Sunday, 24 October 2010
Raps BOT : Predicts Insider Cyber Terrorism Threat HIGH
I seeded an internet botnet of 10K+ targeted clients which scour the web, scraping and collating conversation data then predicts the national security situation of the UK in 3-6-12 months time.
I started designing this botnet when I worked as a consultant at IBM research in Hursley on persuasive technology projects.
Basically this botnet uses the processing capabilities of 3rd party web servers and clients in order to remain alive. It is totally autonomous meaning I can send it out with commands one month and it returns the next month with the information which my server then crunches to get a prediction.
One vector my botnet has exposed is cyber terrorism risk in the UK. I had expected to almost certainly see that Russia and China were the primary sources of bad actor behaviour. But I was surprised when the prediction of Raps Bot reported that 78% of the cyber threat to national security was going to come from UK citizens, not from foreign shores.
I ran this botnet for 10 months and it basically scraped links using keywords from the relevant forums and social media sites and then followed them and collated the data.
I have a reporting system which produces a map of the main cyber terrorism threats and all the longest tentacles were from insider terrorism orientated threats.
Assessing crime motivation plays a big part in the analysis process and I have to say the system picked up on this extremely well, plotting the main motivation points and then relating them to the data, the location and the context.