Information Discovery on the hit TV show "24"

Does CTU "get" the Semantic Web?

As a fan of the television show 24*, I can’t help watching with one eye on the action and the other on the character’s use of technology.  Here are some observations on the first two seasons and an analysis of some of the recurring themes.  This does not mean the show does not make serious gaffes about programming and technology; however, it does point the way to some of the capabilities we need to make homeland security work.  If you have noticed others, or can draw out other lessons, let me know.

 

Use cases from Season 1:

  • Check the background of everyone on Palmer’s staff and cross it with the terrorism databases.  Include everyone they know, and relatives…
  • Who’s the source on this data?  How can I cross-check the information if I don’t know the original source?
  • See if you can find a thread.
  • What does George Mason’s bank account have to do with the Palmer hit? 
  • Give me the flight crew, passenger list, country-of-origin, political affiliation and residence.
  • I have a match, do you need a confidence on this?
  • From the passenger list, the information on one of the men in first class is inconsistent.  Checking the passenger list, 2B was an empty seat but the plane was supposedly full.  Why would the plane take off with an empty seat?
  • Decrypted a single address – 18166 San Fernando Road.  What does that address have to do with the Palmer hit?  Check his schedule for tomorrow, anywhere near it, connection to family members, associates, etc.
  • An airline explodes … are you saying there is some connection?
  • 2nd shooter is paid from the same Belgrade Bank account.
  • Detention facility schematics were tampered with.  Tell me who had access to these archives in the last month.
  • Make sure nothing can connect you to Germany.

 

Use cases from Season 2:

  • Check the sources and reliability of the information.
  • It is standard procedure to consolidate data from all agencies.
  • Start from the beginning and run everything against connecting the dots.
  • How is Sayed Ali connected to the Warner family?
  • Put together a list of all the managers and directors in Bob Worner’s company.  I want to widen the search.
  • He said “sayat”, it means “prayer”.  Jack infers, “Search for Mosques in the area”.  Sayed Ali à pray à y?  pattern is that Arab male à muslim (high probability) thus muslim à pray à Mosque.
  • Found the letters “N34” on a remnant of a burned document.  Check VIN numbers, license plates, shipping invoices … also see if it is a code… We will cross-reference that with everything in the database!
  • How can we prove Sayed Ali was in Berlin and not Cypress.
  • We are trying to connect the dots between the Cypress recording and why Jack took Kate Warner.
  • Put a filter on all Michelle’s communications and let me know when Jack tries to contact her.
  • Do a background check on Peter Kingsley… cross-reference that with every major player in the oil industry.
  • Filter through the audio files by time and date.


Trends:

  • Cross-check, cross-reference … (it’s the relationships stupid!)
  • Yes, the “database” is God … (see Newsweek article) … However, a web-services wrapper is not good enough.  Every persistent corpus of data should be in XML to enable universal addressing.
  • Source of data is vital (resource-level metadata) … affects confidence level …
  • Information threads via association … connections …
  • Anomalies in a validated, repeatable process are indicators …
  • Searches can be expanded by temporal, geographic and association locality.  Capturing locality in real-time is key.
  • Search can be improved via inferences.

* "24" is a television show on Fox (c).  All rights reserved.