Digital fingerprint to tackle dark side of the Web

Illicit Internet content to be given DNA-like fingerprints
Written by Wendy McAuliffe, Contributor on

Forensic software enabling a digital fingerprint to be attached to electronic images on the Web was launched on Thursday, providing companies with a new means of cracking down on employee abuse of the Internet.

One day after the government's launch of a National Hi-Tech Crime Unit, a new security system named Net Intelligence claims to be able to trap and attach a unique DNA-like fingerprint to illegal material on the Web. It promises to offer businesses protection against employee abuse of the Internet, including paedophilia, denial of service attacks and software piracy.

79 percent of companies admit to detecting employees accessing illicit material through their servers. 64 percent of employees confess to using the Internet for personal interest during working hours, while eight percent admit to spending more than five hours a day cyberslacking. A Web@Work survey published on Thursday additionally reveals nearly half of all office workers to be spending more than three hours a week surfing the Web while at work.

Most existing software filters work by blocking access to areas of the Internet found to contain illicit material. Net Intelligence takes the opposite approach, by offering employees free reign of the Web, while monitoring anyone accessing inappropriate "fingerprinted" material. "We want to treat adults as responsible users of the network, whilst protecting users and companies from a hostile work environment," said David O'Donoghue, regional sales manager for Actis Technology, developer of Net Intelligence.

Web sites categorised as illicit by Net Intelligence software have a unique electronic fingerprint attached to them. Each incriminating file is treated as a binary stream -- a well-known algorithm is run through it, and a unique number generated and attached to the image. 60,000 new images are added to the Net Intelligence database every day, which companies can download from the Actis Web site. This enables employers to run checks on staff machines, to see if any of their files match with a fingerprint on the database -- deleted files can also be checked. As well as tracking images, the database also alerts employers to users accessing anarchist or illegal Web sites.

The increasing availability of cybercrime tools makes it possible for "script-kiddies to cause all sorts of damage to companies and the public at large", said Bill Strain, chief technology officer for Actis. The recent Anna Kournikova virus that infected networks worldwide was created by a toolkit available on the Internet. The VBS Worm Generator 1.5b is written in Microsoft Visual Basic 5, and is quick to use as well as requiring no coding skills.

In the case of denial of service attacks, Internet packages such as Divine Intervention enable individuals to "unleash an attack on major Internet companies around the world, by simply entering an IP address into the downloadable script," explained Strain. Credit card generators are also widely available on the Web, making it possible to create brand new cheque-summed credit card numbers in an instant, attached to genuine US addresses. These fraudulent credit card details can be used to access pay-sites on the Web such as adult pornography, as well as for online gambling.

Net Intelligence evidence is forensically admissable in court, and it claims it has been used by law enforcement agencies around the country.

Take me to ZDNet's Net Crime Special

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards