Communications of the ACM
Tracking Cyberspies Through the Web Wilderness
Computer tools, like this one showing money flows, help researchers visualize the relationships between different sets of data generated from the Internet.
The New York Times
The Internet is rife with cybercriminals and online eavesdroppers, and countering this threat is the job of cybersleuths. One of the key tools in cybersleuths' arsenal is sniffer programs that can sort out and decode scores of common Internet protocols that are used for all kinds of data communications.
One such sniffer is Wireshark, a free and easy to use open source software program. Wireshark was used by the University of Toronto's Information Warfare Monitor research team to uncover evidence that the Dalai Lama's office had been compromised by Ghostnet, a surveillance operation that may possibly be run by the Chinese government.
The biggest challenge to cyberforensics is the issue of attribution, or determining who precisely is spying, stealing data, or perpetrating other kinds of cybermischief. The Toronto researchers are seeking to address this problem through a fusion methodology in which Internet data is studied in the context of real world occurrences.
"We had a really good hunch that in order to understand what was going on in cyberspace we needed to collect two completely different sets of data," says social scientist Rafal Rohozinski. "On one hand we needed technical data generated from Internet log files," Rohozinski says. "The other component is trying to understand what is going on in cyberspace by interviewing people, and by understanding how institutions work."
From The New York Times
View Full Article
Abstracts Copyright © 2009 Information Inc., Bethesda, Maryland, USA 
No entries found