[LINK] Automatically Identifying Cyber-criminals
Tom Worthington
tom.worthington at tomw.net.au
Thu May 30 15:50:10 AEST 2013
Greetings from the Australian National University in Canberra where Dr
Robert Layton, Research Associate, Internet Commerce Security Laboratory
(ICSL), University of Ballarat, is discussing how to automatically
identify cyber-criminals. He uses artificial intelligence software to
compare document created on-line for Phishing. The software can identify
which documents are from the same criminal gangs, so that those gangs
can be targeted. Also the software can be used to monitor on-line chat
rooms where illicit good are bought and sold, to identify those
involved. Also the source code of malware can be subject to analysis to
see if it has a common author.
Robert pointed out that response to such activities by authorities has
to be prompt. It is possible to contact the host provider where an
illegal activity is identified and ask for it to be "taken down". But
the criminal can ear a significant amount of money in the hours or days
this takes.
While Robert was discussing identifying criminal activities, the same
techniques would be applicable in defending from attack in
cyber-warfare. One of the major problems in cyber-warfare is knowing
who is attacking you. An attacker can disguise a coordinated attack as a
series of apparently unconnected non-state sponsored criminal acts. In
this way the attacker can avoid retaliation, on-line or by kinetic means
(that is by using conventional military force). If the attacker can be
identified then they can be targeted using a cyber-attack, electronic
warfare or using a bomb, missile or special forces raid.
Papers by Dr Robert Layton:
http://scholar.google.com.au/citations?user=7OkhvkMAAAAJ&hl=en&oi=sra
--
Tom Worthington FACS CP, TomW Communications Pty Ltd. t: 0419496150
PO Box 13, Belconnen ACT 2617, Australia http://www.tomw.net.au
Liability limited by a scheme approved under Professional Standards
Legislation
Adjunct Senior Lecturer, Research School of Computer Science,
Australian National University http://cs.anu.edu.au/courses/COMP7310/
More information about the Link
mailing list