Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Hacker Profiling Project

Posted by ryuzaki0 on from the they-know-who-you-be-lads dept.

NewsForge writes "NewsForge is running a story about a project aiming to profile hackers like the police do with common criminals. Not based out of the U.S. per se, this project falls under the auspices of the United Nations Interregional Crime and Justice Research Institute (UNICRI). The project was co-founded by Stefania Ducci, in 2004, along with Raoul Chiesa." From the article: "NewsForge: What would the project concretely produce as final output? Stefania Ducci: The final goal is a real and complete methodology for hacker profiling, released under GNU/FDL. This means that, at the end of our research project, if a company will send us its (as detailed as possible) logs related to an intrusion, we — exactly like in the TV show C.S.I. when evidence is found on the crime scene — will be able to provide a profile of the attacker. By 'profile' we mean, for example, his technical skills, his probable geographic location, an analysis of his modus operandi, and of a lot of other, small and big, traces left on the crime scene. This will also permit us to observe and, wherever possible, preview new attack trends, show rapid and drastic behavior changes, and, finally, provide a real picture of the world of hacking and its international scene."

22 of 122 comments (clear)

  1. What have they done to our language by Silver+Sloth · · Score: 4, Insightful
    From Wikipedia
    In computer programming, a hacker is a software designer and programmer who builds elegant, beautiful programs and systems.
    Well, that's what it used to mean. Someone who was close to the metal, not some jumped up script kiddie with no morals. now even Newsforge is using it in its pejorative form. Personally I think they mean crackers.
    --
    init 11 - for when you need that edge.
    1. Re:What have they done to our language by wired_LAIN · · Score: 4, Funny

      If the title of a news article was "UN institutes Cracker profiling" the non-slashdot crowd would interpret it as "UN is racist against white people"

      --
      It is better to light one candle than to curse the darkness.
    2. Re:What have they done to our language by mordors9 · · Score: 2, Informative

      Even accepting that you are correct that they are talking about crackers, I have the feeling that most of the script kiddies will not make the list. I assume they are talking about the real deal type guys that make their own cracks and then the other guys try to imitate them. Many of whom may even fall under our common definition of hacker. Those people that will discover a neat hack and then inform the other party of the problem. If not, if it is the script kiddies, it will be a very long and meaningless list.

  2. Like CSI? by ajlitt · · Score: 5, Funny

    "exactly like in the TV show C.S.I. when evidence is found on the crime scene"
    You mean they stand around in a dark room and spout techno-BS while a computer graphically and textually points out the obvious?

    1. Re:Like CSI? by andphi · · Score: 2, Funny

      To quote Gil Grissom: "There are too many forensics shows."

    2. Re:Like CSI? by John+Hurliman · · Score: 2, Interesting

      The goal of the project is to be as cool as a TV drama series? More proof that life imitates art.

    3. Re:Like CSI? by Otto · · Score: 2, Informative

      Sure thing, except that the real explanation is that the car is made of metal and it acts as a Faraday cage, that's why you don't fry in a car if hit by lightning.

      Actually, that's not correct either.

      The real explanation is that a car is a big wide chunk of metal and that metal provides a better path to ground than the path which happens to go through your soft fleshy tissues.

      For it to be a Faraday cage, it would have to be sealed or having only small holes (with their size depending on the frequency of the EM radiation you're wanting to block). Considering that you've got big chunks of glass instead of metal in it, a Faraday cage it definitely is not. Proof: You can pick up radio signals inside the car. A Faraday cage would not be able to get those, even with an external antenna and wires leading into the cage.

      Sorry for being pedantic, but this is /. after all...

      --
      - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
  3. Tools are the same for everyone by hey · · Score: 2, Funny

    Oh that hacker is using Rootkit 123 so it must be somebody on the Internet!

  4. Lemme guess by $RANDOMLUSER · · Score: 3, Funny

    White kid? Bad complexion? Limited social skills? Above average intelligence? Lives in parents basement?

    "Round up the usual suspects"

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
  5. UN by jimbolauski · · Score: 2, Funny

    So if one does get cought by the UN will they just sanction them and them place them on double secret probabtion.

    --
    Knowledge = Power
    P= W/t
    t=Money
    Money = Work/Knowledge so the less you know the more you make
  6. One question by squidfood · · Score: 4, Funny


    Will the rankings be computerized?

  7. Something interesting that might be related to it by Ernesto+Alvarez · · Score: 4, Interesting

    Reminds me of a project the Argentinian military presented about a year ago in a security congress I went to.

    The idea was to "fingerprint" hacking attempts by measuring timing in typing on terminals. Say, a hacker would attack a system, a fingerprint would be taken (of the unknown hacker's typing habits) and then on another break-in, a new fingerprint would be taken and compared to previous ones to determine if it is a formely filed hacker.

    Another possibility from that idea was to use the fingerprint also to verify the user's identity (you have to enter a password, but the server also fingerprints you and denies access if the fingerprint does not match).

    Definitely one of the best expositions in the congress. Pity I cannot find any papers. I found the original presentation, in spanish though, by searching for "Remote identification of keystroke patterns" on google.

    --
    GPG 0x1B479C78
  8. I can see their profile of me already... by jtorkbob · · Score: 3, Funny

    Subject: One Perl Hacker; four-space indentation; 12% comments; averaging 34 lines per sub; prefers OO interface when available; abhores cuddly elses.

    Cm'on now, can't we even get our terminology straight?.

    --
    AC: Only on slashdot... could the sentence "My hovercraft is full of eels." be moderated "+4, Insightful
  9. Great idea.. by Frumious+Wombat · · Score: 2, Funny

    That way when someone joins a project, you can look up his profile and read, "thinks that orange on neon green is an acceptable combination for user interfaces", and know to only let him work on the back-end of a project.

    Frankly, some of those interfaces out there in FS/OS land are at least a misdemeanor. This project is long overdue.

    --
    the more accurate the calculations became, the more the concepts tended to vanish into thin air. R. S. Mulliken
  10. Don't like change? by Vellmont · · Score: 4, Insightful

    Word meanings change, and can have multiple meanings. Sorry if you've some personal attatchment to those 6 letters arranged in a certain, but the fight was over long ago. Find a new word for what you're talking about, because hacker now means someone who breaks into computers. You can't fight what 99% of the population accepts as the definition, no matter what some wikipedia entry says.

    --
    AccountKiller
    1. Re:Don't like change? by Silver+Sloth · · Score: 4, Insightful

      I totally agree that the war is lost, but it's a sad day when a title I used to aspire to becomes a pejorative term on Newsforge

      --
      init 11 - for when you need that edge.
    2. Re:Don't like change? by TheDreadSlashdotterD · · Score: 2, Funny

      But that begs the question, should we really take this lying down?

      I'm sorry, couldn't resist.

      --
      I have nothing to say.
    3. Re:Don't like change? by a.d.trick · · Score: 2, Interesting

      I wouldn't say that hacker no longer refers to a wizardly computer programmer, ever. As you said works can have multiple meanings, and in certain contexts, it's perfectly acceptable to use the word like that. At the moment, there's a problem because there's not really a good word to replace hacker (in the programmer sense) that retains all the connotations. Also, in other context, it has completly different meaning (as in 'css hack'), It may be that hacker is becoming a single morpheme word. All in all, it's a pretty butchered word.

      And yes, you can fight what words mean (school teachers do it all the time). Sometimes it works, usually it doesn't, and it's often a waste of time.

  11. Comment removed by account_deleted · · Score: 4, Funny

    Comment removed based on user account deletion

  12. Mod up by Gabesword · · Score: 2, Insightful

    This has been modded as funny but it really needs to be modded insightful. Governments the world over are trying very hard to get data such as the Amazon purchase data and store that in a useful database. Buying a book about rootkits very well may put you on a list of, oh, let's call them hackers who need to be kept track of. This, "hacker", book purchase can be cross referenced with the hacker's employment records, possibly including training received. It is all too possible that your phone or data line could be tapped and monitored because you are suspected of a crime based on nothing more than you having the skills necessary to commit said crime. Just because I am capable of lifting a baseball bat and swinging it doesn't mean that I should be an immediate suspect should someone be murdered by baseball bat. Having the ability to commit a network intrusion shouldn't make me a suspect of a network intrusion. That should only be the case if there is some indication that it was me.

  13. Well someone had to post it... by Warbothong · · Score: 2, Funny

    So here it is: http://www.adequacy.org/stories/2001.12.2.42056.21 47.html enjoy

  14. Re:Geographic Location? by Jimmy+King · · Score: 2, Interesting

    I assume they mean determining the region (and I would still consider this just as untrustworthy as using the IP) by figuring in things such as the types of attacks used, apparent knowledge, what they were attacking, what information they took/used/ignored, etc as compared to trends of the same measures from different areas of the world.