Warning to Gossipy Grunts: DARPA's Eyeing Your E-Mails

If you don’t have anything nice to say, then definitely don’t say it, type it or text it over a military network.

The Pentagon’s intent on weeding out “insider threats” – troops or other military personnel who might be disgruntled enough to (Wiki)leak some documents, or mentally unhinged enough to go on a shooting rampage. Now, military-funded scientists are plotting a computer system that’d boast unprecedented abilities to scan and interpret every keystroke, log-in and file upload performed over Pentagon networks.

Darpa, the military’s far-out research arm, recently announced a $9 million award to a consortium of five institutions, led by Georgia Tech, to kick off a two-year project called “Proactive Discovery of Insider Threats Using Graph Analysis and Learning,” (PRODIGAL). The initiative is one part of a larger Darpa endeavor, ADAMS, that aims to find malevolent insiders before they cause problems. Already, a team at Columbia University is using ADAMS funding to trick WikiLeaker wannabes with decoy documents.

PRODIGAL would take that threat detection up a few notches. Under the Columbia team’s plan, decoy documents would give military officials a trail of digital breadcrumbs: If the fakes were released online, analysts might be able to backtrack and figure out when and where they were obtained and how they went public. But PRODIGAL, if it works, could lead officials to a WikiLeaker before that person ever breaks the law.

Right now, a human analyst in the military has time to find and investigate a mere five anomalous computer activities a day – unusual file transfers, log-in locations or website visits – out of thousands that occur. PRODIGAL would make sure analysts were looking into the most important ones. The program would use a complex combination of algorithms, including those designed to spot anomalies and statistically calibrate their potential threat, and then spit out a ranked list of the unexplained events most in need of examination.

The program will keep tabs on individual users, checking their activity history against current habits to detect unusual behavior. And it’s intended to be incredibly thorough: Researchers plan to create a program that scans e-mails, text messages, log-ins, file transfers and web browsing. All in, the software will be able to scan an estimated 250 million e-mails, IMs and file transfers a day, along with infinite quantities of basic computer activity.

Sounds like fodder for my next favorite dystopian novel. But Darpa officials are quick to reassure that PRODIGAL will initially only be tested on government officials and military personnel who’ve agreed to be monitored. And assuming initial tests go well? Well, maybe don’t get too worried. The Pentagon’s got bigger plots to foil than your coordinated efforts to steal your captain’s underwear.

https://www.wired.com/2011/12/darpa-email/