Beyoncé's career in 📷 Solar eclipse guide 😎 Previous US disasters Play to win 🏀
TECH
Microsoft

Watch out, terrorists: Big data is on the case

Byron Acohido
USA TODAY

LAS VEGAS — The good guys are using a powerful new secret weapon to stymie the bad guys: big data.

Cutting-edge data mining and data visualization technologies that can extract revealing patterns from rich data stores are being brought to bear on flushing out hackers, cyberspies — even terrorists.

Pakistani Taliban patrol in a Pakistani tribal region of South Waziristan on Aug. 5, 2012.

The Institute for the Study of Violent Groups, for instance, is using Tableau Software, a hot-selling data visualization tool, to sift through 10 years' worth of continually replenished data on groups and individuals known to be engaging in terrorism, extremism and trans-national crime. The ISVG delivers several reports each week to defense officials in governments worldwide.

"We can slice and dice the data instantly and answer questions that we never thought to ask before," says John Hitzeman, the institute's IT and analysis coordinator. Knowing patterns and characteristics of the major terrorists camps has helped defense officials make decisions that have saved lives, Hitzeman says.

Security researchers at Microsoft are doing something similar with some very powerful, custom-built data-mining systems. The software giant each day culls some 1 million malicious files, 250 million threat reports and 320 million early warning reports sent in by enterprises running Windows networks.

Analysts catalog and prioritize the most prevalent threats, and Microsoft shares that intelligence with antivirus partners such as Symantec and McAfee, and testers like AV-Test.org and AV Comparatives.

Microsoft analysts also correlate patterns emerging from daily culls of the relentless cyberattacks on Microsoft's own corporate network. And the company recently green-lighted more resources dedicated to developing better tools to analyze network intrusions and conduct forensic investigations, says Matt Thomlinson, general manager of Microsoft Trustworthy Computing.

This push "enables us to better understand and combat cybercrime," Thomlinson says.

Microsoft's leadership in shoring up Windows-based networks is certainly laudable. But to truly slow cybercrime over the long haul, a comparative level of daily scrutiny and ongoing mitigation is going to have to filter down to every corporate network on the Internet.

That's where new data-visualization technology, from vendors such as Tableau and Tibco Software, hold potential for making a big difference over time. These tools enable rank and file employees to creatively correlate information and thereby assist in spotting, and stopping, cybercriminals.

"Essentially, these tools help people more easily find the needle in the haystack," says Matthew Quinn, Tibco's chief technology officer. "You can detect early warning signs of suspicious behavior and take action to prevent an intrusion or theft of data."

Tableau CEO Christian Chabot notes that only a few years ago, big data lay mostly fallow, useful only to trained scientists.

"Today, people of virtually any skill level can use visual analytics software to see and understand data," Chabot says. "Doctors, school teachers, game developers and cybersecurity professionals are making better decisions because they can see the facts."

Featured Weekly Ad