Searching For Evil

Fri, 31 Aug 2007 09:47:10 GMT
by pdp

Computer security has recently imported a lot of ideas from economics, psychology and ... all sociology, leading to fresh insights and new tools. I will describe one thread of research that draws together techniques from fields as diverse as signals intelligence and sociology to search for artificial communities.

Evildoers online divide roughly into two categories - those who don't want their websites to be found, such as phishermen, and those who do. The latter category runs from fake escrow sites through dodgy stores to postmodern Ponzi schemes. A few of them buy ads, but many set up fake communities in the hope of having victims driven to their sites for free. How can these reputation thieves be detected?

Some of our work in security economics and social networking may give an insight into the practical effects of network topology. These tie up in various ways with traffic analysis, long used by the signals intelligence agencies which trawl the airwaves and networks looking for interesting targets. I'll describe a number of dubious business enterprises we've unearthed. Recent advances in algorithms, such as Newman's modularity matrix, have increased the robustness of covert community detection. But much scope remains for wrongdoers to hide themselves better as they become topologically aware; we can expect attack and defence to go through several rounds of coevolution. I'll therefore end up by talking about some strategic issues, such as the extent to which search engines and other service providers could, or should, share information in the interests of wickedness detection.

Speaker: Ross Anderson is one of the top security researchers in the world.

Archived Comments

I really like the way he's treating this like an interdisciplinary problem. This problem is at its root is an evolutionary issue of resource acquisition and survival, and then upward it manifests as an individual ethics issue, and then a social problem, and an economic one, and finally as a technical one, similar to the file sharing issue. Moral relativism will always exist and always has. People will do what they feel is acceptable to acquire resources. Western societies view usury as morally sound, others do not. Others view fraud as normal, the west does not. Trying to tackle issues like fraud with technology alone is like hiring a dermatologist to do internal medicine. What I think we must do is progress down the stack of motives and consequences, and address the problem at the lowest bottlenecking layer that is feasible and doable. In this case, I think it is the social level. Economic controls like suing Western Union or shutting down e-Gold will only cause replacements to generate at the same tier. As mentioned in the speech, you have to act at the bottlenecks, and the lowest bottleneck is government diplomacy, at the "social problem" level. Russia has a social problem in that it expects to do business as a global player, but does not protect the assets or intellectual property of its trading partners. Same with China. We may or may not get around to enforcing certain types of embargos and trade sanctions on governments for their lack of enforcement in protecting western assets, but regardless I see that as the lowest level of feasible bottleneck plugging, because you will never be able to conquer deception in the individual, its as innate to our species as breathing, and as old as prostitution.
Eponymous, thanks for your comment. I completely agree.