Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Lecture 3
Trust and validity of information
Data entry
Changes to source systems
Data migration or conversion
Mixed expectations by users
External data
System errors
Customer data entry
Crowdsourcing
The Wisdom of Crowds is
increasingly being used to obtain and
analyse data:
Get people to analyse huge data
sets
Get a crowd opinion on a problem
Monitor crowd behaviour e.g.
predict a flu outbreak from Google
searches
Evaluation of Evidence
Weighing evidence is basic to its
credibility
3 steps to evaluation
The source
The method of communication
The evidence itself
Source Evaluation
Need to answer 3 questions
Is the source competent?
Expertise required. Are you able to describe
the source?
Communications Evaluation
How did the evidence arrive?
The accuracy decreases with length
of chain
Analyse the channel itself
Is the information being intentionally
provided?
Is it true or deception?
Is it for the opponent?
X can become a fact through validity
creep
..may.. Possibly .. Probably .. IS!
Credentials of Evidence
Credibility: how believable is it?
Reliability: consistent, replicable,
corroborated?
Inferential value: what weight does it
carry think about the motives of the
source and is the data relevant to the
problem?
Pitfalls in Evaluation
There are at least 7 pitfalls to avoid in
weighing evidence
1. Vividness weighting
Statistics least persuasive, then text, with
video most persuasive to decision-makers
2. Weighting based on the Source
Downplaying the value of open source
data
Pitfalls
3. Recent Evidence
Should the most recently acquired
evidence have the highest weight?
4. The Unknown
How to judge a question when evidence is
absent or little is known
5. Trusting Hearsay
Do you trust the words of a person? What
if the target knows they are being
monitored?
Pitfalls
6. Expert Opinion reliance
Can we rely on their opinion to be
objective?
7. Premature Closure
Tendency to affirm existing beliefs
instead of discrediting them
Calibration of data
It is possible to essentially test the data
being supplied by the use of
calibration:
Release a dataset and wait for it to
return check the contents
Insert a dataset with a known
outcome into the analysis chain and
monitor the effect
Set a honeytrap with a false dataset
Denial
Comms and radar can be denied to
SIGINT
Intermittent operation, using land lines,
encrypting or jamming the SIGINT with
interfering signals.
IMINT denial
Using camouflage or masking techniques, going
underground, operating during darkness or
cloudy weather. Also cleaning up chemical
emissions to deny spectral imagery collection.
Deception
Passive deception deploys decoys
Dummy ships, missiles, tanks etc
Social Engineering
The psychological tricking of
legitimate computer system users to
gain information
Phishing attacks are now routine for
most users
Spear phishing attacks are getting
more sophisticated with the use of
social network data
Misinformation
Propaganda has long since been
used by governments or other
groups to influence a population
Classic cases during conflict and
war
In cyberspace we need to guard
against unauthorised access, web
defacement and even open source
postings
Countermeasures
Preventing the human hack is in its infancy
We need systems that can raise alerts with
information sources
Single sources
Spotting spoofs of servers using metrics
Some historical model of the source
The style of writing; linguistic cues
Multiple sources
Calibration against other sources
Stats of reliability and overall trustworthiness
E.g. amazon vendors