|
 Feature Article: Six Crucial Technologies in Attacking the Terrorist Network
by Jim Nolan
November 2007
Attacking the Network represents the next stage in our fight against the threat of Improvised Explosive Devices (IEDs) and terrorism in general. In this mode, we move away from trying to mitigate the effects of the attack, instead eliminating them altogether by defeating the core components of the terrorism operation: the key actors and their networks. By moving away from the attack itself and"up the kill chain" we can effectively neutralize the entire operation of a terrorist cell. This has many obvious advantages in the Global War on Terror.
From an intelligence perspective,"Attacking the Network" really means being able to identify the key actors in the terror network, their relationships, and understanding their intent. In a technical sense, it requires the ability to:
- extract and correlate seemingly unrelated pieces of data,
- distinguish that data from the white noise of harmless civilian activity, and
- find the hidden relationships that characterize the true threat.
The situation becomes very complicated when we consider the sheer amount of data that must be analyzed: intercepted telephone conversations, sensor readings, and human intelligence. Each of these sources needs to be analyzed in its own unique way and then fused into a cohesive picture to enable rapid and effective decision-making.
I find it useful to break these capabilities down into focus areas and then identify the enabling technologies can be applied to achieve the goals of the Attacking the Network. These three focus areas are: Identify, Test, and Evaluate.
- Identify - identify candidate terror networks. Parse incoming intelligence data to identify possible entities (people, places, locations, events) and their relationships.
- Test - test the observed activities to determine if they are suspicious. Uncertainty must be a incorporated to maximize the chance of identifying terrorist behaviors.
- Evaluate - evaluate the quality of the formed networks. Terror networks are highly dynamic and fluid, and key actors may bridge across several groups.
As a community, we are developing many technologies that are starting to come together to enable these focus areas. Below I have put together a summary of these enabling capabilities and describe them in terms of the feature they provide and the benefit provided to the intelligence analyst. This last column is what we are ultimately judged on.
Capability |
Feature Provided |
Intelligence Analyst Benefit |
Entity Extraction |
identifies entities in structured and unstructured intel data. |
rapid identification of key actors, places, organizations. |
Social Networking |
characterizes the relationships between entities in the terror networks. |
understanding of possible relationships between actors, places, organizations. |
Theme Generation |
organizes intelligence data into relevant themes. |
enables analyst to focus their attention on the most relevant information. |
Computational Probability |
characterizes the uncertainty of the associations in the developed terror networks. |
quantifies the strength of the relationships between actors, places, organizations. |
Language Translation |
provides understanding of events from multiple sources. |
analyst can quickly move across multi-language data sources. |
Visualization |
presentation of analytical information. |
presents the information in such a way that an analyst can make accurate decisions quickly. |
In this edition of our newsletter, I have taken a top-down view of the next stage in the fight against terrorism: Attacking the Network. I have identified three key areas of focus for the community and six crucial technologies that can be pulled together to enable success. Of course that success depends on our ability to innovate and bring these technologies together in a way that maximizes the effectiveness of our end customer: the intelligence analyst. For this is our ultimate measure of success.
I look forward to your feedback on my thoughts.
Jim
jim.nolan@dac.us
|
|
