Terror Hunt: Warehousing and Mining Data
07 Feb, 2002 · 693
Maj Gen Yashwant Deva highlights the need and advantages of data archiving and mining for counter-terrorist operations
Future attacks cannot be predicted, but past ones can be catalogued, stored and retrieved in near real-time. “Data archiving” and “data mining” are scientific tools and methologies, the former for gathering, sifting, hoarding and storehousing data, and the latter for displaying duly processed critical information to the decision-maker, whenever the need arises. Its hallmarks are virtuality and event-retrieval potential, and its purpose is to match, locate and track saboteurs, hijackers and terrorists.
In April 1999, Applied Systems Intelligence Inc was selected by the US Air Force to develop innovative information technology for a Global Information Base to “store global awareness information,” besides providing information services for dynamic planning and execution of operations. The software developed by the firm is called KARNAC, short for Knowledge-Aided Retrieval in Activity Context. It is highly versatile, and is anchored in a group of technologies and decision support and database management systems. It is designed to detect and identify impending terrorist operations and similar missions.
It is well known that Al Qaida terrorists and others of their ilk hunt for information on the Internet, often leaving valuable clues while surfing and communicating. Therefore it is logical to look for and pursue them in their haunt rather than go on hunting missions. Adam Pasik writes in “Sifting through Data to Detect New Attacks,” (infowar.com), “The problem is that intelligence and law-enforcement agencies are searching the world’s biggest haystack – untold exabytes, or quintillions of bytes of data stored on computers across the globe – to uncover a few dangerous needles.”
At the time of the September 11 attacks, there was a plethora of helpful scraps of information available e.g. e-mail intercepts, telephone calls, car rentals, airline reservations, financial transactions, casino winnings, Immigration records and much more. During the attack on our Parliament, the terrorists left behind pertinent information such as a laptop, which has reportedly been sent to Microsoft for analysis, and vital information about the terrorists’ hawala (money laundering) links and ISI connections garnered from cellular numbers called by the terrorists. Whereas security, intelligence and law-enforcement agencies work in tandem in the
Critical event detection, information retrieval and knowledge-based technologies, products and systems are available off-the-shelf, and are widely used in the commercial world. Banking fraud detection, promotional mailing, market research, supply chain management, tracking stolen credit cards, and antecedent check by credit companies are some of these applications. The potential market for these products is estimated to be several hundred million dollars. Indian software companies are aware of its potential and have ventured into writing some useful software applications. The software is not infallible, but that should not detract from its merits, which essentially lies in integration, automation and embedded security.
The technology can bring to focus artificial intelligence and virtual reality to search large data repositories, identify events of interest and compare templates. Elsewhere, much work has been done to acquire this capability. The rub lies in matching wits, in which the terrorists have an edge. Making events appear unrelated, random and seemingly innocuous is their strong point. Archived information can help in timely detection by piecing together the pattern, and sounding the alert based on past acts of terror. It could thereby preempt attack on a government or commercial facility.