Index

A AlphaBay, 40, 100, 107, 108, Acquiring content, 126–127 239, 240 Active vendor shops Alternative analysis, 142 CharlieUK, 104 Analysing content, 130 ChemSpin, 107 Anonymising software, 61 cocaine market, 106 Antiterrorism Dark Web, 104 measures, 192 DutchDrugz, 105 Antiterrorism investigations, 197 ElHerbolario, 105 Appaloosa Chat, 269 EU cocaine, 106 Application programming interfaces Gammagoblin, 105 (APIs), 131 JOB, 105 Artefacts, 123–126 RechardSport, 105 Artifcial intelligence (AI), 146, Acute privacy protection, 200 152, 260 Adequate level of protection, 231–232 and machine learning, 146 Aero Marketplace, 109 Ask.fm, 70 Agent provocateur, 175 Asrar al-Dardashah, 68 Agora, 108 As-Sahab, 52 Agora and Evolution marketplaces, 87 Assessing Alemarah, 68 surveillance technologies, 167, 168 Algorithm Audax Rio EC U20, 269 (in)scrutability, 154–155 Authorisation, 211 functionality and rationale, 154–155 Automated mass collection, 174 Algorithms, 151–153 Automated TENSOR tool, 227 unfairness, 156, 157 Automated tool, 167

© Springer Nature Switzerland AG 2021 273 B. Akhgar et al. (eds.), Dark Web Investigation, Security Informatics and Law Enforcement, https://doi.org/10.1007/978-3-030-55343-2 274 INDEX

agent provocateur, 175 Bilateral agreements, 232 antiterrorism operations, 169 Bilateral and multilateral agreements, appropriateness of selector, 165, 166 177, 197 automated search, 174 Bitcoin, 77, 79, 88, 93–95, 127, 129 chilling effects, 166–167 Bitdefender, 237 citizens, 161–163 Bitmessage, 61, 63 convention, 173 Black hat hackers, 38, 39 cross-border cooperation, 172 Black Market, 110 cross-border investigations, 177 Blockchain technology, 115 different and challenging Bundeskriminalamt (BKA), 243 question, 164 Businesses and IT industry, 32, 33 Directive on Combating Buyers, 40–42 Terrorism, 223–225 effectiveness, 163 genuinely pertinent C information, 164 Cannabis, 104 implementation and utilisation, Cannabis Growers and Merchants 173, 174 Cooperative (CGMC), 102 information exchange, 178 Captcha, 131 investigation, 172, 173 Charter of Fundamental Rights, legislation legal framework, 169 214–218, 223, 225 names of particular individuals, Charter of the United Nations, 196 selectors, 165 Chat rooms, 72, 73 names of specifc groups, 165 Child pornography, 180, 181, 249 particular keywords, selectors, Child sex abuse (CSA), 35 164, 165 Child sexual abuse material (CSAM) searches, 189, 198, 215 Matthew Falder case, 254–259 social media companies, 184 Operation Sweetie, 260–263 terrorism acts vs. an individual, 164 PlayPen, 249–254 undercover operation, 169, 175 Chilling effects, 166–167 Automation impact, 174, 175 Citizens, 166 automated tool, 161–163 right to be trusted, 158 B Citizen’s trust, 157 Basel Institute on Governance, 113 Cloud computing, 204 Bayonet, 112 Cloud Evidence Group, 210 Behavioural patterns/technical CoE Convention on Cybercrime faults, 34 Article 14(2), 203 Berlusconi Market, 102 Article 16, 203 Best evidence rule, 185 Article 17, 204 Bias Article 18, 204 decision-making process, 156 Article 19, 204, 205 risk of potential, 155, 156 Article 20, 205, 206 INDEX 275

Article 21, 206 digital evidence (see Digital Article 32(b), 212 evidence) defnes, 208 ECHR, 198–201 drafters, 208 Member States, 197 international treaty, 202 system of safeguards, 206–208 national laws, 201 24/7 network, 213, 214 parties, 202 Council of Europe Convention on provisions, 202 Cybercrime, 173 Combating Terrorism, 162 Counterterrorism, 162, 190–193, 195 Common-law jurisdictions, 185 national and international, 190 Communications Court of Justice of the European cybersecurity, 67 Union (CJEU), 215 email dead dropping, 67 Crawlers, 182, 184 encrypted (see Encrypted Crime communication) international law, 197 Internet Memes (JPEGs/ types, 119 GIFs), 66, 67 Criminal activities, 119 social media, 60 (see also Criminal actors Social media) black hat hackers, 38, 39 steganography, 66, 67 criminal services, 35 terrorist media, 67–68 criminal trade, 35 types, 59 CSA, 35 video games, 66 cybercriminals, 35–36 watermarking, 66, 67 cyberterrorists, 44, 45 worldwide network, 59 hacktivists, 37–38 Content insider threat, 42–44 abstract types, 124 state-sponsored attackers, 39, 40 acquiring, 126–127 trade and service providers and analysing, 130 buyers, 40–42 graph theory, 123 virus-hacking tool coders, 38, 39 SNA, 123 Criminal behaviour, 120 triplestores, 123 Criminal investigation, 112, 227 understanding, 127–129 Criminal law, 170 Content fltering, 176 Criminal law systems, 206 Convention on Cybercrime, 177, 178 Criminal offences Copyright issues defnition, 219 law enforcement, 182 Criminal procedural law, 170 media analysis, 184 Criminal services, 35 search engines, 182, 183 Criminal trade, 35 violation, 182–184 Criminalising Terrorist-Related Corporate assets, 32 Activity, 219, 220 Council of Europe (CoE) Cross-border collection, 170 cybercrime, 201, 202 Cross-border investigations, 177 276 INDEX

Cryptocurrencies, 78, 79, 90 onion link, 55 digital currencies, 92 online terrorist recruitment, 70 and fat currencies, 91, 93 and propaganda, 53–56 mining, 91 surface web, 4 Cryptographic algorithm, 269 technology, 29 Cyber defence, 39 Tor website, 28 Cyber syndicates, 39 users, 29 Cyberattack, 33, 39, 40, 53, 80 web browser computer program, 4 Cybercrime, 21, 22, 201, 202 Dark Web market, 85, 97 Cybercrime Convention Committee buyers and vendors, 86 (T-CY), 210, 211 characteristics and features, 86 Cybercrime legislation, 218 charges and combinations, 90 Cybercriminals, 35–36 credibility and reliability, 241 Cyber-espionage, 39, 40 dark markets, 87, 88 Cybersecurity environment, 85 voice communication, 67 fnish early markets, 89 Cyberterrorism, 80 goods and services, 87, 88 Cyberterrorists, 39, 44, 45 Hansa, 237–241 Cyberthreats, 32 internet and mobile technologies, 86 invite/referral, 89 D registrations and transaction Dark markets, 34, 39, 78, 79, 114 payments, 89 Dark Wallet, 77–79 types, 245 Dark Web, 4, 129 WSM (see Wall Street automated tool (see Market (WSM)) Automated tools) Dark Web policing, 112 and darknets (see Darknets) Darknet markets, 86, 99 and encrypted communication (see Darknets, 7, 8, 27–34, 45, 131 Encrypted communication) vs opennet mode, 18 classifcation, 28, 29 Dash/Darkcoin, 97 communication, 29 Data mining, 153, 156, 157 criminal actors (see Criminal actors) Data processing development, 27 criminal investigations, 227 double nature, 28 EU Institutions, Bodies, Offces and environment, 29 Agencies, 228, 229 funding; and buying, 77–79 GDPR, 229, 230 hiring criminals, 58, 59 minimum harmonisation, 229 infrastructure, 8 scope of Union law, 228 legal vs. illegal, 28 Data protection, 176 networks, 4 Data Protection Authorities, 230, 231 non-criminal actors (see Non-­ Data request, 20 criminal actors) Data transfers INDEX 277

international, 231 Digital goods and services, 109 Member States, 231 Digital hashing, 122 third countries, 231, 232 Digital identities, 32 Daughter, 255 Digital signatures, 122 Dead and scam markets and vendors Digital systems, 120 Aero Marketplace, 109 Digital wallets, 93 Agora, 108 Directive (EU) 2016/680 AlphaBay, 107 data protection; contents, 226, 227; evolution, 108 criminal investigations, 227; hansa market, 108 EU Institutions, Bodies, Offces outlaw market, 109 and Agencies, 228, 229; Dead dropping, 67 GDPR, 229, 230; independent Decentralised marketplaces, 114 supervisory authority, 230, Decision-making algorithms, 153 231; legislative competence, Decision-making process, 156 225, 226; minimum Decision-making rules, 152 harmonisation, 229; scope of Decriminalisation, 181 Union law, 227, 228 Deep Web, 5 data transfers; international, 231; acquisition, 131 Member States, 231; third databases, 7 countries, 231, 232 sources, 131 profling, 233 Defense Advanced Research Project Directive on Combating Agency (DARPA), 8 Terrorism, 162 Democratic government, 161 automated tools, 223–225 Department of Justice (DOJ), 253 Criminalising Terrorist-Related Derogatory remarks, 179 Activity, 219, 220 Digital currency, 91 Financial Action Task Force Digital evidence, 185 (FATF), 219 communication partners, 206 fundamental rights and court proceedings, 204 freedoms, 223 data-related search, 204 investigative measures and tools, and international 221, 222 cooperation, 208–211 jurisdictions, 222 Internet, 203 Lisbon Treaty, 218 IP-based investigations, 204 Paris attacks, 219 national authorities, 203 Permanent Representatives obligation, 205 Committee, 219 preservation, 204 United Nations Security Council procedural powers, 203 Resolution, 219 reasonable, 205 victims of terrorism, 220, 221, 224 and safeguards, 203 Distributed denial-of-service attacks traffc data, 205 (DDoS), 32 without MLA, 211, 213 Domestic law, 193, 197 278 INDEX

Dream Market, 100 Enterprise Ethereum Alliance Dual criminality, 171 (EEA), 115 Dudebuy, 244 Entities, 123–126 Due process rights, 193 ePrivacy Directive, 216 Dutch and Lithuanian legal assistance ePrivacy Regulation, 216 treaty, 239 Escrow markets, 88 Dutch authorities, 87 Ethereum (ETH), 94, 115 DutchDrugz, 105 Ethical and societal issues automation impacts, 174 copyright issues, 182–184 E crime investigations, 177, 178 E-commerce, 76 data protection, 176 Effective investigative tools, End User Agreement, 184–186 162, 224 illegal content, 178–180 Electronic data, 197 licensing, 184–186 Electronic Frontier Foundation responsible authorities, 174 (EFF), 9 Ethical issues, 151 Electronic health record (EHR) Ethnic/political minorities, 158, 159 systems, 33 EU counterterrorism strategy, 163 Electronic surveillance, 224 EU General Data Protection ElHerbolario, 105 Regulation, 176 Email service providers, 60 EU Institutions, Bodies, Offces and Empire Market, 100 Agencies, 228, 229 Encrypted communication EU Member States, 174, 177 anonymisation and concealed EuroGuns, 78 communication, 60 European and American law Bitmessage, 61, 63 enforcement, 112 email service providers, 60 European Convention on Human Kik, 64 Rights (ECHR), 198, 206, 214, Mail2Tor, 64 217, 218, 223 personal messaging with apps, 61 guarantees and legitimate Ricochet, 62 restrictions, 198–201 signal, 64 European Convention on Mutual Surespot, 64 Assistance in Criminal Telegram, 63 Matters, 177 Web chat apps on Tor, 61 European Court of Human Rights WhatsApp, 65 (ECtHR), 198–201, 206, 207 Wickr, 65 European Union (EU), 172 Zello, 65 Charter of Fundamental Rights, Encrypted platforms, 50 214, 215 Encryption, 260 ePrivacy Directive, 216 Encryption technology, 206 General Data Protection End User Agreement, 184 Regulation, 215 INDEX 279

minimum standards, privacy Operation VETO, 270, 271 protection, 217, 218 spot fxing, 270 privacy and data protection, 217 transnational market, 271 privacy and electronic Foreign law enforcement agency communication, 216 (FLA), 250 secret electronic surveillance, 215 Framework Decisions and TFEU, 216, 217 Directives, 172 European Union Agency for Law Freenet, 16 Enforcement Cooperation, 163 architecture and design, 17 European Union E-Commerce darknet mode, 19 Directive, 182 designers, 17 Europol, 112, 162, 270, 271 Freesites, 16 Europol’s European Cybercrime French Connection, 106 Centre (EC3), 237, 252 Funding, 50 Europol’s European Union Internet and buying in Dark Web, 77–79 Referral Unit (EU IRU), 52 charitable organisations, 76 Evidence cyberterrorism, 80 digital (see Digital evidence) direct solicitation, 76 electronic, 209, 210 and donating to terrorist in electronic form, 202 organisations, 79, 80 Evilmind, 255, 256, 259 e-commerce, 76 Extremism, 180 EU terrorist attacks, 76 online payment tools, 76 types of crime, 77 F Facebook, 69, 71 Fairness-aware data mining G development, 157 Gammagoblin, 105 False-positive, 165 General Assembly’s Resolution FBI Legal Attaché network, 252 70/291, 195 Financial Action Task Force General Data Protection Regulation (FATF), 219 (GDPR), 122, 215, 229, 230 Finish early markets, 89 German Constitutional Court, 174 Finish market, 111 German Copyright Act, 183 Football match fxing German e-books piracy Champions League, 271 investigation, 238 European Championship German Penal Code, 181 qualifers, 271 GlassWerkz, 106 global network, 271 Global legal framework investigation targets, 270 counterterrorism, 190 (see also investigation, FIFA World Cup, 270 Counterterrorism) OCGs, 271 due process rights, 193 Operation LEAs, 270 human rights (see Human rights) 280 INDEX

Global legal framework (cont.) Hiring criminals, 58, 59 suspicious information by LEAs, 193 Human decision-making, 155 terrorism, 190 Human rights UN resolutions, 193–197 international standards, 191 Google video, 54 limitations, 192–193 Google’s PageRank algorithm, 152 and rule of law, 190–191 Graph theory, 123 universal declaration, 190–191 Gumtree, 256 Hurt2theCore (H2TC), 254 Hushmail, 60 Hydra, 103 H Hacktivists, 37–38 Hand-written decision-making I rules, 155 ICCPR, 206 Hansa Illegal content administrators, 238 child pornography, 180 AlphaBay, 239, 240 criminalisation, 179, 182 Bitcoin addresses, 238 Internet, 178 blockchain analysis software LEA aspects, 181 Chainalysis, 239 xenophobic material, 178 buyers and sellers, 240 Illegal material, 28 Dutch National Police, 237 Image recognition, 127 German e-books piracy Independent supervisory authority, investigation, 238 230, 231 German police, 239 Indirect discrimination, 156 homing beacon, 240 InfoArmor, 32, 33 illegal activities, 241 Information collection, 182 illegal transactions, 241 Information exchange, 178 NHTCU, 237 Insider threat, 42–44 Operation Bayonet, 239 Instagram, 69 surveillance hub, 239 InstantSend, 97 takeover, 237 Intelligence-led law enforcement Tor network, 237 agency, 260 Tor-protected server, 238 Inter-American Convention on Mutual trade fgures, 240 Assistance in Criminal transactions history, 238 Matters, 177 vendors, 241 International anti-IS alliance, 57 Harmonised legal framework, 171 International community, 190 Harmonised legislation, 172 International Convention for the Hashtags, 122 Suppression of Nuclear Healthcare IT industry, 32 Terrorism, 194 INDEX 281

International Convention for the J Suppression of the Financing of Johannesburg Principles on National Terrorism, 194 Security and Freedom of International Convention for the Expression, 179 Suppression of the Terrorist Journalists, 30, 31 Bombings, 194 International cooperation, 208–211 International cooperation K mechanisms, 197 Kik, 64 International Covenant of Civil and Knock-and-talks, 241 Political Rights (ICCPR), 191 International data transfers, 231 International law, 212 L Internet, 70, 119, 144, 170, 203, 215 Ladyskywalker, 244 Internet and mobile technologies, 86 Law enforcement agencies (LEAs), Internet-based services, 216 33–35, 121, 127, 157, 158, 245 Internet Memes (JPEGs/ algorithms, 151–153 GIFs), 66, 67 automated tool, 141, 144, 189 Internet protocol, 4 chilling effects, 142 Internet-related content, 172 CoE Convention on Internet sex offenders, 175 Cybercrime, 203 Internet websites, 72, 73 (in)conclusiveness, 153, 154 Interpersonal communications, 216 (in)scrutability, 154–155 Inthegarden, 255–257, 259 deep and dark web, 20 Intrusion detection systems (IDS), 33 discretion, 201 Intrusion prevention systems (IPS), 33 general instrument, 204 Investigative necessity, 253 individual’s rights, 200 Invisible Internet Project (I2P) internet and dark web, 145 attributes, 15 investigating/prosecuting, 162, 223 client software, 15 lawful means, 162 infrastructure, 14 legal and regulatory framework, 148 netDB, 15 legal considerations, 147 routers, 15 legal frameworks, 148 tunnels, 16 legal safeguard, 200 IP-address, 203 machine learning, 151–153 IP-based investigations, 204 national, 210 IS leadership, 57, 58 operational contexts, 20 Isdarat website, 53 policy actions, 21 ISIS, 70, 77, 79 political, ethical and societal Islamic State (IS), 52 issues, 151 Italian Darknet Community preparatory activities, 140 (IDC), 111 provider’s infrastructure, 205 282 INDEX

Law enforcement agencies sports players, 268 (LEAs) (cont.) unorthodox methods, 267 quality of evidence, 153 Matthew Falder case risk of potential bias, 155, 156 accounts, 259 search, 204 anonymity, 254 software, 147 blackmail, 258 suspicious information, 193 conventional methods, 255 technologies, 146 covert investigative method, 254 tool, 140 double-encrypted USB, 258 Legal framework FBI investigations, 254 global (see Global legal framework) gaming strategies, 257 regional (see Regional legal GCHQ, 256 framework) H2TC, 254, 257, 259 Legislative competence, 225, 226 hardware encryption, 258 Less vulnerable systems, 114 hidden cameras records, 258 Links, 123–126 HT2C, 255 Lisbon Treaty, 218 joint investigation, 257 Litecoin (LTC), 95 LEAs, 257–259 NCA, 255, 256, 258 offenders, 256 M paedophile manual, 258 Machine learning, 28, 151–155 sexual imagery, 256 MaghrebHashish, 107 surface platforms, 256 Majestic Garden Market, 89 Med3l1n, 244 Malicious software, 22 Media campaign, 57 Market fxing, 267 Media professionals, 31 Marketplaces and vendors Message boards, 119 shops, 98 Messages, 122 Martin Frost, 244 Middleman, 269 Mass surveillance silences minority Minimum harmonisation, 229 opinions, 166n9 Minimum standards Match fxing privacy protection, 217, 218 football, 270–272 Mining, 91 guaranteed matches, 269 Monero (XMR), 96 international scale, 268 Monero-only darknet market, 110 investigations, 270 Monikers, 244 legitimacy, 268 Monitoring match fxers, 269 automated tool’s effectiveness, 163 natural behaviour, 268 Morse codes, 66 OCGs, 267, 268 Mujahideen Secrets, 67 offender entrepreneurs, 268 Multifunctional decentralised online currencies, 269 markets, 114 INDEX 283

Multisig markets, 88 Online currencies, 269 MuslimCrypt, 66 Online policing, 21 Mutual Legal Assistance (MLA), 197, Online terrorist recruitment 208–211, 213 activation, 76 chat rooms, 72, 73 covert recruitment and N training, 74, 75 National Centre for Missing and Dark Web, 70 Exploited Children funnel, 75 (NCMEC), 249 infection, 76 National Crime Agency (NCA), 255 Internet, 70, 72, 73 National criminal justice systems, 193 ISIS, 70 National frewalls, 31 net, 75 Natural language processing (NLP), social media, 71, 72 127, 128 Surface Web, 71 Negative effects video games, 73 societal trust and cohesion, 157 Onymous Operation, 113 Netherlands National High Tech Open source investigation Crime Unit (NHTCU), 237 (OSINT), 262 Network Investigative Technique Operation Bayonet, 239 (NIT), 251 Operation Darknet, 23 Nightmare Market, 100 Operation Pacifer, 252 Non-criminal actors Operation Paris, 23 activists, 31, 32 Operation Sweetie businesses and IT industry, AI, 261 32, 33 arrests, 263 criminal actors, 32 CSA, 263 journalists, 30, 31 dark web communications, 262 LEAs, 33–35 ethical guidelines, 261 legitimate users, 30 knowledge understandings, public-ordinary users, 30 crime, 263 NSA-scandal, 176 LEAs, 260, 262, 263 Nucleus Market, 87 motion capture/fctional pre-­ texts, 261 NGO, 260 O OSINT, 262 Offender entrepreneurs, 268 paranoid offenders, 261 Offine policing, 21 severity, 262 Onion link, 55 Sweetie_1000, 261 Onion routing technique, 8, 11 traditional methods, 263 Onion URL, 269 Operation Torpedo, 251 OnionIRC, 37 Operation VETO, 270 284 INDEX

Organised crime groups (OCGs) privacy advocates, 253 advertising/marketing prosecutions, 253 strategies, 269 seized copy, 251 Asian-based, 270 sentences, 253 association, 267 Tor platforms, 249 blackmails, 268 Tor’s anonymity capability, 251 euro proft, 271 unique IP address, 250 high-end bribes, 271 US Law enforcement agency, 253 income sources, 268 PlayStation 4, 66 platforms, 268 Policing authorities, 157, 158 players recruiting/ Policing operations, 34 manipulating, 268 Political issues, 151 sporting events, 270, 272 Popular cryptocurrencies, 93 transnational organisation, 271 Posts, 122 Organised Crime Threat Predictive analytics, 152 Assessment, 88 Primary evidence rule, 186 Over-the-top communications services Principle of freedom of speech, 179 (OTTs), 216 Privacy, 176 Privacy and data protection, 217 Privacy and electronic P communication, 216 Paedophile manual, 258 Privacy protection Pages, 122 minimum standards, Paris attacks, 219 217, 218 Permanent Representatives Profles, 122 Committee, 219 Profling in Directive (EU) PilotFish, 32, 33 2016/680, 233 Pinterest, 70 Proof of work (PoW), 92 Platinum45, 244 Propaganda PlayPen content, 69 child pornography dark web and Dark Web, 53–56 site, 249 international anti-IS alliance, 57 child sexual exploitation, 251 Internet, 51 co-defendants, 254 IS leadership, 57, 58 curator/administrator, 250 jihadist, 55, 56 EC3, 252 media campaign, 57 Europol’s role, 252 religious education, 56 FBI, 250, 251, 253 and recruitment, 69, 70 FLA, 250 and social media, 52, 53 forensic examination, 250 social policies, 56 malware, 251 spreading, 68 NCMEC, 249 terrorist sites/re-uploaded, 52 NIT, 251 violent activities, 55 INDEX 285

Proportionality Service providers, 40–42 principle, 207 ShadowCash cryptocurrency, 114 Proprietary algorithms, 154 Signal mobile client, 64 ProtonMail, 60 Silk Road, 40, 101 Public communication, 59 Smartphone applications, 53 Publicly available (open source) Snapchat, 132 data, 197 Social media, 50 Public-ordinary users, 30 online terrorist recruitment, 71, 72 platforms, 60, 63, 66, 71, 79, 119, 120, 126, 129, 131 Q profles, 124, 125 Qualifed rights, 192 and propaganda, 52, 53 Quality of evidence, 153 propaganda and recruitment, 70 Queries, 123 services for LEAs, 121 terrorists use, 60 Social network analysis (SNA), 123 R Social policies, 56 RealDeal, 110 Societal issues, 151 RechardSport, 105 Societal trust Recognising media, 128 and cohesion, 157 Red teaming exercise, 142, 143 Sociotechnical assemblage, 155 Regional legal framework Soft law, 194 CoE (see Council of Europe (CoE)) Software development, 132 EU (see European Union (EU)) Spot fxing, 270 Religious education, 56 State-sponsored attackers, 39, 40 Rhetorical structures, 58 Steganography, 66, 67 Ricochet, 62 Stigmatisation, 166 Rsclub Market, 111 Stolen antiquities, 77 Russian darknet market, 103 Surespot, 64 Russian-only darknet forum, 104 Surface web, 4, 5 and social media; Ask.fm, 70; Facebook, 69; Instagram, 69; S Pinterest, 70; Tumblr, 69; Salient traits, 166 Twitter, 69; YouTube, 69 Sanctions, 219 Google video, 54 Satellite receivers, 57 IS, 53 Scope of Union law, 228 online terrorist recruitment, 71 Search engines, 182 sympathisers, 73 Secret electronic surveillance, 215 terrorist organisations, 73 Security Council, 194, 196 terrorist website, 75 Security Council resolutions, 193, Surveillance, 162 195, 196 Surveillance hub, 239 Self-confdence, 166 Surveillance measure, 158 286 INDEX

Surveillance technologies, 167, 168 relatable, 120 Surveillance tools, 166 searchable, 120 Suspicious individual, 165 secure storage repository, 123 social media platforms, 120 surface web, 129 T system, 126 Targeting/systematic monitoring, 161 technologies, 121 Tashfeer al-Jawwal, 68 URLs, 129 Technology vision, 120 characteristics, 34 visualisations/analytical concepts, 39 outputs, 130 evolution, 43 Terrorism, 10, 23, 141, 156–158, PilotFish, 32 162–164, 167, 171, 174, 175, safe, 29 180, 190 Telegram, 53, 54, 59, 63, 140 defnition, 196 TENSOR, 184 United Nations treaty, 196 advantages, 122 Terrorism-related content, 128 analysable, 120 Terrorist, 162, 164, 165, 167 analytical capabilities, 129 prevention and suppression, 197 and terrorist content, 128 Terrorist attackers artefacts, 123–126 characteristics of, 156 communication channels, 121 Terrorist attacks, 49 content (see Content) Terrorist content collection, 170 customised data model, 121 Terrorist groups, 140 data model, 123–125 Terrorist media, 67–68 development, 131, 133 Terrorists activities digital hashing, 122 communications (see digital signatures, 122 Communications) domains, 121 Dark Web (see Dark Web) entities, 123–126 funding (see Funding) GDPR, 122 in Europe, 51 intelligence, 134 Internet, 51 intelligence dashboard, 121, 125 propaganda (see Propaganda) investigations, 122 rhetorical structures, 58 investigators, 120 social media (see Social media) investigators’ capabilities, 121 Terrorist websites, 58 and lessons, 130–133 Top-level domain (TLD), 9 links, 123–126 Tor, 27, 28, 54 online sources, 120 chat rooms, 62 open-source law enforcement Mail2Tor, 64 investigations, 121 properties, 28 power, 133 Web chat apps, 61 INDEX 287

Tor Browser Security Guidelines, 54 United Nations Counter-Terrorism Tor hidden services (THS), 22 Centre (UNCCT), 194 Tor Messenger, 61, 62 United Nations Counter-Terrorism Tor network, 237 Implementation Task Force (UN Tor project (Tor) CTITF), 194 anonymity and privacy, 9 United Nations Global Counter-­ architecture and routing, 10 Terrorism Strategy, 190, 191, browser, 14 194, 195 circuit, 12 United Nations Security Council directory authorities, 12 Resolution, 219 network-circuit setup, 13 UN Resolution 60/288, 190 nodes, 10 UN resolutions, 193–197 in Windows machines, 14 Universal Declaration of Human Tor-protected server, 238 Rights (UDHR), 191, 193, 197, Tor search engine, 9 198, 206, 214 Tor website, 28 URLs, 129 ToYouTeam, 106 US Postal Inspection Service, 244 Trade, 40–42 Traditional evidence, 185 Traffc data, 205 V Transborder access, 197 Valhalla, 111 Transparency, 154 Vendors’ trust, 86 Treaty of Functioning of the European Victims of terrorism, 220, 221 Union (TFEU) Video games, 66, 73 restrictions on freedom to provide VIP Rapist, 257 services, 216, 217 Virtual currencies, 77 Triplestores, 123 Virus-hacking tool coders, 38, 39 Tumblr, 69 Voice communication, 67 Twitter, 69, 71

W U Wall Street Market (WSM), 89, 99 UK Government Communications administrator Kalla, 243 Headquarters (GCHQ), 256 administrators, 242, 243 Uncontrolled surveillance, 200 AlphaBay, 242 Undercover Internet BKA, 244 investigations, 175 cryptocurrencies, 242, 244 Understanding content, 127–129 Dark Web-based markets, 241 Union’s secondary law, 216 Finnish narcotics traders, 242 United Nations Convention against interface languages, 242 Transnational Organised Crime investigations, 242 (UNTOC), 177 Med3l1n, 242 288 INDEX

Wall Street Market (WSM) (cont.) Webcam sex tourism, 260, 262, 263 monikers, 243 Websites/fle-sharing systems, 206 narcotics, 244 WhatsApp, 65, 132, 256 Scam, 243 Wickr, 65 server’s physical location, 243 WLAN, 206 Tibo Lousse, 243 Tor-network, 242 well-organised operation, 244 Y Watermarking, 66, 67 YouTube, 69, 71 WayAway, 103 Web chat apps on Tor, 61 Z Web layer differences, 8 Zello, 65