May 6, 2011 – Digging through the data left behind from the world’s most wanted man presents unique challenges and incredible opportunities, according to security and data analysts, writers and vendors.
Security official information sharing capabilities and a geospatial location solution from one vendor have already been commended for pinpointing the raid on a compound in Pakistan that resulted in the death of Osama bin Laden. But, unlike the hand-written notebooks found at the compound that reportedly point to direct terrorist plans, it will take a mix of high-tech applications and security know-how to pull immediately usable security data from the handful of computers, 10 hard drives and various flash drives and DVDs the Department of Defense stated were taken from the site.
Bob Carter, vice president at data management vendor Vivisimo, whose platforms are at use at a number of U.S. security agencies, says that evolving security standards and data clustering technologies in the industry should greatly reduce the “noise ratio” he expects in this information. Carter still sees two major problems with moving forward with this trove of security information: data sets indexed in siloed departments or technology, and the background of the information on bin Laden’s hard drives, which may not suggest much comprehensive integration.
“The big challenge for all of these folks is that they don’t own the data. There are different security models and [separately] the notion of taking other people’s data and migrating it to one data warehouse is just a non-starter,” Carter says.
Once encryption and translation barriers are overcome, the heavy lifting behind the data extraction will involve text mining and analytics, according to Ventana Research analyst/researcher and David Menninger.
Menninger describes the likely process for analysis commencing with search, followed by word frequency and combination counts, and then sentiment analysis.
"But I suspect this would be difficult because the sample could be too small, translation issues may get in the way, and most documents would probably have ‘negative’ sentiment," Menninger says.
Any running systems will be kept powered during transportation for analysis, experts say. But in whatever state the computers and hard drives arrive, accessing them will probably be a job taken on largely by humans, not mining and security systems, says information security expert Bruce Schneier.
Schneier says in an email interview that, aside from some National Security Administration search tools, the majority of data from bin Laden’s drives will be culled and reviewed by people in an office here or abroad. Regardless of bin Laden’s notorious background, Schneier says the search and extraction for this data will probably be no different than any other high-level information find.
“You read it, you think about it, and then you do things based on it just like always,” Schneier says.
Tech blogger Matthew Humphries says information access could prove easy due to bin Laden’s time on the run and apparent lack of simple digital conveniences, like an Internet connection, at the terrorist leader’s compound.
Paul Roberts, information security writer with Kaspersky Lab’s Security News Service, Threatpost, wrote that encryption has been a roadblock in other terrorist information finds, but will be overcome quickly in this case given the potential value of the information sources.
“The data captured in the raid could be as important as the killing of bin Laden if it allows the U.S. and its allies to move quickly against Al Qaeda cells,” Roberts noted.
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access