Across the Web, the evil of child pornography spreads like a toxin, and the National Center for Missing & Exploited Children  is combating it by providing computer-forensics assistance to law enforcement and working with Internet service providers scooping up megabytes of child-porn data.

“The ISPs have to report child pornography,” says Steven Gelfound, IT director at NCMEC, which has 350 employees plus federal law enforcement on location working at its Alexandria, Va.-based office. “Sprint, AT&T, the big ISPs, Google, Facebook and Yahoo — they all have to report. And we’re the clearinghouse for all child pornography, and we store these images.”

The images collected by ISPs and others through monitoring are deposited via VPN access to the nonprofit organization’s network. Held on a storage-area network, the forensics analysts at the Center then get to work with these images, which may end up as criminal evidence, by storing them properly and creating a set of digital hash values for the material. The hash is a cryptographic representation of data that can be used to prove it hasn’t been changed.

“We turn this over to law enforcement,” says Gelfound, noting the center carries out this computer-forensics work for both local police nationwide and the FBI. Gelfound adds that he thinks the growth of high-bandwidth services over the last few years has opened up an avenue for child-porn distributors to disseminate videos at an alarming pace.

Digital hash values of images are also playing an increasingly important role in discovering child pornography online because they can be used to filter out a known image in a digital stream. The U.S. Department of Defense was instrumental in developing this technique under its project KIDS (Known Image Database System) effort that began a few years ago.

A disturbing trend is that an increasing number of children are ending up in the collection of thousands. “We used to have the same images over and over again,” says Gelfound. “Now we’re seeing more of children we’d never seen before.”
The image-analysis work can be emotionally hard on the center’s computer-forensics teams, which require special training and have counselors available if the psychological strain starts to overwhelm them.