At the end of a long hallway in a gray and cavernous block at the University of Arizona in Tucson sits a closet-size windowless room secured by complex access codes and sealed with bulletproof glass. The room is chilled to a steady 60 degrees and filled with rack-mounted monitors, blinking red lights, a squat supercomputer, and three "spidering machines" that crawl through the Internet, quietly spooling data from the shadowy digital realm inhabited by terrorists, hackers, and cybercriminals. Welcome to the Dark Web.
These machines store Web data from roughly 1,500 terrorist and extremist organizations, including 500 groups with roots in the Middle East, explains University of Arizona computer scientist Hsinchun Chen, who designed this sleuthing tool. Accessible only to those who pass fingerprinting and extensive background checks, the "Dark Web project" constitutes the largest collection of online terrorist data on the planet and may be key to cracking future plots. It is, literally and metaphorically, a portal to the underworld.
Tall and affable, Chen is just one among thousands of scientists and government agents working doggedly to infiltrate terrorist networks around the world and to disrupt their actions. The expansion of the Web and wireless technology, open-source coding, and free third-party online storage have been a boon to terrorist organizations. Far more than simply a communication tool, the Web now serves these groups as a platform for e-jihad: planning, recruitment, fund-raising, training, indoctrination, and propaganda. The number of jihadist Web sites has grown from a dozen in 1998 to 4,800 today. "They know how to use the Internet in an intelligent way," says a member of Chen's team who requested anonymity. "They're hiding in the shadows," adds Chen.
Chen's group has developed computer science techniques for assessing the threats associated with various Web sites and forums. One tool is a mathematical formula that measures the "infectiousness" of ideas on a Web forum. An infectious idea is one that spreads rapidly, like a highly contagious cold. The formula takes into account such parameters as the number of postings, the volume and duration of a conversational thread, and the number of members actively participating. It then generates a "thread score" that is tracked over time. Some ideas peter out, while others hit a tipping point. The system also uses keyword and textual analysis to quantify and track the level of violence and racial hatred expressed on a Web site or forum—a measure that can be used to determine which groups might be most threatening and to alert investigators to follow up.
The Dark Web project has also developed several techniques to decipher social interactions among online terrorists. One method, called link analysis, studies the connections between Web sites and online forums to create a two-dimensional map that reveals at a glance the relationships between terrorist clusters. On a monitor, Chen calls up a social-network diagram of domestic extremist groups. It somewhat resembles a map of airport hubs, with lines connecting points. Over here, he says, is the "neo-Confederate cluster," over there is the "Christian identity cluster," and beneath it the "white supremacy cluster." He calls up another map, showing terrorists. Small circles represent individuals, some of whom are grouped into rings of teams. Lines radiate from each ring, connecting to other circles with which they are affiliated. A group's importance can be inferred quickly from the number of lines connected to it. One ring is shaded nearly black with connections. "This was the 9/11 group," Chen says. "In the middle here, this is Bin Laden."
