PRISM Magazine - January 2003
High Tech Hunting
Engineers for all Seasons
Shrinking Assets
Comments
E-Mail
Briefings
Databytes
On Politics
Teaching Toolbox
ASEE Today
Classifieds
Last Word
Back Issues
 

High Tech Hunting

While Americans weigh the future of national security and personal privacy, the Pentagon's controversial Information Awareness Office breaks its silence about plans to use technology to stop tomorrow's terrorists.

- By Bruce Auster 

"It's very DARPA-esque." Granted, that not-ready-for-prime-time adjective won't likely make it into the next edition of Webster's dictionary. But that's the term Robert Popp settles on to describe what he believes is the visionary work on counterterrorism being performed by the Pentagon's elite Defense Advanced Research Projects Agency (DARPA).

Popp, an electrical engineer by training, is deputy director of DARPA's controversial new Information Awareness Office, which aims to be able to spot potential terrorists by tracking their financial footprints. The new DARPA shop, which got its start in January 2002 and is led by retired Adm. John Poindexter, has inspired editorial writers across the country to dust off old copies of George Orwell's 1984: It seems that by pairing the one-time Reagan national security adviser and Iran-Contra defendant with a scheme to snoop on people's purchases, the Pentagon may have crossed the civil-liberties line.

But what, exactly, is Poindexter's Information Awareness Office all about? In the first interview the Pentagon has permitted on the subject since the controversy exploded, Popp spoke with Prism about DARPA's role in the counterterror fight, about the technical challenges that the IAO seeks to meet, and about the privacy issues raised by this "DARPA-esque" effort to try to identify terrorists operating inside the United States—and stop them before they strike.

DARPA, like many organizations, began refocusing its efforts after September 11 to help in the war against terrorism. The agency, of course, has a special mission. Created following the Soviet launch of Sputnik, its role is to find ways to use technology to protect the nation's security. In the past that meant breakthroughs such as the development of the Internet. Now, with help from the university engineering community, DARPA is focusing much of its counterterror expertise on a path-breaking enterprise: to use information technology to detect suspicious behavior by potential terrorists—and this is the controversial part—in the world of electronic commerce. The difficulty, as Albert Einstein observed long ago, is that science sometimes offers technological choices that society is not quite morally equipped to make. Even if DARPA's team succeeds in finding a technological silver bullet, a national debate on whether such a system could or should be used in America's open society must surely follow.

The premise underlying the new DARPA initiative—a $100 million effort that involves a handful of specific technology projects within IAO and could grow to $137.5 million next year—is that terrorists such as the September 11 hijackers leave tracks: They hold bank accounts, rent cars, buy plane tickets, even take flight lessons. "If terror organizations are going to engage in adverse actions against the United States," Popp explains, "it must involve people and those people will make transactions and those transactions will leave a signature in the information space."

The trick then, is to detect that signature before the potential terrorist acts or even runs afoul of the law by running a red light. For scientists like Poindexter and Popp—Poindexter was trained as a physicist, Popp as an electrical engineer—the problem recalls an earlier technological challenge of Cold War vintage. In submarine warfare, signal-processing techniques were refined so that enemy subs could be detected in the vast ocean. "Instead of trying to find enemy submarines using acoustic signatures in an ocean of noise, we're trying to understand terrorist activity," says Popp. "The ocean of noise is the world of information."

Searching for Sharks

How does DARPA propose to catch the sharks in the sea? The challenge in this new age of terror is that a small number of people—operating across borders and without the backing of a sovereign state—can do grievous damage to innocent lives. After September 11, there was much talk about connecting the dots; if only the FBI had recognized that Arab men were taking flying lessons, for example, the catastrophe might have been averted. This is, as Poindexter noted at a recent DARPA conference, the heart of the matter: "The intelligence collection targets are thousands of people whose identities and whereabouts we do not always know... One of the problems is to know which dots to connect." The Pentagon's Defense Science Board, in a study on so-called "transnational threats" came to the same conclusion: "The making of connections between otherwise meaningless bits of information is at the core of (transnational) threat analysis," the DSB states. It goes on to add that "search methods currently in use are not up to the challenge."

That is where DARPA hopes to make a contribution. Within IAO are programs looking for technological breakthroughs in a host of fields: strategic analysis tools, knowledge discovery and collaboration tools, biometrics to help identify people, language technologies, data bases, privacy protection, link analysis and data mining, and predictive modeling and estimation. Much of the expertise required to make advances in these areas will come from the computer sciences, software engineering, and artificial intelligence fields.

While Poindexter's agenda represents the chief DARPA contribution to the war on terror, it is not its lone effort. The agency has also initiated a major Biological Warfare Defense project. Among its components is an effort to develop advanced sensors that can quickly detect biological agents. The Biological Time-of-Flight Sensor, for instance, is a mass spectrometer designed to quickly identify biological warfare agents. The program is nearly at the prototype stage. DARPA is also undertaking what it calls an "Immune Building" program, designed to make military installations resistant to chemical or biological attack. For example, to avoid future anthrax attacks, DARPA is looking at ways to create barriers as well as to screen and isolate agents in the mail. Other elements of the program include using technology to protect heating, ventilation, and air-conditioning systems from being exploited in a chemical or biological attack. DARPA's other major effort—aside from the Information Awareness Office—involves protecting information from attack. DARPA programs are underway to both prevent cyber attacks and to allow military commanders to combat such attacks. One effort, the Fault Tolerant Networks program, aims to allow Defense Department networks to withstand attacks that outwit efforts to block them. As part of this program, technology is being developed to minimize the effects of so-called denial-of-service attacks, in which corporate or government computer systems are overwhelmed by a flood of demands from outsiders. One solution might involve "reducing the amount of network bandwidth available to the attacker," as well as developing technologies to help a network recover from an attack.

But the heart of DARPA's effort remains Poindexter's goal of achieving Total Information Awareness, or TIA. "We think a large part of the solution is information technology," says Popp, "and how information technology can be utilized to detect and understand different kinds of signatures that correspond to terrorist activity." And to take on the central challenge of that effort—identifying those dots and then connecting them—the IAO created the Evidence Extraction and Link Discovery Program, or EELD. According to program manager Ted Senator, EELD aims to find ways to find information about people, organizations, places, and so on, and to spot patterns of suspicious behavior. It is not as simple as it sounds. "Traditional fraud detection techniques look for outliers," Senator explains. For example, credit card companies flag suspicious charges if a purchase does not fit a pattern of spending that a customer has already established. But the credit card companies have a starting point: the customer, who has a known history of purchases. "The most dangerous adversaries," Senator notes, "will be the ones who successfully disguise their individual transactions to appear normal, reasonable, and legitimate."

The first task then, is to identify the people who might be potential suspects. To tackle the problem, the EELD program is looking to find ways of spotting links between "people, organizations, places, and things" by advancing technology in three areas: evidence extraction, link discovery, and pattern learning. At Carnegie Mellon University, for example, researchers working with DARPA are studying ways to find unknown links among individuals. EELD program manager Senator believes the techniques might be able to provide a reasonable guess as to whether different individuals are members of the same group, based on their transactions. Analysts might also be able to determine whether a single person might be using multiple aliases.

Oceans of Information

The failures prior to September 11, of course, were not only that patterns were not detected. In some cases—and certainly among field officers inside the FBI—red flags were waved, memos were sent to headquarters, and nothing happened. If IAO does nothing but burden already overloaded analysts and policymakers with even more nightmare scenarios, it won't necessarily help prevent future attacks. "What we're really trying to do is develop and utilize information technology in all different kinds of areas that can…weed out the noise," says Popp. "So then you can feed actionable intelligence to a decision maker."

A new program designed to help analysts manage the flood of information, called Genoa II, aims to find ways to have teams of specialists—from law enforcement, intelligence, and so on—collaborate to make sense of information and develop a plan of action based on it. The trick is to speed that process up. "There is too much that must be read to actually read," program manager Tom Armour said at a recent DARPA conference. His solution: "Read everything without reading everything."

The object is to use technology to marshal information and evidence with grace and subtlety, the way a lawyer might craft a closing argument. Storytelling, in this vision, becomes an important element of technological design, since the object is to provide very busy senior policy makers—the target audience for all IAO efforts, it should be noted, are top government officials, including the president, four-star combatant commanders, and top intelligence officials—with a narrative that can help them make critical decisions. "You can't go to [a decision maker] and say ‘Here are the 8,000 targets you need to worry about,' " says Popp. "You need to tell a story, provide information to decision makers so he or she can make a decision." Solicitations for the Genoa II program were issued in March 2002, remain open for a year (Information about DARPA announcements can be found at www.darpa.mil), and involve such disciplines as software agent technology and human reasoning technology.

There is another ocean of information that analysts have so far failed to tap, and that is foreign language texts. To correct this problem, DARPA has created a program, called TIDES, to mine databases and other sources of information. The intelligence community is notoriously shorthanded when it comes to language specialists and translators, and this problem is particularly acute in so-called target languages such as Arabic or Chinese. And yet there is a vast amount of information already in the public domain, waiting to be read, The trouble is that the current technological state of the art for language-processing is an error rate of about 50 percent—meaning that the chance of mistranslation is so high that the entire enterprise is all but pointless. The TIDES program aims to improve technology so that an analyst's query, submitted in English, will explore foreign-text databases and give a well-translated answer back. It is a complicated technical endeavor, to say the least: The software must be able to detect what is relevant. It must be able to extract key facts from text. And it must be able to summarize more than one document, culled from more than one language, in a simple way. DARPA is working with computer scientists and engineers at a number of universities, including Carnegie Mellon, Columbia, Johns Hopkins, NYU, the University of Massachusetts, and the University of Pennsylvania. Key technologies include metadata exploitation, natural language processing, and acoustic signature identification.

The Privacy Problem

Exploring foreign-language texts does not necessarily require the government to intrude into the private world of transactions. But the bulk of work at the Information Awareness Office effort does entail finding technologies that will allow analysts to follow more effectively the trails people leave as they go about everyday business. "Where are things people do captured electronically?" asks Popp. "In the transaction space. We want to supplement traditional intelligence with other types of information."

The trouble is that the very nature of hunting for almost-invisible terrorists invites invasions of the rights of innocents. Typically, when law enforcement officials went looking for a bad guy, they usually had a good idea who they were looking for. Now, explains Popp, "This is the problem that we face, which is really, really hard. You don't necessarily know a priori the bad guy." To find out means hunting in databases not typically available to the police. "That's where you run into the issue of privacy," he says. But Popp stresses that protecting privacy remains critical and that the IAO is not intended to allow the government to snoop on innocent Americans. To that end, DARPA is creating a database of "synthetic" transactions, a sort of parallel world of buyers and sellers going about their business in the ether. The research can be realistic. "This will generate billions of transactions constituting realistic background noise," Poindexter explained at a recent conference. "We will insert into this noise simulated transactions by a red team acting as a terrorist organization to see if we can detect and understand this activity." This approach, at least for now, skirts the privacy problem.

But only for a time. After all, DARPA is simply a research organization. It provides technology. One reason there has been no great debate in this country about snooping on private citizens is that the tools—the software, and so on—haven't been sophisticated enough to make such snooping a real possibility. But some four years from now, if IAO does what it has set out to do, that may change. "Today we can't [use it] because it doesn't exist... If we were able to create the capability using simulated data to prove out the concept, maybe you show . . . you would get this kind of benefit . . . but it comes at a cost," says Popp, "The policy makers, the country, the public have to have that dialogue about where they want to go." Simply put, it will then be up to American citizens, not John Poindexter, to decide whether to use the tools DARPA is conjuring up.

 

Bruce Auster is a freelance writer based in Washington, D.C.
He can be reached at bauster@prism.org.

Big Brother John?

When it dawned on the national press that the White House had picked Reagan-era National Security Adviser John Poindexter to head the Total Information Awareness project, the tiny operation at DARPA became the focus withering attacks. "To civil libertarians, TIA, with its Orwellian dossiers on each and every American, would constitute a huge invasion," The New York Times offered on its editorial page. Calling for a congressional inquiry, The Times concluded: "The last thing we need is a vast new system of domestic surveillance engineered by John Poindexter." Congress may well get into the act: Senator Charles Grassley (R-Iowa) has taken an interest in the TIA program. "I am at a loss to understand why [DoD] resources are being spent on research for domestic law enforcement," he has said. Other opinion makers, like Kathleen Parker of the Tribune company, were more breathless: "Big Brother, no longer a fictional character in a scary futuristic sci-fi novel, would know where you go, with whom you chat and e-mail, what web sites you visit, where you travel, eat, and sleep."

Is DARPA—and by extension the universities that have teamed to work on TIA projects—involved in a covert effort to erode American civil liberties?

The question might never have been asked had someone other than Poindexter been appointed to head the DARPA effort. The retired admiral, a physicist by training, has been described as "passionate" about the possibility of tackling the counterterrorism problem with information technology. But Poindexter's role in the secretive Iran-Contra affair arouses suspicion. He was convicted of lying to Congress and destroying evidence connected to the Reagan administration effort to bypass a congressional ban on aid to the Nicaraguan contras by funneling money from arm sales to Iran. Poindexter's conviction was eventually overturned on appeal because he was granted immunity from prosecution in order to win his testimony before a congressional investigative panel.

Poindexter's return to public service is proving very nearly as controversial. But DARPA officials suggest that the scope of the TIA program has been misunderstood and that privacy concerns remain central to their efforts. "We are not developing any technology that allows any organization the capability above and beyond what it is authorized to do today," says Poindexter's deputy, Robert Popp. "We're not developing any technology that changes the way the intelligence community collects data today."

If DARPA succeeds in its research effort however, Congress may be asked to broaden the authority of the law enforcement and intelligence communities to use TIA's tools to monitor transactions of people living in the United States. Current law, Popp notes, does not allow analysts to search private-sector databases without a warrant. But the entire premise of the TIA effort is that transactions—car rentals, hotel stays, and all the other signs that leave a trace in electronic space—offer a remarkable opportunity to spot the footsteps of potential terrorists and stop them before they strike. "The data lives in the private sector," Popp says. The trouble is that today's terrorists—like the 9/11 hijackers—purposely operate within the rules so as to avoid attracting the attention of law enforcement. "If we knew who the bad guys were, we could set up filters and never look at the data of good guys," says Popp. "That's not possible. We want to ensure that if bad guy behavior is going on, we make sure their behavior passes through so analysts see it. The problem is . . . that it's likely innocent data will pass through and be looked at."

And that's the trouble. DARPA is aware that it has a problem. It is negotiating with the National Academies of Science, for instance, to design a small effort to explore the policy and technical questions arising from its counterterror efforts. Privacy protection is among the topics being addressed. And TIA is looking to see if technology—the prospect of which has stirred up this privacy controversy—might also be able to offer a solution. But it will be several years before any of the programs underway at DARPA are ready to be pressed into action. At that time, Americans will have to decide what price in lost liberty they are willing to pay for a greater sense of security.

 
PRISM@ASEE.ORG