DARPA: ‘Anomaly Detection at Multiple Scales’

January 23rd, 2011

Via: Fast Company:

As DARPA puts it: “When we look through the evidence after the fact, we often find a trail–sometimes even an ‘obvious’ one. The question is can we pick up the trail before the fact giving us time to intervene and prevent an incident?” Computer forensics companies rise to the challenge.

NetCerto is one of the companies that is soliciting grant money from DARPA under the ADAMS program. Many companies will be applying to DARPA claiming they have the next algorithm or bit of software that will finally be able to suss out the dangerous needle in a haystack of data. But in order to ensure that software truly works, DARPA will also need software that simulates an environment in which anomalies occur.

NetCerto’s CEO David Kovar explains this in a neat metaphor: His company creates a simulated crime scene. “If you wanted to test the abilities of a crime scene forensics team,” he tells Fast Company, “you would go out in a parking lot somewhere, you would put bullet casings out, blood marks out, scuff marks in some places. We do the same thing in electronic environments. We will create the clues for people doing analysis to find. And since we created the evidence, we can score them”–i.e., the other applicants for DARPA money, those offering forensic software–“accurately on whether they found them all.”

The same principle could be put to work to catch the next Jared Lee Loughner, the alleged shooter in the Arizona killings. Reports in the wake of the shootings have shown that Loughner left many digital traces signaling anti-government paranoia.

The only problem, points out Kovar, is that anti-government paranoiacs are a dime a dozen. The trick is finding, amidst the tens of thousands, the single one who is planning to act. “That’s the core of the problem,” says Kovar. “There’s so much noise out there….There’s so much rhetoric out there that goes nowhere”–i.e., that doesn’t erupt in violence. Say that the investigation of Loughner reveals a series of characteristics that seem predictors of his violence. “Now you gotta look through the entire Net, and you realize those characteristics match 30,000 people.” How do you winnow down the list to the real threats? “I don’t have the answer, and DARPA doesn’t either, and that’s why they’re running this program,” says Kovar.

Related:

The Last Roundup: MAIN CORE

Synthetic Environments for Analysis and Simulation

Leave a Reply

You must be logged in to post a comment.