SlideShare ist ein Scribd-Unternehmen logo

Illuminating the dark web

Als PPTX, PDF herunterladen
Jisc
Jisc

A presentation at the Jisc security conference 2019 by Simon Bryden, Fortinet.

Technologie
1 von 37
1 Illuminating the Dark Web Simon Bryden Consulting Systems Engineer, EMEA
2 Introduction to the dark web The Onion Router and Hidden Services Dark Web Takedowns Protecting yourself from the dark web Illuminating the Dark Web
3 “The iceberg” Surface Web Deep Web Dark Web
4 Protected by authentication layer or paywall Not linked from any other pages Not referenced by search engines Deep Web characteristics
5 Anonymous Special access software Associated with illegal activities Dark Web characteristics
6 Illegal content Illegal marketplaces Cybercrime services Cryptocurrency services What can be found on the Dark Web?
7
8
9
10 Journalism Legal markets Social Media Repressed minorities Legal dark web services
11 The Onion Router
12 • Based on technology developed by the US Naval Research Laboratory in 1990s • Designed to protect US intelligence communications online • Tor project launched in 2002, first public release in 2004 • The Tor Project Inc. launched in 2006 as a non-profit organisation What is Tor?
13 Tor can provide two levels of anonymity: Anonymous access to surface web services • The Tor network provides an anonymous access through the Tor network. • The Tor network “exit node” connects to the surface web server Anonymous access to hidden services • The Tor network provides complete end-to-end anonymity • Hides the identity of both client and server How muchAnonymity does Tor Provide?
14
15
16 How Anonymous? “Alice is using the Tor service” Tor relay nodes are publicly known “Someone is connecting to Bob from the Tor network” “We can see this traffic”
17 How Anonymous? “Alice is using a VPN service” HTTPS VPN Provider “Someone is connecting to Bob from the Tor network”
18 Tor Browser
19 Volunteers. Often universities and other institutions Most people host Relay or Guard (Entry) nodes Nodes cannot become guards unless they are stable, and have at least 2Mbytes/s bandwidth Running an Exit node opens up the potential of receiving abuse complaints Exit nodes are often blocked by providers or website owners Who Owns the Tor Nodes?
20 Where are the relays? Germany UK Netherlands USA France
21 Tor Hidden Services
22 • Hidden services provide anonymity for the server • Servers are identified by an onion address such as 4nrvt5xpejyo27zf.onion • These are not resolved by DNS, rather by the Tor network itself • Most importantly: • There is no link between server name and server address Tor Hidden Services
23 Tor Hidden Service Operation RP
24 Browsing Hidden Sites
Dark Web Take-Down
26 • It’s more than just Tor! • Payment methods • Delivery of goods • All other system tools and applications must be anonymized • Ancillary communications (forgotten passwords, tech support) • Web services platforms (Wordpress, Joomla etc. are full of vulnerabilities) Perfect anonymity is Difficult
27 In 2013, the FBI managed to infiltrate “Freedom Hosting”, a hosting operation serving child pornography sites It inserted an exploit kit which targeted a vulnerability in Firefox 17 (used in Tor browser) This resulted in the download of a file which would report back the identity of the user Resulted in the arrests of the owner, and many of the consumers The Silk Road marketplace was reportedly identified through a non-anonymized captcha Freedom Hosting Silk Road
28 Child sex abuse marketplace More than 8 terabytes of data Used bitcoin – 7,300 recorded transactions from more than 1 million user addresses UK National Crime Agency used BitCoin transaction analysis to identify users Arrests of 337 users made in 38 countries 23 abused children identified and rescued Abusers found, not by using offensive hacking, but by simply tracing bitcoin transactions Welcome To Video
29 Dark Web Markets Silk Road Data leaked via CAPTCHA US DEA and FBI June 2013 Silk Road 2.0 Bitcoin Vulnerability FBI & Europol Nov 2014 AlphaBay Email address leakage July 2017 Dream Market Sustained DDoS Attacks? March 2019 Wall Street Market Careless use of VPN Europol May 2019 Deepdotweb.com Dark web links site Taken down because of links to illegal markets FBI, Europol, NCA May 2019 Hansa Addresses leaked in IRC logs Operation Bayonet (multinational law enforcement)
Detection and Protection
31 Case 1: Employees access dark web sites
32 Case 2: Employees hosting dark web sites
33 Case 3: Anonymous external reconnaisance
34 Several sites provide the list in convenient form: https://check.torproject.org/exit-addresses (exit nodes only) https://www.dan.me.uk/tornodes (exit only, or all relays) http://blutmagie.de (exit only, or all relays) Security vendors often have automatically-updated node lists built in to their solutions. Tor Detection by RelayAddresses
35 Good news: It is possible to detect the Tor protocol Not so good news: Tor provides explicit means to avoid being detected Fortinet has built-in application detection of Tor, I2P, FreeNet, and others, as well as popular proxy applications such as Psiphon and Ultrasurf. Tor does makes it possible to use private relay nodes and personalized transport protocols which can make detection close to impossible. However, in practice, there are many associated difficulties with these techniques. Detection by Protocol
36 • Dark web is more about the technology than the content • Much of the content is legal and legitimate • Tor is by far the most popular access technology • It is very difficult to make a site 100% anonymous • The dark web can present a risk to legitimate users and companies • Simple security measures can deter all but the most determined attackers Key Takeaways
Come and see us at stand 14

Empfohlen

Introduction To Dark Web
Introduction To Dark WebIntroduction To Dark Web
Introduction To Dark Web
Adityakumar Yadav
 
The Dark Web
The Dark WebThe Dark Web
The Dark Web
jamiecornista
 
Dark web presentation
Dark web presentationDark web presentation
Dark web presentation
To Mal
 
The Dark Web
The Dark WebThe Dark Web
The Dark Web
Suraj Jaundoo
 
Journey To The Dark Web
Journey To The Dark WebJourney To The Dark Web
Journey To The Dark Web
MiteshWani
 
The dark web
The dark webThe dark web
The dark web
hellboytonmoy
 
Deep web and Dark web
Deep web and Dark webDeep web and Dark web
Deep web and Dark web
Parvez Hossain
 
The dark web
The dark webThe dark web
The dark web
Bella M
 

Empfohlen

Introduction To Dark Web
Introduction To Dark WebIntroduction To Dark Web
Introduction To Dark Web
Adityakumar Yadav
 
The Dark Web
The Dark WebThe Dark Web
The Dark Web
jamiecornista
 
Dark web presentation
Dark web presentationDark web presentation
Dark web presentation
To Mal
 
The Dark Web
The Dark WebThe Dark Web
The Dark Web
Suraj Jaundoo
 
Journey To The Dark Web
Journey To The Dark WebJourney To The Dark Web
Journey To The Dark Web
MiteshWani
 
The dark web
The dark webThe dark web
The dark web
hellboytonmoy
 
Deep web and Dark web
Deep web and Dark webDeep web and Dark web
Deep web and Dark web
Parvez Hossain
 
The dark web
The dark webThe dark web
The dark web
Bella M
 
Deep and Dark Web
Deep and Dark WebDeep and Dark Web
Deep and Dark Web
Md. Nazmus Shakib Robin
 
Dark wed
Dark wedDark wed
Dark wed
AraVind Pillai
 
Deep Web
Deep WebDeep Web
Deep Web
St John
 
The Dark side of the Web
The Dark side of the WebThe Dark side of the Web
The Dark side of the Web
Paula Ripoll Cacho
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
Swecha | స్వేచ్ఛ
 
Deep web Seminar
Deep web Seminar Deep web Seminar
Deep web Seminar
Hareendran MG
 
Dark and Deep web
Dark and Deep webDark and Deep web
Dark and Deep web
Khaled Sany
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
Brian Pichman
 
Cybersecurity and the DarkNet
Cybersecurity and the DarkNetCybersecurity and the DarkNet
Cybersecurity and the DarkNet
James Bollen
 
Deep web
Deep webDeep web
Deep web
Abu Kaisar
 
Dark net
Dark netDark net
Dark net
Mudasser Afzal
 
Deep web and dark web
Deep web and dark webDeep web and dark web
Deep web and dark web
Vaishali Misra
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet Anonymity
Abhimanyu Singh
 
Deepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar anchaDeepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar ancha
vinod kumar
 
Dark Web
Dark WebDark Web
Dark Web
KunalDas889957
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark Web
Case IQ
 
Dark web by Pranesh Kulkarni
Dark web by Pranesh KulkarniDark web by Pranesh Kulkarni
Dark web by Pranesh Kulkarni
PraneshKulkarni22
 
Darknet
DarknetDarknet
Darknet
Shubham Dwivedi
 
Deep Web - what to do and what not to do
Deep Web - what to do and what not to do Deep Web - what to do and what not to do
Deep Web - what to do and what not to do
Cysinfo Cyber Security Community
 
Cyber security
Cyber securityCyber security
Cyber security
Pihu Goel
 
The Dark Web : Hidden Services
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
Anshu Singh
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
Ahmed Mater
 

Weitere ähnliche Inhalte

Was ist angesagt?

Deep Web
Deep WebDeep Web
Deep Web
St John
 
Cybersecurity and the DarkNet
Cybersecurity and the DarkNetCybersecurity and the DarkNet
Cybersecurity and the DarkNet
James Bollen
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark Web
Case IQ
 

Was ist angesagt? (20)

Deep and Dark Web
Deep and Dark WebDeep and Dark Web
Deep and Dark Web
 
Dark wed
Dark wedDark wed
Dark wed
 
Deep Web
Deep WebDeep Web
Deep Web
 
The Dark side of the Web
The Dark side of the WebThe Dark side of the Web
The Dark side of the Web
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
 
Deep web Seminar
Deep web Seminar Deep web Seminar
Deep web Seminar
 
Dark and Deep web
Dark and Deep webDark and Deep web
Dark and Deep web
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
 
Cybersecurity and the DarkNet
Cybersecurity and the DarkNetCybersecurity and the DarkNet
Cybersecurity and the DarkNet
 
Deep web
Deep webDeep web
Deep web
 
Dark net
Dark netDark net
Dark net
 
Deep web and dark web
Deep web and dark webDeep web and dark web
Deep web and dark web
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet Anonymity
 
Deepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar anchaDeepweb and darkweb vinodkumar ancha
Deepweb and darkweb vinodkumar ancha
 
Dark Web
Dark WebDark Web
Dark Web
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark Web
 
Dark web by Pranesh Kulkarni
Dark web by Pranesh KulkarniDark web by Pranesh Kulkarni
Dark web by Pranesh Kulkarni
 
Darknet
DarknetDarknet
Darknet
 
Deep Web - what to do and what not to do
Deep Web - what to do and what not to do Deep Web - what to do and what not to do
Deep Web - what to do and what not to do
 
Cyber security
Cyber securityCyber security
Cyber security
 

Ähnlich wie Illuminating the dark web

darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptxdarkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
Geetha982072
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication
Fabio Pietrosanti
 
Dark web sites - Exploring the Dark Web, Dark Web Sites, and the Elusive Link...
Dark web sites - Exploring the Dark Web, Dark Web Sites, and the Elusive Link...Dark web sites - Exploring the Dark Web, Dark Web Sites, and the Elusive Link...
Dark web sites - Exploring the Dark Web, Dark Web Sites, and the Elusive Link...
Auto Parts Wholesale Online
 

Ähnlich wie Illuminating the dark web (20)

The Dark Web : Hidden Services
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
 
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptxdarkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
 
Deep web
Deep webDeep web
Deep web
 
Dark Web.pptx
Dark Web.pptxDark Web.pptx
Dark Web.pptx
 
Анонимность Tor: миф и реальность
Анонимность Tor: миф и реальностьАнонимность Tor: миф и реальность
Анонимность Tor: миф и реальность
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
Dark web
Dark webDark web
Dark web
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
 
Presentation darknet
Presentation darknetPresentation darknet
Presentation darknet
 
Dw communication
Dw communicationDw communication
Dw communication
 
Ali shahbazi khojasteh - deep web
Ali shahbazi khojasteh - deep webAli shahbazi khojasteh - deep web
Ali shahbazi khojasteh - deep web
 
Darkle Slideshow _ by Slidesgo.pptx
Darkle Slideshow _ by Slidesgo.pptxDarkle Slideshow _ by Slidesgo.pptx
Darkle Slideshow _ by Slidesgo.pptx
 
Demystifying the Dark Web
Demystifying the Dark WebDemystifying the Dark Web
Demystifying the Dark Web
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
 
Dark web sites - Exploring the Dark Web, Dark Web Sites, and the Elusive Link...
Dark web sites - Exploring the Dark Web, Dark Web Sites, and the Elusive Link...Dark web sites - Exploring the Dark Web, Dark Web Sites, and the Elusive Link...
Dark web sites - Exploring the Dark Web, Dark Web Sites, and the Elusive Link...
 
.Onion
.Onion.Onion
.Onion
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
 

Mehr von Jisc

Mehr von Jisc (20)

Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 

Kürzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Kürzlich hochgeladen (20)

Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

Illuminating the dark web

  • 1. 1 Illuminating the Dark Web Simon Bryden Consulting Systems Engineer, EMEA
  • 2. 2 Introduction to the dark web The Onion Router and Hidden Services Dark Web Takedowns Protecting yourself from the dark web Illuminating the Dark Web
  • 4. 4 Protected by authentication layer or paywall Not linked from any other pages Not referenced by search engines Deep Web characteristics
  • 5. 5 Anonymous Special access software Associated with illegal activities Dark Web characteristics
  • 6. 6 Illegal content Illegal marketplaces Cybercrime services Cryptocurrency services What can be found on the Dark Web?
  • 7. 7
  • 8. 8
  • 9. 9
  • 10. 10 Journalism Legal markets Social Media Repressed minorities Legal dark web services
  • 12. 12 • Based on technology developed by the US Naval Research Laboratory in 1990s • Designed to protect US intelligence communications online • Tor project launched in 2002, first public release in 2004 • The Tor Project Inc. launched in 2006 as a non-profit organisation What is Tor?
  • 13. 13 Tor can provide two levels of anonymity: Anonymous access to surface web services • The Tor network provides an anonymous access through the Tor network. • The Tor network “exit node” connects to the surface web server Anonymous access to hidden services • The Tor network provides complete end-to-end anonymity • Hides the identity of both client and server How muchAnonymity does Tor Provide?
  • 14. 14
  • 15. 15
  • 16. 16 How Anonymous? “Alice is using the Tor service” Tor relay nodes are publicly known “Someone is connecting to Bob from the Tor network” “We can see this traffic”
  • 17. 17 How Anonymous? “Alice is using a VPN service” HTTPS VPN Provider “Someone is connecting to Bob from the Tor network”
  • 19. 19 Volunteers. Often universities and other institutions Most people host Relay or Guard (Entry) nodes Nodes cannot become guards unless they are stable, and have at least 2Mbytes/s bandwidth Running an Exit node opens up the potential of receiving abuse complaints Exit nodes are often blocked by providers or website owners Who Owns the Tor Nodes?
  • 20. 20 Where are the relays? Germany UK Netherlands USA France
  • 22. 22 • Hidden services provide anonymity for the server • Servers are identified by an onion address such as 4nrvt5xpejyo27zf.onion • These are not resolved by DNS, rather by the Tor network itself • Most importantly: • There is no link between server name and server address Tor Hidden Services
  • 23. 23 Tor Hidden Service Operation RP
  • 26. 26 • It’s more than just Tor! • Payment methods • Delivery of goods • All other system tools and applications must be anonymized • Ancillary communications (forgotten passwords, tech support) • Web services platforms (Wordpress, Joomla etc. are full of vulnerabilities) Perfect anonymity is Difficult
  • 27. 27 In 2013, the FBI managed to infiltrate “Freedom Hosting”, a hosting operation serving child pornography sites It inserted an exploit kit which targeted a vulnerability in Firefox 17 (used in Tor browser) This resulted in the download of a file which would report back the identity of the user Resulted in the arrests of the owner, and many of the consumers The Silk Road marketplace was reportedly identified through a non-anonymized captcha Freedom Hosting Silk Road
  • 28. 28 Child sex abuse marketplace More than 8 terabytes of data Used bitcoin – 7,300 recorded transactions from more than 1 million user addresses UK National Crime Agency used BitCoin transaction analysis to identify users Arrests of 337 users made in 38 countries 23 abused children identified and rescued Abusers found, not by using offensive hacking, but by simply tracing bitcoin transactions Welcome To Video
  • 29. 29 Dark Web Markets Silk Road Data leaked via CAPTCHA US DEA and FBI June 2013 Silk Road 2.0 Bitcoin Vulnerability FBI & Europol Nov 2014 AlphaBay Email address leakage July 2017 Dream Market Sustained DDoS Attacks? March 2019 Wall Street Market Careless use of VPN Europol May 2019 Deepdotweb.com Dark web links site Taken down because of links to illegal markets FBI, Europol, NCA May 2019 Hansa Addresses leaked in IRC logs Operation Bayonet (multinational law enforcement)
  • 31. 31 Case 1: Employees access dark web sites
  • 32. 32 Case 2: Employees hosting dark web sites
  • 33. 33 Case 3: Anonymous external reconnaisance
  • 34. 34 Several sites provide the list in convenient form: https://check.torproject.org/exit-addresses (exit nodes only) https://www.dan.me.uk/tornodes (exit only, or all relays) http://blutmagie.de (exit only, or all relays) Security vendors often have automatically-updated node lists built in to their solutions. Tor Detection by RelayAddresses
  • 35. 35 Good news: It is possible to detect the Tor protocol Not so good news: Tor provides explicit means to avoid being detected Fortinet has built-in application detection of Tor, I2P, FreeNet, and others, as well as popular proxy applications such as Psiphon and Ultrasurf. Tor does makes it possible to use private relay nodes and personalized transport protocols which can make detection close to impossible. However, in practice, there are many associated difficulties with these techniques. Detection by Protocol
  • 36. 36 • Dark web is more about the technology than the content • Much of the content is legal and legitimate • Tor is by far the most popular access technology • It is very difficult to make a site 100% anonymous • The dark web can present a risk to legitimate users and companies • Simple security measures can deter all but the most determined attackers Key Takeaways
  • 37. Come and see us at stand 14