ACTIVITY
– BASED INTELLIGENCE USES METADATA TO MAP ADVERSARY NETWORKS
- The ROMANS invented ROADS to move their armies faster and efficient, thus becoming an empire
- The BRITISH invented the RAILROAD to connect trade routes, and subsequently became and empire
- The UNITED STATES OF AMERICA invented – developed and control the DATA – CYBER - INTERNET HIGHWAY and thus emerged as an empire
By Geopolitical Analysis and
Monitoring
Read also related article at: http://geopoliticsrst.blogspot.co.at/2013/08/usa.html
Few
outside the intelligence community had heard of activity-based intelligence
until December, when the National Geospatial Intelligence Agency awarded BAE
Systems $60 million to develop products based on this newish methodology. But
ABI, which focuses not on specific targets but on events, movements and
transactions in a given area, is rapidly emerging as a powerful tool for
understanding adversary networks and solving quandaries presented by
asymmetrical warfare and big data.
Indeed,
ABI is the type of intelligence tool that could be applied to the vast wash of
metadata and internet transactions gathered by the NSA programs that were
disclosed in June by a whistle-blower.
In
May, the U.S. Geospatial Intelligence Foundation’s Activity-Based Intelligence
Working Group hosted a top-secret forum on ABI that drew representatives from
the “big five” U.S. intelligence agencies.
At
the SPIE 2013 Defense, Security + Sensing Symposium, NGA Director Letitia Long
said the agency is using ABI to “identify patterns, trends, networks and
relationships hidden within large data collections from multiple sources:
full-motion video, multispectral imagery, infrared, radar, foundation data, as
well as SIGINT, HUMINT and MASINT information.”
The
technique appears to have emerged when special operators in IRAQ and AFGHANISTAN
reached back to NGA analysts for help plugging gaps in tactical intelligence
with information from national-level agencies. These analysts began compiling
information from other intelligence disciplines — everything from signals
intelligence and human intelligence to open sources and political reporting —
and geotagging it all. The resulting database could be queried with new
information and used to connect locations and establish a network.
This
experience led to a series of seminal white papers published in 2010 and 2011
by the Office of the Undersecretary of Defense for Intelligence. The papers
call ABI “a discipline of intelligence where the analysis and subsequent
collection is focused on the activity and transactions associated with an
entity, population, or area of interest.”
This
focus on interactions is the fundamental difference between ABI and previous
efforts to integrate different types of intelligence, which were often confined
to a single agency and aimed at a specific target.
“When
we are target-based, we focus on collecting the target and, too often, we are
biased toward what we know and not looking for the unknown,” NGA’s Dave
Gauthier said last year at GEOINT 2012. Gauthier, who handles strategic
capabilities in the agency’s Office of Special Programs, called ABI “a rich new
data source for observing the world and the connectedness between objects and
entities in the world.”
ABI
attempts to meet two challenges with traditional intelligence-gathering. First,
there are no clear signatures for and no doctrine governing the activities of
nonstate actors and insurgents who have emerged as the most important threats
to U.S. national security. Second, the volume of big data has become
“staggering,” in Gauthier’s words. Take, for example, the recent bombing in
Boston: There was a massive amount of surveillance imagery available, but
analysts initially had no idea whom they were looking for, and moreover, the
suspects turned out to look little different from thousands of other spectators
on hand.
“ABI
came out of the realization that the scheduled, targeted, one-thing-at-a-time,
stove-piped analysis and collection paradigm was not relevant to
non-nation-state and emergent threats,” said Patrick Biltgen, a senior engineer
in the intelligence and security sector at BAE Systems. “We are breaking this
one-thing-after-another paradigm because information is flowing … all the time
and we don’t know what to do with it because if you’ve stopped to try and
collect it, you’ve missed everything else that’s coming.”
NEW METHODOLOGY
Though
the USD(I) white papers call ABI a new discipline, many prefer to think of it
more as a methodology with several components.
The
first is the constant collection of data on activities in a given area, then
storing it in a database for later metadata searches. The NGA’s Long recently
said the agency is working to create a “model that allows us to ‘georeference’
all of the data we collect persistently — over a long period of time,” one that
allows “analysts to identify and evaluate data down to the smallest available
object or entity.”
The
second is the concept of “sequence neutrality,” also called “integration before
analysis.”
“We
collect stuff without knowing whether it’s going to be relevant or not. We may
find the answer before we know the question,” said Gregory Treverton, who
directs the Rand Center for Global Risk and Security. “It’s also not so driven
by collection; the collection is just going to be there.”
The
third is data neutrality — the idea that open-source information may be just as
valuable as HUMINT or classified intelligence.
“Humans, unlike other
entities, are inherently self-documenting. Simply being born or going to
school, being employed, or traveling creates a vast amount of potentially
useful data about an individual,” the white papers say. This tendency has
exploded on the Internet, “where individuals and groups willingly provide
volumes of data about themselves in real time — Twitter and social network
forums like Facebook and LinkedIn are only a few examples of the massive
amounts of unclassified data that is routinely indexed and discoverable.”
Finally,
there is knowledge management, which covers everything from the technical
architecture that makes integrated intelligence and information-sharing
possible to the metadata tagging that allows analysts to discover data that may
be important, but not linked spatially or temporally.
USAGE EXAMPLES
ABI
products take the form of customizable Web-based interfaces that allow analysts
to locate associations among data sets using metadata.
“You
could call them Web services, apps, widgets, but they help analysts sift
through large volumes of data,” said BAE Systems’ Biltgen.
These
do not compete with giant systems like the armed services’ Distributed Common
Ground Systems, end-to-end databases that connect thousands of users with
intelligence information. Rather, they are generally designed to plug into
DCGS, then help smaller working groups deal with specific problems.
“Really,
what we’re doing is working with the metadata — the dots and the indexes and
extracted ‘ABI things’ — to get those on the screen, whereas the large systems
really manage streams of imagery for exploration,” Biltgen said. “We go, ‘Let’s
take clip marks and the tags that come from exploited video streams and look at
all of them at the same time without ever having to touch a frame of video.’ ”
He
said the goal is to “precondition the data and make it easier for the analyst
to correlate them, apply their cultural awareness and knowledge to them, and
really put the thought muscle on the data after it’s been well conditioned.”
So
what does ABI actually produce? One common format is activity layer plots. An
analyst might, for example, place all available intelligence about an explosion
of an improvised explosive device atop information about a kidnapping in the
same area, then lay in data about the local bus line, the fruit market at the
corner, or the local timber-smuggling operation.Once displayed, the information
may overlap or intersect in interesting ways.
To
date, ABI has primarily been used in the kinds of operations that have defined IRAQ
and AFGHANISTAN: manhunting and uncovering insurgent networks. But because ABI
is more a methodology than a discipline, and because the products that enable
ABI are customizable, the intelligence community sees ABI applied to a broad range
of problems.
“The
immediate question is, can we expand it beyond counterterrorism and manhunting
and the fight against terror?” Treverton said.
He
suggested applications such as maritime domain awareness, in which signatures
exist for CHINESE frigates but not junks.
ABI
can theoretically be brought to bear on any problem that might be aided by a
“pattern of life” analysis, a prominent phrase in the white papers. In finance,
for example, ABI might identify patterns left by a particular kind of criminal.
Analysts create ABI system events in SOCET GXP using Web services |
“You
could use this in the insurance industry to try and understand the patterns of
life of individuals that steal things from you and make false claims. We do
some of that work today,” Biltgen said.
While
ABI can help anticipate patterns, advocates don’t claim it can predict future
behavior.
“I
wouldn’t call it predictive,” Treverton said. “I wouldn’t call anything
predictive. That’s asking way too much.”
Still,
it may help officials anticipate threats by building a deep understanding of
the networks that give rise to specific incidents.
POTENTIAL ROADBLOCKS
Two
things could hinder ABI — one technical, one cultural.
It
sounds relatively uncomplicated to develop a visual network, say, by tracing
all of the tire tracks captured by wide-area motion video in a given area over
a period of time. Origins and destinations become nodes, and hundreds or even
thousands of tire tracks describe a network from which analysts can extract
meaning. But the devil is in the details. For example, it is difficult to
define a “vehicle stop” in an algorithm, much less assign meaning to it. Does a
“stop” last five seconds or one minute?
“It
sounds easy, until you touch the data. You realize that every proposition in
that value chain has hidden complexity,” said Gary Condon, an intelligence
expert at MIT’s Lincoln Lab, at GEOINT 2012.
The
second set of issues are cultural. Even in the post-9/11 era, legal boundaries
and security clearances can prevent the kind of data-sharing that makes ABI
work. The quantity of publicly available information swells by the day, but the
intelligence community still often prizes classified over open-source
information. And just as complex: Some of that open-source intelligence raises
privacy concerns when U.S. persons are involved.
That’s
been at the heart of the outcry over the NSA’s Prism program and phone-record
collection.
Still,
top-level intelligence officials see ABI as a valuable new tool. Several senior
officials from the Office of the Director of National Intelligence remarked on
its growing importance at the U.S. Geospatial Intelligence Foundation forum in
early May.
“The
defense and intelligence worlds have undergone, and are still undergoing, a
radical transformation since the events of 9/11. The Department of Defense and
the Director of National Intelligence have made information sharing and
efficiency priorities,” the spokesman said. “This will increase collaboration
and coordination, which will have a multiplying effect on approaches such as
ABI.”
No comments:
Post a Comment