Analysis of Competing Hypotheses Software -- http://www2.parc.com/istl/projects/ach/ach.html
Analysis of Competing Hypotheses (ACH) is a simple model for how to think about a complex problem when the available information is incomplete or ambiguous, as typically happens in intelligence analysis. The software downloadable here takes an analyst through a process for making a well-reasoned, analytical judgment. It is particularly useful for issues that require careful weighing of alternative explanations of what has happened, is happening, or is likely to happen in the future. It helps the analyst overcome, or at least minimize, some of the cognitive limitations that make prescient intelligence analysis so difficult. ACH is grounded in basic insights from cognitive psychology, decision analysis, and the scientific method. It helps analysts protect themselves from avoidable error, and improves their chances of making a correct judgment.
This software was developed by Palo Alto Research Center (PARC) in collaboration with Richards J. Heuer, Jr. It was developed for use by the U.S. Intelligence Community with funding from the Intelligence Community's Advanced Research and Development Activity (ARDA) and the Office of Naval Research (ONR).
In distributing ACH, PARC is making the presently downloadable version of the program available to the general public at no cost when used for non-commercial or educational purposes subject to the terms and conditions of its end user license.
CARVER2 - Target Analysis Software -- http://www.ni2cie.org/CARVER2.asp
CARVER2, a free software tool that provides a non-technical method of comparing and ranking critical infrastructure and key resources. It is the only assessment tool that ranks critical infrastructure across sectors.
The CARVER2 vulnerability assessment tool is designed to quickly and easily identify and compare potential natural disaster and/or terrorist targets at the local, state and national levels in order to assist government officials in the allocation of protective resources. The CARVER2 target analysis tool is available free of charge to federal, state, and local government officials and agencies, as well as non-profit and educational institutions. See below to request the installation package.
Computer Online Forensic Evidence Extractor -- https://cofee.nw3c.org/
Microsoft COFEE is being made available to individuals employed by law enforcement agencies within the United States and Canada. COFEE means the Computer Online Forensic Evidence Extractor tool that fits on a USB drive and automates the execution of commands for data extraction and related documentation. Distribution is limited to law enforcement agencies. Access to the COFEE product requires verification of employment with a law enforcement agency and agreement to the terms and conditions of the Microsoft/NW3C Sublicense Agreement. The verification process is automated if you have an email account with RISS.NET or LEO.GOV, or have an account with NW3C.
Computer Security Evaluation Tool -- http://www.us-cert.gov/control_systems/satool.html
The Department of Homeland Security (DHS) has released its latest cyber system assessment tool to the Critical Infrastructure/Key Resources (CI/KR) community. The Computer Security Evaluation Tool (CSET) is a desktop software tool that guides users through a step-by-step process to evaluate their cyber systems and network security practices against recognized industry standards.
According to DHS, the benefits of CSET include:
- Contributing to an organization's risk management and decision-making process;
- Raising awareness and facilitating discussion on cyber security within the organization;
- Highlighting vulnerabilities in the organization's systems and providing recommendations on ways to address those vulnerabilities;
- Identifying areas of strength and best practices being followed in the organization;
- Providing a method to systematically compare and monitor improvement in the cyber systems; and
- Providing a common industry-wide tool for assessing cyber systems.
CrimeStat III -- http://www.icpsr.umich.edu/CrimeStat/
CrimeStat III is a spatial statistics program for the analysis of crime incident locations, developed by Ned Levine & Associates under the direction of Ned Levine, PhD, that was funded by grants from the National Institute of Justice. The program is Windows-based and interfaces with most desktop GIS programs. The purpose is to provide supplemental statistical tools to aid law enforcement agencies and criminal justice researchers in their crime mapping efforts. CrimeStat is being used by many police departments around the country as well as by criminal justice and other researchers. The latest version is 3.3. The program inputs incident locations (e.g., robbery locations) in 'dbf', 'shp', ASCII or ODBC-compliant formats using either spherical or projected coordinates. It calculates various spatial statistics and writes graphical objects to ArcGIS®, MapInfo®, Surfer for Windows®, and other GIS packages.
Decrypto 8.5 -- http://www.blisstonia.com/software/WebDecrypto/
Decrypto is a fast and automated cryptogram solver by Edwin Olson. It can decode word games often found in newspapers, including puzzles like cryptoquips and patristocrats. You can also download a stand-alone version. [We have also found this program useful for quickly breaking simple substitution ciphers used by some criminal gangs.]
Encryption Wizard (EW) DoD Software Protection Initiative -- http://spi.dod.mil/ewizard.htm
EW is an SPC implementation of the Advanced Encryption Standard (AES) (Rijndael) augmented with a file manager Graphical User Interface (GUI) for ease of use. The 128-bit encryption/decryption algorithm used by Encryption Wizard is considered cryptographically strong and is routinely used in National Security Agency (NSA) and National Institute of Standards and Technology (NIST) certified products. Encryption Wizard is designed to protect data at rest and in transit (such as email attachments). EW is an easy to use tool for protecting sensitive (but not classified) documents, and for protecting files before transmission via email. It allows a user to encrypt files using a 128-bit implementation of the Advanced Encryption Standard (AES) with simple drag-and-drop efficiency. Encryption Wizard can significantly increase an organization‘s security posture at little to no cost to protect sensitive data in transit (E-mail, FTP, or shared web folders) or at rest on a removable storage device. The primary version for government users utilizes a FIPS 140-2 validated encryption engine licensed from RSA
Near Repeat Calculator -- http://www.temple.edu/cj/misc/nr/
This software originates with the relatively recent discovery of the near repeat phenomenon in burglary patterns, a discovery that has highlighted the communicability of crime events that affect the risk level at nearby locations. The near repeat phenomenon states that if a location is the target of a crime (such as burglary), the homes within a relatively short distance have an increased chance of being burgled for a limited number of weeks (Townsley et al, 2003; Bowers and Johnson, 2004; Johnson and Bowers, 2004a, 2004b). This communicability of risk to nearby locations for a short amount of time raises the possibility that other crime types may also suffer from a near repeat spatio-temporal pattern of behavior.
The analytical method employed builds on a space-time clustering methods first pioneered by Knox (1964) to study the epidemiology of childhood leukemia. The Knox test seeks to determine whether there are more event-pairs observed that occur with a closer proximity in space and time than would be expected on the basis of a random distribution. To do this, each shooting for a particular dataset is compared with every other and the spatial and temporal distance between them recorded. The result is a matrix of space-time distances.
To establish a null hypothesis measure against which to test the shooting patterns, we employ a Monte Carlo simulation process. By computing multiple simulations of the expected values, it is possible to generate an expected distribution under a null hypothesis – using the actual study data. This provides a unique way to examine what would occur if there were no near repeat patterns.
Problem Analysis Module -- http://www.popcenter.org/learning/pam/
Problem Analysis Module (PAM) gives you a framework for analyzing any persistent crime and public safety problem. PAM will ask you to input information concerning every aspect of the problem and then suggest the kinds of responses you could try. PAM was developed to assist police problem solving through the asking of specific questions. The questions come from research into a set of powerful theories within the field of Environmental Criminology – particularly Routine Activity Theory, Situational Crime Prevention, and Crime Pattern Theory.
Squidmat (courses of action evaluation program) -- http://faculty.tamu-commerce.edu/jmstauffer/Squidmat/
The program compares two or more courses of action based on two or more evaluation criteria. The user arranges the evaluation criteria in descending order of importance and tells the program how much more important each criterion is than the next lower criterion. These importance ratings are used to calculate weights for each criterion. SquidMat takes user-supplied values for each course-of-action/criterion combination and converts them to Z scores. Using the criterion weights, the program calculates weighted sums for each course of action. The course of action with the highest weighted sum is considered to be the best. SquidMat is designed as a replacement decision matrix program for the CAS3 program DECMAT.