Title: Emerging Technologies, Homeland Security and the PrivacySecurity Tradeoff Dr' Phil Hayes
1Emerging Technologies, Homeland Security and the
Privacy/Security Trade-offDr. Phil Hayes Dr.
Ganesh Mani
2Agenda
- Background
- Current Technologies and their Limitations
- New / Emerging Technologies (esp. Intelligent
Matching) - Summary and Conclusions
3Background
- Privacy vs. Security (two sides of the same
coin?) - Spotlight on homeland security, expanded
wiretapping provisions, USAPATRIOT Act, etc. - The role of the Internet is broadly changing the
semantics of privacy - e.g., Allegheny county property records
- Driving by somebodys home vs. putting a webcam
outside - Key is finding the right trade-off
- The Challenge for local, state, and federal
governments to provide maximum Public Safety in
the most benign and cost effective manner
4A Few Tenets
- Increasing security implies increased
information. - Increased information does not need to imply
decreased privacy - Privacy is a direct function of the use of
information - Automated solutions operating on better
information should result in increased privacy
and increased security - Automation can support privacy/convenience
tradeoffs - Ben Franklin People who give up essential
liberty to obtain a little temporary safety
deserve neither liberty nor safety.
5Financial Security
- Ensuring integrity of capital markets
- Monitoring suspicious security transactions
(equities, options, etc.) - Number of trades is high, post-decimalization
- Anti-money Laundering
- USA PATRIOT Act
- Cross-border transactions
- Linking financial transactions with other
transactions (purchase of hazardous chemicals,
e.g.)
6Current / Existing Technologies
- Instantaneous transmission of information via the
Internet and private networks - Database with special-purpose scripts
- Data mining (techniques that work well with
noisy, incomplete data are rare) - Event-based triggers
- Automated face recognition, voice recognition and
other biometric techniques
7Shortcomings of Current Techniques
- Excessive false positives
- Expensive manual processes
- Exposed and unprotected personal information
- Not scalable
- Inability to use prior knowledge or start from
where you or someone else left off - Often not usable by non-technical personnel
- Matching policies with technologies (e.g.,
National Drivers License DB)
8Intelligent, real-time matching
- Recognize threats by correlating across multiple
databases / sources information fusion - Matches will often be approximate
- Human analysts can do further analysis (esp. if
the number of alerts can be made small, but
high-quality) - Trade-off between sensitivity (TP/(TPFN)) and
specificity (TN/(TNFP)) - Many homeland security applications including
financial security
9Finding the Best Fit
Close fit
Out of range
Close fit
Query (range or fit)
Exact fits
Out of range
Close matches are key!
10Context-Sensitive Fit
Price data
Keyed data
1
0
1
1
0
1
Nearest
Nearest
1
0
3
1
0
3
2
0
1
2
0
1
Value determines distance
- Distance due to
- Keying adjacent digit
- Skipped digit
- Swapped digits
11The role of information
Security Black Box
Personal Confidential Proprietary Information
Personal Confidential Proprietary Information
Information Repository
Intelligent Matching
Real-time Events
Investigation Indicated
Combinations of Characteristics under Suspicion
Conditions Environment
Detection Performance
12Finer-grained Detection
Existing Detection
- Small Security Data Records
- asdfkjlkj
- askldfjlkaj
- lkjlkasdjf
- lkjasdfk
- akkjfdjk
Suspects
Investigate
Coarse Security Filter
Improved Detection
- Large Security Data Records
- asdfkjlkj
- askldfjlkaj
- lkjlkasdjf
- kjasdfk
- akkjfdjk
- asdfkjlkj
- askldfjlkaj
- lkjlkasdjf
- lkjasdfk
- akkjfdjk
FineSecurity Filter
Investigate
Suspects
13Scenario Act 1
- Four transactions out of hundreds of millions
- First transaction triggers additional automated
queries - Secondary queries find other trans. and alert
analyst - Analyst sets up additional queries monitoring for
any news involving Kahlil Binlasi or any
suspicious activity correlated with Binlasi
14Scenario Act 2
- Police blotter story in 10/15/02 in local paper
of Pine City, MN Kalil Binlassi stopped with
broken tail light, detained because he acted
suspicious, and released. - 10/22/02, news story about theft of explosives in
Sandstone, MN, involving car of same model as
Binlasis - Analyst is alerted both times and on second story
passes concerns to FBI who start direct
surveillance, leading to eventual arrest.
15Intelligent Matching Technology
- Proprietary matching algorithms enable real-time,
efficient matching of complex information
- Ultra-high performance - 100s of complex matches
per second
iXIntelligent Matching Engine
- Large number of attributes
- Linearly scalable (in terms of both velocity and
complexity)
- Best-of-breed component, open architecture, J2EE
compliant
16Key Innovations
Identifies and ranks based on fit with criteria
- Simplifies data definition
- See through imperfect data
- Creates attraction
- Matches all data types
Defines fit or nearness uniquely for each field
type
Acts in real-time and linearly scalable
Intelligent Matching
Immediately recognizes and acts on changes in the
dataset with persistent queries
- Armed to act fast immediately
- when an event occurs
- Observes all data that
- passes through
17Intelligent Matching Engine
18Intelligent Matching Technology Environment
(J2EE)
19Intelligent Matching Technology Environment (Web
Services)
20Demo
21Summary
- Important policy issues surround the privacy /
security spectrum - How do we increase security without diminishing
privacy? - Is more information better who has access to the
information? - Appropriate and inappropriate uses of
information. - New technologies for new challenges
- Data overload (making sense of it is like trying
to drink from a fire hydrant) - Intelligent matching with imperfect data is a key
technology (that can be combined with improved
feature detection and multiple-classifier
algorithms)