NSA AI Technology May Have Targeted Innocents

Uploaded on 2016-02-19 in INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Developments

source: Ars Technica

A new report suggests that the agency has been using a machine-learning program to identify potential terrorists, but thousands of Pakistanis may have been 'mislabeled'. 
    
A new report from Ars Technica suggests that the US National Security Agency (NSA) has been using a machine-learning program to identify potential terrorists in Pakistan, but its methodology may have led to thousands of innocent Pakistanis being mislabeled.

The NSA’s program, inexplicably named SKYNET, like the homicidal AI program of the Terminator film franchise, was first unveiled by documents leaked by Edward Snowden to The Intercept in 2015. According to a leaked 2012 government PowerPoint presentation, SKYNET uses “analytic triage” to calculate the probability that individuals are terrorists, using an 80-point analytical test, that evaluates factors like a person’s phone calls, location, social media activity, and travel patterns.

The system apparently flagged Al-Jazeera’s Islamabad bureau chief Ahmad Zaidan as a potential target, the Intercept’s data showed, as he often travels to conflict areas to report.

In the leaked slides, NSA claimed that SKYNET has a false-positive rate of only 0.008%, in certain instances. But Pakistan has a population of about 182 million, and the NSA was using phone records from about 55 million people for SKYNET. As Ars points out, even at that minute rate, many innocent people are likely to end up mislabeled. Some of the NSA’s tests in the leaked slides saw error rates of 0.18%, which could mean mislabeling about 99,000 people out of the 55 million.

SKYNET can be compared to the machine learning systems that businesses use to find sales leads—both methods learn a person’s traits, and compares them to model profiles based on those traits. SKYNET was trained by feeding the system with the data from 100,000 random people, and seven known terrorists. It was then tested with the task of identifying one of those seven terrorists. What’s troubling is that SKYNET does not appear to have been tested with new data, which would have shown whether the system could work in new situations, according to an expert who examined the leaked slides for Ars.

“There are very few ‘known terrorists’ to use to train and test the model,” Patrick Ball, a data scientist and director of the Human Rights Data Analysis Group, explained to Ars Technica. “If they are using the same records to train the model as they are using to test the model, their assessment of the fit is completely bullshit.”

It’s not clear yet what purpose SKYNET serves. Although it could be part of non-violent surveillance activities, such as monitoring suspected terrorists’ travel patterns, Ars suggests the technology could potentially be used to target drone strikes. Since 2004, the US government has carried out hundreds of drone strikes in Pakistan against alleged terrorists, according to the Bureau of Investigative Journalism.

Last year, the UN warned against nations developing autonomous weapons, due to concerns about what they might do without a human’s moral judgement. The NSA was not immediately available to comment on how SKYNET was used, or how it was trained.
DefenseOne:  http://bit.ly/1PFNMpD

 

« Nitro Zeus: The US Plan To Launch A Massive Cyber Attack On Iran
Anonymous Hacks Thai and Turkey Police Stations »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

bwtech@UMBC

bwtech@UMBC

The bwtech@UMBC Cyber Incubator is an innovative business incubation program that delivers business and technical support to start-up and early-stage cybersecurity/IT products and services companies.

InfoGuard

InfoGuard

InfoGuard is a leading Swiss company providing comprehensive cyber security and network solutions.

Circadence

Circadence

Circadence offer the only fully immersive, AI-powered, patent-pending, proprietary cybersecurity training platform in the market today.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

Secured Communications

Secured Communications

Secured Communications has developed the only unified secure communications platform trusted by public safety and counter terrorism professionals around the world.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

CICRA Consultancies

CICRA Consultancies

Cicra Consultancies is a company that specializes in cyber security. Our major activities are guided by three main principles: Prevent, Investigate, Prosecute.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

Appknox

Appknox

Appknox is the world’s most powerful plug-and-play security platform that helps developers, security researchers, and enterprises to build a safe and secure mobile ecosystem.

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

Anatomy IT

Anatomy IT

Anatomy IT empowers healthcare providers to deliver exceptional patient care with cutting-edge technology and cybersecurity solutions.

Hacker School

Hacker School

Hacker School offers technology motivated training programs that provide Cyber Security Certifications and Courses.

Yokai

Yokai

Yokai is a secure, distributed platform for data communication with enhanced security features tailored for classified environments such as finance, defence, healthcare, cybersecurity, and more.

Platview Technologies

Platview Technologies

Platview Technologies is an innovative and agile cybersecurity company with the goal of safe-guarding businesses with our world-class, industry-leading services and technology solutions.