Content-based detection of terrorists browsing the web using an Advanced Terror Detection System (ATDS)

Yuval Elovici, Bracha Shapira, Mark Last, Omer Zaafrany, Menahem Friedman, Moti Schneider, Abraham Kandel

Research output: Contribution to journalConference articlepeer-review

8 Scopus citations


The Terrorist Detection System (TDS) is aimed at tracking down suspected terrorists by analyzing the content of information they access. TDS operates in two modes: a training mode and a detection mode. During the training mode TDS is provided with Web pages accessed by a normal group of users and computes their typical interests. During the detection mode TDS performs real-time monitoring of the traffic emanating from the monitored group of users, analyzes the content of the Web pages accessed, and issues an alarm if the access information is not within the typical interests of the group. In this paper we present an advanced version of TDS (ATDS), where the detection algorithm was enhanced to improve the performance of the basic TDS system. ATDS was implemented and evaluated in a network environment of 38 users comparing it to the performance of the basic TDS. Behavior of suspected terrorists was simulated by accessing terror related sites. The evaluation included also sensitivity analysis aimed at calibrating the settings of ATDS parameters to maximize its performance. Results are encouraging. ATDS outperformed TDS significantly and was able to reach very high detection rates when optimally tuned.

Original languageEnglish
Pages (from-to)244-255
Number of pages12
JournalLecture Notes in Computer Science
StatePublished - 1 Jan 2005
EventIEEE International Conference on Intelligence and Security Informatics, ISI 2005 - Atlanta, GA, United States
Duration: 19 May 200520 May 2005

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science (all)


Dive into the research topics of 'Content-based detection of terrorists browsing the web using an Advanced Terror Detection System (ATDS)'. Together they form a unique fingerprint.

Cite this