Professional Documents
Culture Documents
BattlespaceAwareness PDF
BattlespaceAwareness PDF
48
49
50
Information Collection
Louis Pasteur has observed that, [i]n the field of observation, chance favors only the prepared mind. Multiple assessments of terrorist groups
have highlighted the fact that those intent on committing violent acts are
tenacious and extremely resourceful when it comes to information gathering. Examples of long-term surveillance, detailed operational planning,
and multiple attempts on a common target have been documented, including the attacks on the Khobar Towers, 14 the 1993 and 2001 attacks on the
World Trade Center,15 as well as the recent disclosure of casing reports
demonstrating extensive research on and surveillance of major financial
institution in the United States.16 This planning and patience also offers
multiple opportunities for detection. While connecting the dots has been
51
cited widely as the answer, connecting the dots and predicting the next step
holds even more value from a strategic perspective.
As the war on terrorism progresses, information gathered should
feed the process. Interviews and debriefing should not be an end in itself; rather, they can drive the knowledge-acquisition process further. With
knowledge discovery tools, information can serve as a dynamic interface
between the analytical and operational personnel. By making operational
personnel part of the analytical process the entire data collection, processing, analysis, and dissemination is greatly enhanced and fit specifically to
the operational requirements. Again, the tools now exist that will allow
information collected in the United States to inform the process half a
world away at any time, day or night, requiring only a laptop computer and
a model developed by an analyst.
The information collected from detainees or human-intelligence
(HUMINT) assets can further enhance this developed knowledge base and
inform future interviews and actions. For example, information obtained
can further guide the collection process by identifying subtle or common
patterns of deception, or tipping points when information begins to flow
freely. Sophisticated data and text mining software is available in the desktop environment, available for analysis and for wide and rapid deployment
to the areas where it is needed most, especially the theater of operations.
Secure networking and information deployment associated with NCW
will allow analysts to share information and identify larger patterns and
trends, including those that transcend their operational purview.
52
In our experience, we have been able to use data mining and predictive analytics to identify likely motives, offender characteristics, and
victim-risk factors in violent crime.18,19,20 In many ways, terrorism can be
described as violence with a larger agenda. While the mechanism might
be different, the intended outcome is the same, that is, to achieve behavioral control through intimidation, violence or threats of violence. Suicide bombers might represent the frontline warriors of Fourth-Generation
Warfare. The fact that their surveillance and pre-attack behavior has been
characterized and described further highlights the predictability of human,
even criminal, behavior.21,22 In this array of associated indicators, we want
to be able to identify and give weight to the most valuable predictors so
that we can rapidly identify these individuals and prevent suicide attacks.
The ability to characterize and predict this behavior could afford tremendous tactical as well as strategic value to those fighting in the war on terrorism.
The ability to accurately and reliably predict risk also can be a tremendous asset in deployment decisions. Exploiting predictive analytics in
local policing, we have developed the concept of risk-based deployment.
Using data mining and predictive analytics to analyze historical data has
yielded models that predict when and where incidents are likely to occur.
By identifying the times and locations associated with an increased likelihood of risk for an incident, we can proactively place assets when and
where they are needed, thereby more efficiently utilizing our resources,
and increasing the likelihood of rapid identification and apprehension, or
even deterrence through enhanced presence.
53
Identify Theft
Identity theft has been with us in various forms for a very long time. Many
unsuspecting consumers have had their financial lives ruined by thieves
who assumed their identities in an effort to commit fraud. After 9/11, it became painfully obvious that the highjackers had easily obtained the false
credentials necessary to move throughout the many systems that require
54
Force Protection
Lind and others in their discussion of Fourth-Generation Warfare have observed that Terrorists use a free societys freedom and openness, its greatest strengths, against it. With the move to transparent government, vast
amounts of information are deployed over municipal Websites, including
information with significant tactical as well as strategic value. Information pertaining to public safety infrastructure, utilities, equipment, personnel strength, deployment, response times and protocols can either be
extrapolated, or are even provided directly in some situations. Moreover,
seemingly innocent information alone or in combination with other open
source materials can hold value for operational preparation and terrorist
attacks. For example, the availability of detailed, high-resolution orthophotography images of communities, landmarks and other high-profile
55
targets has increased rapidly over the past several years. As early as the
spring of 2001, Israel reported increased use of precision air photos by
certain groups, which often are available through commercial outlets or
the Internet.25 In many cases these images are precise, with a high degree
of resolution, and hold great operational value for military, paramilitary,
and terrorist organizations alike. For example, these detailed images can
be used to identify locations appropriate for the placement of car bombs,
cover, concealment, and escape routes. More recently, these images and
detailed infrastructure information collected from open source internet
sites have appeared in casing reports of financial institutions within the
United States, which are believed to have been collected in support of possible terrorist operations.26
Additional information outlining military thinking, tactics and strategy also is available freely over the Internet. Recent reports leave no doubt
that this information is being used by friend as well as foe. For example,
Abu Ubeid Al-Qurashi, identified as one of Bin Ladens closest aides,
specifically sites the principles of fourth generation warfare, published in
the Marine Corps Gazette, when outlining the al Qaeda combat doctrine in
the al Qaeda biweekly Internet magazine, Al-Ansar.27 Other reports have
indicated that the Website, www.C4I.org, encountered vigorous activity
from Iraqi Internet addresses in the period immediately preceding the most
recent Gulf War.28 Of particular interest to the Iraqis were links about psychological tactics, information warfare and other military issues. In other
words, we know that they are looking at us; that they are learning from our
playbook.
They do not need to hack into our systems; we give it all away. Tom
Clancy noted in his recent keynote address at the Gartner IT Expo that
[t]here are no secrets in the world. The only hard part is finding the right
person to ask. If you have a phone, you can find out anything you want in
under 60 minutes. With the Internet, its even faster.29 Many have decried
the availability of information through open sources, and in response to
this developing threat the National Infrastructure Protection Center has
advised localities to survey the information currently available and remove
possibly dangerous information. This change is unlikely to occur in the
immediate future. In fact, it appears that even more information is being
made available. While we can hope that our adversaries will be swamped
by this same tidal wave of information that we are struggling with, tools
are available now that will allow us to use their interest in our information
to our advantage. Again, these data resources are far too large for analy-
56
sis using purely human resources. Data mining and predictive analytics,
however, can automate the knowledge discovery process. The same tools
used in the E-commerce sector to identify shopping patterns, demographic
information, and geographic preferences also can be used to identify and
highlight interesting or suspicious pieces of information or activity for
an analyst to evaluate further. This type of electronic surveillance detection, in combination and integrated with traditional physical surveillance
detection and threat assessment, offers new opportunities for value-added
analysis that will significantly increase our force-protection capacity. Perhaps more important, however, these tools are available right now.
57
58
59
60
to the frontlines of the war on terrorism. Give the smart people in their
respective fields an opportunity to interact and identify creative methods
for bringing the existing knowledge and technology to the war on terrorism. Working hand-in-glove, the analytical products can then be tailored specifically to the operational needs and requirements. Moreover,
by working together, an additional benefit realized would be enhanced
information collection, which will result in value-added intelligence and
analysis. These new tools would then give us the ability to more fully exploit NCW and afford collaboration and cooperation across a worldwide
venue, transcending traditional operational boundaries.
A complete discussion of dominant battlespace awareness was well
beyond the scope of this paper. Suffice it to say, however, that forewarned
is forearmed; to be prepared is half the victory, (Miguel de Cervantes).
The importance of acute and well-informed situational awareness cannot
be understated. In outlining the opportunities and challenges of dominant
battlespace knowledge (DBK), Dr. Stuart E. Johnson has written that, exploiting DBKmeans that it be applied across the entire cognitive hierarchy from data, to information, knowledge, and finally, understanding.40
In light of this statement, the value of data mining and predictive analytics,
so-called knowledge discovery tools, becomes immediately apparent.
We must do far more than connect the dots; to gain truly dominant battlespace awareness and supremacy in the war on terrorism we must connect the dots and use them to anticipate the next image. We must exploit
the technology available currently and begin anticipating the next move
to achieve dominant battlespace awareness and victory in the war on
terrorism.
Notes
1. Markle Foundation Task Force on National Security in the Information Age,
Protecting Americas Freedom in the Information Age, ISBN 0-9725440-0-3, 07
October 2002, 1.
2. Steve A. Yetiv, quoted in Gauging Iraqs Espionage Possibilities, 1 May 2003,
URL: <www.CBS.com>, 18 November 2004.
3. Colleen McCue, Emily S. Stone, and Teresa P. Gooch, Data Mining and ValueAdded Analysis, FBI Law Enforcement Bulletin 72, (2003): 1-6.
4. Colleen McCue, and Colonel Andre Parker, Connecting the Dots: Data Mining and Predictive Analytics in Law Enforcement and Intelligence Analysis, Police Chief 70, (2003): 115-122.
61
5. Colleen McCue, and Colonel Andre Parker, Web-Based Data Mining and
Predictive Analytics: 24/7 Crime Analysis, Law Enforcement Technology 31,
(2004): 92-99.
6. Colleen McCue, Data Mining and Value-Added Analysis.
7. Colleen McCue, Connecting the Dots.
8. Colleen McCue, Data Mining and Value-Added Analysis.
9. Colleen McCue, Web-Based Data Mining.
10. Colleen McCue. Data Mining and Predictive Analytics: Enhancements to
Network Centric Warfare. Naval Proceedings, in press.
11. Colleen McCue, Web-Based Data Mining.
12. Colleen McCue. Data Mining and Predictive Analytics: Enhancements to
Network Centric Warfare. Naval Proceedings, in press.
13. William S. Lind, Colonel Keith Nightengale, Captain John F. Schmitt, Colonel
Josephs W. Sutton, and Lieutenant Colonel Gary I. Wilson, GI, The Changing
Face of War: Into the Fourth Generation, Marine Corps Gazette, October 1989,
22-26.
14. Lieutenant Colonel Robert L. Creamer, USMC, and Lieutenant Colonel James
C. Seat, USAF, Khobar Towers: The Aftermath and Implications for Commanders, Report chaired by Colonel Richard L. Hamer (Maxwell Air Force Base, AL:
Air War College/Air University, April 1998).
15. The 9/11 Commission Report, ISBN 0-393-32671-3, 22 July 2004.
16. Joint DHS and FBI Advisory, Homeland Security System Increased to ORANGE for Financial Institutions in Specific Geographic Areas, 1 August 2004,
URL: <www.dhs.gov/ interweb/assetlibrary/IAIP_AdvisoryOrangeFinancial
Inst_080104.pdf>, 19 November 2004.
17. John E. Douglas, Ann W. Burgess, Allen G. Burgess, and Robert K. Ressler,
Crime Classification Manual: A Standard System for Investigating and Classifying Violent Crimes (San Francisco: Jossey-Bass, 1997).
18. Colleen McCue, Data Mining and Value-Added Analysis.
19. Colleen McCue, Connecting the Dots.
20. Colleen McCue, and General Paul J. McNulty, Guns, Drugs and Violence:
Breaking the Nexus with Data Mining, Law and Order 51, (2004): 34-36.
21. Lieutenant Colonel Robert L. Creamer, Khobar Towers.
22. Billy Alfano, Terrorism Strikes Russia: Summary of the Attacks from August 24 to September 3, 2004, Overseas Security Advisory Council (OSAC), 13
September 2004.
23. Tabassum Zakaria, CIA Turns to Data Mining, 20 September 2002, URL:
<www.parallaxresearch.com/news/2001/0309/cia_turns_to.html >, 10 April
2003.
62
24. Colleen McCue, untitled lecture presented to Diplomatic Security Service personnel at US Department of State (ArmorGroup, International Training), Rosslyn,
VA, 14 May 2004, 25 June 2004.
25. Reuven Shapira, We are on the Palestinians Map, Maariv (Tel Aviv), 18
May 2001.
26. Joint DHS and FBI Advisory.
27. Papyrus News, Fourth-Generation Wars: Bin Laden Lieutenant Admits to
September 11 and Explains Al-Qaidas Combat Doctrine, 10 February 2002,
URL: <vstevens.tripod.com/ papyrus/2002/pn020211a.htm>, 19 November
2004.
28. Brian McWilliams, Iraqs Crash Course in Cyberwar, Wired News, 22 May
2003, URL: < www.wired.com/news/conflict/0,2100,58901,00.html>, 19 November 2004.
29. Dennis Fisher, Clancy Urges CIOs: Seek Out the Smart People, eWeek.
com, 2 June 2003, URL: < www.eweek.com/article2/0,3959,1114813,00.asp>, 19
November 2004.
30. Eoghan Casey, Using case-based reasoning and cognitive apprenticeship to
teach criminal profiling and internet crime investigation, Knowledge Solutions,
URL: <www.corpus-delicti.com/case_based.html>, 19 November 2004.
31. Barton Gellman, Cyber-Attacks by Al Qaeda Feared, Washington Post, 27
June 2002, URL: <http://www.washingtonpost.com/wp-dyn/articles/A50765202June26.html>, 10 April 2003.
32. Colleen McCue, Colonel Andre Parker, General Paul J. McNulty, and Major
David McCoy, Doing More with Less: Data Mining in Police Deployment Decisions, US Department of Justice Violent Crime Newsletter, Spring 2004, 1+.
33. Colleen McCue, Guns, Drugs and Violence.
34. Colleen McCue, and General Paul J. McNulty, Gazing into the Crystal Ball:
Data Mining and Risk-Based Deployment, US Department of Justice Violent
Crime Newsletter, September 2003, 1-2.
35. Colleen McCue, Gazing into the Crystal Ball.
36. US Department of State, International Training Incorporated, Rosslyn, VA
37. SPSS Directions conference
38. Colleen McCue, lecture.
39. Colleen McCue, Gazing into the Crystal Ball.
40. Stuart E. Johnson, DBK: Opportunities and Challenges, in Dominant Battlespace Knowledge, eds. S.E. Johnson and M.C. Libicki (Washington, DC: National Defense University, 1995).
63
Author Biography
Dr. Colleen McCue joined the Research Triangle Institute as a Senior
Research Scientist in July of 2004. Previously, Dr. McCue served as the
Program Manager of the Crime Analysis Unit at the Richmond, Virginia
Police Department, during which time she also maintained adjunct appointments at the Medical College of Virginia, Virginia Commonwealth
University. She earned her undergraduate degree in psychology from
the University of Illinois at Chicago, her Doctorate in Psychology from
Dartmouth College, and completed a five-year postdoctoral fellowship in
the Department of Pharmacology and Toxicology at the Medical College
of Virginia where she received additional training in pharmacology and
molecular biology. During her tenure with the Richmond Police Department, Dr. McCue pioneered the use of data mining and predictive analytics in crime analysis. Her experience in the applied setting resulted in
the development of risk-based deployment strategies and operationally
actionable analytical products, which have received international attention. Currently, her research involves the application of expert systems in
the analysis of crime and intelligence data, with particular emphasis on
deployment strategies, surveillance detection, threat and vulnerability assessment, automated motive determination, and the behavioral analysis of
violent crime. Dr. McCue publishes her research findings in journals and
book chapters, and has been an invited speaker at national conferences on
data mining, predictive analytics and violence.