Technical, Legal and Political

Issues of Combating Terrorism

on the Internet.

http://ce.qu.edu.az/~aadamov

Assoc. Prof. Abzetdin ADAMOV

Chair of Computer Engineering Department

Director of Center for Data Analytics and Web Insights

Baku, Azerbaijan

aadamov@qu.edu.az

Astana, 25.11.2014

INTERNATIONAL CONFERENCE

«TERRORISM AND THE INTERNET»

Digital Universe

• 2008 – 480.000 petabytes (PB)

• 2009 – 800.000 PB

• 2010 – 1200 000 PB or 1.2 zettabyte (ZB)

• 2011 – 1.8 ZB

• 2012 – 2.7 ZB

• 2013 – 4.4 ZB

• 2014 ~ 7.0 ZB

• Expected to reach 44 ZB by 2020

Daily now we create as much information as from the dawn of

civilization up until 2003

Much More Data than We Can

Consume

We produce much more data than we are able to process.

It is cheaper to Store than to Filter and Delete.

Data

Consumer

Technical Issues of

Cyberterrorism

What is Terrorism in Internet or

Cyberterrorism?

Adding prefix "cyber" to "terrorism"

could be used in 2 ways:

• A terrorist attack that uses cyber weapons

– Akin to "bioterrorism" and "nuclear terrorism"

– Then what is violence in cyberspace?

• Use of cyberspace to support terrorism

– Akin to "narcoterrorism"

Conduct of Cyberterrorism

Attacks

• Objectives

– Cause disruption or severe harm

– Make money or support organization

• Targets

– Critical infrastructures or control systems vs public

websites

• Sophistication of attacks

– Tools, methods, coordination

• Results and impact

Technologies Used to Conduct

Purposed Cyberterrorism

• eMail, Chat, IM, Beb, Blogs, Forums, Groups

• Network security: encryption, steganography, web

security

• Distribution of News, Documents, Videos, etc

• Communications, Coordination, Command and

Control

• Intelligence Collection

• Recruitment

• Training

• Fund raising

Technology Literacy of Terrorist

Organizations

• Widely use social media

• Use high impact phrases on Twitter to generate

traffic

• Use Tor, as anonymous web browser

• Open source powerful encryption systems

• Switching from Twitter they to Diaspora

• Encryption soft for mobile phones in 2007

• Own encryption programme called Asrar al-

Ghurabaa in November 2013

• 4096 bit public key encryption in June 2014

DeedWeb, DeepNet, DarkNet,

FreeNet, TOR

• DarkNet (P2P) - use different protocols not

transparent for Search Engines (SE)

• DeepNet/DeepWeb - content that not indexed by

SE

• FreeNet - private distributed architecture

• Tor - prevents monitoring of websites that users

visit

The DeepWeb is currently 800 – 1000 times

larger than Surface Web. Just 0.03% … of

the DeepWeb is indexed

Methods and Technologies Used

for DeepNet

• Dynamic content

• Unlinked content

• Private Web

• Limited access content (CAPTCHAs, Robots

Exclusion Standard)

• Scripted content (JavaScript, AJAX, Flash)

• Non-HTML/text content

• Special software (TOR - The Onion Router)

Surface Web

Deep Web

FreeNet –

Network Without Control

• High redundancy of content

• Huge distributed cache

• No central servers

• No control of any one individual or

organization

• No hierarchy of nodes is intended

• Strong encryption

www.freenetproject.org

intermediate computers which pass on requests for content and sending them

back without knowing the contents of the full file, similar to how routers on the

Internet route packets without knowing anything about files

Technical Solutions against

Cyberterrorism

• Email Authentication

– SPF, DKIM, Secure Internet Letterhead

• Web Authentication

– Extended Validation, Secure Internet Letterhead

• Secure Identity

– SAML, WS-*, OpenID, OATH, Identity 3.0

• Data Level Security

– CRM Infrastructure, Open CRM

• Network Security

– Reverse Firewalls, DNSSEC, BGP Security

– Domain Centric Administration, Default Deny Infrastructure

Legal Issues of Cyberterrorism

Legal Response to

Cyberterrorism

• Applying cybercrime legislation to

cyberterrorism;

• Applying existing cyberterrorism legislation

to cybercrime;

• Enacting specific legislation on terrorist

use of the Internet.

Three approaches of legal responses:

Legal Challenges

• Illegal content - balance between preventing and

right to freedom of expression;

• Communication - concern about services

availability, traceability, interception of

communications and encryption;

• Terrorist financing - no consensus if main

resource for terrorism financing is electronic

payment or cash.

Legal Challenges in Combating Cyberterrorism :

Political Issues of

Cyberterrorism

SUN SUN

1

2

3

4

5

6

7

8

Foundations of the WEB

DNS DNS

DNS

DNS

- Countries

SUN SUN

Where Attack Came From?

State A

Compromised

Computers

Attacker

State C

State B

- According to the State C the

attack came from the Sate B

- Is the State B guilty or not?

SUN

Location of Illegal Content

Authority of State A

Victim

Owner of content is

citizen of State C

State B

Website with suspicious

content against the State A

hosted on the server located

in the State B

Case Study:

• State A – the content violate the law

on cyberterrorism;

• State B – the specific content is not

crime;

• State C – even the content is

cybercrime, it was not conducted on

the territory of State C

SUN

Distributed Internet Services

whom talk to about

banning of content?

Computer with terrorist

content

www.terror.xx / 120.1.1.1

State A: owner of ccTDL “xx”

State B: Domain Name Registrar (DNR)

State C: Domain Name Service (DNS)

State D: Regional Internet Registry (RIR)

State E: Internet Service Provider (ISP)

State F: Hosting Service Provider (HSP)

State H: Physical Location of Server

International Organizations

• IISRC – International Information Security Research Consortia

• CTITF – United Nations Counter-Terrorism Implementation Task Force

• GCTF – Global Counter-Terrorism Forum

• OSCE – Organization for Security and Cooperation in Europe

• UNODC – United Nations Office on Drugs and Crime

• CTED – Counter-Terrorism Executive Directorate

Conclusion

• Until recently it was obvious – Availability;

• Now some balance must be figured out, which

should transparent for general user and

impenetrable for crime;

• International Cooperation is the Key Condition for

Success

Talking about the use of Internet for terrorism purpose

we inevitably get a question: which is more important

Availability or Security?

http://ce.qu.edu.az/~aadamov

Questions…