Detection of access to terror-related Web sites using an Advanced Terror Detection System (ATDS)

Terrorist groups use the Web as their infrastructure for various purposes. One example is the forming of new local cells that may later become active and perform acts of terror. The Advanced Terrorist Detection System (ATDS), is aimed at tracking down online access to abnormal content, which may include terrorist-generated sites, by analyzing the content of information accessed by the Web users. ATDS operates in two modes: the training mode and the detection mode. In the training mode, ATDS determines the typical interests of a prespecified group of users by processing theWeb pages accessed by these users over time. In the detection mode, ATDS performs real-time monitoring of the Web traffic generated by the monitored group, analyzes the content of the accessed Web pages, and issues an alarm if the accessed information is not within the typical interests of that group and similar to the terrorist interests. An experimental version of ATDS was implemented and evaluated in a local network environment.The results suggest that when optimally tuned the system can reach high detection rates of up to 100% in case of continuous access to a series of terrorist Web pages.

[1]  Gerard Salton,et al.  Term-Weighting Approaches in Automatic Text Retrieval , 1988, Inf. Process. Manag..

[2]  Venkata Subramaniam,et al.  Information Retrieval: Data Structures & Algorithms , 1992 .

[3]  Cyrus Shahabi,et al.  Knowledge discovery from users Web-page navigation , 1997, Proceedings Seventh International Workshop on Research Issues in Data Engineering. High Performance Database Management for Large-Scale Applications.

[4]  M. Ebell,et al.  Information in the palm of your hand. , 2000, The Journal of family practice.

[5]  Jaideep Srivastava,et al.  Automatic personalization based on Web usage mining , 2000, CACM.

[6]  Oren Etzioni,et al.  Towards adaptive Web sites: Conceptual framework and case study , 2000, Artif. Intell..

[7]  Xiaotie Deng,et al.  MOT: memory online tracing of Web information system , 2001, Proceedings of the Second International Conference on Web Information Systems Engineering.

[8]  Mohammed J. Zaki,et al.  ADMIT: anomaly-based data mining for intrusions , 2002, KDD.

[9]  Niels Provos,et al.  Detecting Steganographic Content on the Internet , 2002, NDSS.

[10]  Abraham Kandel,et al.  Content-Based Methodology for Anomaly Detection on the Web , 2003, AWIC.

[11]  Phyllis B. Gerstenfeld,et al.  Hate Online: A Content Analysis of Extremist Internet Sites , 2003 .

[12]  A. Kandel,et al.  Using Data Mining Techniques for Detecting Terror-Related Activities on the Web , 2004 .

[13]  Peretz Shoval,et al.  Information Filtering: Overview of Issues, Research and Systems , 2001, User Modeling and User-Adapted Interaction.

[14]  Peter D. Turney Learning Algorithms for Keyphrase Extraction , 2000, Information Retrieval.

[15]  Ted E. Senator,et al.  COUNTERING TERRORISM INFORMATION TECHNOLO , 2004 .

[16]  Alec Yasinsac,et al.  Metadata for anomaly-based security protocol attack deduction , 2004, IEEE Transactions on Knowledge and Data Engineering.

[17]  Elizabeth D. Liddy,et al.  Semantic Analysis for Monitoring Insider Threats , 2004, ISI.

[18]  Hsinchun Chen,et al.  Applying authorship analysis to extremist-group Web forum messages , 2005, IEEE Intelligent Systems.

[19]  Abraham Kandel,et al.  Content-Based Detection of Terrorists Browsing the Web Using an Advanced Terror Detection System (ATDS) , 2005, ISI.

[20]  Abraham R. Wagner Terrorism and the Internet: Use and Abuse , 2005, Fighting Terror in Cyberspace.

[21]  Hsinchun Chen,et al.  Artificial Intelligence for Homeland Security , 2005 .

[22]  Hsinchun Chen,et al.  US domestic extremist groups on the Web: link and content analysis , 2005, IEEE Intelligent Systems.

[23]  Hsinchun Chen,et al.  Intelligence and security informatics: information systems perspective , 2006, Decis. Support Syst..

[24]  Mohammed J. Zaki,et al.  Finding Hidden Group Structure in a Stream of Communications , 2006, ISI.

[25]  Harris Wu,et al.  Mining web navigations for intelligence , 2006, Decis. Support Syst..

[26]  Abraham Kandel,et al.  Multi-lingual Detection of Terrorist Content on the Web , 2006, WISI.

[27]  Hsinchun Chen,et al.  Unraveling International Terrorist Groups' Exploitation of the Web: Technical Sophistication, Media Richness, and Web Interactivity , 2006, WISI.

[28]  Nianjun Liu,et al.  An Embedded Bayesian Network Hidden Markov Model for Digital Forensics , 2006, ISI.

[29]  Abhinandan Das,et al.  Google news personalization: scalable online collaborative filtering , 2007, WWW '07.

[30]  Michael Masters Committee on Homeland Security and Governmental Affairs , 2008 .

[31]  S. Collins,et al.  Violent Islamist Extremism, the Internet, and the Homegrown Terrorist Threat , 2008 .

[32]  David J. Hand,et al.  ROC Curves for Continuous Data , 2009 .

[33]  S Mahesh USING DATA MINING TECHNIQUES FOR DETECTING TERROR- RELATED ACTIVITIES ON THE WEB , 2010 .