Actis Technology and Digital Fingerprinting

As the U.K. government mobilizes a new National Hi-Tech Crime Unit, one firm is claiming to have a cutting edge weapon in helping regulate content on the Internet.

While the Hi-Tech Crime Unit has been charged with fighting crime and hackers on the Web, Actis Technology’s "Net Intelligence" product is bringing forensic science to computers. The company has developed a system that places a digital fingerprint on electronic images on the Web. Net Intelligence is being promoted as a tool for helping companies crack down on employees who abuse Internet access while on the clock, but the implications of the software could be more widespread.

Net Intelligence claims it can trap and attach a unique DNA-like fingerprint to illegal material on the Web. It promises to offer businesses protection against employee abuse of the Internet, including pedophilia, denial of service attacks and software piracy.

Most existing software filters work by blocking access to areas of the Internet found to contain illicit material. Net Intelligence takes the opposite approach, by offering employees free reign of the Web, while monitoring anyone accessing inappropriate, "fingerprinted" material.

Websites categorized as illicit by Net Intelligence software have a unique electronic fingerprint attached to them. Each incriminating file is treated as a binary stream; a well known algorithm is run through it, and a unique number is generated and attached to the image. Sixty thousand new images are added to the Net Intelligence database every day, which companies can download from the Actis website. This enables employers to run checks on staff machines, to see if any of their files match with a fingerprint on the database; deleted files can also be checked. As well as tracking images, the database additionally alerts employers to users accessing anarchist or illegal websites.

The Glasgow-based firm is hoping the two years spent in research and development for NI will pay off in the end.

Regional Manager for Actis Technology David O'Donoghue says that accessing those sites was the first step in creating the program and points out that the technology has been in development for two years.

"We have electronically fingerprinted the dark side of the Web," O’Donoghue said. "This means we have created a binary algorithm for pornographic images, pedophiliac images and all HPAVC utilities. We then have the ability through Net Intelligence to scan individual machines (or groups) and report on the presence of this material.

"We want to treat adults as responsible users of the network, while still protecting users and companies from a hostile work environment."

After the fingerprint is stored in the system, the software can single out sites matching the codes.

"Once the fingerprint has been generated it is then stored in the Net Intelligence database," O'Donoghue explained. "It can be referenced by the controller when the agents complete file scans."

While the software is currently targeting pornographic sites, O'Donoghue said a company could set it up to monitor gaming sites. The software targets surfing internally versus externally.

"Most organizations protect the perimeter quite well but neglect the threat from within," he said. "They are very concerned about what enters the company through the network from outside but seem to be less concerned about who is adding CD drives, ram drives and most importantly ZIP drives."

Employees then download the material and either browse while at home or even while on the job, according to O'Donoghue.

"This is how some undesirable material enters the network," he said. "Statistics show that the majority of adult websites are accessed during working hours."

And O'Donoghue has the numbers to back it up. He said a recent report shows that 79 percent of companies studied admit to detecting employees accessing illicit material through their servers. Sixty-four percent of the employees confessed to using the Internet for personal interest during working hours, while 8 percent admit to spending more than five hours a day cyber slacking.

Out of the gate, Actis is aiming its software toward government regulators as well as Fortune 500-type companies.

The increasing availability of cyber crime tools makes it possible for "script-kiddies to cause all sorts of damage to companies and the public at large," said Bill Strain, chief technology officer for Actis. The recent Anna Kournikova virus that infected networks worldwide was created by a toolkit available on the Internet. The VBS Worm Generator 1.5b was written in Microsoft Visual Basic 5, and is quick to use as well as requiring no coding skills.

In the case of denial-of-service attacks, Internet packages such as Divine Intervention enable individuals to "unleash an attack on major Internet companies around the world by simply entering an IP address into the downloadable script," explained Strain.

Credit card generators are also widely available on the Web, making it possible to create brand new check-summed credit card numbers in an instant, attached to genuine U.S. addresses. The fraudulent credit card details can be used to access pay sites on the Web such as adult pornography and even online gambling sites.

Actis claims that evidence generated by Net Intelligence is forensically admissible in court and that it has been used by law enforcement agencies around the United Kingdom.