DOCSLIB.ORG

The Language of Legal and Illegal Activity on the Darknet

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Language of Legal and Illegal Activity on the Darknet The Language of Legal and Illegal Activity on the Darknet Leshem Choshen∗ Dan Eldad∗ Daniel Hershcovich∗ Elior Sulem∗ Omri Abend School of Computer Science and Engineering The Hebrew University of Jerusalem {leshem.choshen,dan.eldad1,daniel.hershcovich, elior.sulem,omri.abend}@mail.huji.ac.il Abstract fact, the only work we are aware of that classi- fied Darknet texts into legal and illegal activity is The non-indexed parts of the Internet (the Avarikioti et al.(2018), but they too did not inves- Darknet) have become a haven for both le- tigate in what ways these two classes differ. gal and illegal anonymous activity. Given the magnitude of these networks, scalably moni- This paper addresses this gap, and studies the toring their activity necessarily relies on auto- distinguishing features between legal and illegal mated tools, and notably on NLP tools. How- texts in Onion sites, taking sites that advertise ever, little is known about what characteristics drugs as a test case. We compare our results texts communicated through the Darknet have, to a control condition of texts from eBay2 pages and how well off-the-shelf NLP tools do on that advertise products corresponding to drug key- this domain. This paper tackles this gap and words. performs an in-depth investigation of the char- acteristics of legal and illegal text in the Dark- We find a number of distinguishing features. net, comparing it to a clear net website with First, we confirm the results of Avarikioti et al. similar content as a control condition. Tak- (2018), that text from legal and illegal pages ing drug-related websites as a test case, we (henceforth, legal and illegal texts) can be distin- find that texts for selling legal and illegal drugs guished based on the identity of the content words have several linguistic characteristics that dis- (bag-of-words) in about 90% accuracy over a bal- tinguish them from one another, as well as anced sample. Second, we find that the distri- from the control condition, among them the distribution of POS tags, and the coverage of bution of POS tags in the documents is a strong their named entities in Wikipedia.1 cue for distinguishing between the classes (about 71% accuracy). This indicates that the two classes 1 Introduction are different in terms of their syntactic structure. Third, we find that legal and illegal texts are The term “Darknet” refers to the subset of Inter- roughly as distinguishable from one another as le- net sites and pages that are not indexed by search gal texts and eBay pages are (both in terms of their engines. The Darknet is often associated with the words and their POS tags). The latter point sug- “.onion” top-level domain, whose websites are re- gests that legal and illegal texts can be consid- ferred to as “Onion sites”, and are reachable via ered distinct domains, which explains why they arXiv:1905.05543v2 [cs.CL] 4 Jun 2019 the Tor network anonymously. can be automatically classified, but also implies Under the cloak of anonymity, the Darknet har- that applying NLP tools to Darknet texts is likely bors much illegal activity (Moore and Rid, 2016). to face the obstacles of domain adaptation. Indeed, Applying NLP tools to text from the Darknet is we show that named entities in illegal pages are thus important for effective law enforcement and covered less well by Wikipedia, i.e., Wikification intelligence. However, little is known about the works less well on them. This suggests that for characteristics of the language used in the Dark- high-performance text understanding, specialized net, and specifically on what distinguishes text on knowledge bases and tools may be needed for pro- websites that conduct legal and illegal activity. In cessing texts from the Darknet. By experiment- ∗ Equal contribution ing on a different domain in Tor (user-generated 1Our code can be found in https://github.com/ huji-nlp/cyber. Our data is available upon request. 2https://www.ebay.com content), we show that the legal/illegal distinction hidden services correspond to “suspicious” activ- generalizes across domains. ities. The analysis was conducted using the text After discussing previous works in Section2, classifier presented in Al Nabki et al.(2017) and we detail the datasets used in Section3. Differ- manual verification. ences in the vocabulary and named entities be- Recently, Avarikioti et al.(2018) presented an- tween the classes are analyzed in Section4, before other topic classification of text from Tor together the presentation of the classification experiments with a first classification into legal and illegal (Section5). Section6 presents additional experi- activities. The experiments were performed on ments, which explore cross-domain classification. a newly crawled corpus obtained by recursive We further analyze and discuss the findings in Sec- search. The legal/illegal classification was done tion7. using an SVM classifier in an active learning set- ting with bag-of-words features. Legality was as- 2 Related Work sessed in a conservative way where illegality is assigned if the purpose of the content is an obvi- The detection of illegal activities on the Web is ously illegal action, even if the content might be sometimes derived from a more general topic clas- technically legal. They found that a linear kernel sification. For example, Biryukov et al.(2014) worked best and reported an F1 score of 85% and classified the content of Tor hidden services into an accuracy of 89%. Using the dataset of Al Nabki 18 topical categories, only some of which corre- et al.(2019), and focusing on specific topical cate- late with illegal activity. Graczyk and Kinning- gories, we here confirm the importance of content ham(2015) combined unsupervised feature selec- words in the classification, and explore the linguis- tion and an SVM classifier for the classification of tic dimensions supporting classification into legal drug sales in an anonymous marketplace. While and illegal texts. these works classified Tor texts into classes, they did not directly address the legal/illegal distinc- 3 Datasets Used tion. Some works directly addressed a specific type Onion corpus. We experiment with data from of illegality and a particular communication con- Darknet websites containing legal and illegal ac- text. Morris and Hirst(2012) used an SVM classi- tivity, all from the DUTA-10K corpus (Al Nabki fier to identify sexual predators in chatting mes- et al., 2019). We selected the “drugs” sub-domain sage systems. The model includes both lexical as a test case, as it is a large domain in the corpus, features, including emoticons, and behavioral fea- that has a “legal” and “illegal” sub-categories, and tures that correspond to conversational patterns. where the distinction between them can be reliably Another example is the detection of pedophile made. These websites advertise and sell drugs, of- activity in peer-to-peer networks (Latapy et al., ten to international customers. While legal web- 2013), where a predefined list of keywords was sites often sell pharmaceuticals, illegal ones are used to detect child-pornography queries. Besides often related to substance abuse. These pages are lexical features, we here consider other general directed by sellers to their customers. linguistic properties, such as syntactic structure. eBay corpus. As an additional dataset of sim- Al Nabki et al.(2017) presented DUTA (Dark- ilar size and characteristics, but from a clear net net Usage Text Addresses), the first publicly source, and of legal nature, we compiled a corpus available Darknet dataset, together with a man- of eBay pages. eBay is one of the largest hosting ual classification into topical categories and sub- sites for retail sellers of various goods. Our cor- categories. For some of the categories, legal and pus contains 118 item descriptions, each consist- illegal activities are distinguished. However, the ing of more than one sentence. Item descriptions automatic classification presented in their work fo- vary in price, item sold and seller. The descrip- cuses on the distinction between different classes tions were selected by searching eBay for drug re- of illegal activity, without addressing the distinc- lated terms,3 and selecting search patterns to avoid tion between legal and illegal ones, which is the over-repetition. For example, where many sell subject of the present paper. Al Nabki et al.(2019) the same product, only one example was added to extended the dataset to form DUTA-10K, which we use here. Their results show that 20% of the 3Namely, marijuana, weed, grass and drug. All Onion eBay Illegal Onion Legal Onion all half 1 half 2 all half 1 half 2 all half 1 half 2 all half 1 half 2 all 0.23 0.25 0.60 0.61 0.61 0.33 0.39 0.41 0.35 0.41 0.42 All Onion half 1 0.23 0.43 0.60 0.62 0.62 0.37 0.33 0.50 0.40 0.36 0.52 half 2 0.25 0.43 0.61 0.62 0.62 0.39 0.50 0.35 0.39 0.51 0.35 all 0.60 0.60 0.61 0.23 0.25 0.59 0.60 0.60 0.66 0.67 0.67 eBay half 1 0.61 0.62 0.62 0.23 0.43 0.60 0.61 0.61 0.67 0.67 0.68 half 2 0.61 0.62 0.62 0.25 0.43 0.60 0.61 0.61 0.67 0.68 0.68 all 0.33 0.37 0.39 0.59 0.60 0.60 0.23 0.27 0.61 0.62 0.62 Illegal Onion half 1 0.39 0.33 0.50 0.60 0.61 0.61 0.23 0.45 0.62 0.63 0.62 half 2 0.41 0.50 0.35 0.60 0.61 0.61 0.27 0.45 0.62 0.63 0.63 all 0.35 0.40 0.39 0.66 0.67 0.67 0.61 0.62 0.62 0.26 0.26 Legal onion half 1 0.41 0.36 0.51 0.67 0.67 0.68 0.62 0.63 0.63 0.26 0.47 half 2 0.42 0.52 0.35 0.67 0.68 0.68 0.62 0.62 0.63 0.26 0.47 Table 1: Jensen-Shannon divergence between word distribution in all Onion drug sites, Legal and Illegal Onion drug sites, and eBay sites.
Load more

Recommended publications
  • High-Profile Cyberattack Investigations: London's Met Police
    High-Profile Cyberattack Investigations: London’s Met Police Share Takeaways Raymond Black | Metropolitan Police About the Speaker • 1990 to 1996 - Uniformed officer working in various locations across South London • 1996 to 2000 - Detective working in various locations across South London • 2000 to 2006 - Territorial Support Group (Riot police) – (2002 to 2003 - Worked in private sector management in Durban South Africa for transport and construction company) • 2006 to 2014 - Operation Trident (proactive firearms and gangs unit) – (2012 to 2013 - Employed by European Union investigating government corruption in Guatemala) • 2014 to Present – Cyber crime investigator Specialist Cyber Crime Unit • Other deployments working in various roles in Jamaica, The Netherlands, Poland and the United States 2 #ISMGSummits ROCU Map 1. North East (NERSOU) 2. Yorkshire & Humber (ODYSSEY) 3. North West (TITAN) 4. Southern Wales (TARIAN) 5. West Midlands 6. East Midlands (EMSOU) 7. Eastern (ERSOU) 8. South West (ZEPHYR) 9. London 10. South East (SEROCU) NATIONAL COORDINATION 3 #ISMGSummits Remit of MPCCU To deal with the most serious offences of: • Cyber-crime facilitated by the use and control of malicious software (malware). • Cyber-crime facilitated by the use of online phishing techniques. • Computer and network intrusions (dependant upon motives and objectives). • Denial of service attacks and website defacement (dependant upon motives and objectives). • The online trade in financial, personal and other data obtained through cyber-crime. • The intentional and dishonest online provision of services, tools etc. to facilitate cyber-crime. 4 #ISMGSummits Threshold of MPCCU • Where life is put at risk • Targeting or impacting on public safety, emergency services or other public systems and services.
    [Show full text]
  • How to Get the Daily Stormer Be Found on the Next Page
    # # Publishing online In print because since 2013, offline Stormer the (((internet))) & Tor since 2017. is censorship! The most censored publication in history Vol. 97 Daily Stormer ☦ Sunday Edition 23–30 Jun 2019 What is the Stormer? No matter which browser you choose, please continue to use Daily Stormer is the largest news publication focused on it to visit the sites you normally do. By blocking ads and track- racism and anti-Semitism in human history. We are signifi- ers your everyday browsing experience will be better and you cantly larger by readership than many of the top 50 newspa- will be denying income to the various corporate entities that pers of the United States. The Tampa Tribune, Columbus Dis- have participated in the censorship campaign against the Daily patch, Oklahoman, Virginian-Pilot, and Arkansas Democrat- Stormer. Gazette are all smaller than this publication by current read- Also, by using the Tor-based browsers, you’ll prevent any- ership. All of these have dozens to hundreds of employees one from the government to antifa from using your browsing and buildings of their own. All of their employees make more habits to persecute you. This will become increasingly rele- than anyone at the Daily Stormer. We manage to deliver im- vant in the years to come. pact greater than anyone in this niche on a budget so small you How to support the Daily Stormer wouldn’t believe. The Daily Stormer is 100% reader-supported. We do what Despite censorship on a historically unique scale, and The we do because we are attempting to preserve Western Civiliza- Daily Stormer becoming the most censored publication in his- tion.
    [Show full text]
  • An Evolving Threat the Deep Web
    8 An Evolving Threat The Deep Web Learning Objectives distribute 1. Explain the differences between the deep web and darknets.or 2. Understand how the darknets are accessed. 3. Discuss the hidden wiki and how it is useful to criminals. 4. Understand the anonymity offered by the deep web. 5. Discuss the legal issues associated withpost, use of the deep web and the darknets. The action aimed to stop the sale, distribution and promotion of illegal and harmful items, including weapons and drugs, which were being sold on online ‘dark’ marketplaces. Operation Onymous, coordinated by Europol’s Europeancopy, Cybercrime Centre (EC3), the FBI, the U.S. Immigration and Customs Enforcement (ICE), Homeland Security Investigations (HSI) and Eurojust, resulted in 17 arrests of vendors andnot administrators running these online marketplaces and more than 410 hidden services being taken down. In addition, bitcoins worth approximately USD 1 million, EUR 180,000 Do in cash, drugs, gold and silver were seized. —Europol, 20141 143 Copyright ©2018 by SAGE Publications, Inc. This work may not be reproduced or distributed in any form or by any means without express written permission of the publisher. 144 Cyberspace, Cybersecurity, and Cybercrime THINK ABOUT IT 8.1 Surface Web and Deep Web Google, Facebook, and any website you can What Would You Do? find via traditional search engines (Internet Explorer, Chrome, Firefox, etc.) are all located 1. The deep web offers users an anonym- on the surface web. It is likely that when you ity that the surface web cannot provide. use the Internet for research and/or social What would you do if you knew that purposes you are using the surface web.
    [Show full text]
  • Cyber Laws for Dark Web: an Analysis of the Range of Crimes and the Level of Effectiveness of Law Over It
    An Open Access Journal from The Law Brigade Publishers 1 CYBER LAWS FOR DARK WEB: AN ANALYSIS OF THE RANGE OF CRIMES AND THE LEVEL OF EFFECTIVENESS OF LAW OVER IT Written by Sanidhya Mahendra 5th Year B.A.LL.B.(Hons.) Student, Uttaranchal University, Dehradun, India ABSTRACT In the 21st century, when we say “The future is now”, we mean that everything is possible, everything is accessible, everything is on our fingertips. This is because our entire world today is connected and controlled by the internet. This world wide connectivity offers us everything to use, like from shopping to travelling, from eating to feeding, and even for connecting to the people virtually, however the internet is not just limited to the millions of websites available for our daily use, rather it is far beyond that. We just access the 5 per cent of the entire internet and the rest of it is what may be a true horror for those who have been affected by it. This domain of internet is popularly known as the Dark Web. In this article the author has described the disturbing truths of the Dark Web. The author has described about its history and has pointed out the usage of the same by the criminals. The author further discusses the types of crime that are committed behind the veil of internet. The article thereafter defines the remedies available in various laws of India for the victims of cyber crimes. The author concludes the article with suggestions of improvement in the present laws. KEYWORDS: Dark Net, Dark web, Deep Web, TOR, Onion, Cryptocurrency, privacy, anonymous, VPN, ARPANET, Crawlers, Silk Road, Phishing INTRODUCTION Today the most significant invention is the invention Internet, and it has taken the eyes of all the generation in one go.
    [Show full text]
  • HOW to RUN a ROGUE GOVERNMENT TWITTER ACCOUNT with an ANONYMOUS EMAIL ADDRESS and a BURNER PHONE Micah Lee February 20 2017, 9:53 A.M
    HOW TO RUN A ROGUE GOVERNMENT TWITTER ACCOUNT WITH AN ANONYMOUS EMAIL ADDRESS AND A BURNER PHONE Micah Lee February 20 2017, 9:53 a.m. Illustration: Doug Chayka for The Intercept LEIA EM PORTUGUÊS ⟶ One of the first things Donald Trump did when he took office was tem- porarily gag several federal agencies, forbidding them from tweeting. In response, self-described government workers created a wave of rogue Twitter accounts that share real facts (not to be confused with “alterna- tive facts,” otherwise known as “lies”) about climate change and sci- ence. As a rule, the people running these accounts chose to remain anonymous, fearing retaliation — but, depending on how they created and use their accounts, they are not necessarily anonymous to Twitter itself, or to anyone Twitter shares data with. Anonymous speech is firmly protected by the First Amendment and the Supreme Court, and its history in the U.S. dates to the Federalist Papers, written in 1787 and 1788 under the pseudonym Publius by three of the founding fathers. But the technical ability for people to remain anonymous on today’s in- ternet, where every scrap of data is meticulously tracked, is an entirely different issue. The FBI, a domestic intelligence agency that claims the power to spy on anyone based on suspicions that don’t come close to probable cause, has a long, dark history of violating the rights of Ameri- cans. And now it reports directly to President Trump, who is a petty, re- venge-obsessed authoritarian with utter disrespect for the courts and the rule of law.
    [Show full text]
  • MEMO. Nº. 52/2017 – SCOM
    00100.096648/2017-00 MEMO. nº. 52/2017 – SCOM Brasília, 21 de junho de 2017 A Sua Excelência a Senhora SENADORA REGINA SOUSA Assunto: Ideia Legislativa nº. 76.334 Senhora Presidente, Nos termos do parágrafo único do art. 6º da Resolução do Senado Federal nº. 19 de 2015, encaminho a Vossa Excelência a Ideia Legislativa nº. 76.334, sob o título de “Criminalização Da Apologia Ao Comunismo”, que alcançou, no período de 09/06/2017 a 20/06/2017, apoiamento superior a 20.000 manifestações individuais, conforme a ficha informativa em anexo. Respeitosamente, Dirceu Vieira Machado Filho Diretor da Secretaria de Comissões Senado Federal – Praça dos Três Poderes – CEP 70.165-900 – Brasília DF ARQUIVO ASSINADO DIGITALMENTE. CÓDIGO DE VERIFICAÇÃO: CE7C06D2001B6231. CONSULTE EM http://www.senado.gov.br/sigadweb/v.aspx. 00100.096648/2017-00 ANEXO AO MEMORANDO Nº. 52/2017 – SCOM - FICHA INFORMATIVA E RELAÇÃO DE APOIADORES - Senado Federal – Praça dos Três Poderes – CEP 70.165-900 – Brasília DF ARQUIVO ASSINADO DIGITALMENTE. CÓDIGO DE VERIFICAÇÃO: CE7C06D2001B6231. CONSULTE EM http://www.senado.gov.br/sigadweb/v.aspx. 00100.096648/2017-00 Ideia Legislativa nº. 76.334 TÍTULO Criminalização Da Apologia Ao Comunismo DESCRIÇÃO Assim como a Lei já prevê o "Crime de Divulgação do Nazismo", a apologia ao COMUNISMO e seus símbolos tem que ser proibidos no Brasil, como já acontece cada vez mais em diversos países, pois essa ideologia genocida causou males muito piores à Humanidade, massacrando mais de 100 milhões de inocentes! (sic) MAIS DETALHES O art. 20 da Lei 7.716/89 estabeleceu o "Crime de Divulgação do Nazismo": "§1º - Fabricar, comercializar, distribuir ou veicular, símbolos, emblemas, ornamentos, distintivos ou propaganda que utilizem a cruz suástica ou gamada, para fins de divulgação do nazismo.
    [Show full text]
  • “Guía Metodológica De Uso Seguro De Internet Para Personas Y Empresas Utilizando La Red Tor”
    PONTIFICIA UNIVERSIDAD CATÓLICA DEL ECUADOR FACULTAD DE INGENIERÍA ESCUELA DE SISTEMAS DISERTACIÓN DE GRADO PREVIA A LA OBTENCIÓN DEL TÍTULO DE INGENIERO EN SISTEMAS Y COMPUTACIÓN “GUÍA METODOLÓGICA DE USO SEGURO DE INTERNET PARA PERSONAS Y EMPRESAS UTILIZANDO LA RED TOR” NOMBRES: Javier Andrés Vicente Alarcón Verónica Cristina Guillén Guillén DIRECTOR: Msc. Luis Alberto Pazmiño Proaño QUITO, 2015 “GUÍA METODOLÓGICA DE USO SEGURO DE INTERNET PARA PERSONAS Y EMPRESAS UTILIZANDO LA RED TOR” TABLA DE CONTENIDO RESUMEN .......................................................................................................................... 3 INTRODUCCIÓN ................................................................................................................ 6 0. ANTECEDENTES ......................................................................................................... 8 0.1. Internet .............................................................................................................. 8 0.1.1. Definición .................................................................................................... 8 0.1.2. Historia........................................................................................................ 9 0.1.3. Evolución .................................................................................................. 12 0.2. Ciberataque ...................................................................................................... 13 0.2.1. Definición .................................................................................................
    [Show full text]
  • Sections Draft Pick, Taking Turns Over Which Heroes They Desire
    Publishing online Now in print since 2013, because the offline & Tor (((internet))) is since 2017. censorship! StormerThe most censored publication in history Vol. 6, 24 Sep–01 Oct 2017 Daily Stormer Sunday Edition Samizdat! I always considered myself a dog person. I used to hunt with Nemean lion, whose hide, impenetrable by weapons did not save setters. Bird dogs. They were like family. I always considered my- it from being strangled to death by Heracles. If there’s a lesson to self part of the #DogRight. Yesterday, however, was Caturday, and take away from that it’s that anything can be killed, even the great the ice kikes had just taken our domain. They actually claimed that beast that is the Jew. Andrew Anglin doesn’t exist, and that was the basis for the seizure. Daily Stormer was only the first. Now that censorship has moved I think the Icelanders are onto something here. As time goes on, we into the layer of domain registration, the offices of the .cat registry will cease to be normal beings of flesh and become formally estab- have been raided by the Spanish government and the CTO arrested lished as myths. It seemed time to move to .cat. to try to force the closing of websites related to the Catalonian in- When I think of cats in the context of magic, I think of the god- dependence referendum. We were at the forefront of censorship, dess Freyja. She was the only tolerable cat lady. Her chariot was but you’re going to see the same technique applied to registrars and drawn by cats, and she also skinned them and made gloves of their registries more often as time goes on.
    [Show full text]
  • Steal These Policies: Strategies for Reducing Digital Piracy
    THE INFORMAtiON TECHNOLOGY & INNOVAtiON FOUNDAtiON Steal These Policies: Strategies for Reducing Digital Piracy BY DANIEL CASTRO, RICHARD BENNETT AND SCOTT ANDES | DECEMBER 2009 We need to open a broad Executive Summary dialogue that engages all stakeholders, including he rise of broadband Internet access and cheap storage, along government, content with the growth of digital content, has enabled digital pi- owners, website racy to flourish around the world. Piracy enables the unau- operators, technolog y T thorized distribution of music, movies, television programs, software, developers, and ISPs video games, books, photos, and periodicals quickly and easily, to the and other intermediaries, detriment of creative artists and legitimate rights holders. These prac- on how to improve the global response to piracy. tices threaten not only the robust production of digital content in the future, but U.S. jobs in the present. Unfortunately, many advocates, believing that information should be free, would have government not only turn a blind eye to digital piracy, but actively tie the hands of companies who seek to limit digital piracy. This report makes the case that digital piracy is a serious problem with significant ramifica- tions for the U.S. economy, that a number of approaches, including technical solutions such as content identification, are needed to reduce piracy, and that governments should support legitimate industry ef- forts to reduce digital piracy, including those that focus on the revenue streams of those engaging in piracy. There is no “silver bullet” that will solve controls such as locks, closed-circuit the piracy problem—no single technical TV, and anti-theft packaging as well or legislative proposal will completely as a government-funded system of law solve such a complex issue—but there enforcement, digital piracy requires a are many “lead bullets” that can help coordinated approach.
    [Show full text]
  • Rethinking Piracy Joe Karaganis
    SOCIAL SCIENCE RESEARCH COUNCIL • MEDIA PIRACY IN EMERGING ECONOMIES SOCIAL SCIENCE RESEARCHCHAPTER COUNCIL ONE • •RETHINKING MEDIA PIRACY PIRACY IN EMERGING ECONOMIES Chapter 1: Rethinking Piracy Joe Karaganis Introduction What we know about media piracy usually begins, and often ends, with industry-sponsored research. There is good reason for this. US software, film, and music industry associations have funded extensive research efforts on global piracy over the past two decades and, for the most part, have had the topic to themselves. Despite its ubiquity, piracy has been fallow terrain for independent research. With the partial exception of file sharing studies in the last ten years, empirical work has been infrequent and narrow in scope. The community of interest has been small—so much so that, when we began planning this project in 2006, a substantial part of it was enlisted in our work. That community has grown, but there is still nothing on a scale comparable to the global, comparative, persistent attention of the industry groups. And perhaps more important, there is nothing comparable to the tight integration of industry research with lobbying and media campaigns, which amplify its presence in public and policy discussions. Industry research consequently casts a long shadow on the piracy conversation—as it was intended to do. Our study is not envisioned as an alternative to that work but as an effort to articulate a wider framework for understanding piracy in relation to economic development and changing media economies. This perspective implies looking beyond the calculation of rights-holder losses toward the evaluation of the broader social roles and impacts of piracy.
    [Show full text]
  • Cybercrime in the Deep Web Black Hat EU, Amsterdam 2015
    Cybercrime in the Deep Web Black Hat EU, Amsterdam 2015 Introduction The Deep Web is any Internet content that, for various reasons, cannot be or is not indexed by search engines like Google. This definition thus includes dynamic web pages, blocked sites (like those where you need to answer a CAPTCHA to access), unlinked sites, private sites (like those that require login credentials), non-HTML/contextual/scripted content, and limited-access networks. Limited-access networks cover sites with domain names that have been registered on Domain Name System (DNS) roots that are not managed by the Internet Corporation for Assigned Names and Numbers (ICANN), like .BIT domains, sites that are running on standard DNS but have non-standard top-level domains, and finally, darknets. Darknets are sites hosted on infrastructure that requires specific software like Tor before it can be accessed. Much of the public interest in the Deep Web lies in the activities that happen inside darknets. What are the Uses of the Deep Web? A smart person buying recreational drugs online will not want to type keywords in a regular browser. He/she will need to go online anonymously, using an infrastructure that will never lead interested parties to his IP address or physical location. Drug sellers as well, will not want to set up shop in online locations where law enforcement can easily determine, for instance, who registered that domain or where the site’s IP address exists in the real world. There are many other reasons apart from buying drugs why people would want to remain anonymous, or to set up sites that could not be traced back to a physical location or entity.
    [Show full text]
  • Battle Against Anonymous Browsing
    The Battle Against Anonymous Browsing: The Security Challenges Presented by Tor Brief Introduction • David A. Vargas – Work • President, VATG, Inc. – Teaching • Professor of Networking and Network Security – Education • BA, The George Washington University • MS, The Johns Hopkins University – Training: • Navy Cryptography • Army Counterintelligence • Security Audit, Malware Analysis, Digital Forensics, etc. – Primary certs: • CISSP, CISM, and CEHv7 Presentation Outline • Introduction to the Dark Web - Hiding in Darkness • What is Tor? • Detecting Tor • Chinks in the Armor - The Exit Node Problem • Tor Attacks and Takedowns • Does Tor Have a Future? Introduction to the Dark Web - Hiding in Darkness Introduction to the Dark Web - Hiding in Darkness • Surface Web: – The visible web that we are most familiar with Introduction to the Dark Web - Hiding in Darkness • What you find when you look deeper: Introduction to the Dark Web - Hiding in Darkness • Dark Web: – Consists of sites that are private or at least accessible only by those who know what they are looking for – Because of its anonymity, frequently used by deviant subcultures (criminals, pedophiles, etc.) Aside: A comment on the terms Introduction to the Dark Web - Hiding in Darkness Surface Web (where most of you surf) Dark Web (where only some of you surf – in some cases the FBI would like to meet with you) Estimates have suggested that the deep web is 4,000 to 5,000 times larger than the surface web. Searching the Dark • Although the dark web exists on the very same Grams Darknet
    [Show full text]