationships across all dimensions

• Pulls more signal out of sparse data than other methods

• Can make independent predictions and/or improve down-stream modeling

• VANE is building on early CIA research with MIT to apply tensor completion to the intelligence domain

Tensor CompletionVANE Modeling

Dealing with sparsity and error is key

Why KNIMEVANE Automation

Visual workflows accelerate development and collaboration

• Low code environment• Helps junior staff contribute

• Visual knowledge sharing – no need to trace code

• Supports diverse use cases• Data integration, modeling, API management,

visualization

• Reduces tool proliferation, increasing productivity

through specialization

• Extensibility• External platform integration (Spark, Python)• NuWave has created 15 custom nodes for

enterprise automation (like credential and datalake management) and external platform integration (like ElasticSearch)

• Open source options• Reduces risk when experimenting on new

projects• Accelerates innovation through diverse

community contributions

Architecture with KNIMEVANE Automation

Cloud-native, extensible through microservices

Scenario ConfigurationVANE Screenshots

Simple forecast exploration and scenario building

Baseline forecast

Historical data

User’s scenario – just click and drag to create

List of scenarios

Work with combinations of measures and countries

On-demand modeling

Impact AnalysisVANE Screenshots

See ripple effects of a possible scenario occurring

Exploration filters

Impact by time

Impact by country

Color coded visualizations show how scenario changes future

Biggest impacts

Likelihood AnalysisVANE Screenshots

Track likelihood of scenario occurring and its drivers

Overall scenario likelihood over time

Fans are the most likely ranges forecast

each monthIndividual likelihood of each scenario criteria

Scenario criteria points are more likely

to occur the closer they are to the fan

Drivers of the scenario outcomes

AlertingVANE Screenshots

User-configurable notifications

Historical and forecast data causing alert

Alert points

Alerts which have fired

Anomaly, Threshold, and Rate of Change

alerts supported

Drivers of the alert

Clicking on a driver dives deeper

DashboardsVANE Screenshots

Easy summaries of insights to track over time

Any VANE chart can be added to any dashboard

Multiple system and custom user

defined dashboards

Windows can be resized and moved

Initial ImpactVANE Accomplishments

• Won 2 innovation awards• Intelligence and National Security Summit EPIC Challenge• Government Innovation Award

• Modeling method contributing to Joint Staff Project Datahub• Automated threat anticipation

• Cloud automation inventions incorporated into Navy

Assured Data Environment (ADE) and Army Global Force

Information Management (GFIM)• Proactive manning, training, and equipping of forces

• British Land Information Maneuver Operations Center

(LIMOC) uses and wants to extend VANE• Information campaign targeting

• Commercial clients are adapting for logistic optimization

and safety missions

VANE’s benefit goes beyond CTTSO and Army Intel

Questions

Contact CTTSO or NuWave to learn more

Program Manager, Advanced Analytic CapabilitiesDr. Jim Frank

CTTSO Advanced Analytics Team Curtis FoxMarc MorinAACSubgroup@cttso.gov

VANE Technical Lead, NuWave SolutionsBrian Frutchey, bfrutchey@nuwavesolutions.com, 703.597.4875