Pages: p. 7
Abstract—Reviewed in this issue:
Particularly since 2001, terrorism has diverted our attention worldwide. Some of the world's best minds have been trying to find effective methods for identifying terrorists well before they perform their next attack. In similar ways, computer security professionals are concerned with identifying malicious actors and preventing them from harming our systems and ourselves. For this reason, I was drawn to Robert Popp and John Yen's book on counterterrorism technologies as a source of information about the most promising technologies for rooting out the "bad guys."
The book is an edited compilation of academic papers, each of which describes a technology or approach that could help identify potentially useful information in predicting who the malefactors are and how and when they might act. Several chapters also describe technologies for sharing information with agencies that must "connect the dots" and provide evidence for taking preventive action. The book's topics fall into five categories: predictive modeling, pattern analysis, collaboration, cross-language searching, and privacy.
The book features five chapters on pattern analysis, including behavioral networks and social network analysis. For example, one chapter describes the Strogatz-Watts models of "small world" phenomena and the Albert-Barabási inductive models simply, using graph theory to explain ways to identify emergent subgraphs. (A word of warning: in several chapters, unexplained assumptions creep in, such as knowing what an Erdös-Rényi random graph is.) Another chapter analyzes social networks using matrix decomposition to identify the patterns they contain. Although the examples sometimes focus on Al Qaeda, they could easily be translated to techniques useful in identifying malicious insiders or potential external threats.
Similarly, the nine chapters on collaboration form a mini-tutorial on knowledge management, information sharing, Semantic Web technology, and other techniques useful in sharing data only with those who need to see it. For instance, Jeff Jonas and John Karat's chapter on anonymized semantic directories discusses how to identify nonobvious relationships between people using a network. And Shuang Sun, Xiaocong Fan, and John Yen explain how to share intelligence along an "information supply chain."
Several of the technologies described were developed using US funds, often from DARPA and sometimes in support of the infamous Total Information Awareness project. Indeed, the examples are too often concerned only with the US, as when the authors ask, "How does the United States implement this new strategy [of understanding the culture and motivations of potential adversaries]?" The technical overviews are worth putting up with the counterterrorism flavor of some examples and motivate discussion. The editors are aware of the privacy implications of some of the suggested approaches, devoting the last three chapters to (some but not all) important legal and policy concerns.
As with most edited compilations, the writing is uneven. Some articles provide a descriptive view of technology at a macro level, with references to more detailed papers in the literature. Other articles are more microscopic, explaining how to use eigenvalues in defining a concept and listing equation after equation. Nevertheless, each article provides a valuable overview of the current thinking in each area, with a heavy emphasis on the use of quantitative and computational social science. You'll learn how to apply hidden Markov models, Bayesian networks, and simulations to predict likely candidates for further scrutiny. For computer scientists well-versed in operating systems and network protocols, the Popp and Yen compilation paints a broad picture of techniques that might be useful in sharing information and analyzing how systems and networks are used.