only one piece of a larger global threat detection infrastructure. Using a
low bandwidth connection, Limelight can communicate
with remote, high speed servers that monitor the state of various threat
parameters around the globe. This accessible remote data not only provides
additional threat detection accuracy but allows Limelight
to be uploaded with the most recent threat detection algorithms and sensor
weightings. This adaptability is a powerful feature of
Limelight -- allowing
for to threats not anticipated in the initial release to be accommodated as
The central element of the global monitoring system is a low
bandwidth wireless link into the global internet. Several low cost, wide
coverage systems such as satellite, GSM/CDMA phones, Blackberry, and PDA
wireless support provide solutions to this challenge.
Limelight does not
require high bandwidth operations. Currently, a 9600 kbs wireless system
connects to the network. There are three primary uses of the wireless link.
First, for Limelight to receive processed threat data from
the remote servers monitoring various hostility indicators around the world.
These details of this operation are discussed in the following sub-section.
Secondly, for Limelight to
receive real-time updates of algorithms and weightings for local sensors to use
internally for processing and interpreting threats. This allows
Limelight to have access to the most
recent indicators and techniques for detecting threats.
Finally, for sending usage patters and biometric data to the
central remote server. Not only are the captured fingerprints sent to be
stored in the remote database but also location and sensor data. This
provides for an elaborate profile of its user to be measured and established.
Hence the individual gains the security of a real-time indication of threat but
relinquishes their privacy and biometric data.
There is also development of low power Bluetooth technology,
allowing Limelight to communicate directly with various local hardware.
Using the wireless link described above,
data from the central remote server. This server maintains a constant
watch of a variety of networked threat indicators. Simple scripts stream
this data in from the global internet. For example, to name a few,
Round trip packet times to strategic sites
Occurrence and frequency of specific threat indicator
keywords on specific websites
Current discussions of threats by military sites, news sites,
and independent sources
Positions of various orbiting satellites
FBI and other government lists of most wanted
The server also maintains current values for the following
quantities (to name a few):
Amount of unaccounted for weapons of mass destruction
Quantity of dirty nuclear bomb grade material
Projected mass of lethal biological materials
This data is processed, interpreted, and downloaded to
Limelight upon an authenticated query. This data can also be displayed
directly through access to the primary web site where a visualization (written
in java) is displayed.
Realizing that the earliest signs of threatening
conditions may first be detecting as a cyber attack, Limelight
has been designed to sense such anomalies. Using the latest advances in
internet worm detection, Limelight
is able to detect sudden a variety of flux in propagation of internet attacks.
Carnivore is the US government's packet surveillance system.
By placing computer system into what is called promiscuous mode, it can monitor
the data of every packet on the line. Specific filters can be setup to
further define the search. Limelight utilizes a
version of Carnivore to watch for specific threat associated trigger words.
A version of the carnivore client runs on the remote threat detection server.
In turn the collected data is used to feed back threat levels to the individual