This site has been retired. It is now a static archive. Some links may not work. Find Rob at TealUnicorn.com

Big Uncle: looking for the needle in the security data haystack

Submitted by skeptic on Sat, 2008-04-26 08:38

Share this post with

Big Uncle is the concept of benevolent security. We have been looking in previous posts at the loss of privacy and the positive side of what it means. One application is finding enemies of society.

As the amount of data grows and as it becomes more integrated, a natural trend is to use data mining for more advanced security. The world has barely started down this path. There is much more that can be done to apply existing data technologies and techniques for
• Statistical analysis: deviance reporting (“take the ratio of funds transferred to declared income and investigate the top 2%”)
• Pattern analysis: exception reporting (“no-one has signed on from there before” or “this individual has never come in at night before” or “there are an unusual number of deductions happening from this country”)
• Profiling: (“this individual will probably react this way”)
There are some fundamental technical criticisms of this kind of data mining (leaving aside the social issues for now). As Scientific American put it in an editorial “Every data set has patterns. At issue is whether they mean anything … Terrorism is very rare – which is good for us but bad for data miners. Even with a low error rate, the vast majority of red flags will be red herrings … In short, the data miners commit the fallacy of determinism: they falsely assume that if you just amass enough data, you will know what is going to happen”.

In one year post-9/11, more than 30,000 travellers were mistakenly linked to names on terror watch lists when they crossed the border, boarded commercial airliners or were stopped for traffic violations, according to a report by the Government Accountability Office.

Nevertheless, the application of advanced technologies like neural networks gives us hope of finding the evil needle in the haystack. And the stakes are too high not to try.

As our security capabilities become more advanced, the world is changing to make it all the more urgent that we deploy these capabilities. As we face escalating terrorism, hacking and identity theft, it is clear society must respond to protect itself. But to do so raises challenges. How do we protect without destroying what we seek to protect: freedom and democracy? How can we use the collected data for the benefit of its subjects? How will we respect the right to privacy?

Published in The Skeptical Informer, May 2008, Volume 2, No. 5

Previous story: ITIL Version 3 certification: free ITIL V3 Foundation practice exams
Next story: Why Crap Factoids get believed

"The IT Skeptic™", "The Skeptical Informer™", "The IT Swami™", "Chokey the Chimp™" and "BOKKED™" are trademarks of Two Hills Ltd.
ITIL® is a Registered Trade Mark of AXELOS Limited
PRINCE2® is a Registered Trade Mark of AXELOS Limited
M_o_R® is a Registered Trade Mark of AXELOS Limited
P3O® is a Registered Trade Mark of AXELOS Limited
MSP® is a Registered Trade Mark of AXELOS Limited
P3M3® is a Registered Trade Mark of AXELOS Limited
MoV® is a Registered Trade Mark of AXELOS Limited
MoP® is a Registered Trade Mark of AXELOS Limited
ITIL® is registered in the U.S. Patent and Trademark Office.
ITIL Live™ is a trademark of TSO, The Stationery Office.
prISM® is a registered trademark of itSMF International Inc.
COBIT® is a Registered Trade Mark of the Information Systems Audit and Control Association and the IT Governance Institute.
Microsoft® is a Registered Trade Mark of Microsoft Corp. in the United States and/or other countries.
USMBOK™ is a trademarks of the SM101.
CMM® and CMMI® are Registered Trade Marks of Carnegie Mellon University.
ISO® is a Registered Trade Mark of the International Organisation for Standardisation.
KCS was developed by the Consortium for Service Innovation™, www.serviceinnovation.org The KCS Academy, KCS and Adaptive Organization are service marks of the Consortium for Service Innovation™.
DevOps isn't a trademark of anyone.
Except where indicated otherwise, all contents of this site are © Copyright Two Hills Ltd www.twohills.co.nz.

Except where indicated otherwise, the text on this page by Two Hills Ltd is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Content must be attributed to "© Copyright Two Hills Ltd www.twohills.co.nz by Rob England, The IT Skeptic" plus the URL of the source material.
RSS feeds may be used without permission. Permission is granted for anyone to link to this site.
By accessing or viewing this site, you are deemed to have agreed to the Terms and Conditions and to our Privacy Policy.
The contents of this site are unmoderated submissions from authenticated and unauthenticated users. As such they cannot and do not represent the views of Two Hills Ltd.
Use of any trademarks on this website is not intended in any way to infringe on the rights of the trademark holder.
This site is developed, maintained and hosted by Two Hills Ltd

Made in New Zealand by Rob England