The Americas Security News.- Michael J. "Mike" Rogers

The chairman of the House Intelligence Committee Rep. Mike Rogers (R., Mich.), said Sunday that recent reports about Chinese hacking show the U.S. is losing a global cyber war. “We get [hit] every single day by a whole series … of attacks, everything from criminals trying to get into your bank account or steal your identity, to nation states like China who are investing billions and hiring thousands,” he said. READ MORE HERE

Security: Joe Parry from Cambridge Intelligence and Victor Bjorgan, CEO og Global Security Services LLC and Publisher of TheAmericasPost.com, during the EISIC 2011 Conference.

How should we communicate the results of our analysis to decision-makers? How to visualize key information for decision makers?  The talk of Joe Parry argued that visualisations and infographics play a very important role, not only for analytical processes of data analysts, but also for explaining the analytical results to decision-makers at the highest of levels.

Some care must be taken to avoid various common pitfalls when designing such visuals: the talk will cover bad examples as well as good in order to uncover design guidelines and practical advice for those wishing to pursue a more visual approach.

in that sense, Joe Parry initiated his keynote that these visualization tools are specially important for law enforcement and National Security. In that sense he recalled an old saying ” a good sketch is better than a long speech”.

What is visualitation? asked Parry to the conferencists. Well , a good visualitation does not consist in just good pictures.

About graphs and numbers, Parry said that the use of interactive data and vissualy representation of data is used to amplify cognition. Parry briefly described how a good visualization helps in the Intel analysis. Described some common pitfalls in data visualization. he recommend the reading of the book written by Westell, Duncan and Weeks on visualization in Intel analyIntel analysissis.

Parry also described a model of intelligence analyzing processes. The final product of such analysis is a report.

In the reports, he does not recommend the use of colours to describe the visual variables. He recommend the use of Kinley Visual variables.

To start the visualization of the Analysis in its low phase, Parry mentioned the visualization of pattern of life, but said this is a analytical tool, not a decission tool. He also said that this analysis must be simplified, not use numbers.

During his keynote speech, Joe Parry showed a photograph of former President George Bush looking a wall full of sketches with the networks and interrelations of all individual terrorists participants in the attacks of September 9/11. It was a very confusing material, President Bush was looking at in this photo. Not the best intelligence visualization report.  President Bush was not looking in the photo at a screen with the three followings ingredients that are important in any report: geovisualization, timeline visualization and network visualization.

Parry said, that if only using that photo, it was impossible for former President Bush tot ake any intelligence decission, because there is no report, but only information.

In things not to do, Joe Parry also told participants that it is no good to put pies in the reports, neither 3D presentations. The intelligence reports for decission makers must avoid the use of colour since there is often a color blind among the public. He recommends not to use labels, simplicity instead  of complexity, no use of black backgrounds, no use of pie charts, not use of misleading scales.

Joe Parry showed enthusiasm while talking about the infographics reports of the New York Times NYT. He said the NYT infographics show all needed info to understand what is happening.

Summarizing, Parry described some of what he called as ” design guidelines” for any Intel report, like  first an overview, always  aim for clarity, show context, show how the situation has changed, make comparison easy, all visual elements must be backed by data, and that the report should be so clear and convincing that the decission makers will act backed by the report.

To know more about the subject, Joe Parry from Cambridge Intelligence mentioned some sites that can be of interest like:

flowingdata.com

infosthetics.com (slow uploading, be patient..)

visualcomplexity.com

nytgraphics.com

stamen.com

visualization.org

Finally, Joe Parry ended his keynote speech saying to all participants: “Back Up everything you say!”

Joe Parry´s email address is joe@cambridge-intelligence.com

His twitter is @parry_joe

Phone nr: 07973 787 233

His address is:

idea Space

The Entrepreneurship Centre

3 Charles Babbage Road

Cambridge CB 3 OGT

Biographical Details:
Joe Parry has worked on visualization and graphics systems for intelligence work for the last thirteen years.
During that time he has done software development, design, systems architecture and more experimental
research projects. He has worked with the intelligence communities of the UK, US and other countries. His
recent professional interests include social network analysis and web-based visualisation systems. This year he started his own software company which is producing what he hopes will be part of a new wave of
investigation software.

Dr.Nasrullah Memon, Program Chair of EISIC 2011 in exclusive interview with TheAmericasPost.com

On the occasion of the EISIC (September 12-14,2011) held in Athens, we interviewed the Program Chair of the event Dr. Nasrullah Memon, professor at the University of Southern Denmark and member of the Steering Committee of the European Intelligence & Security Informatics Conference EISIC on Counterterrorism and Criminology. The event was organized jointly with The International Symposium on Open Source Intelligence and Web Mining (OSINT-WM 2011), and having as Academic Sponsors The University of Arizona, University of Southern Denmark,  and The Hellenic American University, as technical co-sponsor the IEEE Computer Society, as local organizer the Hellenic American University and SPRINGER as the Industry Sponsor.

During the interview, Dr. Memon gave details about EISIC (past, present and future plans) , how the Intelligence Community can take advantage of the Intelligence & Security Informatics discipline, the relationship between counterterrorism and computational criminology, the role of Higher Education, as well as differents kinds of Crime involving information and communication technologies. The privacy problem was also analized during the conversation.

Here is an excerpt of a very interesting interview with one of the world´s most brilliant minds in Defense, Counterterrorism and Security Informatics, Dr. Nasrullah Memon.

Dear Dr. Memon, could you please tell us what is EISIC 2011? Please elaborate on its creation, mission, objectives and members.

EISIC is the European chapter of Intelligence and Security Informatics (ISI) series of conferences. The conference is dynamic and allows academicians, researchers and practitioners to keep abreast of new tools and methodologies in the area of Intelligence Security and Informatics. It is also a venue that fosters networking opportunities for people working in this scientific area.

After my graduation (PhD Defense), Professor Hsinchun Chen, Director, Artificial Lab, University of Arizona, the founder of ISI series of conferences encouraged us to organize the European chapter of ISI. In this context, the first event was organized under the name of EUROISI 2008 at Esbjerg, Denmark.  That event was organized more as a workshop than a conference and it was not very well attended.

In September 2010, while Professor Hsinchun Chen visited University of Southern Denmark, we discussed how to re-organize the European chapter of ISI as an annual event in order to create a consortium involving academic researchers in information technologies, computer science, public policy, criminology, and social and behavior studies as well as local, national, and European law enforcement and intelligence experts, and information technology industry consultants and practitioners to support counterterrorism and national/international security missions of anticipation, interdiction, prevention, preparedness and response to terrorist acts. In other words the mission and objectives for the organization of EISIC series of conferences that came out from the discussions with Prof. Chen are to provide opportunities to establish a European network in the area of Intelligence and Security Informatics.

The organization of the conference was a very difficult task and we started working for the success of the event from September 2010 with the collaboration of Hellenic American University, University of Southern Denmark and University of Arizona. We formed a team from the above mentioned academic institutes and Hellenic American University accepted to host EISIC 2011 in Athens, Greece while University of Southern Denmark accepted to host EISIC 2012 in Odense, Denmark.  As per program chairs, Daniel Zeng and me invited around 100 researchers from academia and industry to work as program committee members. We received 111 submissions for EISIC 2011 and we accepted 27% of high quality papers as LONG papers based on the peer-review process.  The research articles were received from 41 countries from all sub-continents.

The founding members of EISIC 2011 are: Prof. Hsinchun Chen, Prof. George J. Hagerty, Professor Uffe Kock Wiil, Professor Triant Flouris, Dr. Panagiotis Karampelas and myself.

What is your assessment of the conference in Athens?

As per feedback from the audience we found it was a very successful event. The keynote speeches as well as the paper presentations were very well attended by the participants and there were a lot of positive comments on the quality of the presentations. There were also a lot of opportunities for networking between the participants and we witnessed several discussions about future collaborations between the participants. I would like to mention at this point that the host organization played a vital role in the success of the conference sponsoring the expenses of keynote speakers and finding alternatives of certain problems we faced because of unforeseen incidents such as strikes, etc.

What activities does EISIC plan to carry out in the near future?

We have a number of long and short term plans in the area of Intelligence and Security Informatics.  We have established the Counterterrorism Research Lab at University of Southern Denmark in October 2009.  Behind the lab there is a small group of researchers (around 10, one Professor, one Associate Professor and several PhD students) working in the area of ISI. We are publishing our research articles in the area in various conferences and journals and we try to establish connections with various law enforcement bodies and intelligence services providing them with our cutting edge technology and experience. Concerning EISIC, we plan to organize EISIC 2012 at our University at Odense on August 22-24, 2012. We also received a number of informal proposals for the organization of collocated events. As soon as we receive formal proposals, we’ll decide accordingly. We have also received informal proposals for the organization of EISIC 2013 and EISIC 2014 in Italy and Sweden respectively. The steering committee will decide as soon as we receive formal proposals for the organization of EISIC and related events in future.

In regard to the Intel discipline, where do you classify the Intelligence Security Informatics ISI? Is it a separate intelligence discipline in and of itself, or part of other intel disciplines like HUMINT, SIGINT, IMINT, etc.?

ISI is a discipline where INTEL disciplines could be benefited. Let us take an example; we are working on a research project (sponsored by the Faculty of Engineering, University of Southern Denmark): Developing an Early Warning System to predict Terrorist Threats. Mostly we use OSINT (Open Source Intelligence), but there is room for counterterrorism experts/INTEL to work. We do not have yet a formal collaboration with INTEL agencies, but I’m sure INTEL people could be benefited as well from ISI research.

What role does higher education play in ISI?

As this is a new inter-disciplinary area, higher education can play a vital role in encouraging students from Sociology, Anthropology, Psychology, Criminology, Computer Science, and Applied Mathematics to adopt research in the area of ISI in order to educate experts to help us in building a SAFE AND SECURE WORLD. It is also a need of the hour to train INTEL people with this emerging area of research.

What is the relationship between counter-terrorism and computational criminology?

Computational criminology like Countering terrorism is an emerging blend of criminology, anthropology, social computing, computer science and applied mathematics. Modern concerns about public safety and security include a focus on a range of events from less serious everyday crimes like shoplifting to personal violent crimes like homicide and ultimately terrorism. Underlying all of these events is a decision process or a chain of steps in target identification, steps that focus first on rough and vague decisions and move towards the precise plot. The fields of counterterrorism and computational criminology involves the use of computational power to identify: (1) crime patterns and emerging patterns; (2) crime generators and attractors; (3) terrorism, organized crime and gang social and spatial networks as well as co-offending networks; and, (4) cybercrime/cyber terrorism. Algorithms are developed using computational topology, hyper-graphs, Social Network Analysis (SNA), Knowledge Discovery and Data-mining (KDD), agent based simulations, dynamic information systems analysis and more for detecting organized crime and predicting terrorist threats.

The methods and models used for counter terrorism and computational criminology can provide information about pattern theory and identification. In short, we treat terrorism as an organized crime, and therefore, it would be possible to use some of the traditional methods to detect terrorism evidences, but also new models can be developed looking into the new type of terrorism of 21^st century.

What is cybercrime and what current challenges does it pose?

Crime involving information and communication technologies (ICT), for example:

·        ICT as an instrument, where ICT can be used as primary tool to commit the offence (Identity theft, Internet scams and Fraud-misappropriation of funds are some of the examples)

·        ICT as target, where ICT is the target of the offence (Hacking, Misuse of  ICT resources, Denial of service, Stealing information)

·        ICT as Ancillary Resource, where conventional crime can be assisted by ICT; in other words technology can be used to commit conventional crime or technology can be used to store information about crime (Fraud, Money laundering, etc., are known examples)

As the cybercrime has border-less and transnational reach, therefore, there is urgent need to establish competency in predictive cyber analysis and to develop trusted relationships to encourage information sharing among the INTEL agencies.  There are number of challenges in cybercrime, for example

·        Enforcing extraterritorial/ trans-border law enforcement activity

·        Many offences are never detected

·        Many detected offences are never reported

·        Difficult to quantify the offence

·        Difficult to “Police” the cyber space

·        Evidence can be intangible

·        Issuing warrant without knowledge of the precise location of data (evidence) can be problematic

·        Evidence can be destroyed during search

·        Encryption and other concealment technologies are available to offenders

·        Human rights and privacy issue, etc.

How can the right to individual privacy be balanced against the need for protection from cybercrime?

It is a very difficult question; I think security is more important than privacy of individual person in some cases.  But according to the laws of each country, the privacy problem should be dealt in treating with cyber criminals.

Dr. Bhavani Thuraisingham and our Publisher Victor Bjørgan during EISIC 2011, European Intelligence & Security Informatics Conference on Counterterrorism and Criminology.

On September 12th, and during the first day of the conference EISIC 2011 “European Intelligence & Security Informatics Conference, on Counterterrorism and Criminology,” the first keynote speech was given by the expert Dr. Bhavani Thuraisingham Cyber ​​Security (BT) (*). The title of his presentation was “Data Mining for Malicious Code Detection and Security Applications”. Among the highlights of his academic dissertation BT defined the meaning of saying that data mining “is the process of posing queries and extracting patterns different from data using techniques”. About its use, she said the technology can be used in national security as well aganist cybercrime and security, like f.e. like to Prevent buildings, destroying critical infrastructure (power, telecom). Dr Thuraisingham said that also can Data Mining find out who the bad guys are, capable of carrying out those Terrorist Activities.
Defining Cyber ​​Security BT said it is a technology to Protect the computer and network systems due to Against Corruption last generation of malware like Trojan horses, worms and viruses, including the ultradangerous malware called RAMAL (Radioactive Adaptive Malware), as well as intrusion detection and auditing.

During the first part of the presentation, BT described her research (together with Prof Latifur Khan and students of the University of Texas) and said that some techniques like the Link Analysis technology can be used to trace the viruses to the perpetrators. Another technology called Classification can prevent future attacks depending on the data mining learned about the terrorists through emails and phone conversations. The technology can also separate between real threats and non threats at all, by reducing false positives and false negatives.

More into details of her speech, BT said that the researched techniques like the CFB Program can extract the code blocker malware from data, and make a control flow analysis. She also compared her System with another already in the market , the code blocker SigFree, and assured her system is better, performs better.   Her System can detect Malware that is evolving continuosly, even every milisecond, like the RAMAL (Radioactive Adaptive Malware). Currently, all last generation malware evolve continuosly and it is difficult to prevent for regular firewalls. Dr. Bhavani Thuraisimgham defined her anti RAMAL malware tech as the NCD Novel Class Detection, and the tool is the system based on NCD, the so called SNOD or SNODMAL).

Currently, the most advanced Malware goes undetected because a continuos change in behaviours , every milisecond, and the regular anti malware software can not keep up that speed.

BT assured that her SNOD hast the ability to detect new classes of malware and its changes. She used the SNODMAL, malware detector using SNOD.

She classified the Malware in two categories: Benign and Novel.

The usefullness of SNODMAL will extend to detect multiple novel malware classes and quarantine them.

Summarizing, BT also revealed that they are working to find the best way to detect where this malware attack comes from, and to be able to attribute the attack, where it come from with 100% certainty (to avoid false accusations). Several countries have been attacjed by these novel malware.

In regard to the privacy matter, BT affirmed that the extract of results of the data mining should be private, this is a legal matter, not only an ethical one.

Once her speech finalized and the round of questions ended, Dr. Bhavani Thuraisimgham met Victor Bjoergan , CEO of the U.S. based Global Security Services LLC,  also Publisher of TheAmericasPost.com and EuropeSecurityNews (this under construction). Both discussed the importance of developing these technologies, and its role anti Cybercrime and the strengthening of global security against terrorism.

(*) READ MORE ABOUT DR. BHAVANI THURAISINGHAM

(**) MORE ON DR.THURAISINGHAM