Authors and Affiliations:
|
Jason Payne,
Palantir Technologies, jpayne@palantirtech.com
[PRIMARY contact] Ravi Sankar,
Palantir Technologies Jake Solomon, Palantir Technologies |
Student Team: NO
Tool(s):
For the VAST competition, the analyses were performed primarily in the Palantir Government platform and to a lesser extent in GoogleEarth and the Palantir Finance platform. Both Palantir platforms are being developed by Palantir Technologies, based in Palo Alto, California. Palantir Technologies was founded in 2004 and works with customers across the Intelligence and Finance Communities.
Two Page Summary: YES (will be submitted before 18 Aug)
| Answers: |
Grand-1. Based on ALL the data available (i.e. using the data from all 4 mini - challenges) what is the social network of the Paraiso movement at the end of the time period?
Grand-2. What name or names can be associated with individual activities?
| Activities | Names |
| Public relations and information control (Wikipedia control) | (aliases) VictoriaV; Amado; RyogaNica, Socorro |
| Communication and coordination | Ferdinando Catalano; Esteban Catalano; David Vidro; Juan Vidro; Jorge Vidro |
| Terrorist activies / setting up explosions | Ramon Katalanow; Carlos Vidro; Cleveland Jimenez |
| Migration / expansion of the religion's base | Jesus Vidro; Eduardo Catalano |
Grand 3. What is the geographical range of the Paraiso Movement and how it changes over time.
Nothing to provide: The answer to this question and how you arrived at it should be combined with the answer to the next question which is more general.
Grand-4. How do the major beliefs of the Paraiso movement affect their activities?
1) Video:
2) Debrief:
In 2002 a newspaper manager from Isla del Sueño (a Caribbean island between Florida and Cuba) published a two-thousand page document known as the Paraiso Manifesto (paraíso means “paradise” in Spanish). His name is Ferdinando Catalano, and his Manifesto launched a religious movement, officially called Catalano’s Paraiso Manifesto Movement (CPMM). Catalano considers himself the true legacy of Christianity and cites the King James Bible as an influence, but he does not respect the legitimacy of existing Christian doctrines. He also cites several unexpected influences: Pancho Villa, Che Guevara, Leon Trotsky, and Jose Marti. Followers believe that he has attained enlightenment and treat him with godlike status. Critics consider him to be a cult leader.
The religion wishes to create a highly conservative, patriarchal, and decentralized society. The supreme unit of power is the male-headed household. Governments exist to provide social services but have no right to issue commands to families or intervene in their disputes. Women can only be educated at home. The Movement is also hostile towards medicine and forbids the use of antibiotics or vaccines; even home treatments can only be received if approved of by the family’s father. Although the movement does not openly embrace violent doctrine, there are several pieces of evidence that suggest the Paraisos have been involved with violence. As their reach spreads into Florida and Mexico (and perhaps beyond), these tendencies make them an important investigative target for law enforcement.
Our first reason to suspect the movement comes from an open source information network—Wikipedia. The page on the Paraiso Manifesto is zealously guarded by believers, and only a small amount of criticism is allowed to remain. Whenever an editor tries to provide critical links, a proponent of the Movement will remove them, claiming the sites are biased and in violation of Wikipedia rules. Nevertheless, examining edits logs has provided several pieces of highly interesting though unreliable circumstantial evidence. One poster claimed that followers of the Manifesto “gunned down six doctors and nurses in cold blood,” after a previous editor was censored for mentioning a “confrontation of Paraiso members and [the] Dept of Health.” Another set of posters independently cited a Belgian prosecution of the Movement. Although this is less explicit than the previous post, and neither is particularly reliable, together they suggest a movement that is “flexible” in its adherence to the law. Moreover, the Manifesto’s doctrine makes this attitude unsurprising—the state is not much loved and cannot dictate rules to heads-of-household. Followers greatly dislike healthcare, so state-provided healthcare is even worse. Catalano openly lists four revolutionaries and military commanders as inspirations. Finally, Wikipedia edits suggest the movement has its own justice system and disregards the legal rulings of existing governments. Investigators might want to look further into the real identities of prolific pro-Paraiso posters VictoriaV, Amado, and RyogaNica.
We discovered the communication network of elite officials through phone records from Isla del Sueño over a ten-day period. Members include Ferdinando Catalano; his brother Esteban Catalano; his deputy David Vidro; and David’s relatives—presumably brothers—Juan and Jorge Vidro. Ferdinando only ever communicates with two or three people outside this circle. It then becomes this inner network’s responsibility to disseminate information to other individuals within the broader network of 400. Of note, the inner network suddenly switched cell phones seven days into the records on June 8, 2006, perhaps (correctly) suspecting that they might be monitored. Unfortunately for them, our investigators used the known initial network-model to uncover their new phone numbers and to re-establish ownership of new phones from there.
The second suggestion of violence comes from a concrete incident—the bombing of a Department of Health building in Miami, Florida. Even prior to investigation, rumors suggested Paraiso involvement. Furthermore, we know that the Movement steadfastly opposes state-provided healthcare and that our open-source information pointed to healthcare-related violence. Moreover, a complex trail of several independent investigations produced potential ties between people present during the explosion and the highest level of the Paraiso movement. After analyzing all of the other data, we re-examined the list of individuals present at the DoH building during the bombing. The facility was experimenting with compulsory RFID tags for employees and visitors, so we know the movement track and (reported) name of every person who was inside. Importantly, the logs report both a “Carlos Vidro” and “Ramon Katalanow,” the latter appearing to be an alternate spelling for “Catalano.” It is impossible for us to guarantee that these two individuals belong to the Paraiso Movement, but the presence of two people with ostensibly plain links to the highest levels of the Movement is certainly worth investigating. In fact, Ramon Katalanow’s movements were flagged as suspicious by analysts who were working only with nameless ID numbers to prevent bias. Unfortunately, our suspected bomber, Cleveland Jimenez, appears to have died in the explosion and cannot be brought in for questioning. Instead, law enforcement should attempt to verify whether Jimenez was a member of the Movement, to track down Vidro / Katalanow, and to question survivors who may have witnessed Jimenez, Katalanow, other suspicious characters, or the explosion site itself. These potential witnesses include Lindsey Bowles, Joshua Sanchez, Abel Snow, and Loretta Middleton.
Our suspicions of Paraiso involvement are further bolstered by an investigation of migrations from Isla del Sueño. After the island’s government began to crackdown on the Movement—possibly for lack of compliance with local laws or violent activity—individuals began to illegally immigrate to the southern coast of Florida in large numbers. Coast Guards had variable levels of success in stopping those attempting to make the crossing—in one month no boats succeeded and in another more than 70% did. Once they reach United States shores, however, U.S. policy is to grant them “legal permanent resident” status. Migrants, therefore, expand to an increasingly large range of landing sites over time as they attempt to avoid Coast Guard interceptions. By the end of our three year tracking period, hundreds of emigrants from Isla del Sueño have landed in Mexico’s Yucatan Peninsula and all along the coasts of Florida (expanded from the southern tip).
In this migration data, we have record of a “Jesus Vidro” and “Eduardo Catalano” getting interdicted twice in south Floridian waters before leaving from a launch site on Isla del Sueño which largely specializes in Mexican landings and making it to the Yucatan. All three times they were on the same boats. In other words, we know that potential relatives of Paraiso’s highest echelon were traveling together and tried to cross into Florida multiple times before escaping to Mexico. Moreover, we have records of several other migrants who tried multiple times to make the crossing, sharing a leg of the journey; these include the pairs of Pura Lira / Delphia Serrano and Sonora Haro / Gotzone Bueno. Perhaps most bizarrely, we have several reports of people with the same first and last names landing twice, including Frascuelo Alvarado and Pura Lira; if these are indeed the same people making two trips and not simply a coincidence, this behavior is extremely suspicious. We also know from the Wikipedia page that the Movement has established strong bases throughout the Caribbean using “Pirate Radio” stations and that “F[erdinado Catalano]” has given lectures in Miami before. Finally, it would not be difficult from their position in the Yucatan for supporters of the Manifesto to spread further north in Mexico and south into Guatemala, Belize, Honduras, and El Salvador. It is, therefore, not only plausible but highly likely that the bombing of a Department of Health facility in Miami, with both a “Vidro” and “Katalanow” present, was the work of individuals related to the Paraiso Movement.
Our hypothesis is that Catalano’s Paraiso Manifesto Movement (CPMM) is involved with violent activities and was specifically involved with the August 2007 explosion at the DoH in Miami. Of course, we recommend that the investigative teams involved look into those figures who were specifically discussed above, including the Wikipedia aliases VictoriaV, Amado, Socorro, and RyogaNica; the migrants Jesus Vidro, Eduardo Catalano, Pura Lira, and Frascuelo Alvarado; the upper echelon members Ferdinando / Esteban Catalano and David / Jorge / Juan Vidro; and persons of interest at the explosion itself, including Carlos Vidro, Ramon Katalanow, and several witnesses.
We also recommend that the Coast Guard broaden their patrol areas. Interdictions never go as far north along Florida’s shores as landings do, meaning that if migrants can get past the initial set of ships near Isla del Sueño and swing far enough out before heading north, they are almost guaranteed to land successfully. Interdictions also fail to cover Mexico itself. While this may be a jurisdictional issue, we should share tracking information with the Mexican government to improve their ability to interdict ships in their waters. Our team has demonstrated that there is a correlation between where boats leave Isla del Sueño and where they’ll head, so if we track the departure of a ship, we can predict its arrival location.
3) Detailed Answer:
The Palantir Government platform is a powerful environment for exploring the underlying connections within complex datasets. Revealing these connections is accomplished by separating the user from difficult and technical commands. Instead the user is presented with simple, yet powerful, interfaces allowing them to ask natural questions in an intuitive fashion. In order to perform the investigation called for by the Grand Challenge, we had to work with four sets of very different data. With Palantir’s data integration capabilities and Dynamic Ontology, we were able to easily bring all the VAST data together in one conceptual view.
Figure 1: The Data
Import GUI
Once the disparate data sources were loaded into Palantir and ‘published’, anyone with an account on our network could access and analyze the data from our webstartable client. Because the Grand Challenge has no data independent of the Mini Challenges, the Grand Challenge investigation required us to aggregate the analyses our team had already accomplished for the Mini Challenges. A detailed accounting of the processes used in the Mini Challenges can be found linked from our main VAST page. Below we will provide a brief summary of those Challenges and describe how they relate to the Grand Challenge.
Wikipedia Analysis: Analysis of the Wikipedia edits and discussions was divided into two approaches: user-centric and time-centric. The user-centric team used Palantir’s Histogram to isolate the top discussors and editors of the Paraiso Manifesto page. The Histogram provides aggregate information and an overview about all selected objects in any of the Palantir Applications. Analysts could read the words of wiki contributors directly in Palantir, and were thus able to get a feel for the factions and major players participating in the discussion. This user-centric analysis was facilitated by the time-centric team, working in parallel, who used Palantir’s Timeline to dissect the flamewars (or areas of high activity). Our analysts noted rivalries between two wiki contributors and were able to isolate the pro-Paraiso wiki users in the discussion very quickly.
Figure 2: The “link
by” option can quickly find related entities, events, etc.
Migration Analysis: Boat migration data was divided into three major investigations: landings, interdictions, and launches. While our analysts could have analyzed all these aspects of the migrations within one investigation, breaking them down in this way helped to maintain a primary focus. The Analyses were enabled by Palantir’s integration with GoogleEarth to explore the geospatial variation in landings, launches, and interdictions over time. Our analysts noted interesting geographic zones in GoogleEarth (specifically, 5 distinct launch sites and 4 landing zones) which served as starting points for further investigation. It was simple to perform advanced analysis as well, such as identifying the number of ‘go fasts’ leaving from launch site 4 that successfully landed in West Florida in 2007. Interesting results were uncovered including: strategic weaknesses in Coast Guard interdiction patterns, a correlation between where boats launch and where they land, a temporal progression of launch sites, and a month-by-month chart of landing success rates.
Figure 3: All landings
viewed in Google Earth
Figure 4: Palantir’s
Timeline—times with Mexican landings are highlighted (yellow)
Communication Network Analysis: To explore the communication network, our analysts began from the given starting point that Ferdinando Catalano is ID 200. Our analysts then added his immediate connections to the graph and subsequently second degree connections were added as well. These first and second order graphs of Catalano’s network were used to assign IDs to his inner network—Esteban Catalano, David Vidro, Juan Vidro, and Jorge Vidro. Analysis of 200-centric network using the Palantir Timeline revealed sudden network silence on the last three days of the ten day period represented by the data. This silence was not present in the overall network of some 400 IDs. This aroused suspicion that there was something duplicitous occurring in this inner network. Palantir was then used to identify the most prominent IDs during the period of network silence and uncovered a network that mirrored the 200-centric network observed earlier. This new network was centered on ID 300 possibly indicating that the inner network had switched cell phones. Additionally, the various movements of the telephone IDs were analyzed using the geographic position of the originating cell phone towers through visualization in GoogleEarth. Palantir’s ‘Intermediary Framework’ which allows phone calls to simultaneously act as links between people and independent events was very valuable in enabling this task.
Figure 5.1: The
network of IDs 1, 2, 3, and 5, with an auto-layout in Palantir
Figure 5.2: The
auto-layout of 306, 309, 360, and 397; strikingly similar to 8.1
Evacuation Analysis: Because the data of the evacuation from the attacked Department of Health building is largely geospatial in nature, Palantir’s geospatial integration capabilities were heavily relied upon to analyze the attack. Importing a slightly transformed version of the evacuation data (with real geotime information) then exporting the results to KMZ from Palantir allowed our analysts to easily produce a time-lapsed animation of the evacuation. After adding an imaginary building constructed according to the given grid, the animation was closely watched in an attempt to identify who the potential bomber was, where the bomb went off, who could be a witness, who moved in a suspicious manner, etc.
Figure 6: After the
bomb explodes
With this foreground knowledge established, the next step was to explore the background of the movement. Understanding the context of a group is always critical to analyzing their activities. This is true in history when studying ancient civilizations, in sociology when performing demographic analysis, and especially in intelligence when conducting an investigation. It is, therefore, extremely important that we base our exploration of Catalano’s Paraiso Manifesto Movement (CPMM) on the Movement’s beliefs and its previous activities.
Almost everything that can be learned about the Paraiso Movement must be gleaned from open source information, namely Wikipedia. By reading the actual page on the Manifesto and using Palantir to isolate important comments by editors of that page, it is possible to paint a reasonably detailed picture of what the Movement espouses (challenge one). First, followers consider the Movement to be a religion, not simply an organization committed to certain goals. In fact, Ferdinando Catalano claims to preach the true form of Christianity, though he does not respect the authority of existing Christian groups. As a corollary, believers view Catalano as a godlike, enlightened religious leader. Second, Paraiso proponents advocate a radically decentralized society in which the family-unit is supreme. The state exists to provide social services and infrastructure to families but should not intervene in disputes and has no coercive authority. In fact, comments in the Manifesto page’s edit logs indicate that the Movement has its own justice system and does not respect the convictions of other legal bodies. Third, the Manifesto declares that healthcare can only be approved by the head-of-household (father) and that even he is forbidden to approve antibiotics, vaccines, or other similar medicines. The synthesis of beliefs two and three produces a religious movement that is strongly opposes state-provided healthcare. Fourth, Paraisos consider women to be subordinate, confining their education to the home and prioritizing the desires of male family members ahead of their female counterparts. Finally, the Manifesto’s intellectual influences include “Pancho Villa, Che Guevara, Leon Trotsky, [and] Cuban revolutionary Jose Marti” a list of military commanders and revolutionaries with a history of violent actions. When combined with CPMM’s disregard for government-imposed laws, this suggests that the Movement may approve of violent tactics.
Establishing this repository of beliefs gives provides an illustrative starting point for analyzing the activities of the Paraiso Movement. In observing the edit logs and verbal discussion of the Wikipedia page on the Paraiso Manifesto, we can observe a sense of persecution by many proponents and censorship of most criticism. Their self-proclaimed status as a religious group makes both of these likely, as religions have employed the rhetoric of external persecution for centuries and often prefer dogma to open discussion. Moreover, the fact that believers consider Catalano ‘enlightened’ could make any critical or derogatory comments seem legitimately offensive. The beliefs of proponents, therefore, explain the fervor with which they defend their public reputation on Wikipedia.
There are also several pieces of evidence—including external suggestion and the presence of individuals with ties to high level operatives—that point to Paraiso involvement in the bombing of a Department of Health building located in Florida. An examination of their core beliefs makes involvement seem even more plausible (challenge four). We know that the Movement is unsupportive of healthcare, especially when it is government-provided. We also know that the family unit takes absolute primacy over the state and that there is little regard for external law. A wiki edit has been identified which implicates the movement in gunning down medical professionals. Finally, it is known that many of Fernando Catalano’s influences are violent. It is with these pieces of information that it was concluded that the Paraisos have both motive and likelihood to commit a violent action against a government health facility in one of their population centers (Florida).
CPMM began in Catalano’s home country, Isla del Sueño, a Caribbean island between Cuba and Florida. The government of that island has increased pressure on the Movement, leading to mass migration (challenge two). This crackdown was probably precipitated by the organization’s previously examined violent undercurrent and disregard for the laws of the government. Moreover, its patriarchal demand that women be isolated probably produced insular and hard-to-control communities. Because Paraisos consider themselves religious in nature, and not simply political or social, it was likely that they would respond by migrating, as religions have in the face of oppression for centuries. Moreover, their emphasis on the family-unit explains the fact that many of the travelers on each boat shared last names. By the end of the three year period during which their migrations were tracked, emigrants from Isla del Sueño had landed in large numbers all along the coasts of Florida and Mexico’s Yucatan Peninsula, bringing the Paraiso religion with them (challenge two). We also know from the Manifesto’s Wikipedia page that smaller migrations and public advocacy (Pirate Radio) helped establish bases in many other Caribbean islands (challenge one). Because we have no tracking of movement on land in both Florida and the Yucatan Peninsula, it is also possible that the Movement has spread to other areas of America and Mexico, and possibly other Central American countries such as Guatemala, Belize, Honduras, and El Salvador.
The next step was to decide specifically who is connected to the Paraiso Movement and what roles they might play. Members of the movement were identified slightly differently for each investigation (Mini Challenge). Among Wikipedia users, those who were identified as fervent defenders of the Manifesto were considered members of the network. The cell phone data had only five associated names, all of whom are high level operatives that clearly belonged to the network. Obviously, many of the numbers called by the Catalanos and Vidros are related to the movement, but there is insufficient information to disambiguate a number from a member from an unrelated third party. In the evacuation data, we added Ramon Katalanow and Carlos Vidro for their apparent familial ties to known important figures. We also added several suspicious individuals, including the suspected bomber, Cleveland Jimenez. The most challenging decision, however, was for the migration investigation. Nearly every person escaping from Isla del Sueño could be a Paraiso believer attempting to escape the government crackdown. However, most of the Plymouth Pilgrims weren’t Puritans; they were simply trying to take advantage of a chance to move, and a similar situation could be occurring here. Moreover, simply because the migrants believe in the religion, it is not possible to categorically consider them part of its social network if they are not actively connected to other major players. Therefore, only Eduardo Catalano and Jesus Vidro were added—once again for their familial connections. The players pulled from each investigation were tied to each other, but they were also tied to everyone else in the network through a presumed tie among Catalanos/Vidros (with the exception of the Wikipedia edits which had no obvious members of either family).
The sole remaining task at this point was to figure out which members of the movement might be responsible for specific activities. Since individuals had been identified based on investigations related to entirely distinct activities, the work was mostly done already. Members drawn from the Wikipedia investigation are involved with public relations and information control. Important figures in the migrations are illegally immigrating into new countries to establish bases and spread the religion. High level operatives being tracked by cell phone are responsible for coordination and communication. Finally, those identified as involved with the DoH bombing are violently active agents. The range of activities that the Paraiso Movement participates in may be much broader, but those actions are outside the scope of the data and investigation. Given the information uncovered by Palantir, a continued operation could easily uncover much more detail about potentially violent cells of movement and combat the threat the Paraiso Movement poses as it spreads its reach.