The Secret Life of Metadata on the Battlefield
Data from mobile device signals such as GSM may be an untapped resource for signals intelligence on the battlefield. Although the payload of a communication system is encoded, information about the nature of the communication that is included in the GSM signal is not and should not be overlooked. This information, known as metadata, could prove to be an important tool for warfighters, experts say.
“Metadata, communications data, can now yield startling insights about individuals and groups, particularly when collected in large quantities across the population,” advises David Stupples, professor, School of Mathematics, Computer Science and Engineering, Department of Electrical and Electronic Engineering, City, University of London.
This type of behind-the-scenes information, which Stanford University describes as data about data, provides details about when, where, by whom and in what format data was sent. In the case of GSM-based signals, metadata may reveal the sensor position—latitude and longitude—and the details of the antenna as well as information on the signal—the time, frequency, bandwidth, amplitude, line of bearing, specific emitter identification, multiplexer, digital multiplexer and more.
On top of that, the metadata of the GSM network adds a layer of information regarding network base stations, sessions, calls, Short Message Service and filters as well as information on the external systems interface.
The professor suggests that given limited analytical resources, analyzing metadata may be a far more powerful strategy for signals intelligence (SIGINT) analysts than investigating the content of a message. “It can yield far more insight with the same amount of effort,” he opines.
Stupples, who served for 16 years in the U.K. Royal Air Force, developed radar and communications systems and researched military surveillance systems for the Royal Signals and Radar Establishment in Malvern, Worcestershire, and conducted satellite surveillance and system research for the U.K. government. Currently, he is focusing on the research and development of networked electronic and radio systems, in addition to teaching.
The professor stresses the usefulness of metadata in tactical situations, when time is of the essence. “If it’s a communication system that’s being used, there’s a great deal of the payload [that] could be a high-grade encryption that may not be able to be [broken] through cryptoanalysis in time,” he says. “During a tactical situation, information is required within seconds or minutes, and you might not be able to do that. It might take hours, maybe days, to be able to break the code. So then you see what else is useful, and there’s a huge amount of information in the metadata.”
Most importantly, the metadata geolocates the device being used to communicate. “It says that this device is communicating from point A to somewhere else,” the professor says. “If it’s coming through a cellphone tower, a mobile device is going to be probably within about a hundred meters of it. So that’s the first thing. We can geolocate.”
Another piece of information that comes out of the metadata is based on the international mobile equipment identity, or IMEI, number, a unique 15-digit code that every mobile phone or broadband device has for identification on the mobile network. “That mobile phone has an IMEI number that says who it is communicating with,” Stupples explains. “It has to have a communication endpoint to communicate with, [and] then it has to say what the payload is, whether it’s a text message or whether it’s a voice message or whether it’s a JPEG, MPEG, et cetera.”
The metadata also offers information on how long a communication lasted, what was sent and when. “So now if I know where the call is coming from, and I know where it’s going to, how long it takes and what information is being sent, all that metadata has taught me a huge amount about the communication,” he says. “Then if you link all that metadata up to other calls made, how long, and to whom, and calls the other person has made, you end up with a network.”
Furthermore, metadata is never encoded, the professor emphasizes. A device simply has to be on the same frequency to read the signal. “You cannot encrypt metadata because the other end has to be able to interpret it,” he says.
“Just by using new technologies such as smartphones and social media, we leave rich and revealing trails of metadata as we move through daily life,” Stupples adds. “Taken together, a group’s metadata can reveal intricacies of social, political and religious associations.”
As such, the professor recommends that for electronic warfare technology to improve, the military “needs to boost SIGINT and human intelligence if we are to make progress.” For example, Stupples says, a reconnaissance aircraft sitting off the coast of Lebanon waiting for the Russians to illuminate their radar would pick up the radar signal, search signals, target acquisition and control signals. “The problem with that is they [the Russians] would only be operating the radar in peacetime mode, and when they switch into different modes of operation, such as wartime mode, or transition to conflict, you might not have seen that radar before,” he observes. “So fighter aircraft or bomber aircraft would then not have the correct programming on board to be able to compensate for that or mitigate that. So what you would then need perhaps is human intelligence to find out a bit more about the radar.”
With SIGINT, mapped with human intelligence and including the metadata from GSM devices, specialists can come up with their best estimates of how an adversary’s radar works in wartime mode, Stupples suggests. “It has to be a team for that to work,” he says.
What also is needed, of course, is the ability to process all that metadata quickly. Here, machine learning can play a key role, processing intelligence data and providing analysis, Stupples offers.
That capability—paired with unmanned aerial vehicles, or drones, that are picking up signals and information—can enhance SIGINT and deliver information to commanders quickly. “Not quite in real time, but very close to real time,” Stupples says. “The only way that could really be done effectively is by use of machine learning, that’s for sure.”
After computers sift through the data, and machine learning is applied to interpret the vast amount of information, a human being still has to be capable of leveraging that information on the battlefield, he notes. And while “I do believe they can interpret it, it comes back to this: We’re going to have to get smarter,” Stupples warns.
Although SIGINT, a “rather dark art” that he says is “coming more and more out of the shadows,” much of the expertise has been lost over the years. The capability has to be expanded to serve warfighters. “They have to make some pretty good assessments in a very, very short time scale,” Stupples continues. “So you might find that you don’t have the ability to do that anymore.”
Part of the reason could be that U.S. SIGINT has not received the needed funding or support. “The electromagnetic spectrum side of it is advancing as we speak, but it’s whether the resources associated with it are beefed up enough to be able to handle the calls being pushed upon it,” he cautions. “The American Rivet Joint fleet is ancient, and the aircraft are constantly breaking down. What we would need to do is perhaps move away from the manned aircraft version of it and then go into large-scale drones, which is happening.”
The increased use of drones is advantageous, although it brings the challenge of data processing, Stupples says. Some of this can be done on the aircraft. “But you’re still going to have to bring a huge amount of information back down to the command centers, and do you really have enough correctly educated people to interpret that data?” he asks.
That support is especially important for the U.S. Army, Stupples observes, as the nation’s Air Force, Navy and Marines “seem to be doing very well,” as far as SIGINT is concerned. “But with the Army, the ones who actually have to put boots on the ground, as these wars or conflicts are sorted out with boots on the ground, we’re not actually giving them enough people or the right resources to do this. So I think there’s a real problem there.”
The professor cites the efforts of the Association of Old Crows (AOC)—he serves on its board of directors as an at-large director—to increase the SIGINT knowledge base for the next generation of warfighters.
Ken Miller, the AOC’s director of advocacy and outreach, explains the SIGINT Industry Partnership Project (IPP) the organization began this year to bring together the SIGINT community. “We are focusing on knowledge and resource development as well as networking, connecting stakeholders, the industry and the government to address policy issues and technology requirements,” Miller says.
The group started by looking at Army SIGINT-related capabilities, bringing in industry stakeholders to demonstrate technologies and hearing from Army leaders about what “the Army is looking for, working with or may want to think about in the future,” Miller says. The AOC hosted a congressional roundtable event this summer to help educate legislators—who control funding levels—about SIGINT capability gaps.
To Stupples, SIGINT capabilities need more attention in military budgets, as flashier military components easily can take the limelight. “A lot of militaries have assumed a peacetime budget, but they also believe that with the budgets they do have, they would like better toys,” he notes. “And SIGINT and electronic warfare is not a good toy in that you can’t see it.”
For electronic warfare and SIGINT to progress, militaries need to be able to speed up the tactical interpretation of SIGINT for Army commanders on the battlefield, he stresses. “And the only way that we can move ahead now is to have a lot more machine learning associated with the intelligence work. And that’s not happening enough if Army commanders are being starved of funds or SIGINT isn’t a high enough priority area,” Stupples says.