DOCSLIB.ORG

An Evolving Threat the Deep Web

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

8 An Evolving Threat The Deep Web Learning Objectives distribute 1. Explain the differences between the deep web and darknets.or 2. Understand how the darknets are accessed. 3. Discuss the hidden wiki and how it is useful to criminals. 4. Understand the anonymity offered by the deep web. 5. Discuss the legal issues associated withpost, use of the deep web and the darknets. The action aimed to stop the sale, distribution and promotion of illegal and harmful items, including weapons and drugs, which were being sold on online ‘dark’ marketplaces. Operation Onymous, coordinated by Europol’s Europeancopy, Cybercrime Centre (EC3), the FBI, the U.S. Immigration and Customs Enforcement (ICE), Homeland Security Investigations (HSI) and Eurojust, resulted in 17 arrests of vendors andnot administrators running these online marketplaces and more than 410 hidden services being taken down. In addition, bitcoins worth approximately USD 1 million, EUR 180,000 Do in cash, drugs, gold and silver were seized. —Europol, 20141 143 Copyright ©2018 by SAGE Publications, Inc. This work may not be reproduced or distributed in any form or by any means without express written permission of the publisher. 144 Cyberspace, Cybersecurity, and Cybercrime THINK ABOUT IT 8.1 Surface Web and Deep Web Google, Facebook, and any website you can What Would You Do? find via traditional search engines (Internet Explorer, Chrome, Firefox, etc.) are all located 1. The deep web offers users an anonym- on the surface web. It is likely that when you ity that the surface web cannot provide. use the Internet for research and/or social What would you do if you knew that purposes you are using the surface web. The your electronic footprints could not be surface web only accounts for about 4% of all traced? the Internet—the rest is found on the deep web, 2. Why would this be appealing to criminals? sometimes also referred to as the deep net. The deep web is not accessible through tradi- 3. What problems does anonymity create tional search engines. In order to access the for law enforcement and other criminal deep web, special considerations are needed, justice professionals? distribute including private URL addresses or, for some areas, darknets (specialized software). or The Surface Web Before discussing a seemingly unknownpost, aspect of the Internet, it is necessary to define what the majority of users consider to be the Internet: the surface web, or the public web. Like its name, the surface web contains any and all websites accessible via traditional search engines, such as Google. The surface web is accessible to anyone with Internet connection and is hosted by browsers such as Internet Explorer, Firefox, and Google Chrome. According to some sources, there are over 4 billion indexed web pages on the surface web; however, many search enginescopy, do not have the capacity to access all pages.2 On average, Google accesses 16% of the surface web, while other search engines are able to access even less.3 Criminals do operate on the surface web but are more vulnerable to being discovered than if they operate on the deep web. Examples of crime on the notsurface web include the stealing of personal information and data for financial gain. However, even more deceptive are surface websites that operate as legiti- mate businesses but are marketing counterfeit goods. As illustrated in Chart 8.1, millions of dollars in counterfeit goods are seized every year by the U.S. govern- Do ment. Much of this is sold online via websites that are constantly changing their Internet protocol (IP) addresses. Unknown to the buyer, the goods are coun- terfeit and are being sold illegally, taking advantage of the easy access online shopping provides. Copyright ©2018 by SAGE Publications, Inc. This work may not be reproduced or distributed in any form or by any means without express written permission of the publisher. Chapter 8 • An Evolving Threat: The Deep Web 145 CHART 8.1 ● Counterfeit Goods Seized by the United States: 2014 400 350 300 250 200 150 100 50 Total Value of Seized Goods 0 s s toys other footware CDs/DVDslabels/tags watches/jewelry handbags/wallets pharmaceuticals clothing/accessories computers/accessorie distribute consumer electronics/part Source: Based on data from Bain, M. (2015). Counterfeit watches and jewelryor are the new counterfeit handbags. Retrieved from http://qz.com/376249/counterfeit-watches-and-jewelry-are-the-new- counterfeit-handbags/. The Deep Web and Darknets FIGURE 8.1 ● Surface Web Versus the Although the surface web seems vast andpost, infinite, it is Deep Web only a small piece of the Internet compared to the deep web. The surface web is often compared to the tip of the iceberg (see Figure 8.1) of the Internet, as the deep web is 400 to 500 times bigger than the surface web.4 Moreover, there is an anonymity associated with parts of the deep web, specifically on the dark web. There is much confu- sion between the deepcopy, web and the dark web. These terms are often used interchangeably, but these two areas are not the same. The dark web is just a small portion of the deep web. Both are inaccessible from the surface web, and many general Internet users are unaware of their existence. Thenot deep web consists of all data behind firewalls. Surface websites use “crawlers” to browse the web in a systematic and automated manner. Deep websites cannot be found via these crawlers. Deep websites can include Dopasscode protected websites, websites that are not search- able, sites that are not linked to other programs (in which the URL must be typed in), medical databases, business Intranets, and darknets (dark web).5 © iStockphoto.com/traffic_analyzer Copyright ©2018 by SAGE Publications, Inc. This work may not be reproduced or distributed in any form or by any means without express written permission of the publisher. 146 Cyberspace, Cybersecurity, and Cybercrime FIGURE 8.2 ● Deep Versus Darknets (Dark Web) Deep Web Darknets distribute Darknets (also referred to as dark web) make up a small part of the massive deep web (see Figure 8.2), and this is where the majority of criminal activities on the deep web occur. There are two main forms of darknets:or peer-to-peer networks (used for file sharing) and large anonymous networks.6 We concentrate on the large anonymous networks in this chapter. Due to the anonymity provided, many criminals may feel more comfortable operating in the darknet market than on the surface web or even in the physical world. One reason for this is the lack of law enforcement presence on the deep web. It is extremely difficult to track the digital footprints of criminals on the deep web (see Chapter 9 and thepost, discussion of guardianship for more). Another reason for the high prevalence of criminal activity on the deep web is the ease of accessibility. Accessibility Accessing darknets is relatively easy, although it cannot be done via surface web searchcopy, engines (i.e., Google). There are multiple portals for the darknet, including Freenet, I2P, and The Onion Router. To access the darknet, one must first download one of these platforms. Freenet describes itself as “a peer-to- peer platform for censorship-resistant communication and publishing. Browse websites, post on forums, and publish files within Freenet with strong privacy notprotections.” 7 The Invisible Internet Project (I2P) advertises that “The I2P network provides strong privacy protections for communication over the Internet. Many activities that would risk your privacy on the public Internet can be conducted anony- Do mously inside I2P” and that it is “an anonymous overlay network—a network within a network. It is intended to protect communication from dragnet surveil- lance and monitoring by third parties such as ISPs.”8 Although both of these provide sufficient access to darknets, the most popular portal for access is The Onion Router. Copyright ©2018 by SAGE Publications, Inc. This work may not be reproduced or distributed in any form or by any means without express written permission of the publisher. Chapter 8 • An Evolving Threat: The Deep Web 147 The Onion Router The Onion Router (aka ToR) was originally developed by the U.S. Naval Research Laboratory as a method of anonymous communication. It can be down- loaded for free, and the website asserts: Tor is free software and an open network that helps you defend against traf- fic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.9 In regard to security, ToR protects you by bouncing your communications around a distributed net- work of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.10 distribute The number of ToR users around the world is increasing (see Chart 8.2), as many find benefit to the anonymity provided by the server. Once hidden within the lay- ers of ToR, individuals can browse the darknets while their privacyor is protected. Sites on the ToR network end in .onion, but if you were to type the web address into Google, the website would not be found. According to the ToR website, people use this platform for multiple noncriminal reasons, as outlined in Table 8.1. TABLE 8.1 ● Benefits of ToR Use post, Who Is Using ToR? Why? (Activity) People Without Malicious Surf the net in privacy, protect themselves and their Intent families Businesses Research competitions, keep strategies secret, internal copy,accountability Activists Report abuses and violations from dangerous locations; whistleblowing Media Protect sources, resources, and report from areas where not it is dangerous Military/Law Enforcement Protect communications, investigations, and intelligence DoSource: Based on information from torproject.org.
Recommended publications
  • The Internet and Drug Markets

    The Internet and Drug Markets

    INSIGHTS EN ISSN THE INTERNET AND DRUG MARKETS 2314-9264 The internet and drug markets 21 The internet and drug markets EMCDDA project group Jane Mounteney, Alessandra Bo and Alberto Oteo 21 Legal notice This publication of the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) is protected by copyright. The EMCDDA accepts no responsibility or liability for any consequences arising from the use of the data contained in this document. The contents of this publication do not necessarily reflect the official opinions of the EMCDDA’s partners, any EU Member State or any agency or institution of the European Union. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). More information on the European Union is available on the internet (http://europa.eu). Luxembourg: Publications Office of the European Union, 2016 ISBN: 978-92-9168-841-8 doi:10.2810/324608 © European Monitoring Centre for Drugs and Drug Addiction, 2016 Reproduction is authorised provided the source is acknowledged. This publication should be referenced as: European Monitoring Centre for Drugs and Drug Addiction (2016), The internet and drug markets, EMCDDA Insights 21, Publications Office of the European Union, Luxembourg. References to chapters in this publication should include, where relevant, references to the authors of each chapter, together with a reference to the wider publication. For example: Mounteney, J., Oteo, A. and Griffiths, P.
  • High-Profile Cyberattack Investigations: London's Met Police

    High-Profile Cyberattack Investigations: London's Met Police

    High-Profile Cyberattack Investigations: London’s Met Police Share Takeaways Raymond Black | Metropolitan Police About the Speaker • 1990 to 1996 - Uniformed officer working in various locations across South London • 1996 to 2000 - Detective working in various locations across South London • 2000 to 2006 - Territorial Support Group (Riot police) – (2002 to 2003 - Worked in private sector management in Durban South Africa for transport and construction company) • 2006 to 2014 - Operation Trident (proactive firearms and gangs unit) – (2012 to 2013 - Employed by European Union investigating government corruption in Guatemala) • 2014 to Present – Cyber crime investigator Specialist Cyber Crime Unit • Other deployments working in various roles in Jamaica, The Netherlands, Poland and the United States 2 #ISMGSummits ROCU Map 1. North East (NERSOU) 2. Yorkshire & Humber (ODYSSEY) 3. North West (TITAN) 4. Southern Wales (TARIAN) 5. West Midlands 6. East Midlands (EMSOU) 7. Eastern (ERSOU) 8. South West (ZEPHYR) 9. London 10. South East (SEROCU) NATIONAL COORDINATION 3 #ISMGSummits Remit of MPCCU To deal with the most serious offences of: • Cyber-crime facilitated by the use and control of malicious software (malware). • Cyber-crime facilitated by the use of online phishing techniques. • Computer and network intrusions (dependant upon motives and objectives). • Denial of service attacks and website defacement (dependant upon motives and objectives). • The online trade in financial, personal and other data obtained through cyber-crime. • The intentional and dishonest online provision of services, tools etc. to facilitate cyber-crime. 4 #ISMGSummits Threshold of MPCCU • Where life is put at risk • Targeting or impacting on public safety, emergency services or other public systems and services.
  • Download (589Kb)

    Download (589Kb)

    This is an Open Access document downloaded from ORCA, Cardiff University's institutional repository: http://orca.cf.ac.uk/95227/ This is the author’s version of a work that was submitted to / accepted for publication. Citation for final published version: Décary-Hétu, David and Giommoni, Luca 2017. Do police crackdowns disrupt drug cryptomarkets? a longitudinal analysis of the effects of Operation Onymous. Crime, Law and Social Change 67 (1) , pp. 55-75. 10.1007/s10611-016-9644-4 file Publishers page: http://dx.doi.org/10.1007/s10611-016-9644-4 <http://dx.doi.org/10.1007/s10611- 016-9644-4> Please note: Changes made as a result of publishing processes such as copy-editing, formatting and page numbers may not be reflected in this version. For the definitive version of this publication, please refer to the published source. You are advised to consult the publisher’s version if you wish to cite this paper. This version is being made available in accordance with publisher policies. See http://orca.cf.ac.uk/policies.html for usage policies. Copyright and moral rights for publications made available in ORCA are retained by the copyright holders. 1 Do Police Crackdowns Disrupt Drug Cryptomarkets? A Longitudinal Analysis Of The Effects Of Operation Onymous In recent years, there has been a proliferation of online illicit markets where participants can purchase and sell a wide range of goods and services such as drugs, hacking services, and stolen financial information. Second- generation markets, known as cryptomarkets, provide a pseudo-anonymous platform from which to operate and have attracted the attention of researchers, regulators, and law enforcement.
  • Virtual Currencies and Terrorist Financing : Assessing the Risks And

    Virtual Currencies and Terrorist Financing : Assessing the Risks And

    DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT FOR CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS COUNTER-TERRORISM Virtual currencies and terrorist financing: assessing the risks and evaluating responses STUDY Abstract This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the TERR Committee, explores the terrorist financing (TF) risks of virtual currencies (VCs), including cryptocurrencies such as Bitcoin. It describes the features of VCs that present TF risks, and reviews the open source literature on terrorist use of virtual currencies to understand the current state and likely future manifestation of the risk. It then reviews the regulatory and law enforcement response in the EU and beyond, assessing the effectiveness of measures taken to date. Finally, it provides recommendations for EU policymakers and other relevant stakeholders for ensuring the TF risks of VCs are adequately mitigated. PE 604.970 EN ABOUT THE PUBLICATION This research paper was requested by the European Parliament's Special Committee on Terrorism and was commissioned, overseen and published by the Policy Department for Citizens’ Rights and Constitutional Affairs. Policy Departments provide independent expertise, both in-house and externally, to support European Parliament committees and other parliamentary bodies in shaping legislation and exercising democratic scrutiny over EU external and internal policies. To contact the Policy Department for Citizens’ Rights and Constitutional Affairs or to subscribe to its newsletter please write to: [email protected] RESPONSIBLE RESEARCH ADMINISTRATOR Kristiina MILT Policy Department for Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] AUTHORS Tom KEATINGE, Director of the Centre for Financial Crime and Security Studies, Royal United Services Institute (coordinator) David CARLISLE, Centre for Financial Crime and Security Studies, Royal United Services Institute, etc.
  • Cybercrime: Internet Driven Illicit Activities and Behavior

    Cybercrime: Internet Driven Illicit Activities and Behavior

    Land Forces Academy Review Vol. XXV, No. 4(100), 2020 CYBERCRIME: INTERNET DRIVEN ILLICIT ACTIVITIES AND BEHAVIOR Maurice DAWSON Illinois Institute of Technology, Chicago, United States of America [email protected] ABSTRACT Cybercrime affects multiple areas of society with nefarious activities ranging from human trafficking to illegal arms sale. The Internet has allowed some nefarious activities to be revived as others have emerged in this new age. In turn, this has become a national security issue for countries as this requires resources to combat this evolving threat. These activities include undermining legitimate services that provide government services to its citizens, such as passport, national identification, tax services, and more. This paper introduces some of these activities, enabling readers to understand this digital criminal world further. KEYWORDS: cybercrime, human trafficking, dark web, online marketplace, cryptocurrency, disinformation 1. Introduction name a few (Deibert, 2009). Meanwhile, The Internet has allowed for many more countries have been known to use the technological advances that have brought Internet to target political dissidents such as forth positive outcomes. In retrospect, the Cuba, Ethiopia, Eritrea, Gambia, Morocco, Internet has also allowed for criminal North Korea, Russia, and more (Committee activities to flourish. And while both to Protect Journalists, 2020). Even with this positive and negative effects are expected, mentioned censorship and oversight, illicit the use of the Internet by a criminal activities remain on the rise through the organization, nation-states, terrorists, Internet. extremists, and others finds another means In recent years, police and other law to market their illegal activity. As the enforcement organizations have shut down introduction of the technological pages that advocate prostitution.
  • Dark and Deep Webs-Liberty Or Abuse

    Dark and Deep Webs-Liberty Or Abuse

    International Journal of Cyber Warfare and Terrorism Volume 9 • Issue 2 • April-June 2019 Dark and Deep Webs-Liberty or Abuse Lev Topor, Bar Ilan University, Ramat Gan, Israel https://orcid.org/0000-0002-1836-5150 ABSTRACT While the Dark Web is the safest internet platform, it is also the most dangerous platform at the same time. While users can stay secure and almost totally anonymously, they can also be exploited by other users, hackers, cyber-criminals, and even foreign governments. The purpose of this article is to explore and discuss the tremendous benefits of anonymous networks while comparing them to the hazards and risks that are also found on those platforms. In order to open this dark portal and contribute to the discussion of cyber and politics, a comparative analysis of the dark and deep web to the commonly familiar surface web (World Wide Web) is made, aiming to find and describe both the advantages and disadvantages of the platforms. KeyWoRD Cyber, DarkNet, Information, New Politics, Web, World Wide Web INTRoDUCTIoN In June 2018, the United States Department of Justice uncovered its nationwide undercover operation in which it targeted dark web vendors. This operation resulted in 35 arrests and seizure of weapons, drugs, illegal erotica material and much more. In total, the U.S. Department of Justice seized more than 23.6$ Million.1 In that same year, as in past years, the largest dark web platform, TOR (The Onion Router),2 was sponsored almost exclusively by the U.S. government and other Western allies.3 Thus, an important and even philosophical question is derived from this situation- Who is responsible for the illegal goods and cyber-crimes? Was it the criminal[s] that committed them or was it the facilitator and developer, the U.S.
  • HOW to RUN a ROGUE GOVERNMENT TWITTER ACCOUNT with an ANONYMOUS EMAIL ADDRESS and a BURNER PHONE Micah Lee February 20 2017, 9:53 A.M

    HOW to RUN a ROGUE GOVERNMENT TWITTER ACCOUNT with an ANONYMOUS EMAIL ADDRESS and a BURNER PHONE Micah Lee February 20 2017, 9:53 A.M

    HOW TO RUN A ROGUE GOVERNMENT TWITTER ACCOUNT WITH AN ANONYMOUS EMAIL ADDRESS AND A BURNER PHONE Micah Lee February 20 2017, 9:53 a.m. Illustration: Doug Chayka for The Intercept LEIA EM PORTUGUÊS ⟶ One of the first things Donald Trump did when he took office was tem- porarily gag several federal agencies, forbidding them from tweeting. In response, self-described government workers created a wave of rogue Twitter accounts that share real facts (not to be confused with “alterna- tive facts,” otherwise known as “lies”) about climate change and sci- ence. As a rule, the people running these accounts chose to remain anonymous, fearing retaliation — but, depending on how they created and use their accounts, they are not necessarily anonymous to Twitter itself, or to anyone Twitter shares data with. Anonymous speech is firmly protected by the First Amendment and the Supreme Court, and its history in the U.S. dates to the Federalist Papers, written in 1787 and 1788 under the pseudonym Publius by three of the founding fathers. But the technical ability for people to remain anonymous on today’s in- ternet, where every scrap of data is meticulously tracked, is an entirely different issue. The FBI, a domestic intelligence agency that claims the power to spy on anyone based on suspicions that don’t come close to probable cause, has a long, dark history of violating the rights of Ameri- cans. And now it reports directly to President Trump, who is a petty, re- venge-obsessed authoritarian with utter disrespect for the courts and the rule of law.
  • USA -V- Julian Assange Judgment

    USA -V- Julian Assange Judgment

    JUDICIARY OF ENGLAND AND WALES District Judge (Magistrates’ Court) Vanessa Baraitser In the Westminster Magistrates’ Court Between: THE GOVERNMENT OF THE UNITED STATES OF AMERICA Requesting State -v- JULIAN PAUL ASSANGE Requested Person INDEX Page A. Introduction 2 a. The Request 2 b. Procedural History (US) 3 c. Procedural History (UK) 4 B. The Conduct 5 a. Second Superseding Indictment 5 b. Alleged Conduct 9 c. The Evidence 15 C. Issues Raised 15 D. The US-UK Treaty 16 E. Initial Stages of the Extradition Hearing 25 a. Section 78(2) 25 b. Section 78(4) 26 I. Section 78(4)(a) 26 II. Section 78(4)(b) 26 i. Section 137(3)(a): The Conduct 27 ii. Section 137(3)(b): Dual Criminality 27 1 The first strand (count 2) 33 The second strand (counts 3-14,1,18) and Article 10 34 The third strand (counts 15-17, 1) and Article 10 43 The right to truth/ Necessity 50 iii. Section 137(3)(c): maximum sentence requirement 53 F. Bars to Extradition 53 a. Section 81 (Extraneous Considerations) 53 I. Section 81(a) 55 II. Section 81(b) 69 b. Section 82 (Passage of Time) 71 G. Human Rights 76 a. Article 6 84 b. Article 7 82 c. Article 10 88 H. Health – Section 91 92 a. Prison Conditions 93 I. Pre-Trial 93 II. Post-Trial 98 b. Psychiatric Evidence 101 I. The defence medical evidence 101 II. The US medical evidence 105 III. Findings on the medical evidence 108 c. The Turner Criteria 111 I.
  • MEMO. Nº. 52/2017 – SCOM

    MEMO. Nº. 52/2017 – SCOM

    00100.096648/2017-00 MEMO. nº. 52/2017 – SCOM Brasília, 21 de junho de 2017 A Sua Excelência a Senhora SENADORA REGINA SOUSA Assunto: Ideia Legislativa nº. 76.334 Senhora Presidente, Nos termos do parágrafo único do art. 6º da Resolução do Senado Federal nº. 19 de 2015, encaminho a Vossa Excelência a Ideia Legislativa nº. 76.334, sob o título de “Criminalização Da Apologia Ao Comunismo”, que alcançou, no período de 09/06/2017 a 20/06/2017, apoiamento superior a 20.000 manifestações individuais, conforme a ficha informativa em anexo. Respeitosamente, Dirceu Vieira Machado Filho Diretor da Secretaria de Comissões Senado Federal – Praça dos Três Poderes – CEP 70.165-900 – Brasília DF ARQUIVO ASSINADO DIGITALMENTE. CÓDIGO DE VERIFICAÇÃO: CE7C06D2001B6231. CONSULTE EM http://www.senado.gov.br/sigadweb/v.aspx. 00100.096648/2017-00 ANEXO AO MEMORANDO Nº. 52/2017 – SCOM - FICHA INFORMATIVA E RELAÇÃO DE APOIADORES - Senado Federal – Praça dos Três Poderes – CEP 70.165-900 – Brasília DF ARQUIVO ASSINADO DIGITALMENTE. CÓDIGO DE VERIFICAÇÃO: CE7C06D2001B6231. CONSULTE EM http://www.senado.gov.br/sigadweb/v.aspx. 00100.096648/2017-00 Ideia Legislativa nº. 76.334 TÍTULO Criminalização Da Apologia Ao Comunismo DESCRIÇÃO Assim como a Lei já prevê o "Crime de Divulgação do Nazismo", a apologia ao COMUNISMO e seus símbolos tem que ser proibidos no Brasil, como já acontece cada vez mais em diversos países, pois essa ideologia genocida causou males muito piores à Humanidade, massacrando mais de 100 milhões de inocentes! (sic) MAIS DETALHES O art. 20 da Lei 7.716/89 estabeleceu o "Crime de Divulgação do Nazismo": "§1º - Fabricar, comercializar, distribuir ou veicular, símbolos, emblemas, ornamentos, distintivos ou propaganda que utilizem a cruz suástica ou gamada, para fins de divulgação do nazismo.
  • Mass Surveillance

    Mass Surveillance

    Mass Surveillance Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Study IP/G/STOA/FWC-2013-1/LOT 9/C5/SC1 January 2015 PE 527.409 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance Part 1 – Risks, Opportunities and Mitigation Strategies” was carried out by TECNALIA Research and Investigation in Spain. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero Jason Mansell (Linguistic Review) José Javier Larrañeta Ibañez Stefan Schuster (Editor) The authors acknowledge and would like to thank the following experts for their contributions to this report: Prof. Nigel Smart, University of Bristol; Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant’Anna Pisa; Prof. Fred Piper, University of London; Caspar Bowden, independent privacy researcher; Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security; Prof. Kenny Paterson, University of London; Agustín Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC; Alessandro Zanasi, Zanasi & Partners; Fernando Acero, Expert on Open Source Software; Luigi Coppolino,Università degli Studi di Napoli; Marcello Antonucci, EZNESS srl; Rachel Oldroyd, Managing Editor of The Bureau of Investigative Journalism; Peter Kruse, Founder of CSIS Security Group A/S; Ryan Gallagher, investigative Reporter of The Intercept; Capitán Alberto Redondo, Guardia Civil; Prof. Bart Preneel, KU Leuven; Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.; Prof.
  • A Framework for Identifying Host-Based Artifacts in Dark Web Investigations

    A Framework for Identifying Host-Based Artifacts in Dark Web Investigations

    Dakota State University Beadle Scholar Masters Theses & Doctoral Dissertations Fall 11-2020 A Framework for Identifying Host-based Artifacts in Dark Web Investigations Arica Kulm Dakota State University Follow this and additional works at: https://scholar.dsu.edu/theses Part of the Databases and Information Systems Commons, Information Security Commons, and the Systems Architecture Commons Recommended Citation Kulm, Arica, "A Framework for Identifying Host-based Artifacts in Dark Web Investigations" (2020). Masters Theses & Doctoral Dissertations. 357. https://scholar.dsu.edu/theses/357 This Dissertation is brought to you for free and open access by Beadle Scholar. It has been accepted for inclusion in Masters Theses & Doctoral Dissertations by an authorized administrator of Beadle Scholar. For more information, please contact [email protected]. A FRAMEWORK FOR IDENTIFYING HOST-BASED ARTIFACTS IN DARK WEB INVESTIGATIONS A dissertation submitted to Dakota State University in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Cyber Defense November 2020 By Arica Kulm Dissertation Committee: Dr. Ashley Podhradsky Dr. Kevin Streff Dr. Omar El-Gayar Cynthia Hetherington Trevor Jones ii DISSERTATION APPROVAL FORM This dissertation is approved as a credible and independent investigation by a candidate for the Doctor of Philosophy in Cyber Defense degree and is acceptable for meeting the dissertation requirements for this degree. Acceptance of this dissertation does not imply that the conclusions reached by the candidate are necessarily the conclusions of the major department or university. Student Name: Arica Kulm Dissertation Title: A Framework for Identifying Host-based Artifacts in Dark Web Investigations Dissertation Chair: Date: 11/12/20 Committee member: Date: 11/12/2020 Committee member: Date: Committee member: Date: Committee member: Date: iii ACKNOWLEDGMENT First, I would like to thank Dr.
  • CTC Sentinel Welcomes Submissions

    CTC Sentinel Welcomes Submissions

    Combating Terrorism Center at West Point Objective • Relevant • Rigorous | April 2018 • Volume 11, Issue 4 FEATURE ARTICLE A VIEW FROM THE CT FOXHOLE Five Years After the NYPD vs. Revolution Muslim Boston Marathon Bombing The inside story of how the NYPD defeated the radicalization hub Jesse Morton and Mitchell Silber William Weinreb and Harold Shaw FEATURE ARTICLE Editor in Chief 1 NYPD vs. Revolution Muslim: The Inside Story of the Defeat of a Local Radicalization Hub Paul Cruickshank Jesse Morton and Mitchell Silber Managing Editor INTERVIEW Kristina Hummel 8 A View from the CT Foxhole: Five Years After the Boston Marathon Bombing EDITORIAL BOARD Nicholas Tallant Colonel Suzanne Nielsen, Ph.D. ANALYSIS Department Head Dept. of Social Sciences (West Point) 15 The Islamic State's Lingering Legacy among Young Men from the Mosul Area Scott Atran, Hoshang Waziri, Ángel Gómez, Hammad Sheikh, Lucía Lieutenant Colonel Bryan Price, Ph.D. López-Rodríguez, Charles Rogan, and Richard Davis Director, CTC 23 Challenging the ISK Brand in Afghanistan-Pakistan: Rivalries and Divided Loyalties Brian Dodwell Amira Jadoon, Nakissa Jahanbani, and Charmaine Willis Deputy Director, CTC 30 The British Hacker Who Became the Islamic State's Chief Terror Cyber- Coach: A Profile of Junaid Hussain CONTACT Nafees Hamid Combating Terrorism Center U.S. Military Academy Between 2006 and 2012, two men working on opposite sides of the strug- 607 Cullum Road, Lincoln Hall gle between global jihadis and the United States faced of in New York City. Jesse Morton was the founder of Revolution Muslim, a group that prosely- West Point, NY 10996 tized—online and on New York City streets—on behalf of al-Qa`ida.