loading subjects...
This book is based on presentations
For a variety of reasons most, but not all, of the presentations could be included in this book. A complete list of the presenters and their contact information is given in Appendix 1. Readers can find slides of some of the presentations posted on: http://cmsprod.bgu.ac.il/Eng/conferences/Nato/Presentations.htm
Audience
This work is intended to be of interest to counter-terrorism experts and professionals, to academic researchers in information systems, computer science, political science, and public policy, and to graduate students in these areas.
The goal of this book is to highlight several aspects of patrolling the Web that were raised and discussed during the workshop by experts from different disciplines. The book includes academic studies from related technical fields, namely, computer science, and information technology, the strategic point of view as presented by intelligence experts, and finally the practical point of view by experts from related industry describing lessons learned from practical efforts to tackle these problems.
This volume is organized into four major parts: definition and analysis of the subject, data-mining techniques for terrorism informatics, other theoretical methods to detect terrorists on the Web, and practical relevant industrial experience on patrolling the Web.
Part I addresses the current status of the relationship between terrorists and the Internet. The presenters are experienced intelligence experts and describe the causes and impacts of terrorists' use of the Web, the current status, and the governmental responses, and provide an overview of methods for the detection of, and the prevention of terrorist use of the Web, in different parts of the world.
Part II addresses data and Web mining techniques for identifying and detecting terrorists on the Web. The presenters are primarily computer scientists and they present recent studies suggesting data-mining techniques that are applicable for detecting terrorists and their activities on the Web.
Part III addresses theoretical techniques (other than data mining) applicable to terrorism informatics. The presenters are again computer and information scientists, but they propose computational methods that are not (presently) commonly used in terrorism informatics. These papers suggest new directions and promising techniques for the detection problem, such as visual recognition, information extraction and machine learning techniques.
Part IV reports on “learning from experience” and the presenters are industry practitioners who describe their applications and their experiences with operations attempting to patrol the Web.
Together, the participants worked to fashion a summary statement, drawing attention to the strengths and the limitations of our present efforts to patrol and limit the use of the World Wide Web by terrorist organizations. The summary statement may be regarded as representing a consensus, but the reader is cautioned that not every participant agrees with every element of the summary.
Summary Statement
As the proceedings show, a wide range of topics were discussed, and several points of view were presented. In a final session reflecting upon the entire workshop, participants identified a number of key points which should be kept in mind for future studies and efforts to limit the effectiveness of the World Wide Web as an aid to terrorists. These key points can be divided into two areas: 1) Social/Policy Issues, and 2) more narrow Technical Issues.
1. Social and Policy Issues
The Internet is used by terrorists for various activities such as recruitment, propaganda, operations, etc., without their physically meeting. But the Internet can be used to track the conspirators once they are identified. Some activities are open, others are hidden. The struggle against terrorism is the quintessential example of asymmetric warfare. In addition, terrorism stands on the ill-defined boundary where criminality, warfare, and non-governmental actors meet. It was agreed that, collectively, nations have the resources needed to counter terrorism, but that it is essential to share information in order to combat the geographically distributed nature of the terrorist organizations, which may have a very small footprint in any one nation. Therefore a key recommendation of the workshop is that: International cooperation is required among intelligence and law enforcement experts and computer scientists.
Other policy issues concern the interplay between the called-for cooperation, and the rights of individual citizens. This may be formulated as a technical question: “Can data mining truly protect privacy when the data is held and mined by ‘distrusted’ custodians?”. This important question was not addressed at the present workshop, but should definitely be on the agenda for future research.
At the interface between policy and technical matters, several participants stressed that some idea of a scheme, a model or a scenario is needed to interdict terrorists, because simple searching cannot cover every possibility. Therefore, whatever technical means and alarms are developed will have to be triggered by considerations of likelihood or probability, and/or by existing intelligence from other sources.
2. Technical Issues
As noted, technical means and alarms will have to be triggered by considerations of likelihood or probability, and/or by existing intelligence from other sources. In summary, a second key agreement is that: It is necessary to have people in the analytical loop, supplying human judgment.
An important point to consider in patrolling the Web for terrorism is that rates of false positives are necessarily high for any automated method of identification or discovery. As noted, the search must be moderated by some understanding of plausible scenarios. There is a clear interface to policy and social issues when considering the consequences of “false positive” (that is, naming a person, an organization, or a website as terrorist when it is not) which must be weighed, and balanced, against the consequences of failing to identify terrorist activity on the Web.
It was noted that computers work “from the bottom up”, digesting large masses of data and producing indications of when something is out of the ordinary. Human analysts, in contrast, work “from the top down”, guided by models or scenarios which may be drawn from previous experience, or may be suggested, for the very first time, by some configuration in the available data.
In working to make the computer a more powerful ally, it would be of immense value to have some common “challenge tasks”. This is the final finding of the workshop: It is necessary to have some model tasks which are well defined, and which have a “gold standard” known correct resolution or answer. Ideally these model challenges should be driven by the real missions of the several NATO nations. It was noted that most of the presentations dealt with websites in English, and a few with sites in Arabic. All of the technical work needs also to be extended to other languages.
Overall, there was an extremely effective exchange of ideas and of concerns between the experts in technical/computer issues and the experts in social/policy issues. It is highly recommended that this type of boundary spanning workshop be expanded and replicated in the future.
Bracha Shapira, Paul Kantor, Cecilia Gal.
A note on the production of this volume
The papers of this volume have been produced by a multi-step process. First, we recorded the talk given by each author at the conference in June (due to some technical difficulties a few presentations were not recorded). Next, we transcribed each recording. The authors then produced a draft of their paper from these transcriptions, refining each draft until the final version. Although the papers are not exactly like the talks given, some do retain the informal and conversational quality of the presentations. Other authors, however, preferred to include a more formal paper based on the material presented at the conference.
A few notes about language and conventions used in the book. Since the authors in this volume come from different parts of the globe we have tried to preserve their native cadences in the English versions of their papers. We have also decided to use both British English and American English spelling and standards depending on the specific style the author preferred to use. Language conventions for naming entities – such as Al Qaeda, 9/11 or Hezbollah – which have more than one standard spelling, were taken from the New York Times editorial practices. The formatting and style of references, when used, are consistent within each paper but vary between papers. And finally, a number of papers have pictures from screen captures of illustrations or of proprietary software. Although every effort was made to include the highest quality pictures so they would reproduce well in print, in some instances these pictures may not reproduce as well as might be desired, and we beg the reader's indulgence.
Cecilia Gal, Rutgers.
Acknowledgements
It is a pleasure to acknowledge the superb hospitality of Ben-Gurion University, which provided their magnificent faculty Senate Hall for the two days of the Conference, together with excellent audio-visual support.
The Deutsche Telekom Laboratory at BGU, and Dr. Roman Englert provided additional hospitality for the participants.
We want to thank Rivka Carmi the President of Ben-Gurion University for her gracious welcome, Yehudith Naftalovitz and Hava Oz for all their hard work with the conference arrangements and Professor Fernando Carvalho Rodrigues and Elizabeth Cowan at NATO for their generous support.
