Rice University researchers have developed a tool designed to make identifying and analyzing research security risks more efficient and effective. The new tool, called PRISM (Preventive RISk Monitoring), leverages advanced artificial intelligence (AI) technologies to help with rapidly evolving federal regulations and protect against potential reputational and financial risks.
PRISM is the product of a collaboration between Rice’s Office of Research Security and ThirdAI, a startup founded by Rice professor Anshumali Shrivastava and former doctoral student Tharun Medini. The tool utilizes state-of-the-art AI methods, including natural language processing, text extraction and generative AI reasoning to analyze vast amounts of data from the web, publications, grants and other sources. By creating what the researchers say is the largest and most comprehensive knowledge base of its kind, PRISM enables experts to identify hidden risks that might otherwise go undetected.
This innovation comes at a critical time. On Aug. 10, 2024, the White House introduced new guidelines for research security that apply to the vast majority of scientific researchers in the U.S. These guidelines emphasize that noncompliance could result in severe consequences, including fines, penalties and the loss of funding. In addition, Texas Gov. Greg Abbott’s Executive Order GA-48, also issued last fall, mandates state agencies and public institutions of higher education in Texas implement measures to protect university information from hostile foreign actors. Although Rice is a private institution, the university remains committed to upholding the spirit of the order by ensuring that its collaborations and affiliations are in alignment with these security standards. PRISM, developed to streamline the identification of risky affiliations and collaborations, provides a valuable tool to support these efforts.
The challenge of traditional security tools
Current research security tools often fall short of addressing the complex and evolving nature of academic collaborations, said Tam Dao, assistant vice president of research security at Rice. Researchers typically have multiple affiliations, funding sources and short-term collaborations that may not always be reflected in their profiles. Traditional tools rely on data from publications, patents or grants, but these records often fail to provide a full picture of potentially risky relationships.
For example, a researcher might collaborate with another who holds an undisclosed secondary appointment at a flagged institution. Even though this collaboration may appear to be low-risk based on publication data, such hidden connections pose significant threats. These types of intricate relationships, which are often overlooked by traditional tools, are exactly the kinds of risks PRISM is designed to uncover.
The power of PRISM
PRISM revolutionizes the process by combining AI with expert feedback to deliver fast, reliable and comprehensive risk assessments. “Current tools fail to uncover multihop associations and key information on the internet, leaving security gaps,” Dao said. “As a security expert, my team spends an average of eight hours per researcher analyzing diverse online sources to uncover and triangulate hidden risks. This manual process is unsustainable for large institutions. To address this, we are developing hyper-specialized AI assistants to empower research security experts.”
In addition to improving efficiency, PRISM also reduces the overwhelming number of false positives generated by existing systems. By focusing on the funding source and analyzing all related papers, PRISM can pinpoint the responsible researcher without flagging irrelevant data. The ability to reduce false positives is crucial to the research security field given the widespread perception that the government is targeting individuals from countries of concern and creating a climate of fear and discrimination, said Dao.
“Rice has been ahead of the curve in research security. We realized that tighter federal regulations were coming even before the official announcement last year,” said Ramesh Ramamoorthy, executive vice president for research at Rice. “We were convinced that we needed an AI-first approach to make day-to-day life of security experts easier. This is when we got the Rice research security experts and generative AI experts from an innovative startup, ThirdAI, also from Rice, in the same room.”
As PRISM continues to evolve, it is set to become an invaluable tool for navigating the complex landscape of research security. Through the seamless integration of AI and expert oversight, PRISM provides the scalability and precision needed to stay ahead of emerging threats while freeing up valuable time and resources for researchers and security experts alike.
“We use PRISM daily, and I’m impressed by how it identifies contrived associations and collaborations in under a minute — tasks that used to take 8–10 hours per researcher,” said Paul Zukas, director of research security at Rice. “While our needs continue to evolve and there’s a lot more to be done, PRISM significantly eases the load. It allows us to quickly scan and estimate the manual review effort required. Currently, we’re saving around 100 expert hours per week, and I wouldn’t be surprised if that number grew to 1,000 soon. We’re already seeing a surge in demand for the reports we generate daily.”
Shrivastava, an associate professor of computer science, co-founded ThirdAI in 2021 with a mission to create sophisticated large language models and other custom AI technologies that are accessible for everyone.
“PRISM demonstrates how generative AI can enhance efficiency for experts, delivering a significant boost in productivity,” Shrivastava said. “Its applicability and adoption depend on having technology that enables building and customizing generative AI in simple environments with minimal infrastructure costs. ThirdAI is leading the way with orders of magnitude-efficient AI technology, making it easy for non-AI experts to create and tailor generative AI solutions with remarkable results.”
For more information about PRISM and how it is transforming research security, visit the Office of Research Security.