It’s safe to say that hacking has recently blown up on the international stage.
However, University of Arizona Regents’ Professor Dr. Hsinchun Chen, who is also the founder and director of the university’s Artificial Intelligence Laboratory, has been researching security informatics for more than two decades.
“When I started, people did not consider this as an area of science,” he said. “Over the past 20 years there has been a set of researchers taking this very seriously.”
Chen noted at the beginning of his Institute for Digital Research and Education (IDRE)-sponsored lecture this month called “The Hacker Web Project: Exploring the Dark Side of the Web” that hackers are a very real threat. They are not just found in the pages of a thriller like “The Girl with the Dragon Tattoo” or a hit television show like “Mr. Robot” – they impact our everyday lives.
During the course of his talk, Chen elaborated on his National Science Foundation-funded Hacker Web project. The NSF funded the project with the intent of addressing “significant cybersecurity research and education challenges facing the U.S. and internationally.”
Chen said cybersecurity threats have only become more diverse. DDoS, or distributed denial of service, is an attack that overwhelms online services like banks or news websites so that others cannot access important information. Ransomware is software designed to block access to a computer system for ransom. Mobile malware is another kind of software that targets mobile devices with the goal of stealing or leaking confidential information. The list goes on.
And even Chen, who is something of an expert when it comes to hackers, is not immune to them. He revealed that his lab was hijacked by hackers and his server was used to attack the New York Times, but he was eventually able to vanquish the hackers. In this digital day and age, Chen says that users have to be proactive instead of reactive to avoid future hacks.
“You need to know your adversary,” he said. “You need to know the space better.”
His Dark Web project aims to do just that. It seeks to understand international terrorist networks from a computational perspective. By collecting information not just from Dark Web sites, but also things like chat rooms and social media sites and using techniques such as multilingual data mining and texting mining, the project hopes to provide security and intelligence agencies a fuller picture of such organizations that could aid in curbing attacks.
Once he collects all the bits and pieces of chatter that he can, he said he goes to work analyzing things like the emotional state, style of writing, and social network of those posting to figure out how to stop such people from becoming radical sympathizers in the first place.
“I try to understand their ideology and so using text mining techniques … Where do they hang out? How do they incite each other,” he said.
One of Chen’s earlier projects is called COPLINK, a tool that has been called a “Google for cops.” It allows for information sharing between law enforcement agencies. Shared access to things like police reports, mug shots, and finger prints can be used for crime analysis. More than 3,500 law enforcement and intelligence agencies have adopted the system since he initially had the idea for creating it in the late 1990s.
“You can start to predict what is going to happen in your jurisdiction because there is so much data,” he said.
Chen also described the AZSecure Malware Portal, a tool he said allows researchers and cyber analysts a better understanding of the source codes, people, and groups that make up the huge network of international hackers. All of the content is collected from the underground hacker community.
Users can go to AZSecure-data.org to view intelligence and security informatics data sets. There are twenty-eight Dark Web forums in English, Arabic, French, German, and Russian. Every one of the forums represent millions of postings. Other datasets include data drawn from Twitter and phishing websites.