Showing posts with label Anomaly Detection. Show all posts
Showing posts with label Anomaly Detection. Show all posts

April 20, 2012

Robot Guard Thyself

The Asian Forum of Corrections in South Korea has developed this 5' tall robot for patrolling prisons.

But rather than restraints and weapons, this prison guard carries a suite of technology:

- 3-D Cameras for monitoring safety and security

- Recording devices for capturing activity

- 2-way wireless communications between corrections officials and prisoners

- Pattern recognition and anomaly detection software for differentiating normal behavior from problems

While this sparks the imagination for where this might go in the future, I'm not quite sold on this. 

Firstly, how well can these robots really recognize and interpret human behavior, especially from those who may be fairly adroit at hiding or masking their activities, day-in and day-out. 

And maybe more importantly, without some serious defensive and offensive tricks up its robot sleeve, I have a feeling that many a prisoner with a two by four, would put this million dollar robot in the junk yard pretty fast, indeed. 

I'd rate this as not there yet! ;-)


November 4, 2011

What's In That Container?

Ever since 9-11, there has been acute concern about preventing "the next" big attack on our nation.
Will it be a suitcase bomb, anthrax in the mail, an attack on our mass transit systems, or perhaps a nuclear device smuggled into one of our ports--all very frightening scenarios!
The last one though has been of particular fascination and concern given the amount of commerce that passes through our ports--more than 95% of our international trade--and hence the damage that could be done to our economy should these ports be hit as well as the challenges in being able adequately screen all the containers coming through--a massive undertaking.
Wired Magazine (November 2011) did a feature story on this topic in an article called "Mystery Box."
The article highlights the unbelievable damage that could occur if a dirty bomb ("a radiological dispersion device") were to get through in one of the millions of 20 foot long by 8 foot wide shipping containers out there--aside from the risk to lives, "it would result in a major national freak-out...cause billions and billions of dollars in economic damage...dirty bombs are weapons of mass disruption."
While 99% of shipping containers are scanned when they arrive in the U.S., DHS is supposedly challenged in implementing a bill requiring scanning every container before they enter the U.S.--"some 66,000 [containers] a day."
Instead "100 percent screening" is being pursued where, shipping information is checked before arrival--including vessel, people, and cargo, origination, and destination--and when an anomaly or cause for concern is detected--if there is a U.S. Customs Officer at the origination port, they can check it there already.
However, there are still at least four major issues affecting our port security today:
1) Most containers are still checked only once they actually get onshore.
2) The scanners are too easily foiled--"most detectors are set to ignore low radiation levels. [And] basic shielding would be enough to mask all but the strongest sources."
3) Thoroughly scanning every container is considered too time-consuming using current processes and technology and therefore, would adversely affect our commerce and economy.
4) Around the world "Customs tends not focus on containers being transshipped [those moving from ship to ship]. Their attitude is 'It's not my container, it's just passing through.'"
This is a perfect example of technology desperately needed to address a very serious issue.
Certainly, we cannot bring our economy to a standstill either by unnecessarily checking every "widget" that comes over or by risking the catastrophic effects of a WMD attack.
So for now, we are in a catch-22, darned if we do check everything as well as if we don't.
This is where continued research and development, technological innovation, and business process reengineering must be directed--to secure our country sooner than later.
The risks are being managed best we can for now, but we must overcome the current obstacles to screening by breaking the paradigm that we are boxed into today.
(Source Photo: here)


March 19, 2008

Eliot Spitzer and Enterprise Architecture

While Eliot Spitzer didn’t get caught in bed with his mistress, he did get caught with his pants down.

How did Spitzer get caught and ultimately lose the powerful NY governorship?

Good solid enterprise architecture did Eliot Spitzer in.

In this case, the enterprise is the global financial system and the architecture is the business rules and technology that routinely check for suspicious activity.

One of the ways to catch bad guys—whether Eliot Spitzer, mob bosses, or even Al Quaeda fugitives—is by following the money trail, processing gazillions of transactions through sophisticated technology that filters out the anomalies and flags suspicious activity.

MIT Technology Review, 19 March 2008 reports that “anti-money-laundering software scrutinizes customers’ every move no matter how small.

“All major banks, and even most small ones, are running so-called anti-money-laundering software, which combs through as many as 50 million transactions a day looking for anything out of the ordinary.”

The software from one vendor, for example, contains more than 70 flags for identifying suspicious activity.

“In Spitzer’s case, the three separate $5,000 wire-transfer payments…would likely have triggered one of the most obvious of these [flags].”

“Banks are constantly on the lookout for activity that seems to be an effort to break up large, clearly suspicious transactions into smaller ones that might fly under the radar, a practice called structuring.”

The Bank Secrecy Act requires a “report of cash payments over $10,000 received in a trade or business, if your business receives more than $10,000 in cash from one buyer as a result of a single transaction or two or more related transactions.” ( Spitzer’s multiple $5,000 wire-transfer was a fairly blatant act that set off the trip wire for suspicious activity.

The technology also “groups customers and accounts into related ‘profiles’; or ‘peer groups’ in order to establish more-general behavioral baselines…each category is analyzed to determine patterns of ordinary behavior…and transactions stretching back as far a year, are then scrutinized for evidence of deviation from the norm.”

So for example, an elementary school teacher in Wyoming that deposits $25,000 would be flagged possibly as a deviation from the norm of what an ordinary teacher in Wyoming would be doing. If he deposit is in cash, well that’s even more of a no-brainer since it would be reportable as a cash transaction over $10,000.

“Every bank has a group of people who personally scrutinize transactions that have been flagged…if the human reviewers can’t explain the activity they will produce an official suspicious activity report [SAR].” This goes to the IRS and Treasury’s Financial Crimes Enforcement Network (FINCEN)…most SARS are ultimately reviewed by regional teams of investigators, drawn from the IRS, the FBI, the DEA, and the U.S. Attorney’s office.”

The number of SARs in 2006 reached “567,080…and 2007 was on track to set a new record.”

The target architecture for financial anomaly detection will continue to get us better and better results as it will to incorporate “analyzing customers’ social networks, tapping into the vast databases of information held by companies such as LexisNexis and ChoicePoint.”

From an enterprise architecture standpoint, you can see the sophistication of the business rules and the technology working in tandem in order to achieve the impressive results of tracking suspicious money activity. This is a great example of clearly identifying the mission requirements, using that to drive technology solutions, and effectively planning and governing the solutions, so that people cannot hide suspicious financial transaction, like needles in the haystack of the information glut out there.