DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL (U//FOUO) Digital Network Exploitation (DNE), Digital Network Intelligence (DNI) and Computer Network Exploitation (CNE) FROM: Deputy Director for Data Acquisition Run Date: 07/16/2003 (U//FOUO) DNE, DNI and CNE are interrelated acronyms used extensively in SIGINT that are often confused: (S) Digital Network Exploitation (DNE) - Extracting target intelligence that requires processing multiple layers of computer protocols that contain multiple types of digitally represented information (voice, fax, video, images, documents, formatted data, emails, messages, etc.) from any device on the digital global network. (S) Digital Network Intelligence (DNI) - Encompasses the set of facts, inferences and relationships that describe target intelligence extracted from communications residing on the digital global network. DNI is the resultant intelligence that DNE produces. (TS//SI) Computer Network Exploitation (CNE) - Active or "end-point" collection, which involves the surreptitious infiltration and mastery of computers and other network components. Once a device or network has been infiltrated, data of interest can be extracted directly or the targeted system's operation can be modified to facilitate mid-point collection (for instance, by covertly tagging data of interest, rerouting data along accessible links, subtly weakening encryption, etc.). (TS//SI) DNE is independent of the type of access: the collection can either be end-point or mid-point, active or passive, may (or may not) use CNE methods/techniques. Collection is not limited to a computer; it can be against any system or device in the digital environment. (S//SI) As our targets continue to migrate toward communications that use the digital global network, DNE increasingly becomes the center of our SIGINT business. This is evidenced by approximately half of our current SID Strategic Objectives directly addressing our need to improve DNE. The 3 V's (volume, velocity, variety) present tremendous challenges in DNE. Our targets are moving from fixed narrowband transmissions to shared, re-routable, extremely wideband, multiplexed, multi-formatted transmissions. Each day, new types of protocols and application formats appear in our targets' communications. Finally, our targets communications are increasingly buried by millions of non-target communications. (TS//SI) The primary focus of SID's recent transformation efforts is to improve our DNE. Fortunately, the business of DNE has some great opportunities for improvement. The fact there is a global network allows the concept of CNE collection. This allows us to actively hunt the target instead of sifting through the chaff. Also, most communications on the global network include some set of labels about the source, destination and path of the information. SERIES: (U//FOUO) Data Acquisition 1. Welcome to SID's Data Acquisition Directorate 2. The Collection Strategies and Requirements Center 3. Digital Network Exploitation (DNE), Digital Network Intelligence (DNI) and Computer Network Exploitation (CNE) 4. The Evolution of HF 5. The New Meade Operations Center

This labeling supports new SIGINT development methodology. Using DNE, with the improved labeling, we can quickly map the social, logical and physical networks of our target space. Finally, the continued growth of standards and their widespread use in the global network will allow us to use Commercial-Off-The-Shelf (COTS) tools to portray the communications exactly the same way the target sees it. (S) In conclusion, DNE is an on-going challenge that has already produced extremely valuable intelligence with great continued promise. Through the coming months and years, we will accelerate our exploitation of DNI and track targets through their migration onto the global network. "(U//FOUO) SIDtoday articles may not be republished or reposted outside NSANet without the consent of S0121 (DL sid comms)." DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL DERIVED FROM: NSA/CSSM 1-52, DATED 08 JAN 2007 DECLASSIFY ON: 20320108