News
Panel Says Data Mining for Terrorists is an Exercise in Futility
Report, commissioned in part by the DHS, also warns of potential privacy problems
By Jaikumar Vijayan, Computerworld
The NRC committee didn't look specifically at any counterterrorism-related data mining initiatives, nor did it conduct any direct evaluations of behavioral surveillance tools being used by agencies. Instead, the report is based on a generalized study of the effectiveness of such technologies in identifying potential terrorists.
What the report highlights are the severe limitations of automated data mining techniques for counterterrorism purposes and their potential privacy impacts, said committee member Fred Cate, who is the director of the Center for Applied Cybersecurity Research at Indiana University.
Automated data mining tools typically work by searching through mountains of data in large databases for unusual patterns of activity, which are then used to predict future behavior. The tools have proved to be useful for commercial applications such as detecting payment card fraud and predicting purchasing trends, Cate said.
"We can look at 50,000 people buying television sets and know that many of them are going to be buying a DVD at the same time," Cate said. But using the same techniques to try to identify a potential terrorist is futile because there simply isn't enough historical data upon which to base any predictions, he claimed, adding that there is little information available about patterns that could reliably point to terrorist activity.
On the consumer side, "you have millions of examples of the target data you want to emulate, so you know certain patterns look like fraud," Cate said. "With terrorists, we fortunately don't have too many examples."
And unlike shoppers, terrorists are likely to make deliberate attempts to hide their activities, making it even harder to pick them out using an automated pattern-matching program, according to Cate. As a result, data mining tools generate an unacceptably high rate of false positives when used in counterterrorism applications, he said.
Such tools can prove useful in situations in which they are given specific pieces of information ⬠such as a suspect's name ⬠and asked to look for other data, such as purchases made or places visited by the suspect. That could help show if there is any basis for further action, Cate said.
There are similar problems with many behavioral surveillance tools, Cate contended. Such tools are supposed to help counterterrorism efforts by measuring physiological states, including facial expressions, body temperatures and body language, in order to predict terrorist activity. But there is no evidence that the tools work at all, Cate said. He recommended that at the most, they should be used for preliminary screening purposes only.
data mining
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Managing A Growing Threat: An Executive's Guide to Web Application Security
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- The Forrester Wave™: Web Filtering, Q2 2009
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
