The film “21” is (loosely) based on the book by Mezrich, “Bringing down the House”. It describes the actions of a group of cardcounters who managed to make a lot of money from North American casinos.
Las Vegas is an interesting environment to think about adversarial knowledge discovery because it’s so well-developed, because there’s money to spend on ideas that work, and because it’s fairly easy to measure how well tools are working. For example, the expected return from every game is tracked in real-time, and deviations attract attention within a very small time window.
Jeff Jonas, now at IBM, has a lot of experience in this world — his Non-Obvious Relationship Awareness tool was/is heavily used by casinos to find an individual using more than one identity. If you ever have the chance to hear him speak, it’s always fun. Just one quote: “What happens in Vegas, stays in Vegas — on video”.
The main lesson from the book (and maybe the film) is how important social engineering can be in knowledge discovery. It’s no good using sophisticated data collection, and heavy-lifting data analysis, if the results are discounted because they don’t fit the preconceptions of the people who have to make decisions and take actions as the result of the knowledge.
In the casino context, the card counters played roles that were crafted to look like the people casinos want to see — people who, even when they’re winning big right now, will come back and lose even more tomorrow.
Building resistance to social engineering is difficult because it doesn’t lend itself to technological solutions. The “failure of imagination” with which the 9/11 Commission charges U.S. intelligence agencies is largely a social engineering issue. There were scattered pieces of information around, but they were discounted and/or ignored because nobody really believed in the actual possibility of an attack of that magnitude.
We don’t know a lot about how to increase imagination.
Finding Bad Guys in Data 