Predictive Analytics

Predictive Analytics

  • Big Data algorithms
  • Predict changes in status quo patterns (e.g. political unrest, disease outbreak, etc.)
  • Incorporate non-traditional data sources
  • Recognize historical behaviors, patterns, and context
  • Perform multi-modal modeling and analysis to explore what-if scenarios
  • Risk modeling for critical technologies protection

We present a single appliance real-time predictive analytics tool that combines threats from external or internal vector. Our predictive analytics tool is capable of responding to business and technical use cases to not only determine the most likely threat vectors, but recommend or automate changes to ensure real-time application security and performance.

The IMPRES Technology offering provides a complete internet data set of both known, and unknown (Dark Web) activity correlating against itself looking for anomalies. This capability encompasses secured data feeds which include temporary sites as well as internet data that has been expanded over the past 8+ years in 5-minute increments.

Our engine provides correlation of any pertinent threats that might pertain to the customer’s environment. The solution looks for any instances, chatter, written, spoken, from multiple types of raw or structured data sources, in over 12 languages. Users can search any specific search criteria: DoD, Commercial, Medical, MAC address, IP address, usernames, hardware or software type.

Data collected provides rich, quickly validated information. By combining external data, and internal data collected from within the network, it provides a real-time multi-variate statistical correlation of events or resources, allowing you a holistic view of data.

Traditional search engines focus on text retrieval and leave analysis to the user. However, our tool identifies and understands historical developments to help formulate hypotheses about – and give clues to – likely future events.

Search vs. analytics

The IMPRES Solution is based on temporal analytics. A comparison with traditional search engines is inevitable – since search is one important aspect of analytics.

The difficulty seems to be, not so much that we publish unduly in view of the extent and variety of present day interests, but rather that publication has been extended far beyond our present ability to make real use of the record. The summation of human experience is being expanded at a prodigious rate, and the means we use for threading through the consequent maze to the momentarily important item is the same as was used in the days of square-­rigged ships. ~ Vannevar Bush, “As we Think”

In the decades to follow, a great deal of technology has focused on information management and text retrieval (search). The World Wide Web, has obviously fostered both the need and the ability for use of search engines.

An explosion of search engines followed, with names such as Excite, Lycos, Infoseek, and AltaVista. These first-generation search engines focused on traditional text search, using various algorithms but really looking at individual documents in isolation.

Google changed that (1998) by introducing their second-generation search engine based on an experimental search engine (BackRub). The core of BackRub is PageRank algorithm, and the key of Google’s success.

The main idea of the PageRank algorithm is to analyze links between web pages, and to rank a page based on the number of links pointing and recursively pointing to rank of the pages pointing to it. This use of explicit link analysis has proven to be useful and robust. So much so Google continuously must tweak algorithms to combat attempts to manipulate the ranking algorithm.

IMPRES Technology Solutions is developing a third-generation analytics engine, which goes beyond explicit link analysis and ads implicit link analysis. Accomplished by looking at the “invisible links” between documents that talk about the same, or related, entities and events. We do this by separating the documents and their content from what they talk about – the “canonical” entities and events (yes, this model is heavily inspired by Plato and his distinction between the real world and the world of ideas).

Documents contain references to these canonical entities and events, and we use these references to rank based on the number of references, the credibility of the documents (sources) containing these references, and several other factors (for example, co-­‐occurrence of different events and entities in the same or in related documents is also used for ranking). This ranking measure – called momentum – is our aggregate judgment of how interesting or important an entity or event is at a certain point in time – note that over time, the momentum measure of course changes, reflecting a dynamic world.

In addition to extracting event and entity references, The IMPRES Solution analyzes “time and space dimension” of documents – references to when and where an event has taken place, or even when and where it will take place – since many documents refer to events expected to take place in the future. IMPRES is also adding components, (e.g. sentiment analyses), which determine what attitude an author has towards his/her topic, and how strong that attitude is – the affective state of the author.

The semantic text analyses needed to extract entities, events, time, location, sentiment etc. are an example of a larger trend towards creating “the semantic web”.

The time and space analysis described above is the first way in which The IMPRES Solution can make predictions about the future; by aggregating weighted opinions and likely timing of future events using algorithmic crowd sourcing. In addition to this, we can use statistical models to predict future happenings based on historical records of chains of events of similar kinds.

The combination of automatic event/entity/time/location extraction, implicit link analysis for novel ranking algorithms, and statistical prediction models forms the basis for The IMPRES Solution’s temporal analytics engine. Our mission is not to help our customers find documents, but to enable them to understand what is happening in the world.

The IMPRES solution and business intelligence

There has been a long path of innovation in systems for business intelligence – trying to help decision makers in companies and organizations make better, data driven, decision. We’d like to think of these in three generations as well:

First generation business intelligence tools (BI) were all about reporting and OLAP cubes, typically taking historical financial, sales, and manufacturing information and organizing for analysis. Very helpful – but very focused on providing a rear mirror view of the world.
Second generation business intelligence was all about real time – hooking into real time data sources as well as real time user interaction – allowing decision makers to both look at very timely data as well as adjust and interact with such views at high pace.
Third generation business intelligence, we would like to believe, will be all about looking outside corporations and generating data and analytics for decision making based on the world, not just old historical enterprise data. This is the IMPRES Solution.

The behavioral analysis done on insider threats also provides a long-term capability of looking for patterns, behaviors and contextual analysis based on a series of highly sophisticated algorithms.