Attacks on Security Through Inferential Analysis
By Roy D. Follendore III
Copyright (c) 2002 RDFollendoreIII
The direct aggregation of data and information facts can be associated to infer knowledge that is not openly available to the public. In fact, because of the complexity of the problem, it becomes a practical impossibility for large organizations to coordinate the release of such information without inferring new knowledge. To point this out I offer the following dummy scenario which has been recently updated to fit the news. I wrote the original unclassified example in the 1985 to point out that technology is changing the nature of gathering communications security intelligence. The same concept can be used against commercial, political and economic targets.
AI can be geared toward infrastructure security problems. I made the example fairly simple in order to allow a human to, with some effort solve it. A somewhat less structured scenario containing more data would make the problem impossible to solve by a human being. Detecting and proving that there exists a threat from this kind of information is the most difficult problem for humans. Today this kind of problem can be recognized and solved easily with Artificial Intelligence techniques. An AI program can solve this kind of patterning problem in an instant.
You are a member of some foreign terrorist organization interested in gaining current information on the state of United States communication activities with Iraq. Traffic analysis assumes that the information you want to read will have about a 60 day crypto period. Your organization's "project" will need to know this information in order to do assure it has time to do its dirty deeds. Your contact in Washington did not provide you with data that would be useful…. Or did they? You start to review the information that you know….and whip out your hand held AI software to analyze the knowledgebase further.
WHAT YOU KNOW TO BE TRUE:
There are five offices next to each other in the Pentagon each with a different component of the US Government and using different crypto equipment, with different crypto periods, levels of traffic passed, and transmitting to different countries.
In addition here are some facts that your comrades in Moscow have found out.
The KY-70 is used by the American Air Force.
The KY-71 has a crypto period of one year.
The Afghanistan is where the American Intelligence operates.
The KY-58 is used to communicate with Iran.
The American Intelligence sits in an office to the right of the Army.
The office that passes TOP SECRET information has a crypto period of 30 days.
SECRET information is passed by the DIA.
Pakistan is the country to which the middle office communicates.
The KG-84 is used in the first office on the left.
CONFIDENTIAL traffic is passed next to the office that has a crypto period of 24 hours.
SECRET information is passed next to the office that has a crypto period of 180 days.
Sensitive information is passed to India.
The KG-81 passes unclassified traffic.
The KG-84 is used in the Pentagon’s office.
QUESTIONS YOU WANT TO ASK:
What crypto equipment is used to communicate with Iraq?
What Equipment has a 60 day crypto period?
RESULTS OF YOUR INFERENTIAL ANALYSIS:
In a matter of seconds you knowledgebase is processed and you know the story.
The KG-84 communicates with Iraq.
The KG-81 has a crypto period of 60 days.
In this case the information that you wanted on Iraq did not have the crypto period that you expected. But that is OK, the data that you have inferred will earn you a promotion. After all, the more innocently indirect the intelligence data that is collected the better. There is no telling what you will get with a little more indirect fact in the knowledgebase. "Those *&%$#! Americans have given us the means to shatter their communication security. . . it is just a matter of time!!!!!"
The issues surrounding the aggregation of inferred knowledge has not changed. What has not changed is the almost pathological orientation taken by security organizations by ignoring the implications of AI for gathering information. Future counter intelligence security solutions will include inferential analysis of aggregated data to get a better picture of what others know about theirselves.
Copyright (c) 2001-2007 RDFollendoreIII All Rights Reserved