It has been several years since I took a real vacation, away from the
Internet and the news, but every time I do, it seems that some major
international news breaks. I was in Skagway, Alaska with my wife and
three kids, taking a scenic rail tour through the snow capped
mountains last week. Political and world events that I typically
follow with daily doses of NPR, the New York Times and CNN were as
far from my mind as possible, when one of the other passangers asked
everyone around him if anyone heard the news about the thrwarted
terror attack in London. Suddenly, the detachment of our remote
vacation evaporated, and as soon as I returned to the cruise ship, I
turned on CNN in my cabin, as I'm sure, did many of the other
passangers. That night, the cruise ship staff provided a flyer to
all the passengers outlining the new security measures that were
being implemented, as well as instructions on what to expect for the
flight home from Vancouver.
I imagine that liquids will never again be allowed in carry-on
luggage. I suppose that this restriction makes sense if they pose the
risk of providing improvised explosives. But something struck me when
I read the rest of the information about new airline security
policies. I am a computer security expert, not a physical security
expert. And yet, I think much can be gained from applying some of the
principles of information and network security to the real world. Let
me give an example. A subfield of computer security is intrusion
detection, where network traffic patterns are captured in complex
models. The idea is to develop the capability of recognizing
legitimate traffic and thus identifying an attack when packets on the
network do not fit the proper profile. The biggest problem with
intrusion detection is that any widely used system, whether
commercial or open source, will also be available to the bad guys.
So, they can design their attacks and test them in the lab against
the most widely used intrusion detection systems until they develop
an attack that the intrusion detection models fail to recognize. As
new attacks are developed, the security experts can capture them in
their labs and tune their models so that the new attacks no longer
work. As soon as the new detection program is released, the attackers
go back to work. Thus, there is an arms race between those developing
computer network protection systems and the attackers.
We need to take the lead in the arms race against terrorists. After
all, the attackers have dictated the race so far. Cockpit door locks
were installed after 9/11. Liquids in carry on were just eliminated
in response to the London plot. Airline security today is too static
and predictable. The key to my suggested approach is to reduce the
planning capacity of the attackers. Attacks on the scale of 9/11 and
the thwarted London terror plot last week require a tremendous amount
of planning. The current system is too predictable. For example, the
new restrictions allow for liquids in prescription medications as
long as the name on the medication matches the passenger's name. Are
we really thinking that the terrorists will use different names if
they try to hide their insidious liquids in perscription bottles? I
remember that shortly after 9/11, the airlines implemented "random"
searches of people as they boarded planes. I thought that was a
terrific idea, but it didn't take long to figure out how to avoid
being one of the random people chosen. "Don't enter the plane first."
pretty much summed it up. In fact, if you boarded second or third,
you would be sure to avoid being chosen because they would still be
busy with the first person. After a while, it got ridiculous, where
everyone in the boarding area who wanted to get on the plane early
would jockey for the second position in line, nobody wanting to be in
the front. It made for some interesting maneuvering.
The more the process is randomized and made truly unpredictable, the
less likely that a massive, coordintated attack will succeed. It is
much more difficult to plan for 20 terrorists to board four different
planes on the same day when there is no way of knowing which ones are
going to be selected for random searches and careful questioning.
My primary suggestion is to truly randomize some of the process. Game
dice can be used to make choices. (Games such as Dungeons and Dragons
have many different sided dice.) For example, if you want to subject
16% of passengers for additional screening as they go through
security, then as each person appraches, roll a six sided die, and if
it lands on a predetermined number, the person gets the royal
treament. Randomize the choices of where to screen. Some days,
perform additional screening at the security checkpoint. Other days,
perform it when people are checking their luggage or as they board
the plane. On some randomly selected days, security officials can
approach people at random in the boarding area (using dice or some
other mechanism to make truly random choices) for screening. On other
randomly selected days, people can be randomly chosen after they take
their seats, and before the plane leaves the gate. The point is that
passengers will not know where they are going to be screened, and
terrorists will not be able to plan the details of their activities
as easily as they can when all of the procedures are known and
predictable.
Obviously, there are many other aspects to airline security, such as
training of the screeners, bomb detecting equipment, background
checks of employees, on board marshals, etc. I am not suggesting
replacing any of these. My only point is that in addition to all of
the other security measures, try to make the process as unpredictable
to passengers as possible. While this will inconvenience non-
terrorists to some degree, it will also disrupt the planning process
of the terrorists and make large-scale attacks much more difficult to
implement.