Big data analytics are changing the face of CSI, writes Ross Brewer, pictured, vice president and managing director of international markets at LogRhythm.
Technology has not only changed the way in which individuals live their lives, but it also has the potential to dramatically change the way that crime is detected and prevented. There is currently an enormous amount of data being generated around the world which can, if utilised correctly, help solve crimes in both the cyber and physical world. Two key technology trends that are likely to have the biggest impact on crime-fighting are big data analytics and geolocation awareness.
Big data analytics has become one of the most talked about technology trends in recent years. Humans are generating incredible amounts of data every day from their communications with the environment around them and this data is being used by many businesses to gain insight into consumer activity trends. While its merits have long been touted from a business intelligence perspective, it can also be used by crime-fighting agencies to detect patterns of behaviour that could indicate criminal activity. As criminals interact with the environment around them, records of activity are generated, creating logs, videos, network packet captures and so on. While this data can provide intelligence to help detect criminals faster, it can also prevent crime entirely by providing almost real-time access to details of the ‘who, what and when’ associated with the crime.
Already a vast number of products, such as mobile phones and digital cameras, come with in-built GPS technology and, by default, tag activities with GPS co-ordinates. With the meteoric rise in social media sharing sites, from Facebook to Vine, vast amounts of geolocation data is already being stored online. However, as we move forwards more and more products are likely to have GPS chips integrated, tagging any data generated with a detailed understanding of where the individual is, or was, located. Given the rate of progress, it is likely that over the next 10 years we will see almost universal geolocation tagging with an increasing degree of accuracy. This information provides the ‘where’, allowing police to identify, or eliminate suspects based on where they were at the time of a crime.
When analysed, big data and geolocation awareness can provide a complete picture of an event, or in the lead up to an event to prevent it ever taking place. In the world of cyber crime prevention and detection, many organisations are already beginning to use the technology. By continuously monitoring a broad set of data sources and corroborating these activities across multiple dimensions, cyber threats can be identified and remediated immediately. Indeed, understanding the origin, scope and location of a breach on the corporate network can provide immediate value to organisations as this data can significantly reduce incident response times and provide better information for an appropriate response.
However, it is not just cyber crime that can be prevented. In order to detect fraud, many banks are now analysing customer account activity and location data to provide intelligence enabling them to flag any activity that does not correlate. This process proves far more accurate than simply blocking access to accounts when an individual is in a new location and reduces occurrences of false positives. This is big data analytics fighting crime today and it is likely the same techniques will be applied to other crimes in the future. For example, investigating a murder in ten years will look considerably different to how it does now. Within seconds of the crime being reported, the police could have immediate insight into the people within 25 feet of the victim at the time of the murder; the vehicles departing the crime scene; the current location of those people and vehicles, as well as other activity generated by people of interest. This data, combined with analytics, can quickly narrow down the avenues worth investigating, saving both time and resources. While today this same string of evidence could be pieced together, it might take days or even weeks to reach a final conclusion.
A decade from now, and with the correct technology in place, big data analysis and geolocation awareness will provide both traditional and cyber criminal investigators with the ability to solve physical and online crime much faster and forever change the way criminal activities are detected and deterred. Some crimes could also be prevented entirely as these trends evolve and criminals come to realise they will always be caught when committing certain types of crime. The possibilities for crime solving are huge – but at its most basic level, analytics is likely to enable real-time response to all criminal activity, both in the real world and online, essentially stopping criminals in their tracks.
