Download Lecture Notes

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
Document related concepts
no text concepts found
Transcript 
CSCE 201
Open Source Information
Privacy
Reading List

Recommended reading:
– Open Source Intelligence: Private Sector
Capabilities to Support DoD Policy,
Acquisitions, and Operations ,
http://www.fas.org/irp/eprint/oss980501.ht
m
– The Economic Espionage Act, 1996
http://www.usdoj.gov/criminal/cybercrime
/eea.html
CSCE 201 - Farkas
2
Open Source

Unclassified information in the public
domain or available from commercial
services
 Example: newspapers, magazines, scientific
publications, television and radio
broadcasting, databases, etc.
CSCE 201 - Farkas
3
Open Source Intelligence

Intelligence operation that uses open source
data
 Goal: answer specific question in support of
some mission
 Process:
– Requirement analysis
– Data collection/filtering/analysis
– Information integration Intelligence about
CSCE 201 - Farkas
4
Open Source Intelligence

Generally legal (uses readily available
information)
 Attacker gains access to protected information,
e.g.,
– Business trade secrets
– Military strategy,
– Personal information

Protected information: readily available in public
domain, can be inferred from public data, or
deduced from aggregated public data
CSCE 201 - Farkas
5
Open Source Intelligence





Widely used (e.g., Department of Defense)
Cheap, fast, or timely
Most often legal
Advantages: no risk for collector, provides
context, mode of information acquisition, cover
for data discovery by secret operations
Disadvantages: may not discover important
information, assurance of discovery(?)
CSCE 201 - Farkas
6
Online Open Source
Intelligence

Large amount of public data online
– Web pages, online databases, digital
collections, organizations on line, government
offices, etc.

Freedom and Information Act (FOIA):
industry data
 U.S. Patent Office: copies of U.S. patents
 Trade shows, public records, etc.
CSCE 201 - Farkas
7
Privacy

Use open source to find out confidential
data about people
 Find confidential data about people while
they browse through open source (e.g., Web
searches)
CSCE 201 - Farkas
8
Online Investigative Tools

Find out confidential data for small fee
– Net Detective (http://ndet.jeanharris.com/
– Dig Dirt (http://www.classified3.com/ )

Privacy Tools
(http://www.epic.org/privacy/tools.html )
CSCE 201 - Farkas
9
Legislations

Privacy Act of 1974, U.S. Department of Justice
(http://www.usdoj.gov/oip/04_7_1.html )
 Family Educational Rights and Privacy Act (FERPA), U.S.
Department of Education,
(http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html )
 Health Insurance Portability and Accountability Act of 1996
(HIPAA),
(http://en.wikipedia.org/wiki/Health_Insurance_Portability_and
_Accountability_Act )
 Telecommunications Consumer Privacy Act
(http://www.answers.com/topic/electronic-communicationsprivacy-act )
CSCE 201 - Farkas
10
Privacy Violations

Snooping via Open Sources
 Online activities
– Questionnaires
– Customers’ data
– Web site data collection (Cookies, IP address,
operating system, browser, requested page, time
of request, etc.) – without user’s permission
CSCE 201 - Farkas
11
Other Open Source Attacks


Piracy
– Available in open source, but still protected by
copyright, patent, trademark, etc.
Copyright Infringement
– Acquisition of protected work without the owner’s
permission and sold for a fee
– Human perception: not serious crime
– Significant loss for marketing/manufacturing/owner
– Berman Bill (http://www.news.com/2100-1023946316.html )
– Copyright Law of the United States
(http://www.copyright.gov/title17/ )
CSCE 201 - Farkas
12
What is Intelligence?

Information
 Activities
 Organization
CSCE 201 - Farkas
13
Information




“…relevant to a government’s formulation and
implementation of policy to further its national security
interests and to deal with threats from actual or potential
adversaries.” (Silent Warfare)
Examples:
– Military matters of foreign nations
– Diplomatic activities and intentions of foreign nations
– Intelligence activities of foreign nations
Other party may or may not want to keep it secret
Raw data and analyses and assessments based on raw data
CSCE 201 - Farkas
14
Activity

Activities:
– Collection and analysis on intelligence information
– Counterintelligence

Collection: wide range (e.g., wiretapping,
broadcasts, newspapers, research publications,
aerial photography, espionage, etc.)
 Analysis: quality of data, correctness of analysis,
timeliness, etc.
CSCE 201 - Farkas
15
Organization

Secrecy!
 Secret activities -- Covert actions
– Same organization vs. two organizations

Central Intelligence Agency
CSCE 201 - Farkas
16
Scope of Intelligence
 Government -- national security
– Range from peace time to war time intelligence
– Type of government
 Domestic Intelligence -- depends on nature of regime
 Business corporations – competitive advantage
 Economics and Intelligence
– Government-run economy
– Economic well-being of nation
 Non-traditions Intelligence
– Environmental issues
CSCE 201 - Farkas
17
Intelligence and Law Enforcement
 Transnational threats:
– Do not originate primarily from a foreign government
– Serious threats for nation’s well-being
– Fall within law enforcement rather than intelligence
– Examples: narcotics trafficking, international terrorism
 Law enforcement: waiting until a crime has been committed
 Intelligence: collection of convincing evidence
 Criminal investigation vs. criminal intelligence investigation
– Punishment of a given criminal act or struggle with an
organization engaged in criminal activity
CSCE 201 - Farkas
18
Intelligence – Information Age





Advent of information age
Change the mode of operations for business
corporations and government
Technology: communicating and processing
information
Behavioral and institutional change: information
as the key of organizational activities
Intelligent Services vs. competing organizations
CSCE 201 - Farkas
19
Intelligence and Information Age

Globalization
– Flow of information across borders
– International trade
– Division of labor
– Increased travel
– Increased penetration by news media
CSCE 201 - Farkas
20
Open Source Collection





Goal oriented
Publications and broadcast
Additional information available from nonintelligence sources
Special sources (e.g., speeches of political leaders,
legal documents, demographic data, etc. )
Large amount of openly available data  Need
processing power
CSCE 201 - Farkas
21
Problem of Increased Availability

How to locate sources
 How to evaluate source reliability
 How to analyze information and integrate
with other intelligence information
 How to protect confidentiality of policy
maker’s interest
CSCE 201 - Farkas
22
Related documents
Chapter 1: Introduction
Chapter 1: Introduction
slides
slides
slides - cse.sc.edu
slides - cse.sc.edu
Technologies
Technologies
SCORE: A Scalable Architecture for Implementing Resource
SCORE: A Scalable Architecture for Implementing Resource
Chapter 1: Introduction
Chapter 1: Introduction
Expert System
Expert System
天 津 大 学 文 件
天 津 大 学 文 件
Short Assignment #4 - Dr. John D. Cressler
Short Assignment #4 - Dr. John D. Cressler
What is AI? - faculty.cs.tamu.edu
What is AI? - faculty.cs.tamu.edu
CSCE 790 – Secure Database Systems
CSCE 790 – Secure Database Systems