1. Proprietary and Confidential Emerging Technologies, Homeland Security and the Privacy/Security Trade-off Dr. Phil Hayes & Dr. Ganesh Mani May 29, 2002

2. Proprietary and Confidential2 Agenda Background Current Technologies and their Limitations New / Emerging Technologies (esp. Intelligent Matching) Summary and Conclusions

3. Proprietary and Confidential3 Background Privacy vs. Security (two sides of the same coin?) Spotlight on homeland security, expanded wiretapping provisions, USAPATRIOT Act, etc. The role of the Internet is broadly changing the semantics of privacy –e.g., Allegheny county property records –Driving by somebody’s home vs. putting a webcam outside Key is finding the right trade-off The Challenge: for local, state, and federal governments to provide maximum Public Safety in the most benign and cost effective manner

4. Proprietary and Confidential4 A Few Tenets Increasing security implies increased information. Increased information does not need to imply decreased privacy Privacy is a direct function of the use of information Automated solutions operating on better information should result in increased privacy and increased security Automation can support privacy/convenience tradeoffs Ben Franklin: “People who give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”

5. Proprietary and Confidential5 Financial Security Ensuring integrity of capital markets –Monitoring suspicious security transactions (equities, options, etc.) –Number of trades is high, post-decimalization Anti-money Laundering –USA PATRIOT Act –Cross-border transactions –Linking financial transactions with other transactions (purchase of hazardous chemicals, e.g.)

6. Proprietary and Confidential6 Current / Existing Technologies Instantaneous transmission of information via the Internet and private networks Database with special-purpose scripts Data mining (techniques that work well with noisy, incomplete data are rare) Event-based triggers Automated face recognition, voice recognition and other biometric techniques

7. Proprietary and Confidential7 Shortcomings of Current Techniques Excessive false positives Expensive manual processes Exposed and unprotected personal information Not scalable Inability to use prior knowledge or “start from where you or someone else left off” Often not usable by non-technical personnel Matching policies with technologies (e.g., National Driver’s License DB)

8. Proprietary and Confidential8 Intelligent, real-time matching Recognize threats by correlating across multiple databases / sources – “information fusion” Matches will often be approximate Human analysts can do further analysis (esp. if the number of alerts can be made small, but high-quality) Trade-off between sensitivity (TP/(TP+FN)) and specificity (TN/(TN+FP)) Many homeland security applications – including financial security

9. Proprietary and Confidential9 Finding the Best Fit Query (range or fit) Exact fits Close fit Out of range Close matches are key!

10. Proprietary and Confidential10 Context-Sensitive Fit Price dataKeyed data Value determines distance 101 103 201 101 103 201 Nearest Distance due to: - Keying adjacent digit - Skipped digit - Swapped digits

11. Proprietary and Confidential11 The role of information Personal Confidential & Proprietary Information Security “Black Box” Investigation Indicated Information Repository Intelligent Matching Combinations of Characteristics under Suspicion Real-time Events Conditions & Environment Personal Confidential & Proprietary Information Detection Performance

12. Proprietary and Confidential12 Finer-grained Detection Existing Detection Small Security Data Records asdfkjlkj askldfj;lkaj lkjlkasdjf lkjasdfk akkjfdjk Coarse Security Filter Fine Security Filter Large Security Data Records asdfkjlkj askldfj;lkaj lkjlkasdjf kjasdfk akkjfdjk asdfkjlkj askldfj;lkaj lkjlkasdjf lkjasdfk akkjfdjk Improved Detection Investigate Suspects InvestigateSuspects

13. Proprietary and Confidential13 Scenario Act 1 Four transactions out of hundreds of millions: First transaction triggers additional automated queries Secondary queries find other trans. and alert analyst Analyst sets up additional queries monitoring for any news involving Kahlil Binlasi or any suspicious activity correlated with Binlasi DateAmountPayerLocationPayeeLocation 8/20/02$23,488LuganoAhmed TalebTrenton 8/21/02$36,769ZurichJofar KhademNewark 8/22/02$20,000Ahmed TalebTrentonKhalil BenlasiSt Paul 8/22/02$30,000Jofar KhademNewarkKahlil BinlasiSt Paul

14. Proprietary and Confidential14 Scenario Act 2 Police blotter story in 10/15/02 in local paper of Pine City, MN: Kalil Binlassi stopped with broken tail light, detained because he “acted suspicious”, and released. 10/22/02, news story about theft of explosives in Sandstone, MN, involving car of same model as Binlasi’s Analyst is alerted both times and on second story passes concerns to FBI who start direct surveillance, leading to eventual arrest.

15. Proprietary and Confidential15 Intelligent Matching Technology User Interface Integration Analytics Notification Agents Best-of-breed component, open architecture, J2EE compliant Proprietary matching algorithms enable real-time, efficient matching of complex information Ultra-high performance - 100’s of complex matches per second Linearly scalable (in terms of both velocity and complexity) Large number of attributes iX Intelligent Matching Engine

16. Proprietary and Confidential16 Key Innovations Identifies and ranks based on “fit” with criteria Immediately recognizes and acts on changes in the dataset with persistent queries Defines “fit” or nearness uniquely for each field type Acts in real-time and linearly scalable Intelligent Matching Simplifies data definition “See” through imperfect data Creates attraction Matches all data types Armed to act fast & immediately when an event occurs Observes all data that passes through

17. Proprietary and Confidential17 Intelligent Matching Engine

18. Proprietary and Confidential18 Intelligent Matching: Technology Environment (J2EE)

19. Proprietary and Confidential19 Intelligent Matching: Technology Environment (Web Services)

20. Proprietary and Confidential20 Demo Financial security realm

21. Proprietary and Confidential21 Summary Important policy issues surround the privacy / security spectrum –How do we increase security without diminishing privacy? –Is more information better; who has access to the information? –Appropriate and inappropriate uses of information. New technologies for new challenges Data overload (making sense of it is like trying to drink from a fire hydrant) Intelligent matching with imperfect data is a key technology (that can be combined with improved feature detection and multiple-classifier algorithms)