Oct. 17--An arm of the U.S. Army's homeland security office uses data-mining software from Chicago-based SPSS Inc. to fight cybercrime.
"We have huge databases with records from electric, water and other utilities that we're analyzing for signs of cyberattacks," said Major Jeffrey T. Newhard, director of the Army's Homeland Infrastructure Security Threats Office.
The Army aims to help utility operators upgrade their computer security to thwart hackers bent on shutting down the utilities or degrading their ability to perform, said Newhard.
"This infrastructure is crucial to our ability to deploy troops and supplies around the world," he said.
Heightened computer security represents a new direction for the SPSS predictive analytics software, said Jack Noonan, SPSS chief.
"This software has been used to spot credit card fraud and Medicare fraud," Noonan said. "It's very good at detecting unusual activity patterns associated with fraud. Spotting patterns associated with cybercrime is very close to the same thing."
Most computer security systems have basic rules intended to identify hackers and deny them access. For instance, when an individual computer tries to enter through one system port after another like a burglar twisting doorknobs to find an unlocked entry, the system will single out that computer and deny it access under any circumstances.
But a sophisticated hacker might program his computer to try entering ports randomly over several hours to avoid calling attention to his activity. The SPSS software will notice these efforts, even though they're subtler.
This predictive software has already been applied to preventing crime in the real world, said Bill Haffey, SPSS technical director for public sector business. In Richmond, Va., police use data mining to help them predict where to put patrols.
"The software looks at past incidents of aggravated assault by location, time and date," said Haffey. "It adds other factors such as weather, and events--whether there'd been a basketball game, a concert or some other gathering. Then it makes predictions."
"If you have a moonless night two hours after a basketball game, the program points out that in the past, under the same circumstances, there was an assault at a certain location. The police might want to put some patrols in the area. But if it's raining, chances are nothing will happen."
Such predictions intended to help police use their forces more efficiently to reduce crime can also help head off cybercrime, said Noonan.
