Mar 8, 2017, (Research Matters):
The Internet has revolutionised our way of life, enabling things that were hard to imagine earlier. With the Internet, one can work sitting at home, doctors can treat patients anywhere in the world, and with the advent of smartphones, simple activities like commuting has a whole new meaning. Social media platforms like Facebook, Twitter and YouTube have redefined communication and made reaching out to a large number of people very easy. Any of us can be an ‘influencer’ with the potential to be heard by millions of people.
Internet, like many other scientific inventions, is a dual edged tool. There are cyber thieves lurking to acquire sensitive information, hacking groups that target websites of governments and institutions or radical extremists trying to galvanize crime and hate – all over the Internet. According to a report by the Indian Computer Emergency Response Team (CERT- IN), the number of cyber attacks increased by a whopping 35% from November 2014 to January 2015 alone.
An alarming trend today is the use of social media by terrorist organizations for recruiting, fundraising and instigation. Adept at using social media platforms, they strategically design their media to be deceptive and misleading. The release of ISIS propaganda videos on YouTube and the spread of terror threats by Al-qaeda are a testimony to this. An estimate says that ISIS supporters operate about 45000 Twitter accounts. In a chaotic and unsecure world like this, how do we retain order?
Surveillance – The “Big Brother”
A common solution adopted by most governments in the interest of national security is the surveillance of Internet. Many countries all over the world have their own Internet surveillance systems. Echelon is a security system designed and used by five countries - USA, UK, Canada, Australia and New Zealand – and can intercept satellite communication and Public switching telephone networks. Dishfire and Prism are joint ventures of the USA and UK security agencies that can extract information from automated messages and missed call alerts.
Surveillance systems that intercept communication channels like emails, social media streams, videos, cellular communication, etc., scan for suspicious inputs like certain key words or phrases. They also observe certain recognized traffic patterns that may indicate malicious behaviour. Tracking and reporting such suspicious activity early on may avert a tragedy, saving lives.
NETRA – India’s network “Big Brother”
India’s very own network surveillance tool, NETRA (short for Network Traffic Analysis), is developed by the Center for Artificial Intelligence and Robotics (CAIR), a unit of Defence Research and Development Organisation (DRDO). It is a piece of software that captures data from the Internet traffic, analyses it and alerts the concerned agencies in case it identifies a potential security threat. NETRA can monitor any text-based messages –Facebook, e-mails, blogs included.
“Any message which can create panic and terror can be filtered by checking the conversation of suspicious people who are directly or indirectly planning ill activities in the country”, says Senior Research Fellow, Mr. Rajan Gupta from the University of Delhi. He, along with Dr. Sunil Kumar Muttoo has recently evaluated NETRA as a case study for Internet surveillance.
NETRA identifies and filters keywords in the text message, even when it is encrypted. It can report the usage of certain words like ‘murder’, ‘attack’, ‘bomb’ and ‘terrorist’, along with the source IP address, to the concerned authorities. Developed to mainly monitor terrorist activities, it can monitor Internet traffic and trends over various channels like Facebook, instant messengers, blogs, emails, Skype, Google talk, etc. Currently, NETRA serves 3 security agencies - Cabinet Secretariat, Intelligence Bureau and the Research and Analysis Wing.
In the review, Mr. Gupta and Dr. Muttoo point out some aspects of NETRA that could be improved in order to help the country tackle the growing menace of Internet terrorism. One such is the filtering process used by NETRA that is based on predefined words. Such a system could flag conversations with certain words that occur frequently, but have no connection to any security threat. The researchers instead propose the use of sentiment analysis and text mining to identify real threats. Sentiment analysis helps in understanding the intent behind usage of certain keywords. Also, monitoring the pattern of traffic flow could provide some leads on this.
The researchers also suggest increasing the memory allocated for various security agencies like RAW, IB and other law enforcements owing to the increasing volume of Internet traffic. A possible approach is to use a cloud based system that provides expandable memory techniques. “The government has already launched MeghRaj as its official cloud platform for various government applications, which can be leveraged here”, remarks Mr. Gupta.
A superior hardware can make NETRA robust, says the review. Currently, NETRA’s hardware limits its ability to decode some encryption schemes. Encryption is actually a code language with a very complex computer generated code. A machine with better hardware can run complex decoding faster. Also, if the hardware is powerful, a trial and error decoding approach that finishes in a finite acceptable time, could be used, if the need be. The researchers also suggest how NETRA can collaborate with some of the technology companies that can share their encryption methods with the government, thus enabling easier monitoring of encrypted data.
Having a strong and alert guard is excellent, but what would happen if the guard itself turns thief? If cyber criminals hack into surveillance systems, there would be chaos in Internet traffic. While keeping an eye on Internet, NETRA also needs to safeguard itself from hacking attacks too.
The Ethics of Surveillance
Imagine all the details of your personal conversation lying in the hands of the government! This immediately sparks the debate on the ethics of surveillance and the trade off between national security interests and an individual’s privacy. “The ethicality of the system will always remain a controversial issue, but system’s fair use and positive results can overshadow the doubts concerning the citizen’s breach of privacy”, opines Mr. Gupta.
Though spying on foreign governments is a commonly practiced act by most security and defense agencies for intelligence, Internet spying now targets the billons of users who use the Internet. In India, that would mean officers from Research and Analysis Wing (RAW), CBI, the National Investigation Agency may have access to the snooped data. With no clear laws defining Internet privacy in India, what are the implications of this access?
On one hand, it is important for police and security agencies to get information about potential threats. On the other hand, it is important to safeguard privacy too. While terrorism and threat to national security are definitely on the rise in this connected world, the debate about sacrificing privacy for the cause of a better world is louder than ever.