Abstract
The Dark Web is an encrypted subset of the deep web, whose content cannot be indexed by search engines. Dark Web pages can be accessed from private networks such as TOR (The Onion Routing), I2P (Invisible Internet Project) and Freenet. TOR is widely used by the Dark Web users in a domain defined by a .onion extension. Dark Web users can communicate with each other without using their identification. However, the anonymity of these users encourages them to perform illegal activities. This requires an immediate identification of imminent criminal threats and mitigation via algorithms, techniques and tools used to protect everyone from attacks inside the Dark Web.
The aim is to make timely and pre-emptive detection of Dark Web threats before the Dark Web actor(s) can put their threats into action. The accuracy of the attacks on TOR network and the use of IoT and streaming technologies require agile algorithms to monitor the forums and to limit attacks. The methodology begins with a literature review, gap analysis and a research design using quantitative research methods such as comparative analysis of Dark Web forum datasets using data science techniques and an experimental research design involving machine learning and strategies for training and development of a model.
After the gap analysis of the previous research methods, it is possible to try to extend or modify these algorithms or the applied techniques to see if those gaps can be closed. The findings and conclusion to this hybrid experimental research methodology will lead to a proposal on mitigating risks via a model for real-time detection, evaluation and response.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
V. Adewopo, B. Gönen, S. Varlioglu, M. Özer, Plunge into the Underworld: A Survey on Emergence of Darknet. International conference on computational science and computational intelligence (CSCI), Las Vegas, NV, USA (2019)
O. Akyıldız, Information Analysis and Cyber Crimes in Deep Web & Dark Web 2018. 6th international symposium on digital forensic and security (ISDFS), 22–25 March 2018, Antalya, Turkey (2018)
H. Alnabulsi, R. Islam, Identification of Illegal Forum Activities Inside the Dark Net. International conference on machine learning and data engineering (iCMLDE), Sydney, Australia (2018)
R. Attarian, S. Hashemi, Investigating the Streaming Algorithms Usage in Website Fingerprinting Attack Against TOR Privacy Enhancing Technology. 16th international ISC (Iranian Society of Cryptology) conference on information security and cryptology (ISCISC), Mashhad, Iran (2019)
A. Baravalle, M.S. Lopez, S.W. Lee, Mining the Dark Web: Drugs and Fake Ids. IEEE 16th international conference on data mining workshops (ICDMW), Barcelona, Spain (2016)
L. Basyoni, N. Fetais, A. Erbad, A. Mohamed, M. Guizani, Traffic Analysis Attacks on TOR: A Survey. 2020 IEEE international conference on informatics, IoT, and enabling technologies (ICIoT), Doha, Qatar (2020)
S. Bhat, D. Lu, A. Kwon, S. Devadas, Var-CNN: a data-efficient website fingerprinting attack based on deep learning. Proc. Priv. Enhanc. Technol. 2019, 292–310 (2018)
A. Bifet, G. Holmes, R. Kirkby, B. Pfahringer, MOA: massive online analysis. J. Mach. Learn. Res. 11, 1601–1604 (2010)
A. Biryukov, I.P. Weinmann, Trawling for TOR Hidden Services: Detection, Measurement, Deanonymization. 2013 IEEE symposium on security and privacy, Berkeley, CA, USA (2013)
X. Cai, X.C. Zhang, B. Joshi, R. Johnson, Touching from a Distance: Website Fingerprinting Attacks and Defenses. CCS ’12: Proceedings of the 2012 ACM conference on computer and communications security, New York, NY, USA (2016)
CAIDA, A Real-time Lens into Dark Address Space of the Internet. A CAIDA Project Summary, 2022, January 28. https://www.caida.org/funding/cri-telescope/cri-telescope_proposal/cri-telescope_proposal.pdf
CERN, The birth of the Web, 2016. https://home.cern/science/computing/birth-web
K. Eustace, R. Islam, P. Tsang, G.H. Fellows, Human factors, self-awareness and intervention approaches in cyber security when using mobile devices and social networks, in Security and Privacy in Communication Networks: SecureComm 2017 International Workshops Proceedings, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, ed. by X. Lin, A. Ghorbani, K. Ren, S. Zhu, A. Zhang, vol. 239, (Springer, 2018), pp. 166–181. https://doi.org/10.1007/978-3-319-78816-6_13
S. Feghhi, D.J. Leith, A web traffic analysis attack using only timing information. IEEE Trans. Inf. Forensics Secur., 1747–1759 (2016)
N. Ferry, T. Hackenheimer, F. Herrmann, A. Tourette, Methodology of Dark Web Monitoring. 11th international conference on electronics, computers and artificial intelligence (ECAI), Pitesti, Romania (2019)
L. Gao, J. Rexford, Stable Internet routing without global coordination. IEEE/ACM Trans. Netw. 9(6), 681–692 (2001)
K. Godawatte, M. Raza, M. Murtaz, A. Saeed, Dark Web Along with The Dark Web Marketing and Surveillance 2019. 20th international conference on parallel and distributed computing, applications and technologies (PDCAT), Gold Coast, QLD, Australia (2019)
J.T. Harviainen, A. Haasio, L. Hämäläinen, Drug Traders on a Local Dark Web Marketplace. Proceedings of the 23rd international conference on academic mindtrek, Tampere, Finland (2020)
G. Hulten, L. Spencer, P. Domingos, Mining Time-Changing Data Streams. KDD ’01: Proceedings of the seventh ACM SIGKDD international conference on knowledge discovery and data mining, San Francisco, CA, USA (2001)
M. Kadoguchi, S. Hayashi, M. Hashimoto, A. Otsuka, Exploring the Dark Web for Cyber Threat Intelligence Using Machine Learning. 2019 IEEE international conference on intelligence and security informatics (ISI), Shenzhen, China (2019)
R. Koch, Hidden in the Shadow: The Dark Web – A Growing Risk for Military Operations? 11th international conference on cyber conflict (CyCon), Tallinn, Estonia (2019)
C. Manapragada, G.I. Webb, M. Salehi, Extremely Fast Decision Tree. KDD ’18: Proceedings of the 24th ACM SIGKDD international conference on knowledge discovery & data mining, London, UK (2018)
Maxmind GeoLite ASN database
R. Nithyanand, O. Starov, A. Zair, P. Gill, M. Schapira, Measuring and Mitigating AS-Level Adversaries Against. TOR NDSS 2016, San Diego, CA, USA (2015)
D. O’Cearbhaill, Trawling TOR Hidden Service – Mapping the DHT (2013). https://donncha.is/2013/05/trawling-TOR-hidden-services/
G. Pantelis, P. Petrou, S. Karagiorgou, D. Alexandrou, On Strengthening SMEs and MEs Threat Intelligence and Awareness by Identifying Data Breaches, Stolen Credentials and Illegal Activities on the Dark Web. ARES 2021: The 16th international conference on availability, reliability and security, Vienna, Austria (2021)
B. Pfahringer, G. Holmes, R. Kirkby, New Options for Hoeffding Trees. Australasian joint conference on artificial intelligence, Goldcoast, QLD, Australia (2007)
S. Raaijmakers, Artificial intelligence for law enforcement: challenges and opportunities. IEEE Secur. Priv. 17(5), 74–77 (2019)
M. Schäfer, M. Fuchs, M. Strohmeier, M. Engel, M. Liechti, V. Lenders, BlackWidow: Monitoring the Dark Web for Cyber Security Information. 11th international conference on cyber conflict (CyCon), Tallinn, Estonia (2019)
P. Sirinam, M. Imani, M. Juarez, M. Wright, Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning. CCS ’18: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, New York, NY, USA (2018)
Y. Sun, A. Edmundson, N. Feamster, M. Chiang, P. Mittal, Counter-RAPTOR: Safeguarding TOR Against Active Routing Attacks. IEEE symposium on security and privacy, San Jose, CA, USA (2017)
Q. Tan, Y. Gao, J. Shi, X. Wang, B. Fang, A Closer Look at Eclipse Attacks Against TOR Hidden Services. 2017 IEEE international conference on communications (ICC), Paris, France (2017)
T. Wang, I. Goldberg, Improved Website Fingerprinting on TOR. WPES ’13: Proceedings of the 12th ACM workshop on workshop on privacy in the electronic society, Berlin, Germany (2013)
T. Wang, X. Cai, R. Nithyanand, R. Johnson, I. Goldberg, Effective Attacks and Provable Defenses for Website Fingerprinting. Proceedings of the 23rd USENIX security symposium, San Diego, CA, USA (2014)
M. Wang, X. Wang, J. Shi, Q. Tan, Y. Gao, M. Chen, X. Jiang, Who Are in the Darknet? Measurement and Analysis of Darknet Person Attributes. IEEE third international conference on data science in cyberspace (DSC), Guangzhou, China (2018)
K. Williams, Untangling the dark web: taking on the human sex trafficking industry. IEEE Women Eng. Mag. 7(2), 23–26 (2013)
M. Yang, X. Gu, Z. Ling, C. Yin, J. Luo, An active de-anonymizing attack against TOR web traffic. Tsinghua Sci. Technol. 22(6), 702–713 (2017)
Y. Yang, H. Yu, L. Yang, M. Yang, L. Chen, G. Zhu, L. Wen, Hadoop-Based Dark Web Threat Intelligence Analysis Framework. IEEE 3rd advanced information management, communicates, electronic and automation control conference (IMCEC), Chongqing, China (2019a)
Y. Yang, L. Yang, M. Yang, H. Yu, G. Zhu, Z. Chen, L. Chen, Dark Web Forum Correlation Analysis Research. 8th joint international information technology and artificial intelligence conference (ITAIC), Chongqing, China (2019b)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Türen, S.H., Islam, R., Eustace, K. (2023). Analysing the Threat Landscape Inside the Dark Web. In: Daimi, K., Alsadoon, A., Peoples, C., El Madhoun, N. (eds) Emerging Trends in Cybersecurity Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-09640-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-09640-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-09639-6
Online ISBN: 978-3-031-09640-2
eBook Packages: Computer ScienceComputer Science (R0)