Coordinate Negative Content Filtering and Threat Detection in Thailand on the Internet Infrastructure Sahidan Abdulmana Department of Information Technology Fatoni University Fatoni, Thailand e-mail:
[email protected]
Abstract—there are many advantages and disadvantages of using internet. In Thailand, the number of people who are using Internet has dramatically increased, meanwhile the number of threats that protected by many organizations also go up. One of the threats to youth generations is pornography that spreads very fast via cyberspace or internet. The Southeast Asian countries have had a vigorous debate over pornography in recent years, exposing deep divisions with the Muslim-majority nation [2]. Thailand is one of the countries be ranked of pornography and sexual behavior. Another threat in Thailand to the Muslim community especially in southern border provinces is in term of website contains seditious and annoying for the Muslim people especially to the youth generation. These problems are very significant to resolve for the objective of future youth to be safe. Many countries try to control these kinds of the issues, but the result has not been too effective. In this study, we propose a coordinate system model among Ministry of Information and Communication Technology (MICT) in Thailand as a regulator and law enforcer, National Broadcasting and Telecommunication Commission (NBTC) and the Central Islamic Council of Thailand (CICOT) as the content advisor. The coordinate system model that we propose is to provide the system for filtering and detecting negative content over Internet to be more efficient in order to prevent people from negative content. Our objective is to protect the youth generation especially Muslim community by filtering and detecting websites which contain pornography and seditious elements. However, it is very difficult to coordinate with all these organizations because Thailand is non-Muslim country and we might face the challenges and we hope, it will be success. Keywords-component; Internet Negative Content Filtering, Threat Detecting; Coordinate Filtering System
I.
INTRODUCTION
We can be seen in today’s word, almost of the people use the technology such as laptop or mobile devices to access Internet every time and everywhere with many purposes. The advancement of technologies provide a lot of things possible happens in the clouds. Nowadays, it is rapidly increase the number of threats on the Internet over the world which is we do not known that who are the hacker, cracker, attacker or who are the creator of that threats. According to the security threat report, in 2013, botnet and exploit kit innovations that were once restricted
Burhan Saleh Department of Information System International Islamic University Malaysia Kuala Lumpur, Malaysia e-mail:
[email protected] to the cutting edge have proliferated, as new malware authors learn from the experiences and released source code of their predecessors [1]. Cybercriminals have become more adept at eluding identification, relying more heavily on cryptography and increasingly placing their servers in the darknet—closed, anonymous areas of the Internet designed to resist surveillance [1]. In Thailand, there are many steps that can be taken to secure the internet such as help center, cyber security awareness program and so on. Many agencies and organizations such as Ministry of Information and Communication Technology (MICT) in Thailand has done their work to secure the cybercrime and cyber space. Cyber Security Operation Center (CSOC) which to monitor internet traffic and to detect the threat from the internet traffic in and out of Thailand from negative content that will effect to youth, children, religion and great king institution. However, their work is still not finished due to the quick proliferation of new cyber threats. Moreover, National Electronics and Computer Technology Center (NECTEC) is one of the agency that is going to research about the internet threat and so on [11]. Furthermore, there is still a lack of research one on coordinative effort among Islamic and government organizations or the agencies with private organizations or companies to prevent Internet threats. Factually, some countries offer buying the system (to filter, monitor and detect Internet threats) from other countries rather than build the system on their own. ThaiCERT reported that in 2012, there are many threat in Thailand through the internet. It is around 170 threads that was inform by ThaiCERT as shown in the figure below.
Internet threat in Thailand reported by ThaiCERT 2012 Fraud Intrusion Attempts
8%5% 11% 10%
Malicious code
66%
Information Gathering Others
Figure 1. Internet threat in Thailand reported by ThaiCERT 2012 [11]
In this paper, we are going to survey and observe the improvement of threats and negative content in the Internet and identify the organizations and agencies that are responsible for filtering, monitoring, blocking and defecting that issues through Internet in Thailand. In addition, we will concentrate on the negative content that can cover the Internet traffic that have a big impact on the Internet environment in Thailand. Lastly, this paper will also shows the concept of coordinate work between those organizations and Islamic agencies. This paper begins with the background of the issue of the negative content and Internet threat, next literature review, then the recommendation to overcome or relieve the problems and the challenges. II.
INTERNET FILTERING AND BLOCKING TECHNIQUES
Recently, there are many blocking and filtering techniques implemented to block access to content of the websites. The techniques can be implemented at different levels of Internet access within a country. Commonly, in Thailand, Internet blocking is most implemented by two different levels: at the ISPs within the country and by the Ministry of Information and Communication Technology. Nowadays, different countries there use different technique because it depend on the issues that suitable for their country as shown from this figure.
Figure2. Blocking technique [4]
One of the famous technique is URL’s, or Uniform resource locators, are more specific identifiers for content on the internet. They consist of a domain-name (which identifies the machine where the content is available) and then contain further information pointing at a specific location. A typical website URL contains both a path (section with directories that contain content) and a filename (final identifier of the content on the server), like so: http://www.domainname.com/path/to/filename.html. Other services such as email and instant messaging may also make use of URLs and domain names to identify parts of the services infrastructure [10]. In addition, URL filtering is one of the commonly used techniques to block access to internet access using a proxy. URL filtering used to block access to specific Webpages. In order implement this technique, we need to place the filter on ISPs level. The technical difficulties presented by URL filtering become non-trivial as the number of internet users grows to millions rather than tens of thousands [3]. Several states seem to have limited overall access to the Internet, in order to keep URL filtering controllable [3]. Another technique which more advanced is keyword blocking. This technique blocks access to websites based on the words found in URLs. The content based filtering system and the collaboration based filtering system can be engaged to enhance URL and IP based filtering system [8]. Churcharoenkrung, Kim, and Kang (n.d.) tried to develop content based filtering system which adaptable to the content or domain knowledge changes because the topics of
messages are not fixed in the real world. Implementing content based filtering is necessary to protect users from unknown information [8]. On the other hand, some states use a software application developed by one of a small handful of United States based technology providers [6]. Burma, in the first incarnation of its filtering regime, they used DansGuardian open source for fileting [6]. The blocking technique which Burma officially Republic of the Union Myanmar has been used is blockpage technique as it shows on figure 2. The others depend on less heavily on technology solutions and more extensively on “soft controls” [6]. III.
LITERATURE REVIEW
At the moment, Internet Content filtering and detecting used by the national level all over the world. Through a coordinate study effort called the OpenNet Initiative, the Citizen Lab at the University of Toronto, the Berkman Center for Internet and Society at Harvard University, and the SecDev Group have organized compared the Internet filtering practices of a series of states in a systematic, methodologically difficult fashion over the past eight years [5]. OpenNet Initiative 2010 has sought to reach substantive conclusions about the nature and extent of Internet filtering in 70 states and over 289 Internet service providers [3]. They initially focused much of their research on states in the Middle East and North Africa, Asia, and Central Asia, where the world’s most extensive filtering takes place [3]. Their research has come to cover states in every region of the world, including North America and Western Europe, where forms of speech regulation other than technical Internet filtering at the state level is the norm [3]. Through an advanced series of methodologies, they have tested well over 100,000 web sites for accessibility over the past eight years and recorded the results in a consolidated database, from which they are able to draw broad conclusions about Internet censorship practices around the world and over time [3]. Moreover, OpenNet Initiative has discussed that Filtering implementation vary widely among the countries. China continues to introduce by far the most sophisticated filtering regime in the world, with internet content blocking occurring at multiple levels of the network and covering content that spans a wide range of topic areas [3]. Meanwhile, Singapore blocks access to only a handful of sites, each pornographic in nature [3]. Most of the states that they are studying implement filtering regimes that fall between the poles of China and Singapore, each with significant variation from one to the next [3]. These filtering regimes are appropriately understood only in the political, legal, religious and social context in which they arise [3]. In addition, The Tunisian Republic also implements an Internet filtering regime that aggressively targets and blocks extensive online material on political opposition, human rights, methods of by passing filtering, and pornography [2]. The OpenNet Initiative (ONI) tested
1923 sites from within the country, and found 187 (10%) blocked. The Tunisia’s filtering efforts are concentrated and operative. The government employs the SmartFilter software, created by the U.S. company Secure Computing, to target and avoid access to four types of material in particular: political opposition to the recent government, sites on human rights in Tunisia, tools that enable users to bypass these controls, and pages containing pornography or other sexually explicit content [2]. Tunisia has installed the Internet in a way that implements a multi-layered architecture of control. All the state’s Internet Service Providers purchase access from Tunisia’s Internet Agency, which implements filtering at the network backbone. This makes sure superior consistency of control. In addition, the main means of going online for Tunisians are the “Publinets” – Internet cafés that are necessary by the state to monitor users’ access to prevent them from obtaining prohibited resources [2]. Lastly, one of the Internet threat monitoring is in Japan. This paper studied algorithms for detecting which address spaces on Internet threat monitor listens to and present empirical evidences that they are successful in locating the sensor positions of monitors deployed on the Internet [12]. Moreover, in the paper, they showed that they are subject to detection attacks that can uncover the location of their sensors. They believe that they have found a new class of Internet threat, because it does not pose a danger to the host systems themselves, but rather a danger to a Meta system that is intended to keep the host systems safe [12]. IV.
RECOMMENDATION AND PLANNING
In the previous, the government agencies do not concentrate on the coordinate among them and with Islamic agencies to prevent and internet infrastructure from the negative content and internet threats for example from hacker, cracker, pornography, unexpected content, harassment and virus. In this paper, we offer that there is one of the good way that is coordination between government, public and Islamic agencies to reduce and prevent the youth from negative content especially for the Muslim society in Thailand. This figure shows the coordination between Ministry of Information and Communication Technology (MICT), National Broadcasting and Telecommunication Commission (NBTC) in Thailand and Central Islamic Council of Thailand (CICOT). MICT has all the blacklist database of the websites and it always update. Moreover, NBTC is one of the organization under the MICT that control the ISP in Thailand and formulate the telecommunication law. This agency become as one of the key supports for the system to participate in this model. Lastly, Islamic Council of Thailand must has the system to filtering and monitoring internet from negative content because this agency is one of the Islamic agency that can be protect the Muslim people from bad content. Actually, if there is any negative content, the people just report to CICOT via POST mail, SMS, fax
and email but, this Islamic agency cannot do any things because there have to system. In this propose system, we try to make a portal for the public to make a report to the CICOT and the CICOT are able directly report the problem to the MICT or NBTC to block the website. Furthermore, the person who reports can check the status of their reports every time and everywhere. These coordination model is able to provide the system to be more effective and faster system to reduce the negative contents through the internet. Finally, the system is able to provide quickly respond to the complaints made by the public in order to protect the public from negative content. V.
CHALLENGES
At the moment, the development of the technology is rapidly changed and every information are connected to a network or internet. This may produced past changes in the global economy. In addition, it has an influence to the community and security of the state unavoidably. IBM XForce mentioned, currently the Internet threat has been increased in a variety of formats [4]. Furthermore, ninety percent of the Internet's top 200,000 HTTPS-enabled websites are vulnerable to known types of SSL (Secure Sockets Layer) attack, according to a report released Thursday by the Trustworthy Internet Movement (TIM), a nonprofit organization dedicated to solving Internet security, privacy and reliability problems [7]. The coordination between the government agencies with the Islamic council is very significant in order to improve more effective in protecting the negative content and threat on the Internet. Coordination is able to give efficiency in finding and providing the right solutions and it will be increased an ability to discover new threats and be able to set up new resolutions. Moreover, it can provide new updates on internet threat to reform responses from all site of the world. However, the coordination among government agencies in not sufficient, so they need for the public to be conscious of these things and to help the government authority to provide report if there is any negative contents on the internet. On the other hand, it is not simple to make the public aware of those problems and aware for trying to help the authority agency to control the negative content on the internet especially in Thailand. These is because the majority of people are non-Muslim, some of them do not aware of those issues. Furthermore, there is rapidly increase the number of negative content especially pornography, it makes the government and Islamic agency needs to take serious actions and ask for all parties to collaborate and help them. The next challenge is when there have negative contents on social network that have servers outside the country (Thailand). Thailand government have difficulties to prevent those content when the situation happen outside the authority area. If there is any negative contents that show in foreign websites, Thailand authority just request the
respective company to take actions on websites. The last challenge is when there is any website or page are blocked by ISPs or MICT. It is still not enough as removing the negative content from the site. However, to remove the negative content from the website, we need to login to the server hosting and directly remove the content from the server where it hosted. It is not too easy to do that because we need to have the permission from the ISPs or the owner, we also need permission from the hosting company as well.
ISPs
International Internet Gateway
NBTC
CICOT
MICT
user user Internet
Public
Figure 3. Propose Coordination Internet Negative Content Filtering and Detecting System Model
VI.
CONCLUSION
We can be seen in today’s world, many countries have concentrate on the damage of the cyber threats and cybercrime. This we can be seen from the examples of other countries that have been affected by the internet threat. It is one of the important issue and many countries have announced that cyber threat is a national problem. The negative contents that spread through the Internet have become one of the biggest threats to many countries especially the countries with a majority of Muslim people. Thailand is of one of countries that have many negative content on the internet and it will affect to the youth generation. Many agency concentrate on the negative contents that spread over the internet because it is not suitable for their new generations. Moreover, it will influence on their behavior. Factually, the good method is to block the negative contents by educating the people to protect and avoid those websites and continuous filtering from the government and the public. Campaigns in one of the activities that can be invited people to be aware and care of those kind of problems, and can help to reduce the negative contents with coordinate with the government, Islamic agency or the authority organization. The model that we propose, it will be minimize the number of negative contents over the internet such as homosexuality, pornography and the groups which are attractive to the adherents of Islam.
REFERENCES [1]
[2]
[3] [4]
[5]
[6]
Security Threat Report 2014, Smarter, Shadier, Stealthier Malware. Retrieved from http://www.sophos.com/.../sophos-security-threatreport-2014 (Accessed July 10, 2014) Internet Filtering in Tunisia in 2005: A Country Study. (2005). Retrieved from OpenNet Initiative. Retrieved from: http://www.opennetinitiative.net/tunisia (Accessed June 15, 2014) John Palfrey (2010), Four Phases of Internet Regulation. Retrieved from http://www.law.harvard.edu (Accessed July 7, 2014) Faris, Faris, Robert & Villeneuve, Nart.(n.d). Measuring Global Internet Filtering. Retrieved from: http://mevlana.inet-tr.org.tr/Yasak/Deibert_02_Ch01_005-028 (Accessed July 13, 2014) Fajri A, Maulana., Sahidan A., Fauzan A. & Rahmat Abu Nong. (2010). Collaborative Internet Threat Detection on Internet Infrastructure in Malaysia. Proceedings of 2011 International Conference on Computer Communication and Management. Palfrey, John (2005). Local Nets: Filtering and the Internet Governance Problem. Retrieved from: http://cyber.law.harvard.edu/sites/cyber.law.harvard.edu/files/13LocalNetsFiltering.pdf (Accessed July 6, 2014
[7]
Lucian Constantin (2014), Most of the Internet’s top 200,000 https websites are insecure. Retrieved from http://www.computerworld.com/s/article/9226623/Most_of_the_Inter net_39_s_top_200_000_HTTPS_websites_are_insecure_group_says (Accessed July 7, 2014) [8] Churcharoenkrung, N., Kim, Y.S. & Kang, B.H. (n.d.). Dynamic Web Content Filtering based on User’s Knowledge. Retrieved from: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1428459 (Accessed July 10, 2014 [9] Rahmat Abu Nong. (2011). Peranan SKMM & Internet Pilihan Di Hujung Jari. Presented at Seminar Keselamatan ICT, Sandakan, Sabah. [10] Cormac O, Marco A, Estelle S & Hein Dries-Ziekenheiner (2009). Internet blocking balancing cybercrime responses in democratic societies. [11] ThaiCERT 2012, Internet and Information Technology. Retrieved from http://www.hiso.or.th/hiso/picture/reportHealth/ThaiHealth2013/thai2 013_7 (Accessed July 12, 2014) [12] Yoichi Shinoda, ko Ikai, Motomu Iton. (2002). Vulnerabilities of Passive Internet Threat Monitors.14th USENIX Security Symposium
