Group proposes system to “connect the dots” about terrorist attacks

A Defense Department-funded think tank has designed a concept for a computer system that could help U.S. intelligence agencies identify and interpret clues of an impending terrorist attack.

The RAND Corp. of Santa Monica, Calif., on Wednesday proposed a multifaceted system of networks and electronic databases to sift through huge volumes of information-including information about people, places, events and financial transactions already obtained by the government-in order to discover the most relevant signals of a planned attack.

"An information search that could take dozens of intelligence analysts days to complete could be carried out within hours" by the system, which RAND calls Atypical Signal Analysis and Processing , said John Hollywood, the lead researcher. "This is like giving someone who is looking for a needle in a haystack an incredibly powerful magnet."

ASAP also proposes to analyze information about infrastructure, commerce and industries that directly affect the overall U.S. economy and national security. It would be applied to publicly available data, and "information describing patterns of suspicious behavior, as well as information describing patterns of 'ordinary' behavior that need not be investigated further," according to a statement from RAND.

The concept for the new intelligence system will likely strike some observers as similar to one proposed almost three years ago by the Defense Department, known as Total Information Awareness. Run by officials at the Defense Advanced Research Projects Agency, the TIA research program aimed to find technologies that could be used to help analysts predict future attacks, namely by looking for telling signals in vast quantities of electronic data.

The former head of the TIA program said the ASAP system looked familiar. "The technology required to implement the RAND proposal seems to be a subset of what was being developed by the Total Information Awareness program at DARPA," said John Poindexter, who resigned as the head of the project in August 2003.

The TIA project was dogged by controversy during its 20-month existence. Privacy rights advocates and a number of civil liberties groups equated the project to a Big Brother-like spy machine that would subject innocent Americans' e-mails, bank records and everyday transactions to government scrutiny. TIA researchers, however, were pursuing some of the most advanced privacy protection research the government had ever undertaken, and never settled on whether it would be feasible to analyze citizens' data without violating their privacy rights.

Poindexter said the RAND system needs to "address privacy protection technologies, such as were being developed under TIA, which I believe are essential for such a system."

Hollywood said that, because ASAP would be focused on data the government already maintains, or on public records, there's not as strong a need to "anonymize" data; that is, to ensure that the names associated with certain records cannot be seen by users.

According to the RAND statement, "Because privacy protection is an important consideration, the ASAP network would work with a small and restricted data set consisting solely of intelligence and homeland security information. In contrast to some plans that automatically include personal data, ASAP would search such records only if the suspicion is great enough to warrant a subpoena under current U.S. law."

TIA researchers proposed requiring a court order to reveal names and other identifying addresses behind personal data. A key part of the privacy research was to develop "privacy appliances," as Poindexter and others called them, which would strip the data of its identifying marks.

Hollywood said RAND researchers began work on the ASAP design at the end of 2002. They continued working for a year, and then for nearly 10 months the report was vetted by a variety of Defense and security agencies, Hollywood said.

He noted that officials from DARPA have reviewed the concept, though they had no hand in the design. A DARPA spokeswoman declined to comment on RAND's work.

Hollywood said he hopes Defense and security agencies, particularly the Homeland Security Department, will use the ASAP concept to further the debate on how to better "connect the dots" of terrorism intelligence. Hollywood likened that process to refining oil: As key pieces of intelligence "bubble up" over other, less relevant information, ASAP would continue to vet the salient pieces against what the government knows and has proven false about possible attack scenarios.

Hollywood acknowledged it could take years to build such a system. In the near term, he urged officials to create electronic bulletin boards, where counterterrorism agencies could post descriptions about suspicious activities or events, in the hopes of facilitating more sharing of information. Search engines should be used to match queries about activities with already reported information, he said. Also, Homeland Security officials should create and disseminate profiles about terrorist threats, including to presumed target industries such as commerce and transportation, Hollywood said.

Poindexter, who also served as Ronald Reagan's national security adviser, said ASAP could face significant opposition from Congress, much like TIA did. Lawmakers cut funding for the program shortly after Poindexter resigned.

"Since Congress killed [TIA]," Poindexter said, "I hope RAND has better luck in getting serious consideration to their proposal."

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.