Integrated Suspicious Activity Reporting and Decision Analysis System (iSARs)

Principal Investigator: Michael Orosz


An important element in preventing terrorist attacks are suspicious activity reports (SARs) filed by citizens and local law enforcement.  Intelligence analysts review incoming SARs, query various government databases and intelligence sources, and establish patterns and relationships.  SARs that are deemed to be terrorism-related are ultimately passed along to other intelligence consumers (e.g., the FBI), who assess its actionability and decide on follow-up action (e.g., conducting surveillance, defensive action). At present, much SARs tasking and analysis is accomplished manually, using many qualitative and judgment-based risk and decision processes.  This leaves open the possibility that key events and connections may be overlooked – with potentially catastrophic consequences.  The Integrated Suspicious Activity Report and Decision Analysis System (iSARs) project is based on the assumption that the defender can better detect, predict, and prevent attacks, based on:

  • collected evidence (i.e., past SARs)
  • historical evidence (i.e., previous events)
  • potential capabilities of adversaries and resources available to them
  • potential attack targets within their Area of Responsibility (AOR
  • the experience and intuition of the intelligence analysts

The project will develop tools, methods, and processes for enhancing the risk-driven intelligence collection, analysis, and decision-making capabilities of the U.S. domestic law enforcement and intelligence community.  This will be done by combining SARs and other intelligence products with risk and decision analysis techniques to help better detect possible adversarial plans and assess the threats that are associated with the greatest probability of occurrence.