Adversarial analytics and other topics
Five years ago, in a taxonomy of analytic business benefits, I wrote:
A large fraction of all analytic efforts ultimately serve one or more of three purposes:
- Marketing
- Problem and anomaly detection and diagnosis
- Planning and optimization
That continues to be true today. Now let’s add a bit of spin.
1. A large fraction of analytics is adversarial. In particular:
- Many of the analytics companies I talk with tell me that they have important use cases in security, anti-fraud or both.
- Click fraud steals a large fraction of the revenue in online advertising and other promotion. Combating it is a major application need.
- Spam is another huge, ongoing fight.
- When Google et al. fight web spammers — which is of course a great part of what web search engine developers do — they’re engaged in adversarial information retrieval.
- Blog comment spam is still a problem, even though the vast majority of instances can now be caught.
- Ditto for email.
- There’s an adversarial aspect to algorithmic trading. You’re trying to beat other investors. What’s more, they’re trying to identify your trading activity, so you’re trying to obscure it. Etc.
- Unfortunately, unfree countries can deploy analytics to identify attempts to evade censorship. I plan to post much more on that point soon.
- Similarly, de-anonymization can be adversarial.
- Analytics supporting national security often have an adversarial aspect.
- Banks deploy analytics to combat money-laundering.
Adversarial analytics are inherently difficult, because your adversary actively wants you to get the wrong answer. Approaches to overcome the difficulties include:
- Deploying lots of data. Email spam was only defeated by large providers who processed lots of email and hence could see when substantially the same email was sent to many victims at once. (By the way, that’s why “spear-phishing” still works. Malicious email sent to only one or a few victims still can’t be stopped.)
- Using unusual analytic approaches. For example, graph analytics are used heavily in adversarial situations, even though they have lighter adoption otherwise.
- Using many analytic tests. For example, Google famously has 100s (at least) of sub-algorithms contributing to its search rankings. The idea here is that even the cleverest adversary might find it hard to perfectly simulate innocent behavior.
2. I was long a skeptic of “real-time” analytics, although I always made exceptions for a few use cases. (Indeed, I actually used a form of real-time business intelligence when I entered the private sector in 1981, namely stock quote machines.) Recently, however, the stuff has gotten more-or-less real. And so, in a post focused on data models, I highlighted some use cases, including:
- It is increasingly common for predictive decisions to be made at [real-timeish] speeds. (That’s what recommenders and personalizers do.) Ideally, such decisions can be based on fresh and historical data alike.
- The long-standing desire for business intelligence to operate on super-fresh data is, increasingly, making sense, as we get ever more stuff to monitor. However …
- … most such analysis should look at historical data as well.
- Streaming technology is supplying ever more fresh data.
Let’s now tie those comments into the analytic use case trichotomy above. From the standpoint of mainstream (or early-life/future-mainstream) analytic technologies, I think much of the low-latency action is in two areas:
- Recommenders/personalizers.
- Monitoring and troubleshooting networked equipment. This is generally an exercise in anomaly detection and interpretation.
Beyond that:
- At sufficiently large online companies, there’s a role for low-latency marketing decision support.
- Low-latency marketing-oriented BI can also help highlight system malfunctions.
- Investments/trading has a huge low-latency aspect, but that’s somewhat apart from the analytic mainstream. (And it doesn’t fit well into my trichotomy anyway.)
- Also not in the analytic mainstream are the use cases for low-latency (re)planning and optimization.
Related links
My April, 2015 post Which analytic technology problems are important to solve for whom? has a round-up of possibly relevant links.
Comments
4 Responses to “Adversarial analytics and other topics”
Leave a Reply
[…] I observed yet again last week, much of analytics is concerned with anomaly detection, analysis and response. I don’t think anybody understands the full consequences of that fact,* but let’s start […]
[…] I observed yet again last week, much of analytics is concerned with anomaly detection, analysis and response. I don’t think anybody understands the full consequences of that fact,* but let’s start […]
http://rkorsh.ru/en/blog/73.html
Adversarial analytics and other topics | DBMS 2 : DataBase Management System Services
[…] wrote a bit about adversarial analytics in May, […]