The link and group analysis toolkit, or LGAT, provides an end-to-end analytical environment that helps analysts find patterns of interest through the application of link-and-group-analysis technologies.
LGAT supports a plug-and-play architecture that allows researchers to easily integrate and experiment with alternative LGA technologies and datasets, gaining insight into effective strategies for applying those technologies. The LGAT’s services-based architecture is well-matched to the integration of new tools and data sources.
Clients access LGAT’s services via an application programming interface or a structured query service. The link-analysis layer manages applications and supports various application-level services, including tracking individuals with a watchlist, grouping individuals by communications or other activities, predicting probable suspects and non-suspects, and predicting threats based on a predefined threat pattern and evidence from data sources. Finally, the mediation and fusion layers support federated search and retrieval from structured, semi-structured, and unstructured legacy sources.
LGAT integrates several link-and-group analysis tools to aid in threat identification. The group-detection algorithm, developed by Carnegie Mellon University, uses a generative probabilistic model of joint activities by members of groups to identify group memberships based on patterns of activities found in structured information, such as transaction records. The cohesive clustering tool, developed by BAE Systems, finds groups of highest cohesiveness, defined as the inverse of the average distance between pairs of group members in a graph representation.
