Slashdot Log In
Anti-Terrorist Data Mining Doesn't Work Very Well
Journal written by Presto Vivace (882157) and posted by
kdawson
on Tue Oct 07, 2008 02:05 PM
from the could-have-told-you-and-did dept.
from the could-have-told-you-and-did dept.
Presto Vivace and others sent us this CNet report on a just-released NRC report coming to the conclusion, which will surprise no one here, that data mining doesn't work very well. It's all those darn false positives. The submitter adds, "Any chance we could go back to probable cause?" "A report scheduled to be released on Tuesday by the National Research Council, which has been years in the making, concludes that automated identification of terrorists through data mining or any other mechanism 'is neither feasible as an objective nor desirable as a goal of technology development efforts.' Inevitable false positives will result in 'ordinary, law-abiding citizens and businesses' being incorrectly flagged as suspects. The whopping 352-page report, called 'Protecting Individual Privacy in the Struggle Against Terrorists,' amounts to [be] at least a partial repudiation of the Defense Department's controversial data-mining program called Total Information Awareness, which was limited by Congress in 2003."
Related Stories
[+]
Your Rights Online: NSA Is Building a New Datacenter In San Antonio 119 comments
An anonymous reader writes in with an article from a Texas paper on the NSA's new facility in San Antonio. "America's top spy agency has taken over the former Sony microchip plant and is transforming it into a new data-mining headquarters... where billions of electronic communications will be sifted in the agency's mission to identify terrorist threats. ... [Author James] Bamford writes about how NSA and Microsoft had both been eyeing San Antonio for years because it has the cheapest electricity in Texas, and the state has its own power grid, making it less vulnerable to power outages on the national grid. He notes that it seemed the NSA wanted assurance Microsoft would be here, too, before making a final commitment, due to the advantages of 'having their miners virtually next door to the mother lode of data centers.' The new NSA facility is just a few miles from Microsoft's data center of the same size. Bamford says that under current law, NSA could gain access to Microsoft's stored data without even a warrant, but merely a fiber-optic cable." The article mentions the NRC report concluding that data mining is ineffective as a tactic against terrorism, which we discussed a couple of months back.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Bets....? (Score:5, Insightful)
Re: (Score:3, Interesting)
Of course not. And neither major-party presidential hopeful is going to change it, either. We're still going to get stupid hassles from the TSA, we're still going to get the watch list filled with pointless entries based on the name of someone who might have been seen with someone who was linked to someone who claimed to have been involved in a shooting in North Ireland.
I would seriously consider voting for either one that came forward and promised to cut TSA's authority and streamline the process, gettin
We might win this as a budget fight (Score:2)
I'd run on that platform. (Score:5, Insightful)
Vote for me.
I'd take their "no fly" list and identify every single person on it who was a legitimate threat and either have them under 24 hour surveillance or arrested.
The mere concept of a list of names of people who are too "dangerous" to let fly ... but not dangerous enough to track ... that just fucking stupid.
Think about how many people could be killed in the airport terminal itself WITHOUT getting on a plane ... say during the Thanksgiving or Christmas rushes there.
What idiot would let the people on that list (if they were really a threat) into a terminal? Wouldn't you expect them to STOP them BEFORE they get into a position to do that kind of damage?
Parent
Re:I'd run on that platform. (Score:5, Insightful)
Parent
Re:I'd run on that platform. (Score:5, Informative)
The no fly list doesn't identify people, just names, and it's very exact, so changing charles to chuck will defeat it.
No, actually it won't. The newspapers are full of stories of people who were detained or forbidden from flying because their name was similar to a name on the list, or a nickname of a name on the list, or a possible alternative spelling of a name on the list, or names that had once been used as an alias of names on the list.
for example, the name "T. Kennedy" was on the list. Senator Edward Kennedy (whose name does not begin with "T", but who is nicknamed "Teddy") was stopped:
from Wikipedia [wikipedia.org]
Parent
Re:I'd run on that platform. (Score:4, Insightful)
Right, but flying under your middle name does work. As does claiming that you lost your ID (but if you refuse to show it on principle, you can't fly). As does using one boarding pass with matching ID at security, and a different boarding pass with matching ID at the gate.
The realy sad thing is, the people who the government feels are a real threat based on strong intelligence are *not* on the no-fly list! The government doesn't want to reveal to the real suspects that their being watched.
Parent
Re: (Score:3, Interesting)
What would happen if terrorists got nicknames after all major U.S. and U.K. political figures.
Try "chuck" (Score:3, Funny)
At $8/hr TSA-guy isn't paid to think.
Re:I'd run on that platform. (Score:5, Informative)
It doesn't matter, because the only place where you have to get your ID checked is at the TSA checkpoint, and they don't check it against any databases.
So, the easy recipe for bypassing the no-fly list is:
I flew as recently as last month and was not subjected to anything which would defeat this scheme. It fails if you need to check luggage, but I doubt a terrorist is going to be doing that. The no-fly list is such an obvious joke.
Parent
Re: (Score:2)
Sadly... no. It means they need to do more of it, with even more control.
Re:Bets....? (Score:4, Interesting)
I bet this will not change what they are doing or how they are doing it one bit.
They'll be sure to change the amount of money spent on the program. I don't need to clarify whether it'll be more or less, its too obvious.
Whenever something doesn't work in government it seems to get more money and more power.
That leads me to think that maybe the primary function of government is to pretend to fail.
Parent
Re: (Score:3, Funny)
That leads me to think that maybe the primary function of government is to pretend to fail.
Why would they need to pretend? They seem to be quite practiced at failing for real to me.
Re: (Score:3, Insightful)
The question is, "What will you replace it with?"
No, they will not listen when you say the obvious, which is "Get a real job."
Re: (Score:3, Insightful)
Your lack of faith is completely unwarranted. After all, when the polygraph was shown to be unreliable and thrown out as evidence of guilt...
Right. Nevermind.
I'm probably going to get creamed for this... (Score:2)
I'm probably going to get creamed for this, but what is that image linked to?
I'm young, get over it.
-Taylor
In other news, (Score:4, Insightful)
Re:In other news, (Score:5, Insightful)
Parent
Re:In other news, (Score:4, Interesting)
Parent
Well, that's a shocker! (Score:5, Funny)
In other news, water is wet, the Pope is Catholic, and Ursines excrete solid wastes in silviculture.
Just give it a few years (Score:3, Interesting)
And several billion dollars.
And unrestrained access to all of the personal information about everyone that can be gotten by whatever means.
It'll probably still suck then, too.
Seems (Score:4, Insightful)
What we really need are spies. Not so much in the US, here good old fashioned detective work (with Warrants) should work.
But over seas a standing army isn't going to do anything to quell terrorism. Tanks and plans will only inspire more terrorism. What we need are good old fashioned black ops. Undercover agents penetrating the terrorist groups and talking to the bad guys. Much less collateral damage as well.
We'd get a lot further with a couple guys with silenced pistols rather than a whole army.
Re:Seems (Score:5, Interesting)
I seem to recall that much of this was gutted by Congress in the 1990s when they didn't want intelligence operatives paying off criminals for information, on the risk that the money might be tied back to the United States. This severely nerfed the ability of the CIA (among others) to gather HUMINT, as paid informants were a significant source of the information required to infiltrate the groups in the first place. I don't recall if this was ever overturned, though.
Parent
Re: (Score:2)
Re:Seems (Score:5, Interesting)
Parent
There's a bigger problem with that. (Score:3, Insightful)
As can be seen in the recent "terrorist" arrests in the US. Once you start paying people to turn in "terrorists", you start a market in "terrorists".
So the guy who wants to sell a "terrorist" to the government finds some idiot who meets the basic criteria (non-Christian, non-white) and encourages that idiot to make inflammatory statements while being recorded.
Ka-CHING!
Re:There's a bigger problem with that. (Score:5, Insightful)
Reminds me of a bit from Discworld.
To summarize, Ankh-Morpork was over run by rats. The obvious solution was to put a bounty on rats, payable per tail. Soon, the rat infestation was under control but the number of tails being brought in kept increasing.
The Patrician's solution: tax the rat farms.
Parent
Re:There's a bigger problem with that. (Score:5, Insightful)
The GP isn't calling for vigilante groups turning in terrorists. He's calling for old-fashioned cloak-and-dagger HUMINT. It works far, far better than the technological circus we are operating now. Humans will always outsmart machines made by humans. The only real accomplishment of mass government data mining is the oppression of the general public who aren't interesting in outwitting the government. They're just trying to live their lives.
In the old days (Revolution, World Wars, Cold War), when we were aware of our enemies, spies, analysts and cryptographers defeated the enemies with courage, brainpower and skill. Now we've replaced them almost entirely with people in offices. This isn't going to change until we have another wakeup call, and the next one will probably come from Russia. The red bear is back, and we aren't prepared to deal with it (or China). Much of Russia's new technology is ahead of the US, particularly in aerospace submarine areas. We do not have a real missile shield, we do not have space-based weapons, we do not have supercavitating torpedoes (or anything to stop them). About the only encouraging developments we do have are in robotics and lasers.
China isn't very technological (except for those nasty anti-sat weapons), but they have an enormous mountain of people they don't mind sacrificing for whatever they dream up. Their standing army is over 2 million. They're also currently building and testing over one ballistic missile a week.
2005 article [bbc.co.uk] 2007 Article [aviationweek.com] Oct 6, 2008 [heritage.org]
Terrorist data mining won't help much of anything when an EMP hits and the computers are fried.
Parent
Re:Seems (Score:4, Interesting)
"...gutted by Congress in the 1990s when they didn't want intelligence operatives paying off criminals for information..."
They're still doing it here in the US. The FBI paid a shady informant 230,000 bucks to rat out harmless, loud-mouthed nobodies as part of this [militantislammonitor.org] case:
The government had no direct evidence. The confession was vague and even contradictory. And the statements about attacking American targets came only after heavy prompting from FBI interrogators.
America's FBI: "Incompetance and Pusillanimity through Proxy".
Parent
Re: (Score:3, Informative)
I'm actually well aware of how intelligence works. Merely cultivating contacts is an arduous process, because pushing it too fast can cause them to become suspicious and either stop talking to or actively turn on the recruiter. Some are eager to provide what the recruiter wants, and some take years to provide any useful information.
Your 80/20 assertion is at least partially incorrect, because if it were, the US would have been far less worried about Soviet space program in the later part of the 1960s, and
Re: (Score:3, Informative)
Yes, I know about OSINT. It still doesn't replace SIGINT, which cannot replace HUMINT. They're all interlocking pieces of the intelligence realm. HUMINT is more expensive than OSINT, and SIGINT is more expensive than HUMINT. Costs for all of them reach points of diminishing returns. A satellite that shows movements in real time at 1m resolution is better than nothing. Improving that to .5m may cost ten times as much but deliver only five times the value. Improving it to .1m may cost 100 times as much
That's a very nice talking point...but... (Score:2)
But if spies could work, then so could computers.
It's not like you can send in a spy and they try and get a job at the Defense Ministry.. there is no terrorist defense ministry.
You have to send in a spy, and he or she is going to go around 2000 villages in northern Pakistan trying to find a terrorist ring. What do you do? Ask, "hey, do you know anyone who has an atomic bomb?"
In fact, you need to have lots of spies talking to lots of people, almost like a police state, and that set of spies has to be on to
Re:Seems (Score:5, Insightful)
Parent
Profiles also work in reverse (Score:5, Interesting)
As any Cold War spy can tell you, if you "fit the profile" of a normal law-abiding person with just enough "off-perfect" things in your life so you don't seem "too perfect," it's much easier to blend in.
Re:Profiles also work in reverse (Score:5, Funny)
Parent
They can't collect or process (Score:4, Interesting)
enough data in any kind of real time to make this work.
Years ago, we were playing with a design of a system to track all the phone calls made on the AT&T network over a 3 month period. (not record the calls, just track the billing info). The machine that management wanted to try and do it on could not hold enough data just to store the data, let alone process it. And that was the largest theoretical model of hte machine there was (about 4 times the size fo the largest one in use at the time). They really needed one about 10 times as large as the largest theoretical one, just to store the data!
Multiple that by the rest of the items one buys during the day, and we can not track all the daa that is out there.
Why did they even waste the money to do the testing and the reports?
Re: (Score:3, Interesting)
Didn't we already know? (Score:5, Insightful)
I thought we already knew this. If the algorithm comes back with even .1% false positives the system is totally worthless. There's 365 million people in the US, .1% means that the FBI/CIA/NSA would have 365,000 people to investigate. Now go and talk to someone in the AI field and see if even .1% false positive is possible.
I'm betting that if a system is going to catch any decent percentage of terrorists (greater than 50%) the false positive rate will be above 1%. Even if you only apply the system to a relatively small number of people (say people entering a leaving the country) you are going to have hundreds of thousands, if not millions, of people to investigate. Combine any kind of realistic false positive rate with the fact that about .00001% of the population deserves to be investigated and the system is worse than worthless; all it will do is distract from the people who should be investigated.
Re: (Score:2)
Re: (Score:2)
Re:False negatives are a worse problem (Score:3, Interesting)
The biggest problem is actually not the false positives - that would just mean extra wasted effort to screen the individuals, which "only" costs time and money.
The larger problem is that in order to do any real good you need an unbelievably low false negative rate. Let's take the 9/11 hijackers as an example: they were only about 0.00000667% of the population. Unless you could capture all but 2 or 3 them, you're still vulnerable to the plot unless you can get one of the ones you captured to spill the bea
Re: (Score:3, Insightful)
No. False positives "only" cost the government time and money. For the individuals falsely suspected, it could cost them their career, their relationships, their home, and their freedom, depending on how much "time and money" the government spends on them before realizing they are innocent. (If they ever do, since -- as shocking as it sounds -- there
Way to fix it (Score:2)
3 2 1
The actual report (Score:5, Informative)
Jesus Christ. They should have just asked Google. (Score:3, Funny)
I mean look:
A terrorist:
http://images.google.co.uk/images?hl=en&q=A%20terrorist&um=1&ie=UTF-8&sa=N&tab=wi [google.co.uk]
Not a terrorist:
http://images.google.co.uk/images?um=1&hl=en&safe=off&q=Not+a+terrorist&btnG=Search+Images [google.co.uk]
Problem solved. NEXT!
Paradox of the False Positive (Score:5, Informative)
I realize this is likely starting to sound old, but Cory Doctorow's Little Brother should be required reading for people doing something like this. His writings about the "Paradox of the False Positive" are enumerated there, but also in other sources:
http://www.guardian.co.uk/technology/2008/may/20/rare.events [guardian.co.uk]
(emphasis mine)
And, as others have pointed out, this system is likely to have a false positive rate higher than 1%.
overfitting (Score:3, Insightful)
I was thinking about this very topic the other day (Score:4, Insightful)
I was wondering whether techniques of commercial data mining could be applied to environmental problems like emerging disease surveillance.
Well, of course they can. The question is how far is it from practical? I think, pretty far from being as practical as it is in business.
First of all, businesses have a great deal of object model in common: they have common concepts like customers, products, sales, brands etc., which form a common framework in which they can do all kinds of creative thinking, or if not thinking you can even discover relationships using some kind of machine learning.
Secondly, when you are dealing with business data, the most important events tend to be common events. The most important common event is when a customer buys something. When you talk about something like a new disease emerging, or somebody committing a crime like hijacking or bombing, the most important events are exceeding rare, but catastrophic. Therefore the connection between events we do have in abundance and the events we are interested in is tenuous, poorly statistically attested to, and in many cases pure conjecture.
Finally, a lot of what businesses use data mining for is tweaking marginal costs and revenue by shifting dollars that were already going to be spent from one place to another. Offer product A to this web visitor instead of B. Stock more of item X in the store rather than Y. If you really don't know a priori whether X or Y will sell more profitably, you probably aren't going to go too wrong.
In something like environmental monitoring, you create expenses that weren't already there. No, you can't drain this lake because the model predicts a 5% marginal increase in the probability of human cases of hantavirus in the area. To somebody counting on the economic value of draining that lake, that's a brand new cost that wasn't there before.
Same goes, even more so, to deciding somebody is a danger to society.
Now let me say that I have no doubt that data mining will lead to more terrorist being thwarted or captured, compared to doing nothing else. Of course so would a lottery, but I suspect that data mining is a great deal better at identifying good suspects than a lottery. However, it is for reasons I noted above not going to be particularly accurate, certainly not compared to probable cause. Furthermore, the marginal cost of false positives gained seems likely to exceed the marginal value of false negatives lost, if such things could be quantified.
The purpose isn't to flag terr'ists (Score:5, Insightful)
For better, not worse (Score:3, Interesting)
It turns out that terrorism in western countries is a very rare thing, outside of a few hot areas like Spain's Basque area. This is very good, by the way.
Mining for rare event is extremely difficult. Bayes' s rule indicates that if in a database there are 0.01% actually suspicious events and your mining algorithms are extremely effective at 99% accuracy, then you still have an approximately 100:1 false positive ratio, which makes the mining still useless.