Risk
1/26/2012
12:18 PM
50%
50%

FBI Seeks Data-Mining App for Social Media

Agency wants to monitor Facebook, Twitter, and other sites for real-time information that could help investigations.

Obama's Tech Tools
(click image for larger view)
Slideshow: Obama's TechTools
The FBI has become the latest federal agency interested in mining social media for intelligence information.

The agency is looking for ideas for developing a social media application that can search for significant data from social networking activity to be used for intelligence purposes, according to a request for information (RFI) posted on FedBizOpps.gov.

The FBI is looking for a "geospatial alert and analysis mapping application" that will allow its Strategic Information and Operations Center (SIOC) to "quickly vet, identify and geo-locate breaking events, incidents and emerging threats," according to the RFI.

[ How does data mining affect user privacy? See Global CIO: Data Mining Faces The Supreme Court Test. ]

The agency wants the tool to be in the form of a "secure, lightweight web application portal, using mashup technology," and plans to use it to share information with intelligence partners to coordinate and synchronize awareness of events across operations, it said.

Moreover, the application must be "infinitely flexible" to adapt to changing threats, and those using it must have access to a common operating dashboard from which they can view both unclassified open-source information feeds and use tools to analyze social media during a crisis as it happens.

Other features the FBI hopes its data-mining tool will have include the ability to automatically "search and scrape" social-networking and open-source news websites for information about breaking world events. It also wants to give users of the tool the ability to do relevant keyword searches on sites such as Facebook, CNN, Fox News, and other popular information outlets on the Internet.

The FBI is certainly not the first federal agency to recognize the value in information being shared via social media.

Other federal agencies--including the CIA, Department of Homeland Security (DHS), and even the research agency for federal intelligence efforts, the Intelligence Advanced Research Projects Agency (IARPA)--also are interested in mining the Web for picking up clues about public opinion or world events for use in their respective missions.

In addition to its own aim to build a data-mining tool, the FBI also will likely benefit from the fruits of IARPA’s research efforts in this area. IARPA is seeking to create technology that will continuously analyze and mine data from websites, blogs, social media, and other public information to help it better forecast global events.

In the meantime, In-Q-Tel, the investment firm established by the CIA to support U.S. intelligence agencies, has invested in a startup called Visible Technologies that monitors social media content on the Web so agencies can watch and analyze public opinion on the Web as revealed through social networks.

The DHS, too, has said it monitors Twitter, Facebook, and other popular websites to help it maintain situational awareness and perform its necessary duties in support of international crises and events such as the earthquake in Haiti.

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Jai Krishna Ponnappan
50%
50%
Jai Krishna Ponnappan,
User Rank: Apprentice
2/19/2012 | 11:11:04 PM
re: FBI Seeks Data-Mining App for Social Media
Apart from seeking to use a customized data mining tool they should aim to build intuitive software solutions that evolve incrementally and cyclically based again on proven artificial intelligence technologies. Several large corporations and businesses are already leveraging vital information and value adding intelligence to either boost several of their operations, successfully identify major and minor risk events, understand insider knowledge and predictive trends that were otherwise quiet simply impossible to decipher and even gain a solid competitive advantage. Of course all this can only happen if they can clearly and fully demarcate and know what it is that is the scope of what they want from a tool such as this and unfortunately the power it brings to the table is always open to either misuse or abuse and mixing levels of authority and jurisdiction requires even more stringent and complex measures to ensure appropriate and ethical use. Such systems can prove to be highly beneficial and insightful and the idea behind it has been deployed successfully by several industries all over the globe. There are several areas of application and scenarios particularly within Law enforcement and crime detection where an ethical and acceptable predictive tool can really help assist with better preparedness and responses.

Thank you for the interesting post.

Best Wishes & Regards,
Jai Krishna Ponnappan :)
Bprince
50%
50%
Bprince,
User Rank: Ninja
1/28/2012 | 3:52:47 AM
re: FBI Seeks Data-Mining App for Social Media
Lots of evidence street gangs are using Facebook, YouTube, etc, to promote their gangs and in some cases discuss crimes, and I just saw a story about people firing guns at a t-shirt of Obama and putting it on Facebook. Needless to say, they are now under investigation.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2208
Published: 2014-12-28
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.

CVE-2014-2209
Published: 2014-12-28
Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote attackers to bypass intended access restrictions by leveraging group permissions for a file or directory.

CVE-2014-5386
Published: 2014-12-28
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initial...

CVE-2014-6123
Published: 2014-12-28
IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading installation logs.

CVE-2014-6160
Published: 2014-12-28
IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.