Tracking Down Internet Terrorist Propaganda

I always knew there's a team of cheap marketers behind every terrorist organization trying to market yet another multimedia killing, or put it simple fear, treats, and no respect for life. Why cheap? Mainly because there's no segmentation or niche issues to deal with, but mostly mass marketing, while harnessing the power of the never ending resonation from the media echo.

Rather biased, today's opinion on Cyberterrorism always has to do primarily with destruction as the core of the problem. Active research is already conducted on "Arabic Extremist Group Forum Messages' Characteristics" and "Terrorist Social Network Analysis", and the real issues still remain communication, research, fundraising, propaganda, recruitment and training -- I wish Dorothy Denning was also blogging on the topic!

iDefense, being the masters of CYBERINT, recently found jihadist web sites related to Zarqawi's "Successor". The interesting part :

"This website contains forums with a mix of threads covering items from the latest information on the militants in the Middle East, such as a video of militants in Syria, to hacker education, such as Microsoft Word documents available for downloading that detail CGI, unicode and php exploits. The members appear to be interested in physical and cyber-related threats. The membership of the site is growing and is already over 10,000+ members. Plus, we at iDefense/VeriSign are very interested to see what hacking issues or levels of cyber expertise may be covered on this site."

By the way, I just came across to an outstanding list of Islamic sites at Cryptome. These are definitely about to get crawled, analyzed, and for sure, under attack in the future. For instance, the most recent example of hacktivism tensions, are the hundreds of hacked Israeli web pages, in the light of Israel's military action in Gaza.

Further reading on:
Terrorism
Cyberterrorism
How Modern Terrorism Uses the Internet
Jihad Online : Islamic Terrorists and the Internet
Right-wing Extremism on the Internet
Terrorist web sites courtesy of the SITE Institute
The HATE Directory November 2005 update
Recruitment by Extremist Groups on the Internet Continue reading →

Shots From the Wild - Terrorism Information Awareness Program Demo Portal

A lot has changed since my last post on "Data mining, terrorism and security", namely NSA's warrantless surveillance efforts. So, in the spirit of a second possible NSA facility, I've decided to post a shot from the TIA's early stages of development obtained though the most detailed, conceptual, and from a developer's point of view description of the program.

There've also been speculations on the severity of NSA wiretapping program compared to the Watergate scenario, while I feel that besides political engineering through infowar, it also occurs relatively more often over a juicy barbecue.

Related resources on Intelligence, NSA, Surveillance, Wiretapping. Continue reading →

Aha, a Backdoor!

Security precautions can indeed blur the transparency of a company's financial performance -- one that's extremely important in the post-Enron corporate world. Under fire over some of the biggest corporate scandals during the last decade, the Securities and Exchange Commission (SEC) has been trying to change the data standards to ensure greater accountability and support decision makers. On the other hand, the U.S's Intelligence Czar, John Negroponte remains in position to "exempt" publicly traded companies from reporting matters in relation to nothing else but national security.


From the article :

"Now, the White House’s top spymaster can cite national security to exempt businesses from reporting requirements President George W. Bush has bestowed on his intelligence czar, John Negroponte, broad authority, in the name of national security, to excuse publicly traded companies from their usual accounting and securities-disclosure obligations. Notice of the development came in a brief entry in the Federal Register, dated May 5, 2006, that was opaque to the untrained eye."



What the U.S government gets is stimulated to invest in homeland security publicly traded companies, given the benefits of the possible "exemption" and countless opportunities for profitable speculation. If the backdoor left gets used for purposes other than classifying some obvious defense contractors' accounting histories I wouldn't doubt seeing Coca Cola diversifying to take advantage of expanding the unaccountable R&D department. Moreover, today I came across to an independent research stating that classified and unaccountable military spending is at its peak.



It's fascinating to label something as top secret and let the world know about it 30 years later in order to lose the public effect of the discovery, still "excusing" companies to fuel growth would open up a great deal for corporate fraud schemes, but yes, investments too. Continue reading →

Arabic Extremist Group Forum Messages' Characteristics

Ever wondered what's the font size of a terrorist forum posting? These guys are really deep into using AI for gathering intelligence on various Cyberterrorism threats, and as you can see they neatly visualize their findings. "Applying Authorship Analysis to Extremist-Group Web Forum Messages" by Ahmed Abbasi and Hsinchun Chen, University of Arizona seem to have found a way, or at least patters of ongoing terrorist communication, and of course propaganda online. What they did was :



"To explore these problems, we modified an existing framework for analyzing online authorship and applied it to Arabic and English Web forum messagesassociated with known extremist groups. We developed a special multilingual model—the set of algorithms and related features—to identify Arabic messages, gearing this model toward the language’s unique characteristics. Furthermore, we incorporated a complex message extraction component to allow the use of a more comprehensive set of features tailored specifically toward online messages. A series of experiments evaluating the models indicated a high level of success in identifying communication patterns."



Social network analysis has a lot of potential, and with data mining it seems to be the perfect match for the recent trouble with NSA's domestic spying program. DearNSA.com and the Patriot Search are aiming to solve the problem for both parties -- efficiently.



There's a lot of propaganda chat going on online all the time, and among the very few limitations that bother me about such web aggregation of open source information are the use of steganography, or plain-simple Dark Web (closed for crawlers with basic/sophisticated authentication in place) communication -- remember there's a lot of noise to sort out through as well. Continue reading →

Terrorist Social Network Analysis

In previous posts "Visualization, Intelligence and the Starlight project" and "Visualization in the Security and New Media world" I covered various security and intelligence related projects and mostly emphasized on the future potential of visualizing data. Data mining is still everyday's reality -- social networking as well. Just came across this at DefenseTech :



"It'd be one thing if the NSA's massive sweep of our phone records was actually helping catch terrorists. But what if it's not working at all? A leading practitioner of the kind of analysis the NSA is supposedly performing in this surveillance program says that "it's a waste of time, a waste of resources. And it lets the real terrorists run free." Re-reading the USA Today piece, one paragraph jumped out: This kind of data collection from phone companies is not uncommon; it's been done before, though never on this large a scale, the official said. The data are used for 'social network analysis,' the official said, meaning to study how terrorist networks contact each other and how they are tied together. So I called Valdis Krebs, who's considered by many to be the leading authority on social network analysis -- the art and science of finding the important connections in a seemingly-impenetrable mass of data. His analysis of the social network surrounding the 9/11 hijackers is a classic in the field."



It gets even more interesting with a comparison of a Fortune 500 company's network and Al Qaeda's one. Social networks are among the driving forces of Web 2.0, and I find the concept of communication and planning online a very realistic one. And if you really want to know more about social networks in the business world, corporate anthropologist Karen Stephenson - The Organization woman is really up to it, very good article. And of course, Valdis Kreb's blog on smart economic networks. Continue reading →

Data mining, terrorism and security

I've been actively building awareness on what used to feel like an unpopular belief only - Cyberterrorism, and also covered some recent events related to Cyberterrorism in some of my previous posts.



Last week, The NYTimes wrote about "Taking Spying to Higher Level, Agencies Look for More Ways to Mine Data", and I feel that avoiding the mainstream media for the sake of keeping it objective is quite useful sometimes. From the article :



"On the wish list, according to several venture capitalists who met with the officials, were an array of technologies that underlie the fierce debate over the Bush administration's anti-terrorist eavesdropping program: computerized systems that reveal connections between seemingly innocuous and unrelated pieces of information. The tools they were looking for are new, but their application would fall under the well-established practice of data mining: using mathematical and statistical techniques to scan for hidden relationships in streams of digital data or large databases."



Interest in harnessing the power of data mining given the enormous flow of information from different parties would never cease to exist. What's more to note in this case, is the Able Danger scenario as a key indicator for usefulness of outdated information, given any has been there at the first place. Conspiracy theorists would logically conclude that the need for evidence of the power of data mining for tracking terrorists would inevitably fuel more investments in this area. So true, and here's a recent event to keep the discussing going - "Suit airs Able Danger claims: Two operatives in secret program say their lawyers were barred at hearings"



While on one hand wars are getting waged with the idea to eradicate terrorist deep from its roots, and sort of building "local presence" thus improving assets allocation and intelligence gathering, I feel the fact that a reliable communication channel could be estalibshed by a terrorist network over the Net is already gaining a lot of necessary attention. However, TIA's ambitions have always been desperately megalomaniac, what about some marginal thinking in here folks, you cannot absorb all the info and make sense out of it, and who says it has to be all of it at the first place?!



The Total Information Awareness program was prone to be abused in one way or another, like pretty much any data mining system from my point of view. And while it's supposidely down due to budget deficits and privacy violations outbreak, government legislation and ensuring key networks remain wiretaps-ready seems to be a valuable asset for any future data mining projects. TIA is still up and running folks, or even if it's not using the same name, the concept is still in between the lines of DHS's budget for 2006 and would always be, and with the majority of corporate sector's participants are opening up their networks to comply with "legal requirements", the lines between privacy and the war against terrorism, and what to exchange for what, seems to be getting even more shady these days.



In my previous posts, I also mentioned about the power of the Starlight project as existing initiative to data mine data from different and media-rich sources alltogether, and most importantly, visualize the output. If you fear BigBrother, don't fear the Eye, but fear the Eyeglasses :)



More resources on Data Mining and Terrorism :

Data Mining : An Overview
Data Mining and Homeland Security : An Overview (updated January 27, 2006)
Using data mining techniques for detecting terror-related web activities
Data mining and surveillance in the post-9.11 environment
The Dark Web Portal: Collecting and Analyzing the Presence of Domestic and International Terrorist Groups on the Web
Workshop on Data Mining for Counter Terrorism and Security
TRAKS: Terrorist Related Assessment using Knowledge Similarity
The Multi-State Anti-Terrorism Information Exchange (MATRIX)
A Knowledge Discovery Approach to Addressing the Threats of Terrorism - w00t
Gyre's Data Mining section
Eyeballing Total Information Awareness
Able Danger blog
EPIC's TIA section
EFF's TIA section



Technorati tags : Security, Terrorism, Cyberterrorism, Data Mining, TIA Continue reading →