Library

Welcome to VOX-Pol’s Online Library, a research and teaching resource, which collects in one place a large volume of publications related to various aspects of violent online political extremism.

Our searchable database contains material in a variety of different formats including downloadable PDFs, videos, and audio files comprising e-books, book chapters, journal articles, research reports, policy documents and reports, and theses.

All open access material collected in the Library is easy to download. Where the publications are only accessible through subscription, the Library will take you to the publisher’s page from where you can access the material.

We will continue to add more material as it becomes available with the aim of making it the most comprehensive online Library in this field.

If you have any material you think belongs in the Library—whether your own or another authors—please contact us at onlinelibrary@voxpol.eu and we will consider adding it to the Library. It is also our aim to make the Library a truly inclusive multilingual facility and we thus welcome contributions in all languages.

Featured

Full Listing

TitleYearAuthorTypeLinks
Automatic Detection And Forecasting Of Violent Extremist Cyber-Recruitment
2014 Scanlon, J. MA Thesis
The growing use of the Internet as a major means of communication has led to the formation of cyber-communities, which have become increasingly appealing to violent extremists due to the unregulated nature of Internet communication. Online communities enable violent extremists to increase recruitment by allowing them to build personal relationships with a worldwide audience capable of accessing uncensored content. This research presents methods for identifying and forecasting the recruitment activities of violent groups within extremist social media websites. Specifically, these methods employ techniques within supervised learning and natural language processing for automatically: (1) identifying forum posts intended to recruit new violent extremist members, and (2) forecasting recruitment efforts by tracking changes in an online community's discussion over time. We used data from the western jihadist website Ansar AlJihad Network, which was compiled by the University of Arizona's Dark Web Project. Multiple judges manually annotated a sample of these data, marking 192 randomly sampled posts as recruiting (Yes) or non-recruiting (No). We observed significant agreement between the judges' labels; the confidence interval of Cohen's kappa was (0.5,0.9) at p=0.01. We used naive Bayes models, logistic regression, classification trees, boosting, and support vector machines (SVM) to classify the forum posts in a 10-fold cross-validation experimental setup. Evaluation with receiver operating characteristic (ROC) curves show that our SVM classifier achieves 89% area under the curve (AUC), a significant improvement over the 63% AUC performance achieved by our simplest naive Bayes model (Tukey's test at p=0.05). The forecasting task uses a time series regression analysis to model the daily count of extremist recruitment posts. Evaluation with mean absolute scaled error (MASE) shows that employing latent topics as predictors can reduce forecast error compared to a naive (random-walk) model and the baseline time series model. To our knowledge, these are the first results reported on these tasks, and our analysis indicates that automatic detection and forecasting of online terrorist recruitment are feasible tasks. This research could ultimately help identify the impact of violent organizations, like terrorist groups, within the social network of an online community. There are also a number of important areas of future work including classifying non-English posts and measuring how recruitment posts and current events change membership numbers over time.
Detection And Monitoring Of Improvised Explosive Device Education Networks Through The World Wide Web
2009 Stinson, R.T. MA Thesis
As the information age comes to fruition, terrorist networks have moved mainstream by promoting their causes via the World Wide Web. In addition to their standard rhetoric, these organizations provide anyone with an Internet connection the ability to access dangerous information involving the creation and implementation of Improvised Explosive Devices (IEDs). Unfortunately for governments combating terrorism, IED education networks can be very difficult to find and even harder to monitor. Regular commercial search engines are not up to this task, as they have been optimized to catalog infor mation quickly and e fficiently for user ease of access while promoting retail commerce at the same time. This thesis presents a performance analysis of a new search engine algorithm designed to help find IED education networks using the Nutch open-source search engine architecture. It reveals which web pages are more important via references from other web pages regardless of domain. In addition, this thesis discusses the potential evaluation and monitoring techniques to be used in conjunction with the proposed algorithm.
Information Age Terrorism: Toward Cyberterror
1995 Littleton, M.J. MA Thesis
The growing ubiquity of computers and their associated networks are propelling the world into the information age. Computers may revolutionize terrorism in the same manner that they have revolutionized everyday life. Terrorism in the information age will consist of conventional terrorism, in which classic weapons (explosives, guns, etc.) will be used to destroy property and kill victims in the physical world; techno terrorism, in which classic weapons will be used to destroy infrastructure targets and cause a disruption in cyberspace; and cyberterrorism, where new weapons (malicious software, electromagnetic and microwave weapons) will operate to destroy data in cyberspace to cause a disruption in the physical world. The advent of cyberterrorism may force a shift in the definition of terrorism to include both disruption and violence in cyberspace in the same manner as physical destruction and violence. Through the use of new technology, terrorist groups may have fewer members, yet still, have a global reach. The increasing power of computers may lower the threshold of state sponsorship to a point where poor states can become sponsors and rich states are no longer necessary for terrorist groups to carry out complex attacks. This thesis explores the shift toward information warfare across the conflict spectrum and its implications for terrorism. By examining the similarities and differences with past conventional terrorism, policymakers will be able to place information age terrorism into a known framework and begin to address the problem.
Digital Discourse, Online Repression, And Cyberterrorism: Information Communication Technologies In Russia’s North Caucasus Republics
2019 Tewell, Z.S. MA Thesis
Is the cyber-utopian versus cyber-repression argument the most effective way to frame the political uses of new technologies? Contemporary discourse on social media fails to highlight political dynamics in authoritarian regimes with weak state control, where independent groups can capitalize on the use of coercive force. In this thesis, I will explore the various methods through which information communication technologies are utilized by civil groups, uncivil groups, and the state using Russia's North Caucasus republics as a case study. New technologies are exploited through a variety of means by an array of actors in the North Caucasus whose goals may not necessarily be democratic. Through this evidence I demonstrate that information communication technologies do not inherently aid democratization, nor do they necessarily aid the incumbent regime; rather, they are merely a conduit through which existing groups put forth their agendas regarding their ideals of the modern state.
An Analysis Of International Agreements Over Cybersecurity
2018 Ashbaugh, L. MA Thesis
Research into the international agreements that increase cooperation over cybersecurity challenges is severely lacking. This is a necessary next step for bridging diplomatic challenges over cybersecurity. This work aspires to be push the bounds of research into these agreements and offer a tool that future researchers can rely on. For this research I created, and made publicly available, the International Cybersecurity Cooperation Dataset (ICCD), which contains over 350 international cybersecurity agreements and pertinent metadata. Each agreement is marked per which subtopics within cybersecurity related agreements it covers. These typologies are:
• Discussion and Dialogue
• Research
• Confidence Building Measures
• Incident Response
• Crime
• Capacity Building
• Activity Limiting
• Defense
• Terrorism
Drawing on ICCD and R for summary statistics and significance tests, as well as some quantitative insights, this research explores the relationship between different agreements, organizations, and other possibly related factors. The most significant takeaways from this research are:
1. Governments view cybersecurity in terms of relative advantages and are hesitant to engage competitors with agreements over topics like incident response and capacity building.
2. Authoritarian governments are involved with agreements over controlling or projecting state power and government authority while democratic governments focus on resilience and defense.
3. There are two groupings of authoritarian governments, those with high technical capabilities and those without. Technically capable governments focus on agreements over terrorism, and they also often end up participating in activity limiting agreements. Those without are preoccupied with agreements over criminal activity.
4. Discussion and dialogue agreements tend to accompany agreements over additional topics about one fifth of the time. While policy-makers shouldn’t create a hard rule out of this statistic, it does possibly strengthen an optimistic hypothesis that dialogue consistently leads to agreements.
Hopefully this research invigorates researchers’ interest in studying and understanding when cooperation over cybersecurity is successful or not. Policy-makers will need this knowledge if they are to achieve their goals in an environment that is rapidly increasing in state actors and
complexity
The Discourse Of Cyberterrorism: Exceptional Measures Call For The Framing Of Exceptional Times
2015 Auwema, N. M. MA Thesis
The configuration of the discourse of cyberterrorism in the Netherlands is a mix of public and private actors that have diverging views about whether cyberterrorism is a genuine security threat. How and why have several of these actors argued that it is a genuine security threat? What was their interest in doing so? Has cyberterrorism possibly been framed or hyped as a genuine security threat? This thesis examines the discourse of cyberterrorism in the Netherlands by examining the field, the position on cyberterrorism of the actors within this field, and finally, their levels of technological capital, legitimacy and authority. Considering the differences in these levels, this thesis contends that public and private actors have different interests in arguing that cyberterrorism is a threat. While public actors are concerned with the protection of Dutch cyberspace and the Dutch society, private actors, with the exception of Fox-IT, have multiple interests. This has led these private actors to frame or hype cyberterrorism as a genuine security threat, without the necessary background to base their statement on. Exceptional measures have led to the framing of exceptional times.
Cyber-Terrorism: Finding A Common Starting Point
2012 Jeffrey Thomas, B. MA Thesis
Attacks on computer systems for both criminal and political purposes are on the rise in both the United States and around the world. Foreign terrorist organizations are also developing information technology skills to advance their goals. Looking at the convergence of these two phenomena, many prominent security experts in both government and private industry have rung an alarm bell regarding the potential for acts of cyber-terrorism. However, there is no precise definition of cyber-terrorism under United States law or in practice among cyber-security academicians. The lack of a common starting point is one of the reasons existing law fails to directly address cyberterrorism. This paper furnishes a lexicon of cyber-related malicious activities and argues for a common working definition of cyber-terrorism. This definition can be both incorporated into current counter-terror legislation and used by government agencies to combat cyberterrorism. This paper arrives at that definition by analyzing the various definitions proposed by security experts and those in use by governmental organizations. This paper builds on these definitions to arrive at a new definition that is at once broad enough to cover the potentially unique effects of a weapon of cyber-terrorism, while narrow enough to exclude computer network attacks that are relatively minor in nature. Second, analyzing several recent cyber attacks, this paper finds that, while we have not yet faced a “cyber 9/11,” computer network attacks for political purposes are on the rise and becoming increasing complex. Third, this paper analyzes current law related to both cyber-crimes and terrorism, finding that while these laws are applicable in many instances, they fall short in adequately focusing on the most important factor when addressing cyber-terrorism: prevention. This paper concludes by recommending that cyber-terrorism, as defined in this paper, be incorporated into some of our most frequently used laws to combat terrorism.
Identification And Ranking Of Critical Assets Within An Electrical Grid Under Threat Of Cyber Attack
2011 Boyer, B. R. MA Thesis
This paper examines the ranking of critical assets within an electrical grid under threat of cyber attack. Critical to this analysis is the assumption of zero hour exploits namely, the threat of an immediate attack as soon as a vulnerability is discovered. Modeling shows that over time load fluctuations as well as other system variations will change the importance of each asset in the delivery of bulk power. As opposed to classic stability studies where risk can be shown to be greatest during high load periods, the zero hour exploit-cyber-risk assumes that vulnerabilities will be attacked as soon as they are discovered. The probability of attacks is made uniform over time to include any and all possible attacks. Examining the impact of an attack and how the grid reacts immediately following an attack will identify and determine the criticality of each asset. This work endeavors to fulfill the NERC Critical Infrastructure Protection Requirements CIP-001-1 through CIP-009-2, cyber security requirements for the reliable supply of bulk power to customers throughout North America.
The California Independent System Operator Security Vulnerabilities
2010 Brow, S. L. MA Thesis
Our country is still in the early stages of the 21st century where technology is advancing on a daily basis allowing the threat of terrorism, both domestic and foreign, to pose a serious risk to both its citizens and its assets if not addressed soon. There are numerous potentially vulnerable sites throughout the country that are still left under guarded and under-protected, specifically my emphasis for this project, the California Independent System Operator (ISO). This multilayered project utilizes public information from the Department of Homeland Security manual. The project also includes information from various national publications of defense principles and security countermeasures, as well as law enforcement protocols in place to deal with these types of security threats and potential breaches, scholarly articles, and industry trade journals.
The California ISO lacks physical and some virtual controls that make it more vulnerable to attacks. Specific recommendations have been made to ensure that the ISO is better protected and can still run an effective business.
Cyberterrorism Cyber Prevention Vs Cyber Recovery
1993 DiBiasi, J. R. MA Thesis
The technological age has forced the U.S. to engage a new set of national security challenges. Several potential adversaries have cyberspace capabilities comparable to those of the U.S., and are constantly conducting surveillance, gathering technical information, and mapping critical nodes that could be exploited in future conflicts. How can the U.S. government best defend against future cyber attacks? Recent policy documents set out a strategy for securing all of cyberspace, which experts argue is impossible to implement, but also unnecessary. This thesis seeks to move the discussion beyond this stalemate by undertaking an analysis of the vulnerability of cyberspace to terrorist attacks. The first analysis examines the Code Red Worm and the Slammer Worm. These two worms were selected because they were highly destructive and spread faster than normal worms, making them well suited for assessing the existing security of computers and networks. The next analysis examines a staged cyber attack on critical infrastructure, entitled Attack Aurora. In the staged Aurora attack, researchers from the Department of Energy’s Idaho lab hacked into a replica of a power plant’s control system. This attack is the most recent staged attack and facilitates an analysis of vulnerabilities of critical infrastructures to cyberterrorism.
Design And Control Of Resilient Interconnected Microgrids For Reliable Mass Transit Systems
2019 Egan, T. J. G. MA Thesis
Mass transit systems are relied on a daily basis to transport millions of passengers and bring billions of dollars' worth of economic goods to market. While some forms of mass transit rely on a fuel, electrified railway systems are dependent on the electric grid. The electric grid is becoming more vulnerable to disruptions, due to extreme weather, changing supply and demand patterns, and cyber-terrorism. An interruption to the energy supply of a railway infrastructure can have cascading effects on the economy and social livelihood. Resilient interconnected microgrids are proposed to maintain reliable operation of electri_ed railway infrastructures. An engineering design framework, and supporting methods and techniques, is proposed for an electrified railway infrastructure to be upgraded from its existing form, to one with resilient interconnected microgrids. The sizing of the interconnected microgrids is performed using an iterative sizing analysis, considering multiple resiliency key performance indicators to inform the designer of the trade-o_s in sizing options. Hierarchical control is proposed to monitor and control the interconnected microgrids. A multi-objective problem cast in the tertiary level of control is proposed to be solved using game theory. The proposed designs are modelled and simulated in Simulink. Four case studies of railway infrastructures in Canada and the United Kingdom are used to demonstrate the effectiveness of the proposed designs. While results for each case study vary, resilient interconnected microgrids for railway infrastructures demonstrates a reduced dependence on the electric grid. The examples here are all scalable and can perform within the framework of any available energy system. The results are both extremely impressive and promising towards a more resilient and stable energy future for our railway and other critical infrastructures.
New Zealand Government And Critical Infrastructure Ready Reaction To Cyber Terrorism
2008 Watt, A. C. MA Thesis
The purpose of this research is to obtain input from government agencies, elements of the critical infrastructure and cyber space, to determine what level of knowledge on cyber terrorism exists. Furthermore, are there ready reaction plans in place, and is staff-awareness training conducted on a regular basis? This probably won’t prevent or stop an attack of cyber terrorism, and like any other disaster in the IT world, if contingency planning exists, recovery can be quicker and greater mitigation of costs.

Interview questions were distributed to New Zealand government departments and elements that make up the critical infrastructure, to obtain an insight into the current situation. From this and other comparisons, inferences have been drawn to determine that if some of the groups were targeted would the fact that they could be deficient in knowledge on cyber terrorism, make the effect more intense and longer lasting. It has also provided the state of knowledge, the level of planning and the general readiness that currently exists.

In view of these findings recommendations have been made that will ensure there is consistency across all organisations, both government and nongovernment. All organisations, including the government, are reliant on the critical infrastructure and the internet for both operational and domestic survival. It is therefore pertinent that agencies give some consideration to these findings.
Knowledge And Perceptions Of Cyberterrorism
2007 Van Hoogensty, A. J. MA Thesis
While the threat of terrorists utilizing the Internet to execute a cyberterrorist attack is of prominent concern there exist great misconceptions and factual errors in the media as to the nature of this threat (Conway, 2002; Embar-Seddon, 2002; Weimann, 2005). This thesis examined media exposure, knowledge of cyberterrorism, fear of terrorism and perceived seriousness of cyberterrorist events in a sample of college students. Generally, participants had little knowledge of cyberterrorism. Women were found to be more fearful of terrorism and cyberterrorism than men. A positive relation was found between media consumption and fear of terrorism among women. Finally, fear of terrorism was positively related to perceived seriousness of cyberterrorist events.
The Effectiveness Of The Principle Of Distinction In The Context Of Cyber Warfare
2014 Van Breda, L. C. MA Thesis
International humanitarian law provides foundational norms which are to be observed by states in order to protect civilians from the harsh realities of war. These norms have been applied to traditional kinetic methods of warfare but as technology advances at a rapid pace so too do methods of warfare. As weaponry becomes more sophisticated it is necessary to revisit the foundational principles of international humanitarian law and apply them to situations that could only previously have been imagined. The principles of distinction is a core principle of this branch of law and it is not to be disregarded as a result of the fact that it predates modern methods of warfare but rather it is to be re-examined, its importance observed and applied to the warfare that we are faced with today. Protecting civilians has been of utmost importance in recent history and the development in the technology of weapons should not change that fact in the present or future.
Confronting Cyberterrorism With Cyber Deception
2003 Gregory Tan, K. L. MA Thesis
This thesis concerns the possibility of deceiving cyberterrorists using defensive deception methods. As cyberspace today is a battleground for myriad cyber attacks and intrusions, it may only be a matter of time before terrorists choose to advance their deadly cause in cyberspace. We explore some of the questions raised regarding the threat of cyberterrorism by examining different perspectives, motivations, actors, targets, and how they may be confronted. One way is to draw from the lessons of deception and apply them against cyberterrorist attacks. Cyber deception applies in cyberspace just as well as deception in military battles. From the different categories of attackers that could perpetrate cyberterrorism, we examine the ways in which they may be deceived. Many of the methods and tools that cyberterrorists would use are similar to those used by other less malicious hackers, so we can plan specific deceptions to use against them in advance.
The Threat Of Cyberterrorism: Contemporary Consequences And Prescriptions
2004 Thomas Stocking, G. A. MA Thesis
This study researches the varying threats that emanate from terrorists who carry their activity into the online arena. It examines several elements of this threat. First, it explores elements of virtual to virtual attacks. Second, it looks at threats against critical infrastructures that can be traced to online sources. Third, this thesis reports on ways that terrorists are using information technology such as the Internet for propaganda and communication purposes. Finally, it highlights the most crucial ways in which the United States government has responded to the problem. It concludes with a few recommendations for best practices for future engagement with varying aspects of cyberterrorism.
Cyberterrorists: Their Communicative Messages and the Effect on Targets
2003 Minei, E. MA Thesis
This qualitative study provides a semiotic perspective on cyberterrorism and its opportunity to cause maximal damage while using terrorist propaganda. The very definition of cyberterrorism refers to Internet use, technology, and computer-based networks against critical infrastructures. The application of Stamper’s Semiotic Ladder– morphological, empirical, syntactical, semantic, pragmatic and social world –to the various methods of propaganda utilized by cyberterrorists will uncover aspects on the transition from traditional to modern methods of attack, cyberterrorist communication, and the recruitment of new members to their cause. Additionally, this research focused on the role of the media in the equation of planning by propaganda to the fruition of an attack. Interviews were collected from ten participants during 30-60 minute segments. Based on the data, five themes emerged: (1) Acknowledgement of the Existence of Cyberterrorism, (2) Postmodern Propaganda and Publicity, (3) Detrimental Effects on Targets, (4) Media Implications, and (5) Communicative Messages. This provides readers with an organized order to the data and provides a way to progressively detail cyberterrorism, with a specific focus on the actual effects of their semiotic intents on targets, on the public, and on the world at large or what is being conveyed. Ultimately, the themes that emerged follow Stamper’s Semiotic Ladder, starting with surface level understanding of cyberterrorism and work up to the global impact of cyberterrorism on various aspects of culture, beliefs, and expectations.
Sony Pictures And The US Federal Government: A Case Study Analysis Of The Sony Pictures Entertainment Hack Crisis Using Normal Accidents Theory
2017 Ismail, M. MA Thesis
In this case study, I analyze the 2014 North Korean computer database hack of Sony Pictures Entertainment (SPE), a serious national security crisis of cyberterrorism. I utilize Normal Accidents theory as a lens, to help explain how the accident within one system (SPE) and later crisis lead to the interaction with a second system (U.S. Federal Government), the development of a new crisis, and the need for a crisis response from system two. The evolution of a single organization’s accident into a national security crisis does not occur without specific complex interactions that take place to connect the two systems together. To explain this interconnectedness between systems, I introduce two new constructs: 1) common denominator and 2) common goal, which expand Normal Accidents theory allowing it to account for the coupling between the two independent systems (SPE & United States Government) through non-linear interactions. Overall, this case study provides important insight for future crisis communication planning, response, and development regarding between-organization interaction during a crisis.
A Discourse In Conflict: Resolving The Definitional Uncertainty Of Cyber War
2017 Hughes, D. MA Thesis
Since emerging in academic literature in the 1990s, definitions of ‘cyber war’ and cyber warfare’ have been notably inconsistent. There has been no research that examines these inconsistencies and whether they can be resolved. Using the methodology of discourse analysis, this thesis addresses this research need. Analysis has identified that the study of cyber war and cyber warfare is inherently interdisciplinary. The most prominent academic disciplines contributing definitions are Strategic Studies, Security Studies, Information and Communications Technology, Law, and Military Studies. Despite the apparent definitional uncertainty, most researchers do not offer formal definitions of cyber war or cyber warfare. Moreover, there is little evidentiary basis in literature to distinguish between cyber war and cyber warfare. Proximate analysis of definitions of cyber war and cyber warfare suggests a high level of inconsistency between dozens of definitions. However, through deeper analysis of both the relationships between definitions and their underlying structure, this thesis demonstrates that (a) the relationships between definitions can be represented hierarchically, through a discourse hierarchy of definitions; and (b) all definitions share a common underlying structure, accessible through the application of a structural definition model. Crucially, analysis of definitions via these constructs allows a foundational definition of cyber war and cyber warfare to be identified. Concomitantly, use of the model identifies the areas of greatest interdefinitional inconsistency and the implications thereof and contributes to the construction of a taxonomy of definitions of cyber war and cyber warfare. Considered holistically, these research outputs allow for significant resolution of the inconsistency between definitions. Moreover, these outputs provide a basis for the emergence of dominant functional definitions that may aid in the development of policy, strategy, and doctrine.
Historical Events And Supply Chain Disruption: chemical, biological, radiological and cyber events
2003 Lensing, R. P. MA Thesis
In the wake of the attacks of September 11, 2001, terrorism emerged as a legitimate threat not just to society, but to corporations as well. This new threat has challenged old business rules and prompted companies to rethink their supply chain operations. However, the events of September 11th were not the first or the only disruptions that the business world had experienced. This thesis reviews past historical events that simulate the effects of a terrorist attack and extracts lessons that can be applied by today's corporations to prepare for future attacks or disruptions. The types of events studied include Biological, Chemical, Radiological and Cyber disruptions. Through the analysis and synthesis of each event's impact, the following generalized recommendations emerged: Prior warnings and events should be acknowledged, studied and utilized. Government intervention may strain operations under disruptive stress. Alternate sourcing should be considered to ease supply issues. Disruptions should be approached in a comprehensive and forthright manner. A security and safety culture should be fostered to prevent disruptions and control their spread. Systems should be prepared to quickly operate in isolation during a disruption. Finally, impact is frequently less severe then initially predicted. Through the events described and these recommendations, this thesis aims to provide lessons for firms to manage their supply chains through future disruptions.