Data Mining Still Needs a Clue to Be Effective

20Jun

Data Mining Still Needs a Clue to Be Effective

By Uncategorized 0 Comments

In the two decades or so since software scientists began “mining” computerized databases for information they were never designed to yield, the sophistication of their techniques has increased dramatically.

And although marketing companies today — especially with the advent of the Internet — can routinely predict who you will vote for, where you will eat dinner and, most of all, what products you will buy, experts say it is far less clear whether security agencies can sift mounds of data to track down terrorist networks — unless they start with a useful lead.

More than a month has passed since USA Today reported that the National Security Agency had amassed a database of 2 trillion telephone calls since 2001, ostensibly as a tool to hunt al-Qaeda operatives.

Details of the NSA’s activities remain unclear, but data mining experts say they are puzzled about how the information might be used. It would work best, they say, when investigators can trace telephone numbers of known suspects and build a web of contacts, in much the same way police use phone records to track drug traffickers.

But to discern suspicious call patterns from lists of dialed numbers, they will have to dig past the raw data into callers’ identities, and, in the vast majority of cases, will find they have simply tapped into networks of law-abiding people involved in daily routines. This approach, several experts said, raises privacy questions even as it wastes time.

“When they look at a map of phone numbers, they have no idea what’s going on,” said Valdis Krebs, an expert in deriving “social networks” from databases. “It might not be a bad person you find; it may be that the soccer team and the softball team are calling the same pizza parlor.”

Even though they have no firsthand knowledge of the NSA’s program, Krebs and other data mining experts, some of whom requested anonymity because of the sensitivity of their work, agreed to discuss how such a mountain of information might be used.

The only clue offered by the Bush administration came when former NSA director Michael V. Hayden told the Senate during his confirmation hearing as CIA director that analysts used “targeting” to enter the database:

“Every targeting is documented,” he told the Senate. “There is a literal target folder that explains the rationale and the answers . . . as to why this particular number we believe to be associated with the enemy.”

His testimony suggested that NSA analysts are searching the database for telephone numbers of known suspects. These calls can be traced to other numbers, establishing a communications pattern and providing leads to other suspects.

“You start with a few bad guys, and you have to know where to look,” said IBM distinguished engineer Jeff Jonas, a specialist in using software to track undesirables in the gambling industry. “Phone records can give you that.”

But Jonas and others noted that tracking suspects’ telephone records was a staple of good police work long before electronic search engines made it feasible to scan trillions of calls. And even now, just as 50 years ago, the search moves more quickly and effectively if the searchers can rule out useless information.

“Before you search the world, make sure you’re using your local resources properly,” Jonas said. “And make sure your search complies with some process. Remember, the ‘no-fly list’ also includes people who are abusive to other people on planes.”

This “number first” approach reflects traditional “deductive” law enforcement techniques, in which investigators begin with a fact — a telephone number or a corpse — and work backward to find the details needed to build a case.

In theory, experts said, modern computers also allow investigators to move in the other direction — to identify telephone use patterns in a call record database and work forward until a suspect’s name drops out. But these “inductive” techniques are far more difficult and less reliable, the experts said, because it is virtually impossible to distinguish a web of suspicious linkages from a harmless one in an immense, unedited bundle of numbers.

“I’m sure the NSA is excellent at finding patterns and motifs in the data, but what do they mean?” Krebs asked. “Unless you start getting more information on the patterns, you’re not going to be able to interpret them at all. Patterns alone won’t tell you whether someone’s good or evil.”

What investigators get instead are lots of “false positives”: “It’s like if you Googled [Secretary of State] Condoleezza Rice and al-Qaeda. You’d get millions of hits, but they wouldn’t be meaningful,” one industry expert said. To milk whatever databases NSA may possess, “what they have today are glorified search engines.”

Still, several experts suggested ways that pattern-making could be useful. “Suppose you looked at calls between two geographical points, and you could see what kind of pattern ordinary people had,” said Olvi L. Mangasarian, co-director of the University of Wisconsin’s Data Mining Institute.

“Then you compare it to another pattern of calls that you know” are suspicious and try to develop a “classifier” — a software tool — to distinguish between them, he said. “It would be difficult — but it would be doable.”

Another expert suggested comparing call patterns at different times. “Suppose that before the Super Bowl, there’s a quickening of traffic in the phone system of the city that has the game,” the source said. “Then suppose you see a similar pattern, except there’s no Super Bowl. Then what’s going on?”

In all cases, however, the technicians operating the system would have to be expert, even visionary, to avoid false positives and to root out meaningful patterns from the background “noise” of billions of innocent communications.

One authority compared the ideal analyst to an expert lie detector operator or to the sonar man who can identify a submarine’s nationality just by listening to its screws turning. “Computers can jump to conclusions just like humans,” this expert said. “To make the correct inference requires deep, intellectual thinking; these systems are significantly less reliable than lie detector tests.”

Still, even the best technicians are going to find themselves searching multiple blind allies in navigating a mega-database such as telephone logs, the experts said, so much so that the time needed to clear false positives may outweigh the odds of finding a terrorist.

“Even if one out of 10 searches is a hit, the technique is useful,” one expert said. “But one out of 1,000 or one in 1 million?” In these cases, experts suggest, maybe the technician would be more cost-effective by searching something besides phone logs.

Source: www.washingtonpost.com

Share this post

Author

Related Posts

24Nov

Pemberton acquires 1280 acres of land in Panny area

Pemberton Energy Ltd. wishes to announce that it has successfully acquired two full sections of crown land (1280 acres... read more

28Jan

Dover Reports Fourth Quarter and Full Year 2010 Results

Dover Corporation announced today that for the fourth quarter ended December 31, 2010, revenue was $1.9 billion, an increase... read more

12Feb

TSC Capital Announces Decision Not to Subscribe for Units in MagIndustries Corp.

TSC Capital Ltd. announces that it has decided to terminate its due diligence investigations with respect to MagIndustries Corp.... read more

06Jan

‘Dawn of new copper age’ spurs mining ­merger mania

ANOTHER day, another astounding twist in the gripping M&A pot-boiler that is Canadian miner Inco’s attempted marriage to its... read more

18Sep

Red Metal Increases Land Holdings Near Farellon

Red Metal Resources Ltd. announce that it has increased its land holdings in the area of its Farellon property... read more

30Oct

Touchdown Capital Options BC Gold Property

Touchdown Capital Inc. announce that it has entered into an Agreement of Purchase and Sale (the “Agreement”) with an... read more

17Apr

Russias Mechel buys over 95% of shares in Britains Oriel

Mechel, a leading Russian mining and metals company, said on Thursday it had acquired 95.69% of shares in the... read more

28Aug

Daewoo exploits coal in Jambi

Monday, August 28th 2006 Daewoo Securities Co, Ltd from South Korea in cooperation with local company PT Basmal Utama is... read more

16Jan

Jharkhand unhappy with coal block allocation

Jharkhand is unhappy with the allocation of coal blocks by the union coal ministry and officials say the state’s... read more

02Apr

Northland Files Environmental Permit Application for Tapuli

Northland Resources Inc. has filed an environmental permit application with the Swedish Environmental Court, for its Tapuli iron ore... read more