Cyberspace, Data Analytics, and Policing
eBook - ePub

Cyberspace, Data Analytics, and Policing

David Skillicorn

Share book
  1. 258 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Cyberspace, Data Analytics, and Policing

David Skillicorn

Book details
Book preview
Table of contents
Citations

About This Book

Cyberspace is changing the face of crime. For criminals it has become a place for rich collaboration and learning, not just within one country; and a place where new kinds of crimes can be carried out, and a vehicle for committing conventional crimes with unprecedented range, scale, and speed. Law enforcement faces a challenge in keeping up and dealing with this new environment. The news is not all bad ā€“ collecting and analyzing data about criminals and their activities can provide new levels of insight into what they are doing and how they are doing it. However, using data analytics requires a change of process and new skills that (so far) many law enforcement organizations have had difficulty leveraging. Cyberspace, Data Analytics, and Policing surveys the changes that cyberspace has brought to criminality and to policing with enough technical content to expose the issues and suggest ways in which law enforcement organizations can adapt.

Key Features:

  • Provides a non-technical but robust overview of how cyberspace enables new kinds of crime and changes existing crimes.
  • Describes how criminals exploit the ability to communicate globally to learn, form groups, and acquire cybertools.
  • Describes how law enforcement can use the ability to collect data and apply analytics to better protect society and to discover and prosecute criminals.
  • Provides examples from open-source data of how hot spot and intelligence-led policing can benefit law enforcement.
  • Describes how law enforcement can exploit the ability to communicate globally to collaborate in dealing with trans-national crime.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on ā€œCancel Subscriptionā€ - itā€™s as simple as that. After you cancel, your membership will stay active for the remainder of the time youā€™ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlegoā€™s features. The only differences are the price and subscription period: With the annual plan youā€™ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Cyberspace, Data Analytics, and Policing an online PDF/ePUB?
Yes, you can access Cyberspace, Data Analytics, and Policing by David Skillicorn in PDF and/or ePUB format, as well as other popular books in Economia & Statistiche per il settore aziendale ed economico. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Chapman and Hall/CRC
Year
2021
ISBN
9781000465624
Edition
1
Topic
Economia
Subtopic
Statistiche per il settore aziendale ed economico

Chapter 1

Introduction

DOI: 10.1201/9781003126225-1
Law enforcement is being changed by the development of two related technologies: cyberspace, the globe-spanning communication and interaction infrastructure, and data analytics, an approach that extracts actionable knowledge from large amounts of data. Some of these changes are obvious, but many of them are subtle.
Because cyberspace has become the most important way in which governments, businesses, and individuals get things done, it has created opportunities for new kinds of crimes, and new ways of carrying out old crimes, at scale and speed. Cyberspace has become both a huge target and an enabler for crime.
Fortunately, the advantage is not entirely with criminals. Cyberspace also makes it easier to collect data, both about the actions of ordinary people, and the actions of criminals. Data analytics allows patterns to be found within large datasets, both the signals of particular criminals at work, and broader knowledge about the ways in which criminals operate. This compensates, in some ways, for the greater opportunities that cyberspace gives criminals. Law enforcement can be smarter, and so achieve better clearances rates, perhaps even at lower resource cost.
Criminals can find each other and learn from one another more quickly and more easily than ever before. Although law enforcement can also benefit from better communication, it faces hurdles that come from borders at all scales from cities to nations, and the differences among jurisdictions that these borders create.
These new technologies have been disruptive, and both criminals and law enforcement are struggling to understand how to use them in the best way from their mutually adversarial perspective.
Most of those involved in law enforcement and intelligence will be aware of some of the effects of cyberspace and data analytics, but most will not be familiar with all of these effects. Indeed, the environment is changing so fast that it is difficult to keep up. This book is designed to help you fill in gaps in your knowledge, and to get a broader perspective by stepping back and looking at the issues in a synthesized way. Although the focus here is on law enforcement, many of the same issues arise for intelligence, financial intelligence, customs, corrections, and cybersecurity.
Chapter 2 introduces cyberspace and its properties that have had the greatest impact on the landscape of crime and criminals. Chapter 3 introduces the new kinds of crime that cyberspace has enabled and the way in which existing crimes have changed because of the existence of cyberspace. Chapter 4 shows how the ability to communicate at speed and mostly independent of geography has made it easier for criminals to cooperate.
Although cyberspace has created opportunities for criminals, the news is not all bad. Chapter 5 shows that cyberspace has provided new opportunities for law enforcement as well, in particular the collection of data at unprecedented scale and new ways of extracting actionable knowledge from it, an approach that has come to be called data analytics. Chapter 6 describes the ways in which data for analysis can be collected, and the subtle and often difficult issues that arise from data collection. Chapter 7 describes, at a high level, how these data-analytic techniques work and what they can be used for. Chapter 8 describes some case studies that show how these data-analytic ideas can be applied to real law enforcement situations. Chapter 9 describes how the communication possibilities of cyberspace have changed law-enforcement cooperation despite the boundaries between different jurisdictions.

Chapter 2

Cyberspace

DOI: 10.1201/9781003126225-2
Cyberspace has pervaded our societies and our lives, and continues to have a major impact on individuals, families, groups, businesses and governments. Crime has been changed by the existence and use of cyberspace, and so has the fight against crime.
In a perfect world, law enforcement would be proactive in understanding the potential for new and adapted crimes, developing new tools and approaches to address them, and training personnel in how to understand these new crimes and use new capabilities against them.
The advantage, however, is with criminals. They have fewer restrictions on their actions and they are self-funded; whereas law enforcement lives with a legal framework that often fails to keep pace with changing technology, and with budgets that increase only slowly and are hard to redirect. Criminals can communicate globally, learn from one another, and mount many crimes from anywhere. Law enforcement enforces the laws of particular jurisdiction, and faces practical and legal hurdles for sharing information.
In this chapter we outline the properties of cyberspace that have changed the playing field for both criminals and law enforcement.

2.1What is cyberspace?

Most people encounter cyberspace via the World Wide Web (WWW), the system of web servers and web browsers that gives us access to the world's knowledge.
The World Wide Web was developed as an information-sharing system, but it is also increasingly the mechanism by which we act in the world, as the browser-server interface has been enriched to allow us to do banking, book travel, and upload videos, as well as to interact with one another on social-media sites.
The World Wide Web is only a subset of the Internet. The Internet consists of a wide variety of nodes:
  • personal computers and workstations;
  • phones1, devices that are so closely tied to us that they act almost as human surrogates;
  • Internet of Things devices such as CCTV cameras, smart light bulbs, thermostats, fitness trackers, door locks, and door bells;
  • cyberphysical systems that operate factories, pipelines, water supplies, and electricity grids;
  • web servers that power our World Wide Web interactions;
  • compute servers that carry out substantial computations for organizations that need them;
  • clouds, which carry out substantial computations or store large volumes of data, and which are shared between many different users who can use them on demand.
As well as these nodes, there are networks of pipes that connect them. The networks have two parallel forms: the cell phone networks that connect highly portable devices; and the wired and wifi networks that connect most other devices. These networks are, of course, connected to one another in multiple ways.
The individual pipes vary widely in their capacity and operation. For example, Bluetooth networks carry data over a few meters; wifi networks carry data within a single space such as an office or house over a hundred meters or so; coaxial, cell, or optical fiber connections carry data over a few kilometers; and much higher capacity connections carry data between cities, and underneath oceans.
Networks contain switches that direct the traffic along the paths from its sources to its intended destinations. These switches are just ordinary computers, optimized for the tasks of directing and moving data, and so they have all of the capabilities and issues of other devices on the Internet.
Alongside the Internet are some less well-known parts of cyberspace.
  1. Many militaries have their own networks which use the same kinds of devices and network technologies as the rest of the Internet but are not directly connected to it. These networks are often ā€œair gappedā€ from the Internet, so that they have no direct connections. In practice, this separation is not as strong as it seems because there are multiple channels that allow information to cross the gaps (although they mostly require sophistication to exploit).
    For example, software on these air-gapped networks must be updated somehow, so there is necessarily information flow into them. The Stuxnet malware was inserted into an air-gapped network that ran Iranian uranium centrifuges using USB keys. These had been loaded with software updates on systems that were attached to the Internet. When these USB keys were attached to computers on the air-gapped network, they installed malware on the centrifuge controllers.
    There have been several experiments in which USB keys were dropped in the parking lots of secure installations, and non-trivial numbers of them were taken inside and plugged into secure computers by unthinking Good Samaritans.
    Computers on the air-gapped network can also leak information that can be detected because their operations necessarily cause changes in the physical environment around them. Information leakage has been detected in physical mechanisms such as the sound they emit, their disk operation, their screen display, and fluctuations in their power use.
  2. Cyberspace contains content that only exists transiently, and so cannot be found using search engines. For example, when you authenticate to your bank, the bank displays a page showing your account balances. This page is created on the fly, and can only be seen by you. As a result, it is never indexed, and so cannot be found other than via the bank's front page and then authentication. Such content is stored in back end systems, such as databases, but it only is assembled and comes into existence as an entity on demand, and only for a short time.
    Cyberspace also contains content that is always present but is not indexed by search engines and so cannot be easily found. Anyone can create such a page with some care.
    This collection of pages with limited accessibility is called the deep web.
  3. Cyberspace also contains a subspace called the dark web2. This consists of data that is explicitly hidden in two different ways.
    The first kind of content is hidden because it requires access via a particular mechanism. The most well-known of these mechanisms is based on the Tor router. Anyone using a specialized browser or plugin can have their web access requests directed to the Tor router. The router uses a set of volunteer nodes to move the traffic around randomly. When the traffic exits the Tor router, it can go to a special set of websites whose URLs end in ā€˜.onionā€™. These websites cannot be connected to directly; only from a Tor router node. Thus this part of the dark web is a separate world wide web that is not directly searchable, and can only be accessed, as it were, from one particular direction.
    The Tor router framework makes it difficult (but not, in fact, impossible) to know which browser is talking to which web site. Although originally designed for privacy, it provides an opportunity for illicit activity that is hard to track and so has become popular with criminals. Dark-web web sites can sell illegal products and disseminate information without attribution.
    The second part of the dark web consists of nodes which, as it were, only speak their own private language. Ordinary Internet traffic that reaches them is simply discarded. In order to convey data encoded in their own private way, totally new mechanisms are required for communication. For example, to reach such a dark-web web site, a totally different kind of browser is required. This kind of dark web activity is much harder to track since it is close to impossible to tell what observed data movement means ā€“ it is like listening to a conversation in a foreign language. Fortunately, considerable skill is required to use such a specialized subnetwork and it is beyond the capability of many criminals.
Cyberspace has its origins in an academic and defence network called the Arpanet which was designed to connect trusted parties and to work in a distributed fashion so that it could survive a nuclear attack. Cyberspace's explosive growth in both size and functionality has been built on this foundation. There was never a point when the basic operating principles of cyberspace could have been redesigned to be more appropriate for its scale, since at every step, new pieces had to be able to work with the older pieces. Worse still, the decentralized design of cyberspace meant that there was never (and still is not) a centralized body capable of making and enforcing design decisions. The result is a system that is forced to operate in ways that make little sense for something that is so critical to most aspects of modern life. In particular, security has had to be retrofitted wherever possible, but within difficult constraints.

2.2The impact of cyberspace

The existence of cyberspace, and its continuing evolution, has had an impact both on crime and on policing. The most obvious property of cyberspace is its scale ā€“ suddenly we can reach at least half of the world's population via email or text messaging, and we can find out personal details of a large fraction of that half from web sites and social-media presence. A spammer can send an email to 100,000 people at virtually no cost, and a tweet can make its way to 100,000 people with a single click. We can also access a large fraction of the wo...

Table of contents