TY - GEN
T1 - Analyzing users' web surfing patterns to trace terrorists and criminals
AU - Kedma, Gabi
AU - Guri, Mordehai
AU - Sela, Tom
AU - Elovici, Yuval
PY - 2013/9/9
Y1 - 2013/9/9
N2 - Regular users, as well as criminals and terrorists, are using the Internet for various purposes. Today, current Big-Data technology allows law enforcement authorities to create a huge repository that contains all the surfing activity performed by all users over a considerable period of time. Our theoretical exploration suggests that such a repository contains valuable forensic information that may help to pinpoint suspected criminals or terrorists, and in certain cases can even preempt an upcoming criminal act. In this paper, we suggest how Big-Data analytics should be employed to perform such detections. For each user our detection model derives typical surfing patterns that relate to the topics of interest, frequency of accessing the information, when the information is accessed, etc. Significant deviations from those patterns, particularly when coupled with an event of interest (EOI), such as hit and runs or terrorist attacks, may indicate the subject's active involvement in the event. We provide an outline of the model and the related architecture, which may serve as guidelines for future research.
AB - Regular users, as well as criminals and terrorists, are using the Internet for various purposes. Today, current Big-Data technology allows law enforcement authorities to create a huge repository that contains all the surfing activity performed by all users over a considerable period of time. Our theoretical exploration suggests that such a repository contains valuable forensic information that may help to pinpoint suspected criminals or terrorists, and in certain cases can even preempt an upcoming criminal act. In this paper, we suggest how Big-Data analytics should be employed to perform such detections. For each user our detection model derives typical surfing patterns that relate to the topics of interest, frequency of accessing the information, when the information is accessed, etc. Significant deviations from those patterns, particularly when coupled with an event of interest (EOI), such as hit and runs or terrorist attacks, may indicate the subject's active involvement in the event. We provide an outline of the model and the related architecture, which may serve as guidelines for future research.
KW - Big Data
KW - Forensic Information
KW - Security Analitics
KW - User Profiling
KW - Web Intelligence
UR - http://www.scopus.com/inward/record.url?scp=84883362033&partnerID=8YFLogxK
U2 - 10.1109/ISI.2013.6578804
DO - 10.1109/ISI.2013.6578804
M3 - Conference contribution
AN - SCOPUS:84883362033
SN - 9781467362115
T3 - IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics: Big Data, Emergent Threats, and Decision-Making in Security Informatics
SP - 143
EP - 145
BT - IEEE ISI 2013 - 2013 IEEE International Conference on Intelligence and Security Informatics
T2 - 11th IEEE International Conference on Intelligence and Security Informatics, IEEE ISI 2013
Y2 - 4 June 2013 through 7 June 2013
ER -