Analytics for Cyber Conflict

The emerging use of Analytics and Knowledge Discovery in Databases for Cyber Conflict and Trade Negotiations

The blog post is the first in series or articles on cyber conflict and the use of analytics for targeting in both offense and defense in conflict situations.

It covers knowledge discovery in four kinds of databases (so chosen because of perceived importance , sensitivity, criticality and functioning of the geopolitical economic system)-

Databases on Unique Identity Identifiers- including next generation biometric databases connected to Government Initiatives and Banking, and current generation databases of identifiers like government issued documents made online
Databases on financial details -This includes not only traditional financial service providers but also online databases with payment details collected by retail product selling corporates like Sony’s Playstation Network, Microsoft ‘s XBox and
Databases on contact details – including those by offline businesses collecting marketing databases and contact details
Databases on social behavior- primarily collected by online businesses like Facebook , and other social media platforms.

It examines the role of

voluntary privacy safeguards and government regulations ,
weak cryptographic security of databases,
weakness in balancing marketing ( maximized data ) with privacy (minimized data)
and lastly the role of ownership patterns in database owning corporates

A small distinction between cyber crime and cyber conflict is that while cyber crime focusses on stealing data, intellectual property and information to primarily maximize economic gains

cyber conflict focuses on stealing information and also disrupt effective working of database backed systems in order to gain notional competitive advantages in economics as well as geo-politics. Cyber terrorism is basically cyber conflict by non-state agents or by designated terrorist states as defined by the regulations of the “target” entity. A cyber attack is an offensive action related to cyber-infrastructure (like the Stuxnet worm that disabled uranium enrichment centrifuges of Iran). Cyber attacks and cyber terrorism are out of scope of this paper, we will concentrate on cyber conflicts involving databases.

Some examples are given here-

Types of Knowledge Discovery in –

1) Databases on Unique Identifiers- including biometric databases.

Unique Identifiers or primary keys for identifying people are critical for any intensive knowledge discovery program. The unique identifier generated must be extremely secure , and not liable to reverse engineering of the cryptographic hash function.

For biometric databases, an interesting possibility could be determining the ethnic identity from biometric information, and also mapping relatives. Current biometric information that is collected is- fingerprint data, eyes iris data, facial data. A further feature could be adding in voice data as a part of biometric databases.

This is subject to obvious privacy safeguards.

For example, Google recently unveiled facial recognition to unlock Android 4.0 mobiles, only to find out that the security feature could easily be bypassed by using a photo of the owner.

Example of Biometric Databases

In Afghanistan more than 2 million Afghans have contributed iris, fingerprint, facial data to a biometric database. In India, 121 million people have already been enrolled in the largest biometric database in the world. More than half a million customers of the Tokyo Mitsubishi Bank are are already using biometric verification at ATMs.

Examples of Breached Online Databases

In 2011, Playstation Network by Sony (PSN) lost data of 77 million customers including personal information and credit card information. Additionally data of 24 million customers were lost by Sony’s Sony Online Entertainment. The websites of open source platforms like SourceForge, WineHQ and Kernel.org were also broken into 2011. Even retailers like McDonald and Walgreen reported database breaches.

The role of cyber conflict arises in the following cases-

Databases are online for accessing and authentication by proper users. Databases can be breached remotely by non-owners ( or “perpetrators”) non with much lesser chance of intruder identification, detection and penalization by regulators, or law enforcers (or “protectors”) than offline modes of intellectual property theft.
Databases are valuable to external agents (or “sponsors”) subsidizing ( with finance, technology, information, motivation) the perpetrators for intellectual property theft. Databases contain information that can be used to disrupt the functioning of a particular economy, corporation (or “ primary targets”) or for further chain or domino effects in accessing other data (or “secondary targets”)
Loss of data is more expensive than enhanced cost of security to database owners
Loss of data is more disruptive to people whose data is contained within the database (or “customers”)

So the role play for different people for these kind of databases consists of-

1) Customers- who are in the database

2) Owners -who own the database. They together form the primary and secondary targets.

3) Protectors- who help customers and owners secure the databases.

and

1) Sponsors- who benefit from the theft or disruption of the database

2) Perpetrators- who execute the actual theft and disruption in the database

The use of topic models and LDA is known for making data reduction on text, and the use of data visualization including tied to GPS based location data is well known for investigative purposes, but the increasing complexity of both data generation and the sophistication of machine learning driven data processing makes this an interesting area to watch.

The next article in this series will cover-

the kind of algorithms that are currently or being proposed for cyber conflict, the role of non state agents , and what precautions can knowledge discovery in databases practitioners employ to avoid breaches of security, ethics, and regulation.

Citations-

Michael A. Vatis , CYBER ATTACKS DURING THE WAR ON TERRORISM: A PREDICTIVE ANALYSIS Dartmouth College (Institute for Security Technology Studies).
From Data Mining to Knowledge Discovery in Databases Usama Fayyad, Gregory Piatetsky-Shapiro, and Padhraic Smyt

Games on Google Plus get- Faster, Higher, Stronger

I am spending some time and some money on two games on Google Plus. One is Crime City at https://plus.google.com/games/865772480172 which I talk about in this post

http://www.decisionstats.com/google-plus-games-crime-city-or-fun-with-funzio-on-g/

and Global Warfare https://plus.google.com/games/216622099218 (which is similar to Evony of the bad ads fame, and I will write on that in another post)

But the total number of games at Google Plus is increasingly and quietly getting better. It seems there is a distinct preference for existing blockbuster games , from both Zynga and non Zynga sources Even though Google is an investor in Zynga, it clearly wants Google plus to avoid being so dependent on Zynga as Facebook clearly is. Continue reading “Games on Google Plus get- Faster, Higher, Stronger”

Google Plus Games : Crime City or Fun with Funzio on G+

Probably the best designed game on Google Plus right now is Funzio’s Crime City at Google Plus

Funzio which has Zynga alumni http://www.funzio.com/games/ creates a mix of the best games in social game history Farmville and Mafia Wars (with some ideas from the classic Dope Wars) to make https://plus.google.com/u/0/games/865772480172

CRIME CITY

Zynga better hurry up with Farmville on this new G+ platform and the new platform needs to sort some teeny quality issues (which I shall elaborate later)

Where to complain for internet crime?

So did you get tricked or hacked, or phished or someone broke into your system.

What to do?

Ic3 posterhttp://static.slidesharecdn.com/swf/doc_player.swf?doc=ic3-poster-110614000132-phpapp01&stripped_title=ic3-poster-8299880&userName=0hr1

View more documents IC3 Poster

From

https://mail.google.com/support/bin/answer.py?hl=en&answer=190735

Impersonation

Share Comment

If you believe someone has created a Gmail address in an attempt to impersonate your identity, you may wish to file a report with the Internet Crime Complaint Center (www.ic3.gov), a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center.

In addition, we recommend contacting your state’s Office of Consumer Protection.

Gmail is unable to participate in mediations involving third parties regarding impersonation. To read the Gmail Terms of Use, please visit: http://gmail.google.com/gmail/help/terms_of_use.html.

AND

http://www.ic3.gov/default.aspx

Welcome to IC3

The Internet Crime Complaint Center (IC3) is a partnership between theFederal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA).

IC3’s mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >>

Filing a Complaint with IC3

IC3 accepts online Internet crime complaints from either the person who believes they were defrauded or from a third party to the complainant. We can best process your complaint if we receive accurate and complete information from you. Therefore, we request that you provide the following information when filing a complaint:

Your name
Your mailing address
Your telephone number
The name, address, telephone number, and Web address, if available, of the individual or organization you believe defrauded you.
Specific details on how, why, and when you believe you were defrauded.
Any other relevant information you believe is necessary to support your complaint.

File a Complaint Now>>

Hackers for a better world

Well it is summer here in Delhi, India and hacking season has just begun.

Some noteable hacks that have already played-

1) The adventures of Sony Websites and bumbling administrators

http://www.computerworld.com/s/article/9217273/Sony_Pictures_falls_victim_to_major_data_breach?taxonomyId=142

2) The loose passwords of InfraGard as played by Lulz Security

http://www.computerworld.com/s/article/9217320/LulzSec_claims_it_hacked_FBI_linked_organization

3) PBS website hacked to revive Tupac is alive myths.

http://blogs.forbes.com/andygreenberg/2011/05/30/pbs-hacked-after-critical-wikileaks-show/

4) Iranian computers hacked

http://redtape.msnbc.msn.com/_news/2011/06/03/6781474-anonymous-says-it-hacked-iranian-government-email-server

5) Google hacked (not by China)

http://www.zdnet.com/blog/security/google-chrome-hacked-with-sophisticated-exploit/8626

6) Google hacked (again by China)

http://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html

7) US State Department hacked (by you know who)

http://wikileaks.ch/

8) Iranian nuclear reactors hacked (old news but we like this one)

http://www.bbc.co.uk/news/technology-12465688

9) Julian Assange hacked

http://www.guardian.co.uk/media/2011/feb/07/julian-assange-prosecutor

okay Julian got hacked by the oldest hack trap in the world but it is still pertinent.

So how the fuck do we control these evil hackers.

Show them money
Show them Jesus
Throw them in Jail

The correct solution to bring talented members of the technical community back into the nice air contioned corporate tent of technology is to-

Sponsor Hack My Website Contests- Winners have to share techniques
Sponsor Hack this Search Engine Rank Contests- Winners have to share technique
General Amnesty for people who have hacked before provided they share techniques and agree to join security teams.
Sponsor hack this login id contests- Winners have to share techniques and work to develop fool proof system.

Unfortunately this will never happen. even the big grand Daddy , Google is willing to define hacking contests only in the narrow frame o technical hacks, rather than a system breach hack. Because system breach hacks generally happen at the people level.

Internal cover your assets mentality prevents technology and media employees from reaching out and helping create a secure online platform, thus harming shareholders.

Destruction testing (even in a controlled sandbox) of online systems would reveal the underbelly of corporate information technology.

I mean who wants to sponsor a hack contest that makes you look bad, when it is much more expensive to have a hacking attacks that decreases share price, but doesnot affect your salary.

We have gone in for crowd sourced coding.

How about incentivizing crowd sourced systems design for secure and free internet.

http://rewiredstate.org/ does it.

Apparently UK is more open for hackers than the US.

–

Coding a Better Country

Young Rewired State 2011 is locked and loaded for 1st-5th August. Calling every developer in the UK aged 18 or under, sign up here.

May 7th, 2011 sees the first Rewired State ALBA event out in Norfolk. More details here.

http://rewiredstate.org/events/national-hack-the-government-day-2011

——————————————————————————

National Hack the Government Day 2011

March 26, 2011

We are very excited about our THIRD National Hack the Government Day, being held on the 26th March.

1) Apps that save money or time or both for government/citizens/business

2) Best use of crime data (the prize will contain the number 300,000, but it won’t be pounds)

3) Best use of justice data (we’re working to arrange for previously unreleased data to be available on the day)

——————————————————————————

Any takers? Julian, ?

Bollywood Movie Review Dum Maro Dum 2011

This is a nice Bollywood thriller, crime action romance betrayal suspense or as we call it back home- a Masala movie.

Watch it for the action, engrossing plot, songs or just the rather realistic look at India’s drug,rave, party, beach culture in Goa. Continue reading “Bollywood Movie Review Dum Maro Dum 2011”

Assumptions on Guns

While sitting in Delhi, India- I sometimes notice that there is one big new worthy gun related incident in the United States every six months (latest incident Gabrielle giffords incident) and the mythical NRA (which seems just as powerful as equally mythical Jewish American or Cuban American lobby ) . As someone who once trained to fire guns (.22 and SLR -rifles actually), comes from a gun friendly culture (namely Punjabi-North Indian), my dad carried a gun sometimes as a police officer during his 30 plus years of service, I dont really like guns (except when they are in a movie). My 3 yr old son likes guns a lot (for some peculiar genetic reason even though we are careful not to show him any violent TV or movie at all).

So to settle the whole guns are good- guns are bad thing I turned to the one resource -Internet

Here are some findings-

1) A lot of hard statistical data on guns is biased by the perspective of the writer- it reminds me of the old saying Lies, True lies and Statistics.

2) There is not a lot of hard data in terms of a universal research which can be quoted- unlike say lung cancer is caused by cigarettes- no broad research which can be definitive in this regards.

3) American , European and Asian attitudes on guns actually seem a function of historical availability , historic crime rates and cultural propensity for guns.

Switzerland and United States are two extreme outlier examples on gun causing violence causal statistics.

4) Lot of old and outdated data quoted selectively.

It seems you can fudge data about guns in the following ways-

1) Use relative per capita numbers vis a vis aggregate numbers

2) Compare and contrast gun numbers with crime numbers selectively

3) Remove drill down of type of firearm- like hand guns, rifles, automatic, semi automatic

Maybe I am being simplistic-but I found it easier to list credible data sources on guns than to summarize all assumptions on guns. Are guns good or bad- i dont know -it depends? Any research you can quote is welcome.

Data Sources on Guns and Firearms and Crime-

1) http://www.justfacts.com/guncontrol.asp

Ownership

* As of 2009, the United States has a population of 307 million people.[5]

* Based on production data from firearm manufacturers,[6] there are roughly 300 million firearms owned by civilians in the United States as of 2010. Of these, about 100 million are handguns.[7]

* Based upon surveys, the following are estimates of private firearm ownership in the U.S. as of 2010:

	Households With a Gun	Adults Owning a Gun	Adults Owning a Handgun
Percentage	40-45%	30-34%	17-19%
Number	47-53 million	70-80 million	40-45 million

[8]

* A 2005 nationwide Gallup poll of 1,012 adults found the following levels of firearm ownership:

Category	Percentage Owning a Firearm
Households	42%
Individuals	30%
Male	47%
Female	13%
White	33%
Nonwhite	18%
Republican	41%
Independent	27%
Democrat	23%

[9]

* In the same poll, gun owners stated they own firearms for the following reasons:

Protection Against Crime	67%
Target Shooting	66%
Hunting	41%

2) NationMaster.com

http://www.nationmaster.com/graph/cri_mur_wit_fir-crime-murders-with-firearms

VIEW DATA:

Totals

Bar Graph

Showing latest available data.

Rank	Countries	Amount
# 1	South Africa:	31,918
# 2	Colombia:	21,898
# 3	Thailand:	20,032
# 4	United States:	9,369
# 5	Philippines:	7,708
# 6	Mexico:	2,606
# 7	Slovakia:	2,356
# 8	El Salvador:	1,441
# 9	Zimbabwe:	598
# 10	Peru:	442
# 11	Germany:	269
# 12	Czech Republic:	181
# 13	Ukraine:	173
# 14	Canada:	144
# 15	Albania:	135
# 16	Costa Rica:	131
# 17	Azerbaijan:	120
# 18	Poland:	111
# 19	Uruguay:	109
# 20	Spain:	97
# 21	Portugal:	90
# 22	Croatia:	76
# 23	Switzerland:	68
# 24	Bulgaria:	63
# 25	Australia:	59
# 26	Sweden:	58
# 27	Bolivia:	52
# 28	Japan:	47
# 29	Slovenia:	39
= 30	Hungary:	38
= 30	Belarus:	38
# 32	Latvia:	28
# 33	Burma:	27
# 34	Macedonia, The Former Yugoslav Republic of:	26
# 35	Austria:	25
# 36	Estonia:	21
# 37	Moldova:	20
# 38	Lithuania:	16
= 39	United Kingdom:	14
= 39	Denmark:	14
# 41	Ireland:	12
# 42	New Zealand:	10
# 43	Chile:	9
# 44	Cyprus:	4
# 45	Morocco:	1
= 46	Iceland:	0
= 46	Luxembourg:	0
= 46	Oman:	0
	Total:	100,693
	Weighted average:	2,097.8

DEFINITION: Total recorded intentional homicides committed with a firearm. Crime statistics are often better indicators of prevalence of law enforcement and willingness to report crime, than actual prevalence.

SOURCE: The Eighth United Nations Survey on Crime Trends and the Operations of Criminal Justice Systems (2002) (United Nations Office on Drugs and Crime, Centre for International Crime Prevention)

Bureau of Justice Statistics

see

http://bjs.ojp.usdoj.gov/dataonline/Search/Homicide/State/RunHomTrendsInOneVar.cfm

or the brand new website (till 2009) on which I CANNOT get gun crime but can get total

http://www.ucrdatatool.gov/

Estimated murder rate *
Year	United States-Total

1960	5.1
1961	4.8
1962	4.6
1963	4.6
1964	4.9
1965	5.1
1966	5.6
1967	6.2
1968	6.9
1969	7.3
1970	7.9
1971	8.6
1972	9.0
1973	9.4
1974	9.8
1975	9.6
1976	8.7
1977	8.8
1978	9.0
1979	9.8
1980	10.2
1981	9.8
1982	9.1
1983	8.3
1984	7.9
1985	8.0
1986	8.6
1987	8.3
1988	8.5
1989	8.7
1990	9.4
1991	9.8
1992	9.3
1993	9.5
1994	9.0
1995	8.2
1996	7.4
1997	6.8
1998	6.3
1999	5.7
2000	5.5
2001	5.6
2002	5.6
2003	5.7
2004	5.5
2005	5.6
2006	5.7
2007	5.6
2008	5.4
2009	5.0

Notes:	National or state offense totals are based on data from all reporting agencies and estimates for unreported areas. * Rates are the number of reported offenses per 100,000 population
	United States-Total – The 168 murder and nonnegligent homicides that occurred as a result of the bombing of the Alfred P. Murrah Federal Building in Oklahoma City in 1995 are included in the national estimate. The 2,823 murder and nonnegligent homicides that occurred as a result of the events of September 11, 2001, are not included in the national estimates.
Sources:	FBI, Uniform Crime Reports as prepared by the National Archive of Criminal Justice Data

4) united nation statistics of 2002 were too old in my opinion.

wikipedia seems too broad based to qualify as a research article but is easily accessible http://en.wikipedia.org/wiki/Gun_violence_in_the_United_States

to actually buy a gun or see guns available for purchase in United States see

http://www.usautoweapons.com/

More Infringements on Our Gun Rights (lewrockwell.com)
Rep. Giffords Joined 276 Americans that Day Killed or Wounded by Guns (grantlawrence.blogspot.com)
Myth About Gun Violence (socyberty.com)
Tell the Arizona Shooting Victims That Guns Don’t Kill (thedailybeast.com)
Jacob M. Appel: Want a Gun? Get a Prescription! (huffingtonpost.com)
America and Guns, Once More (nytimes.com)
Gun Control Timeline: 7 Big Events In The Federal Gun Control Debate (huffingtonpost.com)
After Tucson: Why Are the Mentally Ill Still Bearing Arms? (time.com)
Guns (fishofgold.wordpress.com)

Please share:

Like this:

Please share:

Like this:

Please share:

Like this:

Impersonation

Welcome to IC3

Filing a Complaint with IC3

Please share:

Like this:

Please share:

Like this:

Please share:

Like this:

Related Articles

Please share:

Like this: