DM-AMS: employing data mining techniques for alert management

Alert management plays a critical role in many application domains including homeland security and natural disaster management, to allow timely and well-informed decisions. The major challenge faced by these systems is that the number of incoming alarms is overwhelming and some of the alarms are false positives. In this paper, we present an alert management system (AMS) that generates meaningful alerts from alarms received from different sensors. The alert generation module of our system (i) flags and eliminates potential false positives by characterizing the region into uniformly behaving neighborhoods, (ii) generates aggregated alerts from the alarms by employing density based clustering techniques and identifying the overlap among clusters, and (iii) identifies the dynamic flow of the alerts by integrating scientific models that characterize the behavior of sensor parameters. Once the alerts are generated our customized dissemination module disperses the alerts on the need-to-know basis to the individuals and agencies involved. This module adheres to the National Incident Management System (NIMS) and the National Response plan (NRP) protocols. To implement these protocols, we utilize the Common Alerting Protocol (CAP), which is an XML nonproprietary data interchange format. Finally, our GIS module displays the alerts through a user-friendly interface.