7.5 Machine Learning at the Border: A Case Study

7.5 Machine Learning at the Border: A Case Study

This is a case study contributed by the MITRE Corporation.

A middle-aged man in a light blue Mustang is about to enter the United States from Mexico at one of numerous customs checkpoints along the southwest border. He's confident no one will suspect he's transporting more than 10 pounds of heroin in secret compartments within his vehicle; he's done it before and he plans to do it again—and again. But, a customs system operator at a site near El Paso, Texas uses the Anti-Drug Network (ADNET) system to access data on the driver and his car via his license plate (see Figure 7.2). It's just routine and takes a few moments.

Figure 7.2: The Anti-Drug Network (ADNET).

The agent quickly learns—through a system that accesses a large data warehouse of information on crossings, seizures, and motor vehicles—that the driver makes this trip on a regular basis, at a regular time, but this trip is different. She decides it's worth her time and trouble to continue the inspection. Ten minutes later, she finds more than a dozen small packages of white powder; the drugs are seized and the driver is arrested.

Situations like this occur almost daily across the many ports of entry along the Mexican/U.S. border and other entry points into the United States. Sophisticated data-sharing systems developed by the ADNET community (i.e., Department of Defense, U.S. Coast Guard, Department of Justice, Department of State, Department of Treasury, Federal Communications Commission, and the intelligence community) give U.S. drug and law enforcement officials an arsenal of information needed to stem the flow of illegal narcotics and other dangerous substances into our country.

The MITRE Corporation is helping federal law enforcement agencies in the counter-drug community take advantage of the data that helps identify possible drug traffickers and trafficking activities. Through various mechanisms, the counter-drug organizations have access to an increasing amount of information. But the really difficult task is using that data to improve effectiveness. MITRE is providing data mining assistance for ADNET. The corporation cites the fact that what's needed now is a way for these groups to sift through all this data—most of it unimportant—and find the larger patterns, trends, and anomalies that ultimately lead to seizures.

To support this increased need for manageable information, MITRE computer scientists are providing high-level technical support in the areas of data mining and large-scale database management. In particular, MITRE is working on a now-fielded prototype targeting system that analyzes passenger vehicle crossing data and develops data mining rules and tools that help operators perform real-time analysis to identify potential counter-narcotics targets.

Today, this system is integrated into everyday enforcement as well as special operations. Data mining is being integrated into systems that automatically search through large amounts of data for meaningful and interesting patterns. The objective is to provide end users with a system that will quickly indicate if an individual coming into the United States is worthy of further inspection. The technology can be used to provide ways to search databases for links between individuals and organizations, which is useful for not only counter-drug operations but also counter-terrorism. The challenge for the counter-drug community is managing all this ever-increasing data—and developing the best ways to incorporate this technology into their operations.

The ADNET community uses high-performance workstations connected to the Secret Internet Protocol Router Network (SIPRNET) by routers or by secure data devices. There are approximately 140 sites and 350 workstations in the ADNET community. ADNET uses standard protocols (HTTP, SMTP, POP, etc.) to ensure interoperability across communities. More than 200,000 Web page hits per month occur among the 65 ADNETLINK servers (see Figure 7.3).

Figure 7.3: The ADNET control center.