EU Statement of Work and Schedule

This objective will be completed through an extensive review of police records, open source
documents, including EU and foreign governments reports, scholarly research and news articles.
The second objective is to capture various stakeholders perspectives on cyber security for
criminal activities. To fulfill this objective the research team will analyze data from various
sources in police data files. The third and final objective is to construct a decision-making model
of the cyber security landscape based on the analyzed data.

ID Description Completed by after start date

T.1 Incorporate a Throughput Model and cognitive factors 3 meetings during the first year
approach to describe the fraud triangle magnitude and
psychological types prone to corruption, as well as Years 1 and 2
identify risk factors associated with their TCO
occurrence
Team meeting with project champion to design the
project and integrate biometrics tools with the decision
making cognitive aspects of the Throughput Model
T.2 Work with EU stakeholders and end users to identify Years 2 and 3
and develop evidence-based technologies, policies,
practices, and cyber-based training that will enable the
improved awareness while securing the cyber space
and border activities in an effective manner.
Selection of biometrics tools using performance
measures and Throughput Modelings cognitive
aspects.
Complete analysis of 6 psychological behavior case-
based data and machine learningScotland, Sweden,
and Romania
T.3 Analyzing & Comparing biometrics information Years 3 and 4
control systems
Identify recommended policies, practices, training, and
technologies for adoption to reduce TCO activities
T.4 Paper presentations and conferences Years 4

After my telephone conversation with ABIS today, they requested a summary of work you will
be conducting for the EU Research Grant. I would structure your EU grant product work with
what we discussed regarding (I will also contribute to the following):

1. Literature review of the six dominant anti-behavior types:

(1) Negation of personal accountability [psychological egoism],
(2) Deontology [Rule-based},
(3) Consequentialist [utilitarianism],
(4) Self-serving deception [relativism],
(5) Sacrosanct indemnity [virtue-ethics], and
(6) Narcissistic indemnity [Stakeholders perspective].

2. Relating the anti-behavior types to crime history (provided by police departments).

3. Implementing cases from accounting/auditing (including the fraud triangle).
4. Developing a decision-aide tool that provide law enforcement agencies with
characteristics/behavior of criminal types tied to a decision making model.
5. Attending conferences/paper presentations and discussing with experts in the area in order to
fine tune the decision making approach to cyber crimes.
6. Help with deliverables: i.e., assisting the computer science/engineering personnel part of our
team (i.e., Slawomir Nowaczyk , Halmstad; David Martin of Wayne State University, USA) to
develop a decision support system/software for analyzing cyber crime.

Finally, provide me with a short summary of your previous research and how it is related to the
EU Grant (please include the current working papers on fraud, biometrics, etc.

Objective 1 Review and compile state of the art for biometric use for security in relation to use
in the cyber security area. Some of the issues to be compiled include
- Business models for reliance on biometric
- Challenges with implementation
- Risks for criminal activities critical situations
- Requirements for alternative or backup security measures in crisis
- Legal challenges to biometrics
- Possible privacy issues
- Collection and security of biometric databases
This phase will be distributed by the teams in Sweden and Romania and include supervised
graduate students creating a valuable resource that can be used for future research in cyber
security and other mission critical fields that are moving beyond simple password authentication.
Timeline, effort and deliverables
UK Team 1 senior researcher and 3 graduate student researchers using open source research
methods and analysis over 15 month period from initial kickoff of project. The Senior researcher
teaches graduate course on the use of biometric methodologies for research and analysis with
clients from government and industry.
Deliverables will be database with index, bibliography, categorization of issues and outline of
key challenges and topics required to be addressed for cyber security implementations.
One or more published review articles will be created and provide foundation for additional
effort.
The proposed project involves a multi-disciplinary research team representing the fields of
criminology, psychology and information science. The research team members represent various
universities (Romania, Sweden, and the United Kingdom) security operations center and cyber

2
security capabilities (University of Texas, El PasoCyber Center), and the police agencies with
expertise and experience in conducting research on cognitive factors analysis as they relate to
crime.
For example, from Wayne State University (Michigan, USA), Dr. David Martin will be part of
our team. He specializes in policy analysis, program evaluation, and computer programming,
specializing in crime mapping and analysis of police and community data. Over the past 10
years, he has developed software and web applications for the computerized mapping and spatial
analysis of data from police and fire departments. Several police departments to support
CompStat-style accountability processes and strategic crime fighting use his software. He is also
currently a research partner for a U.S. Department of Justice-sponsored crime reduction initiative
in Detroit, Michigan.

Year 1 Budget Narrative

UK effort project management, direction of student research, synthesis of results and
manuscript preparations / editing, travel, coordination with Sweden and Romania team.
Sweden effort to examine criminals' case histories (Swedish police department) in order to
assign one of six dominant criminal behaviors to the files (of course the names of the individuals
will be deleted). That is,

(1) Negation of personal accountability [psychological egoism],

(2) Deontology [Rule-based},
(3) Consequentialist [utilitarianism],
(4) Self-serving deception [relativism],
(5) Sacrosanct indemnity [virtue-ethics], and
(6) Narcissistic indemnity [Stakeholders perspective].

The above anti-behavior types will be integrated with the Fraud Triangle (i.e., opportunity,
pressure, and rationalization) and a decision making model (Throughput Model) in order to assist
individuals and organizations to become more alert to the criminal implications of their decision
choices

Adriana Tiron Tudor (Babe-Bolyai University, Cluj-Napoca, Romnia), Marita Blomkvist

(Goteborg University, Sweden) and Jeaneth Johansson (Halmstad University, Sweden) will be
responsible for reading the files and assigning the above anti-behavior characteristics and fraud
triangle features to their decision making. After this has been completed than Antanas Verikas
and Slawomir Nowaczyk (Halmstad University, Sweden) will work with the patterns for
machine identification, etc. part.

The first stage of the project is to identify patterns of behavior that map to specific characteristics
of criminal behavior that is backed by theory and research. From this, we can then align these
patterns with a powerful decision making model (i.e., there are only 6 possible pathways to a

3
decision according to this model). After this process, we will be in a better position to
scientifically assess behavior augmented by theory as it applies to situations (cyber or border
control) or the interaction between behavior and situations.
During the academic year this will include time not charged to the grant using personal scholarly
allotment of workload. Summers will focus on this project.
Graduate student effort will be research on scholarly articles, news and other sources. Students
will also create contact database of stakeholders found through this activity for contact and
interview to add operational information in order to design and create appropriate flow models.
4 students have not been identified but will come from different programs including the Security
and Intelligence program, the Aviation Safety program and Cyber Intelligence and Security
program.
Travel costs may be higher than the $5000 budgeted and grad student expenses may be lower
due to timing of bringing on board.
Year 2 Budget
Team continues effort and organizes laboratory efforts to setup chosen biometrics system for
evaluation, training and measurement. Other efforts will include For example, from Wayne State
University (Michigan, USA), Dr. David Martin will be part of our team. He specializes in policy
analysis, program evaluation, and computer programming, specializing in crime mapping
and analysis of police and community data. Over the past 10 years, he has developed software
and web applications for the computerized mapping and spatial analysis of data from police and
fire departments. Several police departments to support CompStat-style accountability processes
and strategic crime fighting use his software. He is also currently a research partner for a U.S.
Department of Justice-sponsored crime reduction initiative in Detroit, Michigan.

Graduate students will continue open source research and survey / interviews as well as begin the
design of experimental setup for enrollment, testing, monitoring the chosen biometric tools
chosen for analysis. Experimental design, data collection, storage, retrieval, auditing etc. will be
performed, policies created, throughput metrics collected and analyzed.
Students will interact with researchers using emote collaboration tools and will allow the
simulation of the issues associated with distributed use of biometrics, evaluation and other
procedural elements associated with setup, deployment and operation of systems in aviation
settings.
The number of students chosen for the project will be limited to at most 4 and thesis / project
topics will be chosen to match the elements appropriate to the grant requirements and needs.
Development of their reports or thesis will be integrated into overall project documentation and
publications as students move through their degree programs.
Year 3 Budget

4
Sweden, Romania, and UK teams will continue to coordinate and manage the project team and
partner teams as the operational efforts mature.
Students will be working now in production mode with the design and system in its final
configuration. Process documentation will have been created and the partner systems deployed
to allow for the gathering of data in realistic aviation environments ranging from large enterprise
to smaller lower volume settings. Data gathering, auditing, analysis of metrics will be done in
controlled operational settings. Experimental designs to test different scenarios will be begun.
Year 4 budget
Project teams continue efforts and moves toward completion of experimentation and data
collection. Analysis and manuscript preparation phase will dominate the latter part of this year.
Students will complete any additional testing required based on identification of open questions
that arise from the planned modelling.
Team will be completing reports, preparing final material for publication in different journals.
Student effort could decline in this year depending on the timing with the grant start and end
dates. Students will be completing their own writing for thesis or project credit.