Greetings from the Australian National University in Canberra where Dr Robert Layton, Research Associate, Internet Commerce Security Laboratory (ICSL), University of Ballarat, is discussing how to automatically identify cyber-criminals. He uses artificial intelligence software to compare document created on-line for Phishing. The software can identify which documents are from the same criminal gangs, so that those gangs can be targeted. Also the software can be used to monitor on-line chat rooms where illicit good are bought and sold, to identify those involved. Also the source code of malware can be subject to analysis to see if it has a common author.
Robert pointed out that response to such activities by authorities has to be prompt. It is possible to contact the host provider where an illegal activity is identified and ask for it to be "taken down". But the criminal can ear a significant amount of money in the hours or days this takes. While Robert was discussing identifying criminal activities, the same techniques would be applicable in defending from attack in cyber-warfare. One of the major problems in cyber-warfare is knowing who is attacking you. An attacker can disguise a coordinated attack as a series of apparently unconnected non-state sponsored criminal acts. In this way the attacker can avoid retaliation, on-line or by kinetic means (that is by using conventional military force). If the attacker can be identified then they can be targeted using a cyber-attack, electronic warfare or using a bomb, missile or special forces raid. Papers by Dr Robert Layton: http://scholar.google.com.au/citations?user=7OkhvkMAAAAJ&hl=en&oi=sra -- Tom Worthington FACS CP, TomW Communications Pty Ltd. t: 0419496150 PO Box 13, Belconnen ACT 2617, Australia http://www.tomw.net.au Liability limited by a scheme approved under Professional Standards Legislation Adjunct Senior Lecturer, Research School of Computer Science, Australian National University http://cs.anu.edu.au/courses/COMP7310/ _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
