Posted tagged ‘intelligence’

Operationalizing Open Source for Homeland Security

September 11, 2008

Sitting in the panel run by the Department of Homeland Security. DHS Open Source Lead, Tyler Foulkes, leads the conversation. In 2007 DHS required to build relationships with the State Fusion Centers and train the Fusuin Centers. Undersecretary Charlie Allen at DHS understood that intelligence happens in other places than the IC. They needed to find out what the state, local and tribal leaders need to complete their missions. Training for the Fusion Centers (from DHS) goes out to the centers, they don’t force the Fusion Centers to come to them. Notes the DHS Strategic Open Source Vision booklet (released today). Protecting rights and keeping balance on privacy is key and on their minds at all time.

Next up is Jack Showalter for CENTRA Technology Inc, speaks on training the analysts and not the IT staff on the technical aspects of research on today’s web. Adhoc vs standing requirements and how to use different technologies for each part of the mission.

First major theme: adhoc requirements. Obvious technology is search (search engines). To go beyond google, training on how the search engine works so the analysts know what they are getting and what they are missing. They need to know the periodicy of search engines and how the search engine gets it and why moving beyong Google and using any search engine effectively is so important.

Going from advanced syntax search on Google to clustering search engines (like Clusty.com). Demos other clustering search engines with visualization like Kartoo.com/ DIfferent analysts think differently and can get results tailored to their style.

Concept of verticle search is introduced. Shows Highbeam Research, Infomine, the NOAA National Weather Service and Search Medica.

Discusses Cuil.com and the need to pay attention to new resources to keep an eye out for the “next big thing” – whether they succeed or not.Looking to the horizon for emerging resources, like evri.com (natural language processing – semantic indexing). Mentions twitter (just as I send a tweet…). And twitter trends – get the news about disasters or events from locals on the twitter trends before the press gets it out (search.twitter.com).

Goes into the importance of directories when exploring topics. Mentions dmoz.org and lii.org. Notes the importance of noting the business process of the directories (ie. volunteer or professional maintainence).

Discusses the deep web: what it is and how to tackle it.

Different needs to meet “standing requirements” – repetitious and mechanical searches should be automated. Identify important -vs- urgent taskings. Addresses time consuming nature of standing requirements and that adhoc requirements often push the standing reqs out of the picture. Obvious first strategy: RSS. Not only RSS feeds, but filtered RSS (shows feedrinse.com as an example).

Highlights distributuion channels for open source and shows Deborah Osborne’s crime analysis podcast on blogtalkradio.This can be a method of professional development.

Highlights the need for open source professionals to be on the watch for new technologies and resources.

Q&A:

Q: have you found a way to search podcast for content?

A: currently we haven’t found a way to search podcast effectively.

Q: what are different research methods you teach analysts?

A: Originally analytic techniques were taught but some were cut due to time constraints. Time management and research planning are taught. The end goal is to make sure that after the research there is time for analysis. This is the first wave of classes but as the program continues, more techniques and further topics will be explored and trained.

Q: Comment: as far as searching podcasts – podscope.com and everyzing.com.

A: Fantastic, we will explore that.

Q: Are you targeting media outside of the internet?

A: major block of training is on non-internet open source.

Q: FeedRinse, is that client or server based? Have you discovered any attempts to give you misinformation?

A: Server based. Another major block in the training is focused on evaluating sources, misinformation and disinformation.

Q: Concerns about much of internet going through the US.

A: Particularly with ref to IPV6, the next version, the US will not be the belly button of the internet. We discuss assessing the credibility of sources used, but we don’t go into the weeds of the technicality of the internet and we cover the basics before delving into deep waters.

Q: Software applied to do trends and word counts (note: memes)

A: Discussions on memes and conversation tracking through the blogosphere. Tag clouds, etc.

Q: Comment: Traffic diverted through foreign servers is more of an issue for covert operations and not for open sources.

Q: How are you addressing operational security?

A: we describe web visibility and basics of IP statistics. We demostrate what the systems are showing when they visit a website and how to use basic opsec to counter these weeknesses.

Advertisements