210 likes | 346 Views
Emerging Technologies, Homeland Security and the Privacy/Security Trade-off Dr. Phil Hayes & Dr. Ganesh Mani. May 29, 2002. Agenda. Background Current Technologies and their Limitations New / Emerging Technologies (esp. Intelligent Matching) Summary and Conclusions. Background.
E N D
Emerging Technologies, Homeland Security and the Privacy/Security Trade-offDr. Phil Hayes & Dr. Ganesh Mani May 29, 2002
Agenda • Background • Current Technologies and their Limitations • New / Emerging Technologies (esp. Intelligent Matching) • Summary and Conclusions
Background • Privacy vs. Security (two sides of the same coin?) • Spotlight on homeland security, expanded wiretapping provisions, USAPATRIOT Act, etc. • The role of the Internet is broadly changing the semantics of privacy • e.g., Allegheny county property records • Driving by somebody’s home vs. putting a webcam outside • Key is finding the right trade-off • The Challenge: for local, state, and federal governments to provide maximum Public Safety in the most benign and cost effective manner
A Few Tenets • Increasing security implies increased information. • Increased information does not need to imply decreased privacy • Privacy is a direct function of the use of information • Automated solutions operating on better information should result in increased privacy and increased security • Automation can support privacy/convenience tradeoffs • Ben Franklin: “People who give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”
Financial Security • Ensuring integrity of capital markets • Monitoring suspicious security transactions (equities, options, etc.) • Number of trades is high, post-decimalization • Anti-money Laundering • USA PATRIOT Act • Cross-border transactions • Linking financial transactions with other transactions (purchase of hazardous chemicals, e.g.)
Current / Existing Technologies • Instantaneous transmission of information via the Internet and private networks • Database with special-purpose scripts • Data mining (techniques that work well with noisy, incomplete data are rare) • Event-based triggers • Automated face recognition, voice recognition and other biometric techniques
Shortcomings of Current Techniques • Excessive false positives • Expensive manual processes • Exposed and unprotected personal information • Not scalable • Inability to use prior knowledge or “start from where you or someone else left off” • Often not usable by non-technical personnel • Matching policies with technologies (e.g., National Driver’s License DB)
Intelligent, real-time matching • Recognize threats by correlating across multiple databases / sources – “information fusion” • Matches will often be approximate • Human analysts can do further analysis (esp. if the number of alerts can be made small, but high-quality) • Trade-off between sensitivity (TP/(TP+FN)) and specificity (TN/(TN+FP)) • Many homeland security applications – including financial security
Finding the Best Fit Close fit Out of range Close fit Query (range or fit) Exact fits Out of range Close matches are key!
Context-Sensitive Fit Price data Keyed data 1 0 1 1 0 1 Nearest Nearest 1 0 3 1 0 3 2 0 1 2 0 1 Value determines distance • Distance due to: • Keying adjacent digit • Skipped digit • Swapped digits
The role of information Security “Black Box” Personal Confidential & Proprietary Information Personal Confidential & Proprietary Information Information Repository Intelligent Matching Real-time Events Investigation Indicated Combinations of Characteristics under Suspicion Conditions & Environment Detection Performance
Finer-grained Detection Existing Detection • Small Security Data Records • asdfkjlkj • askldfj;lkaj • lkjlkasdjf • lkjasdfk • akkjfdjk Suspects Investigate Coarse Security Filter Improved Detection • Large Security Data Records • asdfkjlkj • askldfj;lkaj • lkjlkasdjf • kjasdfk • akkjfdjk • asdfkjlkj • askldfj;lkaj • lkjlkasdjf • lkjasdfk • akkjfdjk FineSecurity Filter Investigate Suspects
Scenario Act 1 • Four transactions out of hundreds of millions: • First transaction triggers additional automated queries • Secondary queries find other trans. and alert analyst • Analyst sets up additional queries monitoring for any news involving Kahlil Binlasi or any suspicious activity correlated with Binlasi
Scenario Act 2 • Police blotter story in 10/15/02 in local paper of Pine City, MN: Kalil Binlassi stopped with broken tail light, detained because he “acted suspicious”, and released. • 10/22/02, news story about theft of explosives in Sandstone, MN, involving car of same model as Binlasi’s • Analyst is alerted both times and on second story passes concerns to FBI who start direct surveillance, leading to eventual arrest.
User Interface Analytics Notification Agents Integration Intelligent Matching Technology • Proprietary matching algorithms enable real-time, efficient matching of complex information • Ultra-high performance - 100’s of complex matches per second iXIntelligent Matching Engine • Large number of attributes • Linearly scalable (in terms of both velocity and complexity) • Best-of-breed component, open architecture, J2EE compliant
Key Innovations Identifies and ranks based on “fit” with criteria • Simplifies data definition • “See” through imperfect data • Creates attraction • Matches all data types Defines “fit” or nearness uniquely for each field type Acts in real-time and linearly scalable Intelligent Matching Immediately recognizes and acts on changes in the dataset with persistent queries • Armed to act fast & immediately • when an event occurs • Observes all data that • passes through
Demo Financial security realm
Summary • Important policy issues surround the privacy / security spectrum • How do we increase security without diminishing privacy? • Is more information better; who has access to the information? • Appropriate and inappropriate uses of information. • New technologies for new challenges • Data overload (making sense of it is like trying to drink from a fire hydrant) • Intelligent matching with imperfect data is a key technology (that can be combined with improved feature detection and multiple-classifier algorithms)