The Science of Unmasking Russian Forces in Ukraine

A masked pro-Russian gunman guards combat vehicles in Donetsk, Ukraine

Efrem Lukatsky/AP

AA Font size + Print

A masked pro-Russian gunman guards combat vehicles in Donetsk, Ukraine

The incursion of masked gunmen into Ukraine shows that knowing who you are fighting has become critical to victory. By Patrick Tucker

Every day, the scene playing out along the Ukrainian border with Russia seems like an act of costumed theater. Russian protestors wearing balaclavas, or ski masks, armed with military-grade weapons, attempt to take over government buildings by force. The question of who is behind the masks has risen to a level of critical international importance. If the protestors are affiliated with the Russian military, Putin’s government is in violation of international treaties and laws. It’s a nearly impossible challenge, but one that the United States military, within its own sphere of operations, is also trying to solve.

Many Western observers now take as fact that groups raiding buildings in places like Donetsk and Kharkiv are, in fact, Russian and not simply Russian-speaking Ukrainians. Consider the recent example of Kharkiv, where pro-Russian protestors first attempted to occupy the city’s opera theater before realizing that it wasn’t City Hall. “Presumably, the local citizens of Kharkiv, if they wanted to take over City Hall, they would have gotten the right building to begin with,” Steven Pifer, director of the Brookings Arms Control and Non-Proliferation Initiative and a former U.S. Ambassador to Ukraine, told Defense One.

Masked faces on the streets of Donetsk represent the latest example of stealth-invasion, a tactic that is here to stay, according to Steven Metz, writing for World Politics Review. Metz heralds it as the dawn for what he calls unrestricted warfare, defined roughly by its originators as a state of war where “boundaries between the battlefield and what is not the battlefield, between what is a weapon and what is not, between soldier and noncombatant, between state and nonstate or suprastate” effectively disappear. It’s a system of war for the future, and one for which the U.S., says Metz, is unprepared. “The United States,” he said, “wants its conflicts and security problems to remain tidily restricted. Its strength is greatest when there is no political ambiguity or ethical confusion, and when partners jump on board. This is precisely why America’s adversaries will not fight this way.”

The only effective strategy in the fight against unrestricted war may be unmasking the combatants.

“The sheer fact of wearing a balaclava mask, in the current situation, means that a person is foreign because there is no one to hide your identity from in Ukraine,” said Yegor Anchishkin, a Ukrainian programmer, entrepreneur and one of the founders of Viewdle, a facial recognition technology company purchased by Google in 2012.

But how do you identify masked individuals? Iris scanning is a popular method for biometric identity protection in security environments. But these sorts of scans require a near-infrared camera. Extremely sophisticated iris recognition scanning equipment can work at ranges of 10 feet, but most of the lesser systems that would be available to the Ukrainian government need to be within ranges closer to 3 or 4 feet, according to experts.

Reading entire faces isn’t much easier. Even when the subject of a facial recognition search is not wearing a mask, getting a positive identification from a photo at a distance remains a difficult problem technologically. Yes, Facebook’s DeepFace program can match faces with up to 97 percent accuracy, and significant progress has been made getting around the classic challenge of age, position, illumination, and expression that have long hobbled facial recognition programs. But Ukraine isn’t Facebook and the problem, says Anchishkin, is having an understanding of who the people in the photos might be, absent records to match the people in the photographs.

Anchishkin said that while the Ukrainian government, specifically the Security Service of Ukraine, or SSU, maintains a database of photos of Ukrainian citizens who have applied for passports, this sort of analysis is only good for ruling people out as potential Russian military. “This kind of negative matching is hard to achieve with high confidence,” he said. The SSU would not confirm or deny the existence of a database of photos of Ukrainian citizens.

Anti-Russian grassroots organizations such as the website Ukraine Investigation have employed a crowd-sourcing technique similar to the Reddit thread ‘findbostonbombers’ that sprouted up after 2013 Boston Marathon bombings.

Ukraine Investigation founder Andriy Nurzhynskyy said that in many of the reports and user-uploaded photos that cross his desk, the “protestors” are armed with rifles like the Kalashnikov 103, a firearm that is unavailable in Ukraine. Conversely, authentic separatist protestors usually carry sticks. While Nurzhynskyy maintains that his site and others have been able to positively identify a small number Russian military leaders in Ukraine, he said, “We understand that there are many unidentified persons and our work is not [finished].” He also said the group does “not trust SSU.”

The task of identifying anonymous faces on the battlefield and attempting to calculate the threat that their owners pose is a challenge that the U.S. military has been wrestling with for some time. Biometric scanning of persons of interest was a common procedure for U.S. forces in Afghanistan and Iraq where soldiers armed with gadgets like the HIIDE, the handheld interagency identification device, routinely subjected people they encountered to iris or other biometric scans. In those instances, U.S. forces faced challenges very similar to the one meeting the Ukrainian government today, understanding not only the identity but the threat level of people they were encountering.

The military channeled that data and other bits or relevant information into what it calls a biometrically-enabled watch list, or BEWL, of persons of interest around the world. So far, the database contains 209,000 records on individuals all over the globe, according to the military. “There are people that hit to that BEWL every single day,” Dalton Jones, a forensic, biometrics and identity intelligence executive at the Defense Intelligence Agency, said at the Biometrics for Government and National Security Summit in February. He continued that they have up to 25 matches on a weekly basis with the Department of Homeland Security. “That’s people at the border applying for visas. That’s a pretty significant number.” But the program is more than a simple border security measure. The ultimate goal of the database is not simply to identify individuals but also to characterize them across a spectrum of potential threat.

“It’s just not enough to know who is coming through, but what that individual is and has done,” said John Boyd, director of Defense Biometrics and Forensics, at the summit. “I’ve had petty officers say, ‘Sir, I don’t care what the guy’s name is. What do I do with him? Do I let him go? Do I take him back? Do I shoot him?’ These are the type of questions that you get.”

In addition to being effective on the border, Boyd said the system has “absolutely saved lives on the battlefield.”

In the right hands, it’s the sort of capability that would transform the situation in Ukraine into something very different looking. In the future, it may be our best chance against unrestricted war.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.