Hazard a Guess: Fortune 500 or al-Qaeda?

["Fergie" <fergdawg () netzero net>]

n an interesting follow-up to yesterday's story about how
traffic analysis can be deceptive in and of itself, this comes
to us via Defense Tech:

[snip]

People working together on projects tend to interact in fairly predictable ways -- whether that project is installing a 
new computer system, or blowing up a building. So looking only at the links between people won't tell you much about 
what those folks are up to. At times, the links can be rather deceptive, in fact. Especially if your data set is huge, 
like the NSA's ginormous database of phone records. Other information is needed, to fill in the gaps.

Here's an example, [above]. Can you tell which cluster is from a Fortune 500 company, and which one is from Al-Qaeda? 
Network analysis guru Valdis Krebs shows this slide to corporate and government audiences. Their answers are usually 
pretty scattershot. Take your guesses in the comments section. Valdis will be back later on with the right answer.

[snip]

Link:
http://www.defensetech.org/archives/002402.html

- ferg

p.s. I'll bet the Fortune 500 is the one on the left (in the image).

:-)

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.