April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

January 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

OPINION / Shedding light on the dark cyber-world

Dr. Antonio Nucci

The Internet has become the central nervous system for our networked life. As a global network of loosely connected IP-based networks, it reaches into every country, and provides governments, businesses and consumers worldwide with a common platform for communication. And now, a new kind of criminal has emerged.

As the 21st Century criminal has moved into new realms and dimensions, law enforcement agencies and government organizations are in hot pursuit. The pervasive nature of cyber-crime ranges from loss of proprietary corporate information to the loss of life, from national security to cyber warfare. From predators exchanging child porn and scammers stealing identities to countries attacking countries, cyber-crime does not discriminate.

Quantifying the spread and impact of cyber-crime and cyber-terrorism

The FBI estimates that all types of computer crime in the U.S. currently cost industry about $400 billion, while officials in the Department of Trade and Industry in Great Britain say computer crime has risen by 50 percent from 2005 to 2006. It is estimated that only five percent of cyber-criminals are ever arrested or convicted because the anonymity associated with Web activity makes them hard to catch, and the trail of evidence needed to link them to a cyber-crime is hard to unravel. CERT/CC estimates that as much as 80 percent of all computer security incidents remain unreported. Steps must be taken before we can successfully combat cyber-crime.

First, we must understand the language and dialects (i.e., the protocols, applications and services) spoken in the cyber-world. Although the importance of traffic monitoring has always been seen as a fundamental step in the process, and has attracted many researchers and industry communities, the problem is far from being solved. As networks became faster and network-centric applications became more complex over time, what was roughly our “good” understanding of the Internet traffic a few years ago turned out to be a terrifying realization that today the “what we do not know” has largely surpassed the “what we know.”

It is clear that our true understanding of the protocols, applications and services carried by the cyber-infrastructure continues to diminish as we speak. A special project called Lobster -- aimed at developing an advanced pilot for the European Internet Traffic Monitoring Infrastructure based on passive monitoring sensors at speeds starting from 2.5 Gbps up to 10 Gbps -- has shown that the amount of unrecognized traffic has increased from 30 percent in 2002 to 69 percent in 2004. That’s more than double in just two years. The answer to the question, “How do we bridge this knowledge gap?” remains open.

Second, we must identify cyber-users and communities of cyber-users whose activity and content may harm the safety and transparency of the cyber world. The speed and asynchronous nature of the cyber-world communication makes it an ideal platform for rapidly mobilizing a group of like-minded users. Associations can emerge on all size scales and can be geographically local or dispersed. They can form around very specific issues and then die out quickly. They may remain loosely connected and dispersed or eventually coalesce into more structured and hierarchical forms.

Of course, like all advances in communication technology, the cyber-world is useful not only to legitimate political and civic groups, but also to criminal and terrorist groups. Blog sites, news sites and social sites have indeed become an ideal arena for such users to “phish” for information and coordinate their criminal or terrorist activities, lost in the ocean of legal digital transactions and communications, and while hidden among the massive number of innocent cyber-users. The answer to the question, “How do we identify users engaged in suspicious activities that can span many different Web sites at once?” remains open.

Third, it is important to identify the real person behind an alias or cyber-identifier used to enter the cyber-world. A critical problem in this digital world is not knowing with whom you are interacting. The difference between the real space and the cyber-world is that the essence of any digital transaction is unbundling. In the cyber-world, users can unbundle their identity from content and transactions. Conversely, a real-space transaction carries along inseparable secondary information that can be leveraged to uniquely trace a transaction to a living person.

Currently, no generic system exists for identification in the cyber-world. Ones and zeros do not inherently carry any separate information along with them. Further, in the cyber-world, users have control over the strength of the link between their real world and their cyber-identities. So, how feasible is it from a technology perspective to reconstruct the missing link between the user identity in the cyber-world and his or her real-world identity? Again, this question remains open.

A new way to think about the cyber-world

While the cyber-world is seen as a “dark” space and governments have increasingly expressed their concern about the cyber-world’s role in public safety and national security, we still have not done enough to shed light on the cyber-world and its users.

To do so, we must first understand it. The cyber-infrastructure must not be thought of as just the physical infrastructure made of optical fibers, servers and routers. Rather, the cyber-infrastructure is also about protocols, applications and services being used to enable communications among any number of end points (users). We must discover who is behind the nickname, Mac or IP address, or the VoIP number -- perhaps by using novel biometric techniques to profile users’ communications as they access the cyber-world. Reconstructing today’s missing links between the cyber ID and the real person would make the cyber-world a safer place to visit.

By Dr. Antonio Nucci is the Chief Technology Officer for Narus, Inc. He can be contacted at:

[email protected]


Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...