Bertjan Broeksema – broeksem@lippmann.lu (PRIMARY)
Fintan McGee – mcgee@lippmann.lu
We're both research scientists at the Centre de Recherche Public – Gabriel Lippmann (CRPGL) in Luxembourg.
No
R and RStudio – http://www.r-project.org/ and http://www.rstudio.com/
Excel
Gephi – http://gephi.github.io/
OpenCalais for entity extraction – http://www.opencalais.com/
Note: As we had very limited time, we used out of the box tools for the analysis. One of the things we found was that the data was so messy, that most of the time was spent on reshaping it in a more usable format. During this process, we mostly wrote a number of R scripts that performed data cleansing, merging and extraction. A couple of helper function and the interactive interface of RStudio were used to make queries on the extracted tables to follow leads. As such, it can be questioned if we used “visual” analytics.
On the other hand, we questioned ourselves, about the kind of tools that would be needed to do the cleansing and the analysis and would provide an interactive visual interface. Actually, this tool shouldn't help so much with the analysis as well with the cleansing. Moreover, this tool should be easy enough to use under time pressure (i.e. it should take very little time to create various interactive visualizations for graph data and multivariate data), while on the other hand providing enough flexibility to handle highly unstructured data. The exercise gave us much inspiration for the design of future visual analytic techniques to tackle problems with data as complex and messy as the data in this challenge.
100 hours - Approximately one week full time by both team members
Yes
MC1.1 – Provide a visual representation of the structure of the Protectors of Kronos network, with supporting evidence.
Provide novel visualizations appropriate for communicating key information to the busy leaders of the investigation. Please limit your response to no more than eight images and 500 words.
a. Who are the leaders?
Henk Bodrogi (retired in 2001)
Elian Karel (replaced Bodrogi in 2001, died in 2009)
Silvia Marek (replaced Elian after his death in 2009)
One of the tools we used to find out about Elian's death is a simple bar plot. We first subsetted the articles from the start of 2009 to the end of 2013. Next we created a bar plot for the number of messages found per month. We see some obvious peek, for example at about mid 2012. Reading the articles in this time span, discloses that there is a meeting to remember the dead of Elian Karel, which in turn triggered us to search for the messages mentioning his dead (which explain the peek in early 2009).
b. Who is part of the extended network?
Founders
Carmine Osvaldo - Founder
Ale L. Hanne - Founder
Jeroen Karel - Founder
Valentine Mies - Founder
Yanick Cato - Founder
Joreto Katell – Founder
Family of Juliana Vann, the girl who died at age 10 in the nineties.
Mandor Vann – Uncle of Juliana and Isia Vann
Isia Vann – Brother of Juliana Vann
Reporters
Petrus Gerhard - Homeland illumination reported. He is typically reporting about the POK in a positive way. More importantly, he was "chosen" by the POK to break the news with respect to the kidnapping and the ransom demands.
Maha Salo - working closely with Petrus Gerhard.
Others
Lucio Jakab – Former Save Our Wildlands member.
Lorenzo Di Stefano – professor of environmental science at the University of Abila
Michale Kraft - Former attorney of Elian Karel.
Jon L. and Kriste Bronte, two people who interviewed during rallies and for whom the name is actually known. Their role in POK is unclear, but at least they show up at rallies and are not afraid to make known who they are.
c. How has the group structure and organization changed over time?
We used Gephi to visualize the named entity graph extracted by OpenCalais. To find entities of interest and identify common mis-spellings calling for further data cleansing, we used Gephi's interactive functions such as node/edge filtering and merging. The example image below shows the largest connected components extracted from the 5 year report historical document. Nodes are colored based on Louvain clustering. Entities and their relationships were extracted on a per paragraph basis.
1997 – POK is founded
2001 – Initial founders retire from the group, Elian Karel takes over leadership
2004 – Mandor Vann joins POK and becomes POK's most important political strategist
2005 – Save our Wildlands joins forces with the POK; Lucio Jakab becomes responsible for the media means of POK (banners, slogans, signs, etc); Silvia Marek becomes one of the leaders of the POK, though not as widely respected as Elian Karel.
2009 – Elian Karel dies in prison, Silvia Marek takes over leadership. Her less respected leadership seems to be reflected in the rallies that become more violent in the years that follow. Although, Isia Vann is mentioned as being in favor of a more forceful approach, he is never linked explicitly in news documents on the rallies.
d. Where are the potential connections between the POK and GAStech?
Isia Vann - Clearly one of the main subjects. Working for GAStech in the security department. He is the brother of Juliana Vann, the girl who's death is linked to the pollution caused by GAStech.
Inga Ferro - She might be related to the Ferro from the hardware store (502.txt), where Henk Bodrogi used to get his hardware from. Not a strong link but might be worth following up.
As shown in the graph below, we found a number of GAStech employees that might have ties with the POK based on the following assumption: Isia Vann, quite clearly is a member of the POK, therefore people he has been communicating with are potential members of the POK network.
Based on this assumption we filtered the graph of email subjects and receivers to a number of topics that looked suspicous. What we found were a number of employees who share last names with POK founders:
Loreto Bodrogi
Hennie Osvaldo
Minke Mies
Ruscella Mies Haber
MC1.2 – Describe the events of January 20-21, 2014. What is the timeline of events? Please limit your response to no more than ten images and 500 words.
We used Gephi to visualize the named entity graph extracted by OpenCalais. To find entities of interest and identify common mis-spellings calling for further data cleansing, we used Gephi's interactive functions such as node/edge filtering and merging. The example image below shows all article and entities extracted from articles written on march 20th. Nodes are colored by cluster (Louvain clustering) and sized based on betweenness centrality.
### January 20
8:00 - 10:00 A couple of non-GAStech employees, dressed in black, are spotted in the back of the meeting room.
10:00 The morning meeting ends.
10:18 A fire alarm goes off and GAStech employees are evacuated from the building
10:20 A helicopter is leaving from the roof of the building
10:25 - 11:45 Firemen in full gear (at least 12) search the building, while there are no signs of smoke or fire. Fire captain Federigo Accardi gives all clear at 11:45.
10:50 A GASTech employee confirms that the alarm was pulled due to a bomb threat. Petrus Gerhard reports that Sanjorge Jr. has arrived at the Capitol building, though no sign of the other executives.
10:55 GAStech employees start to re-enter the building again.
12:20 The Abilla police arrives in response to an unspecified emergency.
12:40 Two additional police squad cars with lights and sirenes on arrive, the additional forces go immediately into the building.
13:25 - 13:40 Administrative assistants of Strum, Campo-Corrente, Barranco, and Vasco-Pais are called but do not respond at all or say that the executive in question is unavailable.
13:56 Media outlets start to report that some GAStech employees went missing.
14:00 Some (presumably) security officials arrive at the scene in a black unmarked car. It is not clear if these persons are government officials or from GAStech.
14:30 Reportedly, a plane left Abilla airport at this time. There is some confusion in the messages, but likely this plane went to Thetys and had Sanjorge Jr aboard.
15:12 Two police cars leave the scene
15:20 Another plane leaves Abilla airport, this one heads to Rome, Italy. According to air force officials these were people unrelated to GAStech, looking for business opportunities in Kronos.
15:20 GAStech employees are allowed to leave the building.
15:30 - 18:00 The GAStech executive jet reportedly arrived in Tethys somewhere during this timespan, bearing Sten Sanjorge Jr. The jet was quickly refueled and then departed for Abilla International Airport with six GAStech officials on board.
17:10 A GAStech administrator informs media that the persons in black in the meeting room, were actually catering people.
18:30 The GAStech executive jet arrived at Abilla airport. The occupants were taken by limousine to the GAStech building.
19:00 Last GAStech employees are allowed to leave the building
19:30 A press conference is given by the police in which it is confirmed that some GAStech employees went missing.
22:32 Airport officials confirm that a private jet coming from Tethys has just landed at Abilla airport and that several of the arrived passengers left in a waiting limousine, driving directly to Abila Police Headquarters.
### January 21
9:10 Abilla police revised number of missing people to ten.
10:30 CEO Sten Sanjorge Jr is not among the missing people and safely back in Thetys.
12:00 A statement is released, apparently from the POK, claiming that they took some of the GAStech employees, demanding $ 20 million ransom.
MC1.3 – Identify at least two possible explanations why the GAStech employees may be missing. What evidence do you have to support each of these explanations? Please limit your response to no more than three additional images and 200 words.
They were taken by the protectors of Kronos. The GAStech meeting was infiltrated by POK members posing as caterers. POK members who worked for GAStech were able to organise this as they were involved in the organization of the catering for the event. These employees may have been involved with the Asterian people’s army, a paramilitary organization involved in the drugs trade as indicated by the infection of the GAStech computers with a virus that produces Asterian People's Army themed spam (using their magazine title “ARISE”).
The employees have been kidnapped, but not by the POK. The Asterian Peoples Army (APA) traffics drugs and Carmine Bodr0gi sold drugs for them and was arrested. His relative Loreto Bodrogi, may have been susceptible to compromising himself and his colleagues due to criminal pressure (due to the arrest), and supplied the APA with the necessary information to organise the kidnapping as well as access to GAStech computer system. The computers of the GAStech employee who appear to have been sending pro Kronos defence messages, have been deliberately infected with a virus to make them look like POK sympathizers a week before the kidnap. The motive is purely ransom for profit.