Tag Archives: app data collection

WHEN HACKERS TALK WE LISTEN

data codes on screen image www.intelagencies.com

If you’re a hacker, you gather as much data as you can on your targets, in search of something valuable.

If you’re researcher Hsinchun Chen, you gather as much data as you can on the hackers.

Chen, a professor of management information systems at the University of Arizona, works in a little-explored, but hugely important area of cybersecurity: Exploring the motivations of hackers and other cyberattackers, and trying to predict how they might act, based on their behaviors.

With support from the National Science Foundation’s (NSF) Social, Behavioral and Economic Sciences directorate and the Directorate for Computer and Information Science and Engineering under the Secure and Trustworthy Cyberspace (SaTC) program, Chen and his collaborators have generated findings that shed light on how hacker communities interact and share information—and even created actionable intelligence for criminal investigations by federal agencies.

But the research’s goal is even more ambitious. Chen wants to develop models that might be able to take information on how hackers behave and use it to predict their next targets, as well as their methods for attack.

“The most important part isn’t looking back and saying ‘what have they done?'” Chen says. “It’s looking forward and saying ‘What are the emerging threats?’ We’re really trying to understand the intent of the people planning attacks. Instead of looking at the bullets, you’re looking at the shooters.”

The research holds significant promise for the social sciences, as well as . The team aims to develop and test theories about hacker cultures, based on their online interactions. That involves modeling the social attributes of hacker networks and investigating how their groups are organized.

Chen is hardly a stranger to this kind of work. For the past decade, he’s worked on—and headed—NSF-funded research projects that examine other potentially threatening online communities, producing a long trail of papers and tools along the way.

He developed COPLINK, a software system used by more than 3,500 law enforcement networks nationwide to look for information on drug networks, border smuggling operations and other criminal activity. With an international group of terrorism research centers and security agencies, he helped create the Dark Web project, which has tapped into extremist communications and social networks to generate one of the world’s largest databases of terrorist information.

Still, he said, tapping into hacker behavior has proved even more of a challenge.

“This community,” he says, “is even more tightly knit.”

‘Honor Among Thieves’

How do you research hacker intent? By gathering all of the hacker community content possible.

Chen and his collaborators collect all of the “artifacts” they possibly can automatically—primarily from hacker forums and hundreds of text communication channels known as IRC chats, and millions of messages—from hackers around the world.

Through automated text mining that can search for everything from relevant terms and topics to “sentiment analysis,” Chen and his collaborators are able to distill that chatter down to a much smaller body of communications that deal with top-tier, likely threats. That slimmed-down pool of data constitutes roughly five percent of the total collected, Chen says.

By studying those data, they’ve found hackers build social structures just like any other kind of community.

For instance, he says, “honor among thieves” applies to hackers, and as a community they punish any transgressions. Communities begin to distrust hackers that lose money, steal from partners-in-crime or make mistakes that harm their associates, leaving them isolated.

And there’s more. Hackers work in groups and collaborate on projects, seeking counsel from trusted friends and leaning on one another’s expertise. They have underground economies and methods for sharing data and selling stolen goods. They analyze others’ work and post reviews. Top-tier cyberattackers each have some specialty and a preferred payment method whenever hacking-for-hire, Chen says.

By being proactive about capturing artifacts from communications, the researchers can even see things missed by studies that focus on the damage wrought by hacks and other attacks. Instead of just seeing that a large number of credit card numbers has been compromised, for example, the researchers can observe what cyberattackers are using those cards for—even the ones that have yet to be reported as stolen.

“It takes a very different approach from previous cybersecurity research,” Chen says. “You really want to understand the intent, the modus operandi of operators. Instead of just finding out about one operation at a time, you’re looking at an entire source of information about ongoing activities.”

New Tools

Chen estimates that about 20 to 30 percent of the research and analysis that his team generates can be transitioned into actionable intelligence for law enforcement agencies and the industry. The researchers have provided such information to agencies to help with ongoing investigations.

But, while he acknowledges that aspect of the job is “exciting,” he adds “I’m a computer scientist—not a law enforcement agent.”

There are other data analysis projects that look for pending threats. Chen says his research is focused on creating new tools that will allow scientists and their partners at federal agencies to analyze hacker chats and other data in ways that are faster, more efficient and better at making predictions about future threats based on hackers’ intentions.

“I’m not interested in the themselves,” he says. “I’m interested in developing the best science that will help advance cybersecurity big data research.”

Text mining, data mining, sentiment analysis and other automated analysis tools that incorporate artificial intelligence are very good at cutting down about 95 percent of the noise from massive sets of information gleaned from IRC chats and other sources, leaving researchers with the aforementioned 5 percent of top-tier threat information.

Chen wants to make those filters even better. Doing so requires following a cycle of research and development: building an analysis tool; using it on sets of information drawn from hacker communications; refining it; gathering more data; applying the tool to that larger set of information. Repeat.

It’s a process with no end point and one that will require researchers to adapt to new hacker communications methods, shifting intentions in the malicious hacker community and an ever-expanding pool of data. But keeping up with emerging cyberthreats—and perhaps even getting ahead of them—requires the process continue.

“There’s an overwhelming amount of data,” Chen says. “You need ways to analyze those data and distill them into actionable intelligence.”

ooo

Henry Sapiecha

Mobile phone apps still collect data on kids

game playing image www.intelagencies.com

WASHINGTON (AP) — Worried that toy stores, fast food chains, and other retailers are tracking your kids online this holiday season? A landmark 2013 law aimed at protecting the privacy of America’s youngest mobile consumers hasn’t stopped app developers from collecting vast amounts of data, including a person’s location and even recordings of their voice, according to privacy researchers and consumer advocates.

Whether mobile app developers seek parental consent first – as required by law – or pass the information on to advertisers isn’t entirely clear. But if you prefer to stay anonymous, your options are limited: Wade through each mobile app’s privacy policies to make sure you are OK with the terms, or stick the phone on “airplane mode” to shut off the wireless connection and risk losing functionality.

“Kids are such a lucrative market, especially for apps,” said Jeff Chester, executive director of the Center for Digital Democracy. “Unfortunately, there are still companies out there that are more concerned about generating revenue than protecting the privacy of kids.”

Americans have traded vast amounts of personal data in exchange for the ease and functionality of fun mobile applications on their phones. But how is industry using that information? Chester and other consumer advocates allege that fast food chains are increasingly focusing advertising dollars on digital media, targeting blacks and Hispanics. They also warn that data from phones can be combined with offline information like home prices, race or income in ways that could violate fair lending laws. And a new site, PrivacyGrade.org, found that many popular kids’ apps like Talking Tom and Fruit Ninja collect information in ways parents wouldn’t necessarily expect.

Concerned in particular about industries’ focus on kids online, the Federal Trade Commission in July 2013 expanded the Child Online Privacy Protection Act, or COPPA, to require app developers to get parental consent before collecting personal data on anyone younger than 13. That includes information like the unique identifying device on a phone, a person’s phone number or a device’s location.

“It’s upped the ante for companies deciding whether they are going to market to kids,” said Michelle De Mooy of the Center for Democracy and Technology. “And that’s a good thing.”

But with the number of smartphones expected to reach 3.5 billion in the next five years, according to Forrester Research, the mobile app and advertising industry has exploded. Regulators don’t have an easy, automated way of analyzing the hundreds of mobile apps popping up each day.

Since the updated regulation went into effect, the FTC has brought about only two enforcement actions against mobile apps. Last September, the commission announced that Yelp Inc. agreed to pay $450,000 and TinyCo. $300,000 to settle separate charges that their companies knowingly collected information on young children through their mobile apps.

“Our ultimate goal is compliance,” said Kandi Parsons, an attorney in the FTC’s Bureau of Consumer Protection. But “that doesn’t undermine our desire to bring cases against companies that violate COPPA … where we find violations, we will bring cases against mobile apps.”

According to PrivacyGrade.org, which is run by computer scientists at Carnegie Mellon University, scores of apps that collect information are still aimed at kids.

For example, Fruit Ninja collects a phone’s location, which could be passed on to advertisers. And Talking Tom, where kids can talk to and “tickle” an alley cat using the touch screen, collects a child’s audio recordings along with other information that can uniquely identify a phone.

Whether these apps would violate COPPA would depend on a number of factors, including whether and how they seek parental consent. But because these apps collect information in surprising ways, PrivacyGrade.org gave them both D grades.

Outfit7, the developer behind Talking Tom, said in a statement that personal information and recordings are never shared with advertisers. The developer says its app also complies with COPPA by providing “appropriate gate protections … to distinguish adults from minors and restrict sharing on social media,” according to the statement.

Halfbrick Studios, which developed Fruit Ninja, said in a statement that it planned to release updates to Fruit Ninja and other apps to increase privacy protections.

“Parents and players are understandably cautious about the privacy aspects of online games, and the way their data is handled,” said company CEO Shainiel Deo. “Creating a safe and secure app is no longer enough to answer consumers’ needs for assurance. Developers must also ensure that permissions are clearly explained and easy to access at every applicable point in a game.”

Henry Sapiecha