Navy explores generative AI to automate security classification

The Navy’s digital warfare office has long been seeking solutions for automating the assignment of security classifications.

With the emergence of generative AI, the service is looking into the idea of incorporating natural language capabilities into classification guides to help assign security labels more accurately.

“The thing that typically comes up is, ‘Why can’t I have a little clippy on my machine that says it looks like you’re writing an email, you might want to classify this paragraph.’ It sounds easy in theory. And given all the cool things that we’re continually seeing being developed on the large language model stuff, you’d think this would be a slam dunk. It turns out, it’s really hard,” David Broyles, research program director at the Center for Naval Analysis, said at the DON IT West conference Wednesday.

Security classification guides are general by their nature since they can’t specify every single case. They rely on people’s ability to take a generic statement and make a determination about the appropriate classification.

Broyles said security classification guides tend to specify what information needs protection, but they lack explanations for why certain information needs a specific classification label.

“It would be interesting to ask the why because now we’re in a mode that is natural language. And this is where the large language models can come into play,” Broyles said.

“I asked Bard, ‘I want to know the general types of information about satellites that I would need to protect and why.’ After convincing it that I didn’t want to cause national harm, it finally spits out, ‘Here are some general types of information we might need to protect and why. For example, orbital parameters, which could be used to track the satellite or protect its movements.’ It also went into operational details about security measures, mission objectives, schedules. It identified key parameters very easily, but most importantly, it spits out why.”

In this scenario, analysts can combine the documents with the large language models to actively probe datasets to better understand the implications to security and subsequently be able to assign classification labels more accurately.

Broyles said while it’s not automation, it’s the first step of combining more powerful tools to be able to ask questions about datasets.

“Is this feasible? Is this possible? I don’t know. But it’s that sort of cusp of an idea of where things might go and might be possible,” Broyles said.

The topic of automation of data classification is a perennial one. The volume of restricted documents continues to compound every year, and no effective system exists to automate the process of data classification. While generative AI could potentially help tackle these complex challenges, Broyles said there is still a long way to go.

“We have large language models; generative AI has burst on the scene. And the question is, how much has changed? And to give you a little bit of a spoiler, the answer is really not much. It’s still really hard,” Broyles said.

In addition, any experimentation of AI tools for data classification and analysis would need to be conducted within secured enclaves.

Bill Streilein, CDAO’s chief technology officer, said that modeling and simulation can help address the challenges of working with classified data.

“Modeling and simulation is a way to create surrogate data sources that can help you build up the capability, demonstrate the power of what you can learn from that and then help motivate changes to policy and to practices and processes that can help you leverage more classified data,” Streilein said.

Broadly, Broyles said it’s important to incorporate a bottom-up approach and empower individuals directly impacted by a particular problem to identify solutions and drive change.

“The people closest to the problem are the best ones to be able to identify what would be great to be able to fix, automate, adapt,” Broyles said.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.