Cuba’s Role in Venezuela’s Control of the Internet and Online Social Networks

The arrival of Cuba’s Information Technology (IT) and Communications Minister Ramiro Valdés to Venezuela in the Spring of 2010 to serve as a ‘consultant’ to the Venezuelan government awakened a new reality in that country. Rampant with deep economic troubles, escalating crime, a murder rate that has doubled since Chávez took over in 1999, and an opposition movement led by university students and other activists who use the Internet as their primary weapon, Venezuela has resorted to Cuba for help. In a country where in large part traditional media outlets have been censored or are government-controlled, the Internet and its online social networks have become the place to obtain, as well as disseminate, unfiltered information. As such, Internet growth and use of its social networks has skyrocketed in Venezuela, making it one of Latin America’s highest Web users. Because of its increased use to spark political debate among Venezuelans and publish information that differs with the official government line, Chávez has embarked on an initiative to bring the Internet to the poor and others who would otherwise not have access, by establishing government-sponsored Internet Info Centers throughout the country, to disseminate information to his followers. With the help of Cuban advisors, who for years have been a part of Venezuela’s defense, education, and health care initiatives, Chávez has apparently taken to adapting Cuba’s methodology for the control of information. He has begun to take special steps toward also controlling the type of information flowing through the country’s online social networks, considering the implementation of a government-controlled single Internet access point in Venezuela. Simultaneously, in adapting to Venezuela’s Internet reality, Chávez has engaged online by creating his own Twitter account in an attempt to influence public opinion, primarily of those who browse the Web. With a rapidly growing following that may soon reach one million subscribers, Chávez claims to have set up his own online trench to wage cyber space battle.

Internet Protocol (IP) design and implementation for efficient mobility to devices in wireless networks

The purpose of this thesis was to develop an efficient routing protocol which would provide mobility support to the mobile devices roaming within a network. The routing protocol need to be compatible with the existing internet architecture. The routing protocol proposed here is based on the Mobile IP routing protocol and could solve some of the problems existing in current Mobile IP implementation e.g. ingress filtering problem. By implementing an efficient timeout mechanism and introducing Paging mechanism to the wireless network, the protocol minimizes the number of control messages sent over the network. The implementation of the system is primarily done on three components: 1) Mobile devices that need to gain access to the network, 2) Router which would be providing roaming support to the mobile devices and 3) Database server providing basic authentication services on the system. As a result, an efficient IP routing protocol is developed which would provide seamless mobility to the mobile devices on the network.

Remote learning and laboratory center over Internet and ISDN

Recent advances in telecommunications technologies have transformed the modes of learning and teaching. One potentially vital component in the equation will be Remote Education or Remote Learning, the ability to compress time and space between teachers and students through the judicious application of technology. The purpose of this thesis is to develop a Remote Learning and Laboratory Center over the Internet and ISDN, which provide education and access to resources to those living in remote areas, children in hospitals and traveling families, with audio, video and data.^ Remote Learning and Laboratory Center (RLLC) is not restricted to merely traditional education processes such as universities or colleges, it can be very useful for companies to train their engineers, via networks. This capability will facilitate the best use of scarce, high quality educational resources and will bring equity of services to students as well as will be helpful to the Industries to train their engineers. The RLLC over the Internet and ISDN has been described in details and implemented successfully. For the Remote Laboratory, the experiment procedure has been demonstrated on reprogrammable CPLD design using ISR Kit. ^

Semantic distributed database management with applications to the Internet dissemination of environmental data

The research presented in this dissertation is comprised of several parts which jointly attain the goal of Semantic Distributed Database Management with Applications to Internet Dissemination of Environmental Data. ^ Part of the research into more effective and efficient data management has been pursued through enhancements to the Semantic Binary Object-Oriented database (Sem-ODB) such as more effective load balancing techniques for the database engine, and the use of Sem-ODB as a tool for integrating structured and unstructured heterogeneous data sources. Another part of the research in data management has pursued methods for optimizing queries in distributed databases through the intelligent use of network bandwidth; this has applications in networks that provide varying levels of Quality of Service or throughput. ^ The application of the Semantic Binary database model as a tool for relational database modeling has also been pursued. This has resulted in database applications that are used by researchers at the Everglades National Park to store environmental data and to remotely-sensed imagery. ^ The areas of research described above have contributed to the creation TerraFly, which provides for the dissemination of geospatial data via the Internet. TerraFly research presented herein ranges from the development of TerraFly's back-end database and interfaces, through the features that are presented to the public (such as the ability to provide autopilot scripts and on-demand data about a point), to applications of TerraFly in the areas of hazard mitigation, recreation, and aviation. ^

Foundational forensic techniques for cellular and ad hoc multi-hop networks

The Internet has become an integral part of our nation’s critical socio-economic infrastructure. With its heightened use and growing complexity however, organizations are at greater risk of cyber crimes. To aid in the investigation of crimes committed on or via the Internet, a network forensics analysis tool pulls together needed digital evidence. It provides a platform for performing deep network analysis by capturing, recording and analyzing network events to find out the source of a security attack or other information security incidents. Existing network forensics work has been mostly focused on the Internet and fixed networks. But the exponential growth and use of wireless technologies, coupled with their unprecedented characteristics, necessitates the development of new network forensic analysis tools. This dissertation fostered the emergence of a new research field in cellular and ad-hoc network forensics. It was one of the first works to identify this problem and offer fundamental techniques and tools that laid the groundwork for future research. In particular, it introduced novel methods to record network incidents and report logged incidents. For recording incidents, location is considered essential to documenting network incidents. However, in network topology spaces, location cannot be measured due to absence of a ‘distance metric’. Therefore, a novel solution was proposed to label locations of nodes within network topology spaces, and then to authenticate the identity of nodes in ad hoc environments. For reporting logged incidents, a novel technique based on Distributed Hash Tables (DHT) was adopted. Although the direct use of DHTs for reporting logged incidents would result in an uncontrollably recursive traffic, a new mechanism was introduced that overcome this recursive process. These logging and reporting techniques aided forensics over cellular and ad-hoc networks, which in turn increased their ability to track and trace attacks to their source. These techniques were a starting point for further research and development that would result in equipping future ad hoc networks with forensic components to complement existing security mechanisms.

Characterizing Internet worm spatial-temporal infection structures

Since the Morris worm was released in 1988, Internet worms continue to be one of top security threats. For example, the Conficker worm infected 9 to 15 million machines in early 2009 and shut down the service of some critical government and medical networks. Moreover, it constructed a massive peer-to-peer (P2P) botnet. Botnets are zombie networks controlled by attackers setting out coordinated attacks. In recent years, botnets have become the number one threat to the Internet. The objective of this research is to characterize spatial-temporal infection structures of Internet worms, and apply the observations to study P2P-based botnets formed by worm infection. First, we infer temporal characteristics of the Internet worm infection structure, i.e., the host infection time and the worm infection sequence, and thus pinpoint patient zero or initially infected hosts. Specifically, we apply statistical estimation techniques on Darknet observations. We show analytically and empirically that our proposed estimators can significantly improve the inference accuracy. Second, we reveal two key spatial characteristics of the Internet worm infection structure, i.e., the number of children and the generation of the underlying tree topology formed by worm infection. Specifically, we apply probabilistic modeling methods and a sequential growth model. We show analytically and empirically that the number of children has asymptotically a geometric distribution with parameter 0.5, and the generation follows closely a Poisson distribution. Finally, we evaluate bot detection strategies and effects of user defenses in P2P-based botnets formed by worm infection. Specifically, we apply the observations of the number of children and demonstrate analytically and empirically that targeted detection that focuses on the nodes with the largest number of children is an efficient way to expose bots. However, we also point out that future botnets may self-stop scanning to weaken targeted detection, without greatly slowing down the speed of worm infection. We then extend the worm spatial infection structure and show empirically that user defenses, e.g. , patching or cleaning, can significantly mitigate the robustness and the effectiveness of P2P-based botnets. To counterattack, we evaluate a simple measure by future botnets that enhances topology robustness through worm re-infection.

Towards simulation and emulation of large-scale computer networks

Developing analytical models that can accurately describe behaviors of Internet-scale networks is difficult. This is due, in part, to the heterogeneous structure, immense size and rapidly changing properties of today's networks. The lack of analytical models makes large-scale network simulation an indispensable tool for studying immense networks. However, large-scale network simulation has not been commonly used to study networks of Internet-scale. This can be attributed to three factors: 1) current large-scale network simulators are geared towards simulation research and not network research, 2) the memory required to execute an Internet-scale model is exorbitant, and 3) large-scale network models are difficult to validate. This dissertation tackles each of these problems. ^ First, this work presents a method for automatically enabling real-time interaction, monitoring, and control of large-scale network models. Network researchers need tools that allow them to focus on creating realistic models and conducting experiments. However, this should not increase the complexity of developing a large-scale network simulator. This work presents a systematic approach to separating the concerns of running large-scale network models on parallel computers and the user facing concerns of configuring and interacting with large-scale network models. ^ Second, this work deals with reducing memory consumption of network models. As network models become larger, so does the amount of memory needed to simulate them. This work presents a comprehensive approach to exploiting structural duplications in network models to dramatically reduce the memory required to execute large-scale network experiments. ^ Lastly, this work addresses the issue of validating large-scale simulations by integrating real protocols and applications into the simulation. With an emulation extension, a network simulator operating in real-time can run together with real-world distributed applications and services. As such, real-time network simulation not only alleviates the burden of developing separate models for applications in simulation, but as real systems are included in the network model, it also increases the confidence level of network simulation. This work presents a scalable and flexible framework to integrate real-world applications with real-time simulation.^

Islamist Cyber Networks in Spanish-Speaking Latin America

Despite significant concern among policy, law enforcement and intelligence communities in the United States (U.S.) over the possible spread of radical Islamist thought throughout the world as part of a global jihad movement, there has been little investigation into the growing cyber networks in Latin America that promote strong anti-Semitic and anti-U.S. messages. This paper offers an overview of that network, focusing on the structure of Shi’ite websites that promote not only religious conversion but are also supportive of Iran -- a designated State-sponsor of terrorism – its nuclear program. Hezbollah, and the “Bolivarian revolution” led by Venezuelan President Hugo Chávez and his allies in Bolivia, Ecuador and Nicaragua. There is also a smaller group of Sunni Muslim websites, mostly tied to the legacy organizations of the Muslim Brotherhood. Many of the Shi’ite websites are linked to each other consistently portray Israel as a Nazi State, and the United States as an imperialist war monger. The Palestinian issue is frequently juxtaposed with the anti-imperialist struggle that those states supporting Chávez’ Bolivarian revolution claim to wage against the United States. Some of the Islamist websites claim thousands of new convert, but such claims are difficult to verify. Most of the websites visited touted the conversion of one or two individuals as significant victories and signs of progress, implying that there are few, if any, mass conversions. While conducting this research, no websites directly claiming to be linked to Hezbollah were found, although there numerous sites hosted by that group that were active until around 2006. Several of the inactive links are supportive of Hezbollah as a political party. No websites linked to al Qaeda were found. Yet a substantial Internet network remains operational. Much of the outreach for Shi’ite Muslims, closely tied to Iran, is sponsored on numerous websites across the region, including El Salvador, Chile, Ecuador, Colombia, Mexico and Bolivia. Numerous Facebook forums for discussion are also hosted around Latin America. These links must be viewed in the context of the rapidly expanding diplomatic, intelligence, political and economic ties of Iran in recent years with the self-proclaimed Bolivarian states. Given the sparse literature available and the rich vein of un-mined information on the sites cited as well as others that one could find with additional research, the cyber network of Islamist groups remains one of the least understood or studied facets of their presence in Latin America and the Caribbean. It merits significantly more investigation.

Foundational Forensic Techniques for Cellular and Ad Hoc Multi-hop Networks

The Internet has become an integral part of our nation's critical socio-economic infrastructure. With its heightened use and growing complexity however, organizations are at greater risk of cyber crimes. To aid in the investigation of crimes committed on or via the Internet, a network forensics analysis tool pulls together needed digital evidence. It provides a platform for performing deep network analysis by capturing, recording and analyzing network events to find out the source of a security attack or other information security incidents. Existing network forensics work has been mostly focused on the Internet and fixed networks. But the exponential growth and use of wireless technologies, coupled with their unprecedented characteristics, necessitates the development of new network forensic analysis tools. This dissertation fostered the emergence of a new research field in cellular and ad-hoc network forensics. It was one of the first works to identify this problem and offer fundamental techniques and tools that laid the groundwork for future research. In particular, it introduced novel methods to record network incidents and report logged incidents. For recording incidents, location is considered essential to documenting network incidents. However, in network topology spaces, location cannot be measured due to absence of a 'distance metric'. Therefore, a novel solution was proposed to label locations of nodes within network topology spaces, and then to authenticate the identity of nodes in ad hoc environments. For reporting logged incidents, a novel technique based on Distributed Hash Tables (DHT) was adopted. Although the direct use of DHTs for reporting logged incidents would result in an uncontrollably recursive traffic, a new mechanism was introduced that overcome this recursive process. These logging and reporting techniques aided forensics over cellular and ad-hoc networks, which in turn increased their ability to track and trace attacks to their source. These techniques were a starting point for further research and development that would result in equipping future ad hoc networks with forensic components to complement existing security mechanisms.