Slide 1

1

“The Geek and the Gumshoe”

or “Can Mathematics and

Computers Really Solve Crimes?”

Michael “theprez98” SchearerFrank “Thorn” Thornton

Slide 2

2

Introduction

Slide 3

3

Who are we, and why are we here?

Slide 4

4

The Geek: Michael Schearer

Fascinated by the application of mathematics to real-world situations

Recently separated from nearly 9 years in the U.S. Navy (flying aircraft)

Currently working for a U.S. government contractor in Maryland (flying a desk)

Contributing author to Penetration Tester's Open Source Toolkit (Volume 2) Netcat Power Tools (April 2008), and maybe more!

Football coach and proud father of three

Slide 5

5

When did Frank start as a cop?

Slide 6

6

Looking forward…

Slide 7

7

The Gumshoe: Frank Thornton

Law Enforcement Officer, 1980 – 2002. Served in a variety of ranks and positions from Patrol Officer to Chief of Police. Also worked in VT Forensic Lab on Latent Fingerprints and crime scene investigations. Rated as a Class I (Homicide) Death Investigator by Vermont’s Office of the Chief Medical Examiner

Hacking computers since ~1973 Helped create ANSI Standard “ANSI/NIST-CSL

1-1993 Data Format for the Interchange of Fingerprint Information”

Author and co-author of a half-dozen books on computer security. (Cheerfully blatant plug!)

Slide 8

8

Agenda

Introduction– Explanation– Videos– Perceptions

Math, Computers & Crime– Math in everyday life– Math and crime-fighting

Conclusions Questions & Answers

Slide 9

9

Police Investigations Are ALL About Collecting Data

WhoWhatWhenWhereHow

Slide 10

10

Investigations differ from other data collection in several areas

Everyone lies to the police. Fact has to be separated from:

-Lies.-Fiction.-Opinion.-Other false positives. (May be thousands)

Eye witnesses have a high credibility with prosecutors and juries, less so with cops.

Everyone lies to the police. Failure can be dangerous to the public. Did we mention that everyone lies to the police?

Slide 11

11

Information = Data

This is sometimes recognized at some level. Joseph Wambaugh, ex-LAPD Detective, award winning mystery novelist and screenwriter wrote this in The Black Marble:

“Clarence looked around at the roar of activity, at the grinding paper mill. Paper everywhere. Take away my gun and car, but please don't take my pencils.”

Slide 12

12

Information = Data

“You walked in with information and a pretty face.

You can’t leave with both.”

Slide 13

13

Doesn’t it really work like on CSI?

The CSI Effect Perception and Reality

– DNA Testing– AFIS Searches– School-Associated Violence– Cops are always doing exciting things like

getting in fights or shooting bad guys

Slide 14

14

So, knowing all that, what other tools are available to help

investigations?

Slide 15

15

So let’s explore how math and computer technology can help

with investigations…

“Time for science!”

Slide 16

16

Math is everywhere.

Elections– Voting, exit polls, voter identification/analysis

Sports– Statistics, sabermetrics, betting/sports book

Lottery– Probability (or perhaps improbability!)

Math in advertising– frequency atlas, Google advertisements, British

two pound coin

Slide 17

17

Billboard say what?

Slide 18

18

What is wrong with this picture?

Slide 19

19

Can Mathematics and Computers Really Solve

Crimes?

Slide 20

20

Crash Reconstruction

Collision evidence– positions of rest, skid marks, roadway markings,

damage to vehicles, damage to property Other evidence

– Witness recollections, traffic control devices, weather conditions, lighting issues

Available specifications– Newton’s laws of motion

Collision reconstruction techniques– Damaged-based– trajectory-based

Slide 21

21

Image Deblurring

“Enhance…enhance…enhance…” Blurring is typically caused by movement

during the capture process by the camera or by the subject, or an out of focus lens

Deblurring involves finding a mathematical description of how the image was blurred

Slide 22

22

Image Deblurring

Before… After

Slide 23

23

Image Deblurring

A camera captured this image

Image deblurring produced this image

Slide 24

24

Deblurring Fingerprints

A very touchy subject! By deblurring a fingerprint, are non-existent details being added to a latent print?

Typically, any enhancement (fingerprint or otherwise) must be verifiable and able to be duplicated by another expert

The risk in “crossing the line” is highly dependent upon use of tools

Slide 25

25

Fingerprint Matching

Different vendors use different algorithms 10 different Fingerprint Individuality models Minutiae matching vs. Pattern matching Speed and throughput vs. accuracy Error rates

– Type I (FP, FRR) vs. Type II (FN, FAR)– Crossover or Equal Error Rate– Security vs. Forensic Science

Slide 26

26

Receiver Operating Characteristics

Slide 27

27

Fingerprint Classification

Slide 28

28

Slide 29

29

Escape Math Variables

– Time, Method of travel, Achievable speeds, Traffic density, Traffic choke points

Dijkstra’s algorithm– Link-state routing protocols (OSPF), MapQuest,

Google Maps Random walks

– Calculate distance escaped POWs could travel in WW2

Trawler problem Drive-time calculations (MapPoint) Social network analysis (to be discussed

later)

Slide 30

30

Dijkstra’s Algorithm

Slide 31

31

Random walks

Slide 32

32

Trawler problem

Slide 33

33

Narrowing the Suspect Pool

Profiling– Psychological/criminal– Geographic (to be discussed later)

Venn diagrams

Slide 34

34

Social Networks Social network analysis

– Google’s PageRank algorithm is an example of network analysis

– Organized crime, gangs, terrorist cells, individuals, other organizations

– Social relationships in terms of nodes and ties– Determine the social capital of individual actors

Things to consider– Who are someone’s closest friends/associates?– Where might that person flee to?– Structural cohesion: could you eliminate a

specific individual from a group which could cause that group to collapse?

Slide 35

35

Social network of a project team

Slide 36

36

Social network of 9/11 terrorists

Slide 37

37

Crime Mapping

Choropleths Pin Mapping Hot Spot Analysis Geographic Profiling

Slide 38

38

France, 1829

Slide 39

39

London, September

1854

Slide 41

41

Choropleths and Pin Mapping

NYPD has used traditional pin mapping since at least 1900

University of Chicago researchers mapped crime in Chicago neighborhoods (1920-30s)

These methods of mapping helped to identify relationships between crime and neighborhoods, social disorganization, poverty, and physical deterioration

Slide 42

42

Automated Crime Mapping

Automated mapping began in the late 1960s– Did not really “take off” until the 1990s

Hot Spot Analysis– Finding geographic concentrations of types of

crimes; finding causes for those hot spots; aggressive policing in those areas

Geographic profiling– If psychological profiling tells you “who”,

geographic profiling tells you “where”

Slide 43

43

Slide 44

44

Hot Spot Analysis

Slide 45

45

Hot Spot Analysis

Slide 46

46

Geographic Profiling

If Psychological/criminal profiling tells you “who”, geographic profiling tell you “where”

Suitable for serial crimes: murder, rape, robbery, arson, predatory crimes

Gives police a starting point from which to narrow down lists of suspects

Does not replace traditional investigative techniques, but supplements them to help manage the large volume of information

Slide 47

47

Geographic Profiling

CrimeStat, Dragnet, Predator, Rigel Theory is based upon “journey to crime” and

“principle of least effort” “Journey to crime” varies among type of

crime, age, race, etc. Includes a buffer zone around the offender’s

home or base of operations

Slide 48

48

Saanich Serial Arsonist

Slide 49

49

Jeopardy Surface

Slide 50

50

Probability of Offender Residence

Slide 51

51

GeoProfile

Slide 52

52

Slide 53

53

Slide 54

54

Some Other Examples

Spherical Trigonometry: Determining position on Earth based on two like photographs (with a few caveats…)

Prisoner’s dilemma: Is it better to cooperate or defect?

Steganography and covert channels: Finding hidden information

Predictive Analysis: Predicting the location of a serial event

Slide 55

55

The Future is Now: RTTC

26-member staff, on 24/7/365 15 workstations, divided among teams of

officers Each team has a particular assignment, such

as homicides or shootings Satellite imaging Precinct-by-precinct maps Ties together information to solve crimes 2-story tall projection screens

Slide 56

56

NYPD Real Time Crime Center

Slide 57

57

The Future is Now: RTTC

Cognos data warehouse, using IBM OmniFind 8.2 on SUSE Linux blade servers

Link Analysis Capacity can call up all known addresses for a suspect and known associates

When a crime occurs, any number of searches of public records are then run:– Over 5 million NYS criminal records, parole and

probation files– Over 20 million New York City criminal complaints,

911/311 calls and summonses spanning five years– Over 31 million national crime records– Over 33 billion public records.

Slide 58

58

Conclusions

Slide 59

59

References

Mark Bridger, Northeastern University Valdis Krebs @ orgnet.com David Weisburd and Tom McEwen, “Crime

Mapping and Crime Prevention” Dr. Kim Rossmo, Texas State University Rob Gebeloff, NJ Star-Ledger Dr. Raymond Chan, CUHK Mitsubishi Electronic Research Laboratories Zeno Geradts, Netherlands Forensic Institute Henry C. Lee and R.E. Gaensslen, Advances in

Fingerprint Technology, 2nd Ed.

Slide 60

60

Questions & Answers