Experiments
Statement
Discussion
Subscribe
Products
Press
Links
Subscribe to Mailing List
|
|
Limelight
Global Monitoring
|
|
|
|
Limelight is only one piece of a larger global threat detection infrastructure. Using a low bandwidth connection, Limelight can communicate with remote, high speed servers that monitor the state of various threat parameters around the globe. This accessible remote data not only provides additional threat detection accuracy but allows Limelight to be uploaded with the most recent threat detection algorithms and sensor weightings. This adaptability is a powerful feature of Limelight -- allowing for to threats not anticipated in the initial release to be accommodated as demand dictates.
Wireless System
The central element of the global monitoring system is a low bandwidth wireless link into the global internet. Several low cost, wide coverage systems such as satellite, GSM/CDMA phones, Blackberry, and PDA wireless support provide solutions to this challenge. Limelight does not require high bandwidth operations. Currently, a 9600 kbs wireless system connects to the network. There are three primary uses of the wireless link.
First, for Limelight to receive processed threat data from the remote servers monitoring various hostility indicators around the world. These details of this operation are discussed in the following sub-section.
Secondly, for Limelight to receive real-time updates of algorithms and weightings for local sensors to use internally for processing and interpreting threats. This allows Limelight to have access to the most recent indicators and techniques for detecting threats.
Finally, for sending usage patters and biometric data to the central remote server. Not only are the captured fingerprints sent to be stored in the remote database but also location and sensor data. This provides for an elaborate profile of its user to be measured and established. Hence the individual gains the security of a real-time indication of threat but relinquishes their privacy and biometric data.
There is also development of low power Bluetooth technology, allowing Limelight to communicate directly with various local hardware.
Hostility Monitor
Using the wireless link described above, Limelight receives data from the central remote server. This server maintains a constant watch of a variety of networked threat indicators. Simple scripts stream this data in from the global internet. For example, to name a few,
Round trip packet times to strategic sites
Occurrence and frequency of specific threat indicator keywords on specific websites
Current discussions of threats by military sites, news sites, and independent sources
Positions of various orbiting satellites
FBI and other government lists of most wanted
The server also maintains current values for the following quantities (to name a few):
Amount of unaccounted for weapons of mass destruction
Quantity of dirty nuclear bomb grade material
Projected mass of lethal biological materials
This data is processed, interpreted, and downloaded to Limelight upon an authenticated query. This data can also be displayed directly through access to the primary web site where a visualization (written in java) is displayed.
Cyber Attack
Realizing that the earliest signs of threatening conditions may first be detecting as a cyber attack, Limelight has been designed to sense such anomalies. Using the latest advances in internet worm detection, Limelight is able to detect sudden a variety of flux in propagation of internet attacks.
Carnivore
Carnivore is the US government's packet surveillance system. By placing computer system into what is called promiscuous mode, it can monitor the data of every packet on the line. Specific filters can be setup to further define the search. Limelight utilizes a publicly available version of Carnivore to watch for specific threat associated trigger words. A version of the carnivore client runs on the remote threat detection server. In turn the collected data is used to feed back threat levels to the individual Limelights.