Mark Lim’s Blog Page

Well it has been a while since I’ve written something and my main excuse is that I got slack and ran out of materials!! However, today’s blog should be interesting to read….

Last year I attended a conference at Deakin University in Geelong, Victoria, Australia, called the “6th Australian Information Warfare and Security (AIWAR2005) Conference 2005“. The conference was held over two days from 24th to 25th November 2005 and discussed a variety of issues related to: information warfare, computer security, homeland security, and social impact of computer security issues. Even though the conference had a small attendance, there were quite a lot of interesting talks and I was made more aware of what information warfare is about.

What exactly is information warfare? Well, as I found out from the conference I attended, lots of people have different definitions on information warfare and even the experts and academics couldn’t come to an agreement on a good definition of information warfare. The best way to explain information warfare would be to explain it as how I see it and assume that the person reading this blog is a lay person (but not a complete idiot…. ).

So where to start? Let’s think of ‘information’ as knowledge or facts that we can obtain from a variety of sources. We can get information from watching TV, reading newspapers, listening to the radio, reading e-mails, reading web pages, using databases, and so on… Now let’s think - who puts out the information we see? Do we trust that the information we see or hear is true? Are the facts we see made up or actually a distorted version of the truth? This is where things get really shady and we move into an area where we think there is a person or group of people out there who are pulling the strings to control the information we are receiving.

I initially thought information warfare would be something that was restricted to the on-line domain where the war of information is battled in cyberspace. However, at the conference I was made more aware that information warfare is something that we have all experienced at some stage through distorted facts reported through via the media and governments (e.g. election campaigns - so much false information/ear candy given out just to lure voters).

A good example of distortion of the truth is something that my School of Engineering has experienced recently when the northern Tasmanian based newspaper “The Examiner” published a story saying the following:

“A merger between the Australian Maritime College and the University of Tasmania will be announced before the end of the year and could be as soon as this week.

The long-awaited announcement hinges on talks between heads of the two Tasmanian tertiary education institutions and Federal Education Minister Brendan Nelson.

…

Prof. Le Grew, who attended the AMC council meeting, said that the combination of resources would be mutually beneficial.

It is understood that the university engineering department would be moved back to Launceston to build the image of a strong Northern Tasmanian tertiary education facility.”

The paragraph you see above in bold is 100% untrue! There are no such talks within the University saying that the School of Engineering is moving up north. And besides, how exactly would they move all the staff and postgraduates up to Launceston anyway? I still have to do my PhD and have one more year to go! This is basically an example of how easy it is for the media to create a distorted view of what is happening and making the reader believe in the false information. This type of thing happens EVERYDAY when you read the newspaper. There’s a lot of crap that the media puts out in the newspaper nowadays that they expect everyone to believe when it is not true at all!

What’s the best way to fight the information war? All you require is an awareness of where you get your information from, a critical mind, always question what you read or hear, and always ask yourself whether you trust your source of information. This way, you can’t get brainwashed into believing something that someone else is trying to make you believe. Live with a free and open mind!

Here’s one of my more interesting posts. Do you live in America? Know about the FBI? Heard about their “Carnivore” surveillance computer program? Well, if you answered ‘no‘ to any of the above questions, then you’ve come to the right place! In a nutshell, Carnivore is a controversial Internet surveillance computer program that the FBI have been using to ’sniff’ the network activities of criminals. Carnivore was developed in-house by the FBI and has been used for quite a few years (at least since 2000 or futher back) until this year (2005) when the FBI decommissioned the project. Apparently the FBI is dropping the project in preference to using off-the-shelf commercial network ’sniffing’ products since the commercial products have more features and work better.

For further reading or listening on Carnivore, check out the following links:

• Bruce Schneier’s Weblog on Carnivore
• Real Video recording of NANOG Meeting, discussing about Carnivore. (This is THE BEST place to find out about how Carnivore works. A representative of the FBI is the presenter in this video and the discussion gets to a very heated debate near the end of it. VERY INTERESTING to watch!!)
• The IIT Research Institute Independent Technical Review of the Carnivore System - Final Report. (Excellent document to refer to. Has some nice screenshots of Carnivore. Best to read this after watching the video in the previous link.)

If you’re a University student reading this and have access to the Science or Law libraries, or have access to the IEEE Digital Library, you might want to check out the following articles which give a basic overview of what Carnivore does:

• J. S. Stratford and J. Stratford, “Computerized and Networked Government Information. Carnivore,” Journal of Government Information, vol. 28, no. 1, pp. 109-112, 2001.
• D. L. Sobel, “Will Carnivore Devour Online Privacy?,” Computer, vol. 34, no. 5, pp. 87-88, 2001. (This is a IEEE Computer Magazine publication. An excellent article that gives a good overview of what Carnivore does and the issues surrounding its use.)
• T. Nabbali and M. Perry, “Going for the Throat: Carnivore in an ECHELON World. Part I,” Computer Law and Security Report, vol. 19, no. 6, pp. 456-467, 2003. (Provides a good basic overview of Carnivore)
• T. Nabbali and M. Perry, “Going for the Throat: Carnivore in an ECHELON world. Part II,” Computer Law and Security Report, vol. 20, no. 2, pp. 84-97, 2004. (Not such a good article to read. Focuses more on the law/legal side of Carnivore usage).

In relation to Carnivore, there is another electronic surveillance system being in use called ECHELON. Apparently ECHELON is an electronic surveillance system that monitors all kinds of communications and is being set up by different countries around the world. ECHELON is also supposed to be extremely top secret, so it’s basically impossible to find out information from the Internet about how it actually works (you’d expect that if they can monitor all electronic communications, anyone who was exposing information on how ECHELON actually works would get caught and cut off…..). However, you can get a taste of what ECHELON is supposed to do by going to the following links:

• Bruce Schneier Cryptogram article on ECHELON, 15th December 1999. (A nice light overview of what ECHELON is. )
• Exposing the Global Surveillance System, by Media Filter. (Excellent source of information on ECHELON. Provides good information about the history of ECHELON.)

PS: Hope the FBI don’t mind me putting this post here (if they happen to stumble across this). I’m only mentioning about Carnivore because it’s relevant to my research, in terms of being able to observe people’s on-line behaviour.

Ah, you might think I’m talking about Jesus Christ, but this post isn’t about him at all! This particular Jesus I’m referring to is actually a person by the name of Jesus Mena, who has authored the book: “Investigative Data Mining for Security and Criminal Detection“, published by Butterworth-Heinemann, 2003. I’m currently reading the first chapter of this book and it provides a very fascinating look at how data mining technologies such as neural networks, decision trees, and natural language processing, can be used to mine heaps of data for information on criminal or terrorist behaviour. My particular area of research focuses how artificial intelligent technologies such as decision trees, artificial neural networks, or fuzzy systems, can be used to data mine e-mail traffic for signs of possible criminal or terrorist behaviour. Given that this book covers the area that I’m researching, its definitely helping me get some good ideas about how to deal with this topic.

If you’re also interested in the area of data mining and homeland security, you might want to check out the other book authored by Jesus Mena, called “Homeland Security Techniques and Technologies“, published by Charles River Media (publisher now swallowed up by Delmar Thomson Learning), 2004. I’ve currently got this book on order, so I can’t wait to get my hands on it….