- By Patience Wait
- Aug 26, 2005
Is it possible to predict and prevent possible terrorist attacks? Noah Hurst thinks so.
'People who come here to attack us have nothing,' Hurst said. 'They have to buy or rent or steal' everything they need, such as vehicles, explosives or ingredients to make explosives.
As a result, 'they have to leave a bread crumb of data behind. ... They cannot operate without leaving traces that can be followed,' he said.
Hurst is director of homeland security with Westar Aerospace and Defense Group Inc., a unit of the U.K. company QinetiQ Group PLC. For several years, his team has been working on ways to be proactive, instead of reactive, with regard to possible terrorism.
The solution, Hurst said, is the Scenario Cognitive Reasoning Engine, or SCORE, a national, automated, event-driven data mining program that would automatically comb terabytes of information around the clock, looking for those bread crumbs.
The first step, Hurst said, is to use subject matter experts'people with first-hand knowledge of how terrorists recruit and train, how they organize their cells, how they select targets and so on'to construct scenarios of different kinds of attacks.
Each scenario then is broken down into individual events, many of which leave some transaction record. Hurst said even a minimal scenario contains more than 500 events, which is far more than any human analyst'or team of analysts'could handle.
By grinding through massive amounts of data'police reports, business transactions, state and local databases for driver's licenses and vehicle registrations, to name just a few'then correlating them against the different scenarios, Hurst said, SCORE can flag any instances where many individual events appear to outline a possible attack.
Those who have talked with Hurst and seen what SCORE does have been impressed.
'I've seen the demonstration of this type of capability, based on some real data and some postulations of real data,' said Larry Burger, director of the Army's Space and Missile Defense Future Warfare Center in Huntsville, Ala. 'It certainly appears to me to be promising. It's a little bit outside our normal realm, but it's a spinoff of some technologies we've pursued for our own stuff.'
Burger said the approach is very plausible from a technical standpoint.
'In the Army, we have many different ways to kill a tank. ... We have a robust capability to kill another person's armor before they can hurt us,' he said. 'How about using the same approach, having multiple looks at the [information]? I'm kind of a supporter of robust capabilities.'
There are numerous advantages to this approach, Hurst said. 'For one thing, this makes it event-driven, rather than person-driven,' which addresses the concerns of those worried about profiling or privacy issues.
For another, it does not require a huge amount of hardware investment.
'It's just a series of PCs in racks for parallel processing,' he said.
The company has put together a demonstration, based on the events leading up to Sept. 11, drawing data from the report of the 9/11 Commission, the congressional joint inquiry, the al-Qaida training manual and a number of other sources.
'We developed scenarios related to that, and from it we derived a single success scenario for the terrorists,' he said. 'Then we pulled out the key events that indicated this scenario is in play.'
Hurst and his company have given numerous demonstrations of this data-intensive, event-driven approach to different government agencies, but so far there has been no funding for the program.
Hurst said the biggest roadblock has been the inertia of agencies that have been doing things the same way for years, if not decades.
The next step for Hurst's group is to run a pilot program with SCORE, which he estimated would cost between $12 million and $15 million.
'Getting access to the data is the key,' he said.