titleTo catch a cyberthief: legal and technical issues in network monitoring for cyberprofiling
publication dateMar 2008 publication descriptionPresentation in BILETA2008: Law Shaping Technology; Technology Shaping the Law, Glasgow Caledonian University, Glasgow, UK
publication descriptionFrom work on the EPSRC-funded Cyberprofiling project, the authors have proposed an
algorithmic approach to profiling of illicit activity online. The model is informed by profiling
methodologies from Criminal and Geographic profiling of offenders. A useful basic dataset has
been considered and how that data may be collected. The collection of data from existing sources
and new sources are outlined. The need for large-scale network monitoring to create a data
corpus that provides useful results is highlighted.
The initial work on the project examined the available technology for network data monitoring
and evaluated various forms of network "honeypot" which permitted the non-invasive generation
of network abuse traffic data. The technical issues of implementing a set of such network
monitoring instruments are also discussed.
It is well known and understood, in the network communications industries, that routine
monitoring of network usage can provide information necessary to allow network manager to
optimise performance and respond to incidents. It is believed that all network devices,
worldwide, are at least capable of recording considerable quantities of information about the data
passing through them. A single network identifier, typically the Internet Protocol address, is
commonly used as the principal key.
In recent times, legal interpretations and opinions on the use of network identifiers as personal
identifiers have changed at national and international levels. The authors draw comparisons with
other monitoring technologies such as CCTV and wiretaps, and other forensic investigation
techniques such as DNA profiling and debate these views from the perspective of technology
practitioners and present some further areas for debate.