Advertisement

Terrorist Detection System

  • Yuval Elovici
  • Abraham Kandel
  • Mark Last
  • Bracha Shapira
  • Omer Zaafrany
  • Moti Schneider
  • Menahem Friedman
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3202)

Abstract

Terrorist Detection System (TDS) is aimed at detecting suspicious users on the Internet by the content of information they access. TDS consists of two main modules: a training module activated in batch mode, and an on-line detection module. The training module is provided with web pages that include terror related content and learns the typical interests of terrorists by applying data mining algorithms to the training data. The detection module performs real-time monitoring on users’ traffic and analyzes the content of the pages they access. An alarm is issued upon detection of a user whose content of accessed pages is “too” similar to typical terrorist content. TDS feasibility was tested in a network environment. Its detection rate was better than the rate of a state of the art Intrusion Detection System based on anomaly detection.

References

  1. 1.
    Birnhack, M.D., Elkin-Koren, N.: Fighting Terror On-Line: The Legal Ramifications of September 11. Internal Report, The Law and Technology Center, Haifa University (2002), http://law.haifa.ac.il/faculty/lec_papers/terror_info.pdf
  2. 2.
    Elovici, Y., Shapira, B., Last, M., Kandell, A., Zaafrany, O.: Using Data Mining Techniques for Detecting Terror-Related Activities on the Web. Journal of Information Warfare 3(1), 17–28 (2003)Google Scholar
  3. 3.
    Shapira, B., Elovici, Y., Last, M., Zaafrany, O., Kandel, A.: Using Data Mining for Detecting Terror-Related Activities on the Web. In: European Conference on Information Warfare and Security (ECIW), pp. 271–280 (2003)Google Scholar
  4. 4.
    Last, M., Elovici, Y., Shapira, B., Zaafrany, O., Kandel, A.: Content-Based Methodology for Anomaly Detection on the Web. In: Menasalvas, E., et al. (eds.) AWIC 2003. LNCS (LNAI), vol. 2663, pp. 113–123. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Sequeira, K., Zaki, M.: ADMIT: Anomaly-based Data Mining for Intrusions. In: Proceedings of SOGKDD 2002, pp. 386–395. ACM, New York (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Yuval Elovici
    • 1
  • Abraham Kandel
    • 2
    • 3
  • Mark Last
    • 1
  • Bracha Shapira
    • 1
  • Omer Zaafrany
    • 1
  • Moti Schneider
    • 4
  • Menahem Friedman
    • 1
    • 5
  1. 1.Department of Information Systems EngineeringBen-Gurion UniversityBeer-ShevaIsrael
  2. 2.Department of Computer Science and EngineeringUniversity of South FloridaTampaUSA
  3. 3.Currently at the Faculty of EngineeringTel-Aviv UniversityIsrael
  4. 4.School of Computer ScienceNetanya Academic CollegeNetanyaIsrael
  5. 5.Department of PhysicsNuclear Research CenterNegev

Personalised recommendations