Technical, Legal and Political Issues of Combating Terrorism on the Internet.
-
Upload
abzetdin-adamov -
Category
Internet
-
view
107 -
download
0
description
Transcript of Technical, Legal and Political Issues of Combating Terrorism on the Internet.
![Page 1: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/1.jpg)
Technical, Legal and Political
Issues of Combating Terrorism
on the Internet.
http://ce.qu.edu.az/~aadamov
Assoc. Prof. Abzetdin ADAMOV
Chair of Computer Engineering Department
Director of Center for Data Analytics and Web Insights
Baku, Azerbaijan
Astana, 25.11.2014
INTERNATIONAL CONFERENCE
«TERRORISM AND THE INTERNET»
![Page 2: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/2.jpg)
Digital Universe
• 2008 – 480.000 petabytes (PB)
• 2009 – 800.000 PB
• 2010 – 1200 000 PB or 1.2 zettabyte (ZB)
• 2011 – 1.8 ZB
• 2012 – 2.7 ZB
• 2013 – 4.4 ZB
• 2014 ~ 7.0 ZB
• Expected to reach 44 ZB by 2020
Daily now we create as much information as from the dawn of
civilization up until 2003
![Page 3: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/3.jpg)
Much More Data than We Can
Consume
We produce much more data than we are able to process.
It is cheaper to Store than to Filter and Delete.
Data
Consumer
![Page 4: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/4.jpg)
Technical Issues of
Cyberterrorism
![Page 5: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/5.jpg)
What is Terrorism in Internet or
Cyberterrorism?
Adding prefix "cyber" to "terrorism"
could be used in 2 ways:
• A terrorist attack that uses cyber weapons
– Akin to "bioterrorism" and "nuclear terrorism"
– Then what is violence in cyberspace?
• Use of cyberspace to support terrorism
– Akin to "narcoterrorism"
![Page 6: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/6.jpg)
Conduct of Cyberterrorism
Attacks
• Objectives
– Cause disruption or severe harm
– Make money or support organization
• Targets
– Critical infrastructures or control systems vs public
websites
• Sophistication of attacks
– Tools, methods, coordination
• Results and impact
![Page 7: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/7.jpg)
Technologies Used to Conduct
Purposed Cyberterrorism
• eMail, Chat, IM, Beb, Blogs, Forums, Groups
• Network security: encryption, steganography, web
security
• Distribution of News, Documents, Videos, etc
• Communications, Coordination, Command and
Control
• Intelligence Collection
• Recruitment
• Training
• Fund raising
![Page 8: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/8.jpg)
Technology Literacy of Terrorist
Organizations
• Widely use social media
• Use high impact phrases on Twitter to generate
traffic
• Use Tor, as anonymous web browser
• Open source powerful encryption systems
• Switching from Twitter they to Diaspora
• Encryption soft for mobile phones in 2007
• Own encryption programme called Asrar al-
Ghurabaa in November 2013
• 4096 bit public key encryption in June 2014
![Page 9: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/9.jpg)
DeedWeb, DeepNet, DarkNet,
FreeNet, TOR
• DarkNet (P2P) - use different protocols not
transparent for Search Engines (SE)
• DeepNet/DeepWeb - content that not indexed by
SE
• FreeNet - private distributed architecture
• Tor - prevents monitoring of websites that users
visit
The DeepWeb is currently 800 – 1000 times
larger than Surface Web. Just 0.03% … of
the DeepWeb is indexed
![Page 10: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/10.jpg)
Methods and Technologies Used
for DeepNet
• Dynamic content
• Unlinked content
• Private Web
• Limited access content (CAPTCHAs, Robots
Exclusion Standard)
• Scripted content (JavaScript, AJAX, Flash)
• Non-HTML/text content
• Special software (TOR - The Onion Router)
Surface Web
Deep Web
![Page 11: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/11.jpg)
FreeNet –
Network Without Control
• High redundancy of content
• Huge distributed cache
• No central servers
• No control of any one individual or
organization
• No hierarchy of nodes is intended
• Strong encryption
www.freenetproject.org
intermediate computers which pass on requests for content and sending them
back without knowing the contents of the full file, similar to how routers on the
Internet route packets without knowing anything about files
![Page 12: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/12.jpg)
Technical Solutions against
Cyberterrorism
• Email Authentication
– SPF, DKIM, Secure Internet Letterhead
• Web Authentication
– Extended Validation, Secure Internet Letterhead
• Secure Identity
– SAML, WS-*, OpenID, OATH, Identity 3.0
• Data Level Security
– CRM Infrastructure, Open CRM
• Network Security
– Reverse Firewalls, DNSSEC, BGP Security
– Domain Centric Administration, Default Deny Infrastructure
![Page 13: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/13.jpg)
Legal Issues of Cyberterrorism
![Page 14: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/14.jpg)
Legal Response to
Cyberterrorism
• Applying cybercrime legislation to
cyberterrorism;
• Applying existing cyberterrorism legislation
to cybercrime;
• Enacting specific legislation on terrorist
use of the Internet.
Three approaches of legal responses:
![Page 15: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/15.jpg)
Legal Challenges
• Illegal content - balance between preventing and
right to freedom of expression;
• Communication - concern about services
availability, traceability, interception of
communications and encryption;
• Terrorist financing - no consensus if main
resource for terrorism financing is electronic
payment or cash.
Legal Challenges in Combating Cyberterrorism :
![Page 16: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/16.jpg)
Political Issues of
Cyberterrorism
![Page 17: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/17.jpg)
SUN SUN
1
2
3
4
5
6
7
8
Foundations of the WEB
DNS DNS
DNS
DNS
- Countries
![Page 18: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/18.jpg)
SUN SUN
Where Attack Came From?
State A
Compromised
Computers
Attacker
State C
State B
- According to the State C the
attack came from the Sate B
- Is the State B guilty or not?
![Page 19: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/19.jpg)
SUN
Location of Illegal Content
Authority of State A
Victim
Owner of content is
citizen of State C
State B
Website with suspicious
content against the State A
hosted on the server located
in the State B
Case Study:
• State A – the content violate the law
on cyberterrorism;
• State B – the specific content is not
crime;
• State C – even the content is
cybercrime, it was not conducted on
the territory of State C
![Page 20: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/20.jpg)
SUN
Distributed Internet Services
whom talk to about
banning of content?
Computer with terrorist
content
www.terror.xx / 120.1.1.1
State A: owner of ccTDL “xx”
State B: Domain Name Registrar (DNR)
State C: Domain Name Service (DNS)
State D: Regional Internet Registry (RIR)
State E: Internet Service Provider (ISP)
State F: Hosting Service Provider (HSP)
State H: Physical Location of Server
![Page 21: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/21.jpg)
International Organizations
• IISRC – International Information Security Research Consortia
• CTITF – United Nations Counter-Terrorism Implementation Task Force
• GCTF – Global Counter-Terrorism Forum
• OSCE – Organization for Security and Cooperation in Europe
• UNODC – United Nations Office on Drugs and Crime
• CTED – Counter-Terrorism Executive Directorate
![Page 22: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/22.jpg)
Conclusion
• Until recently it was obvious – Availability;
• Now some balance must be figured out, which
should transparent for general user and
impenetrable for crime;
• International Cooperation is the Key Condition for
Success
Talking about the use of Internet for terrorism purpose
we inevitably get a question: which is more important
Availability or Security?
![Page 23: Technical, Legal and Political Issues of Combating Terrorism on the Internet.](https://reader034.fdocuments.us/reader034/viewer/2022052602/559d1a3a1a28ab52558b4775/html5/thumbnails/23.jpg)
http://ce.qu.edu.az/~aadamov
Questions…