Tag: terrorism

Analytics for Cyber Conflict

 

The emerging use of Analytics and Knowledge Discovery in Databases for Cyber Conflict and Trade Negotiations

 

The blog post is the first in series or articles on cyber conflict and the use of analytics for targeting in both offense and defense in conflict situations.

 

It covers knowledge discovery in four kinds of databases (so chosen because of perceived importance , sensitivity, criticality and functioning of the geopolitical economic system)-

  1. Databases on Unique Identity Identifiers- including next generation biometric databases connected to Government Initiatives and Banking, and current generation databases of identifiers like government issued documents made online
  2. Databases on financial details -This includes not only traditional financial service providers but also online databases with payment details collected by retail product selling corporates like Sony’s Playstation Network, Microsoft ‘s XBox and
  3. Databases on contact details – including those by offline businesses collecting marketing databases and contact details
  4. Databases on social behavior- primarily collected by online businesses like Facebook , and other social media platforms.

It examines the role of

  1. voluntary privacy safeguards and government regulations ,

  2. weak cryptographic security of databases,

  3. weakness in balancing marketing ( maximized data ) with privacy (minimized data)

  4. and lastly the role of ownership patterns in database owning corporates

A small distinction between cyber crime and cyber conflict is that while cyber crime focusses on stealing data, intellectual property and information  to primarily maximize economic gains

cyber conflict focuses on stealing information and also disrupt effective working of database backed systems in order to gain notional competitive advantages in economics as well as geo-politics. Cyber terrorism is basically cyber conflict by non-state agents or by designated terrorist states as defined by the regulations of the “target” entity. A cyber attack is an offensive action related to cyber-infrastructure (like the Stuxnet worm that disabled uranium enrichment centrifuges of Iran). Cyber attacks and cyber terrorism are out of scope of this paper, we will concentrate on cyber conflicts involving databases.

Some examples are given here-

Types of Knowledge Discovery in –

1) Databases on Unique Identifiers- including biometric databases.

Unique Identifiers or primary keys for identifying people are critical for any intensive knowledge discovery program. The unique identifier generated must be extremely secure , and not liable to reverse engineering of the cryptographic hash function.

For biometric databases, an interesting possibility could be determining the ethnic identity from biometric information, and also mapping relatives. Current biometric information that is collected is- fingerprint data, eyes iris data, facial data. A further feature could be adding in voice data as a part of biometric databases.

This is subject to obvious privacy safeguards.

For example, Google recently unveiled facial recognition to unlock Android 4.0 mobiles, only to find out that the security feature could easily be bypassed by using a photo of the owner.

 

 

Example of Biometric Databases

In Afghanistan more than 2 million Afghans have contributed iris, fingerprint, facial data to a biometric database. In India, 121 million people have already been enrolled in the largest biometric database in the world. More than half a million customers of the Tokyo Mitsubishi Bank are are already using biometric verification at ATMs.

Examples of Breached Online Databases

In 2011, Playstation Network by Sony (PSN) lost data of 77 million customers including personal information and credit card information. Additionally data of 24 million customers were lost by Sony’s Sony Online Entertainment. The websites of open source platforms like SourceForge, WineHQ and Kernel.org were also broken into 2011. Even retailers like McDonald and Walgreen reported database breaches.

 

The role of cyber conflict arises in the following cases-

  1. Databases are online for accessing and authentication by proper users. Databases can be breached remotely by non-owners ( or “perpetrators”) non with much lesser chance of intruder identification, detection and penalization by regulators, or law enforcers (or “protectors”) than offline modes of intellectual property theft.

  2. Databases are valuable to external agents (or “sponsors”) subsidizing ( with finance, technology, information, motivation) the perpetrators for intellectual property theft. Databases contain information that can be used to disrupt the functioning of a particular economy, corporation (or “ primary targets”) or for further chain or domino effects in accessing other data (or “secondary targets”)

  3. Loss of data is more expensive than enhanced cost of security to database owners

  4. Loss of data is more disruptive to people whose data is contained within the database (or “customers”)

So the role play for different people for these kind of databases consists of-

1) Customers- who are in the database

2) Owners -who own the database. They together form the primary and secondary targets.

3) Protectors- who help customers and owners secure the databases.

and

1) Sponsors- who benefit from the theft or disruption of the database

2) Perpetrators- who execute the actual theft and disruption in the database

The use of topic models and LDA is known for making data reduction on text, and the use of data visualization including tied to GPS based location data is well known for investigative purposes, but the increasing complexity of both data generation and the sophistication of machine learning driven data processing makes this an interesting area to watch.

 

 

The next article in this series will cover-

the kind of algorithms that are currently or being proposed for cyber conflict, the role of non state agents , and what precautions can knowledge discovery in databases practitioners employ to avoid breaches of security, ethics, and regulation.

Citations-

  1. Michael A. Vatis , CYBER ATTACKS DURING THE WAR ON TERRORISM: A PREDICTIVE ANALYSIS Dartmouth College (Institute for Security Technology Studies).
  2. From Data Mining to Knowledge Discovery in Databases Usama Fayyad, Gregory Piatetsky-Shapiro, and Padhraic Smyt

Amazing Data Visualization- UN Counter Terrorism

Here is an amazing organigram depicting the organization of United Nations Task force of Countering Terrorism

source-

http://www.un.org/terrorism/cttaskforce.shtml

so now you know whom to call at 3 am, in case of airline bombing terrorists or just bad guys in general.

 

Fighting Back -The Net, Social Media, Spam, Identity Theft, Terrorism

Recently some influential bloggers got nailed by TSA for leaking security directives of Airlines that were issued post the failed Christmas Day attack. While the first Amendment is a much admired piece of legislation, a blogger’s right to blog cannot be greater than his desire to see his fellow citizens safe.

[tweetmeme=”Decisionstats”]

As someone who is brown , male, single ( and thus automatically a TSA curiousity) I travel to places like New York, San Fransisco, Austin, Atlanta, Ohio, Las Vegas for both personal and professional work- some of the following may be purely personal experiences.

1) Some of the biggest drawbacks that Airlines have had in the past were- Airport checks Susceptibility to social engineering. – They would rarely glance at a photo id if it is an American driver license but would do a proper job if it is a external passport. Unfortunately the second generation of Arab/ Asian exiles that are prone to internet based clerics have American issued passports as well as licenses. In addition they go to colleges and play soccer with actual citizens of foreign countries who can motivate or guide them. A look at the number of Arabic- Asian students in the University system who are not vetted by the TSA would reveal the magnitude of the problem.

I flew from Knoxville Tennessee to Las Vegas some months back on college I card, en route on my way back, I went through Washington, and was also hospitalized. Thus using a Vol Card, an Indian driving license and an American social security card – I managed to travel almost all the landscape. In addition I passed through enough transit airports to switch my destination. Sometimes I am so good I scare myself..

In order to catch a thief, the TSA needs to think like a thief rather than waste time and precious agents on just another liberal blogger. Have a contest open to all members of the public, and especially hackers, social media spammers, identity thieves- most of whom are starving people who need money AND respect. Say here is our system- and our processes. Break it to win a million dollars but share the solution with us in private.

2) Some elements of social media should be reviewed for a secure online identity. Twitter has a system for authenticating prominent people, that should be rolled out for all users of Facebook, Twitter, Linkedin. The costs should be subsidized by the airlines given the bail outs they received in 2004. or the Airlines should simply give an equity stake as the banks and the car companies did- to ensure  there is no cutting of corners to make profits

3) Analyzing chatter While the NSA and the TSA and CIA and the AAA etc monitor the internet for data and specifically terror linked chatter- these cases point to the fact that they need to adopt faster ways of crunching data ( MapReduce for fighting Terror- maybe is not a bad idea after all). Companies like SAS, SPSS, Revolution Computing can then collaborate with the data gathering companies by embedded analytical solutions.

What is more important? Catching people who are defaulting on their mortgages ( that can wait for a quarter and you can still catch them with more penal interest)

or Catching people who are defaulting on their conscience ( within 2 days of writing that email, tweet, facebook). Think of it as creating a big new system of online parking tickets, you can even create a lucrative online health insurance market by asking people to seek compulsory identity theft protection and insurance.

4) Spam and Identity Theft go hand in hand and so far as now have been dismissed by financial authorities as just another operating loss that shaves a few basis points. But when terrorists who are trained to blow up people get a sweet fake identity they can use to cause catastrophic losses in terms of market capitalization. If all onus on fraudulent transactions is placed firmly on the financial organizations including hefty fines they will be move much faster at eliminating these thefts.

5) Modifying customer facing interfaces- All American financial institutions have to abide by Fair Credit Lending Act and the USury act and the PAtriot Act ( ?). Since what they report is more or less the same- the interfaces of forms can be re designed or guideliness issued so that they are easy to read. A lot of fraud is caused because of the fine print phenomenon. Fine print can be fine in quality not just the font size. Design on the web needs to be monitored so that operations and risks forms have the same importance as marketing brochures. ( A sarcastic example below on Image Credits using just color and font size)

6) Kill all the terrorists.

That;s how they did in my native state of Punjab in India.

7) Point 6 may be an analytical over reaction. With social media tools that the new Govt is rolling out- citizens can play more prominent roles in suspicious activities tracking. Use your Android or I Phone to tweet to a secure govt website on anything suspicious. The techies there would have installed Map Reduce and a Data Miner solution to cut the signal and noise chatter and get to the point of impact faster. Rather than wait for Daddy to call.

Disclaimer- The author knows no government sources and no terrorists. Some of his insights are personal given his father helped fight terrorists trained in Pakistan for 2 decades while in India. These are purely personal views only and all trademarks are acknowledged etc etc.

( and yes United Airlines kept me for 4 hours on an airport, that has no co relation to this story)

Image credit ( or how credit card companies charge fees)-

A Prayer to the Killed-Updated

A Prayer to the Killed
Kill the mullahs who rain terror
Kill the Jews who fire the missiles
Inspiring the mullahs to hit back
Kill the white men who arm them both
Kill the brown, the black, and the yellow men
Who are so busy killing,
They forget the art of living
Kill all the killers
Kill em all
BUT after you hunt down the hunters, my friend
Say a prayer for the innocent gone
The ones who didn”t know why they were dying
Who jumped a hundred floors
To avoid the burning of their skin.
Say a prayer for the people who were trying to save them
And couldn”t save themselves
A prayer for the people who struggled and died in the air
Rather than kill some more on the ground
Say a prayer for the dead, the dying and the coming dead
Kill the killers
But know what forced them to hate you so much
And pray for the killed
Whether they are yours or the enemy”s, my friend
Amen.

 

(written after September 11,2001. Unfortunately it is relevant again due to bomb blasts in India)

%d bloggers like this: