SlideShare a Scribd company logo

Illuminating the dark web

Jisc
Jisc

A presentation at the Jisc security conference 2019 by Simon Bryden, Fortinet.

1 of 37
Download to read offline
1
Illuminating the Dark Web
Simon Bryden
Consulting Systems Engineer, EMEA
2
Introduction to the dark web
The Onion Router and Hidden Services
Dark Web Takedowns
Protecting yourself from the dark web
Illuminating the Dark Web
3
“The iceberg”
Surface Web
Deep Web
Dark Web
4
Protected by authentication layer
or paywall
Not linked from any other pages Not referenced by search engines
Deep Web characteristics
5
Anonymous Special access software Associated with illegal activities
Dark Web characteristics
6
Illegal content Illegal marketplaces Cybercrime services Cryptocurrency services
What can be found on the Dark Web?

Recommended

More Related Content

What's hot (20)

The Dark Web
The Dark WebThe Dark Web
The Dark Web
 
Dark and Deep web
Dark and Deep webDark and Deep web
Dark and Deep web
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark Web
 
Dark web
Dark webDark web
Dark web
 
Guide to dark web
Guide to dark webGuide to dark web
Guide to dark web
 
Dark wed
Dark wedDark wed
Dark wed
 
The Dark side of the Web
The Dark side of the WebThe Dark side of the Web
The Dark side of the Web
 
PPT dark web
PPT dark webPPT dark web
PPT dark web
 
Investigating Using the Dark Web
Investigating Using the Dark WebInvestigating Using the Dark Web
Investigating Using the Dark Web
 
The Dark Web
The Dark WebThe Dark Web
The Dark Web
 
Dark web
Dark webDark web
Dark web
 
The Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet AnonymityThe Deep Web, TOR Network and Internet Anonymity
The Deep Web, TOR Network and Internet Anonymity
 
Cybersecurity and the DarkNet
Cybersecurity and the DarkNetCybersecurity and the DarkNet
Cybersecurity and the DarkNet
 
Dark web by Pranesh Kulkarni
Dark web by Pranesh KulkarniDark web by Pranesh Kulkarni
Dark web by Pranesh Kulkarni
 
Deep web and Dark web
Deep web and Dark webDeep web and Dark web
Deep web and Dark web
 
The dark web
The dark webThe dark web
The dark web
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
 
The Dark Web by Kenneth Yu
The Dark Web by Kenneth YuThe Dark Web by Kenneth Yu
The Dark Web by Kenneth Yu
 
Deep web Seminar
Deep web Seminar Deep web Seminar
Deep web Seminar
 
Dark web (1)
Dark web (1)Dark web (1)
Dark web (1)
 

Similar to Illuminating the dark web

The Dark Web : Hidden Services
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden ServicesAnshu Singh
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The DarknetAhmed Mater
 
Анонимность Tor: миф и реальность
Анонимность Tor: миф и реальностьАнонимность Tor: миф и реальность
Анонимность Tor: миф и реальностьCEE-SEC(R)
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk   anonymous network concepts and implementation(130727) #fitalk   anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementationINSIGHT FORENSIC
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction &  Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction &  Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaOWASP Delhi
 
Presentation darknet
Presentation darknetPresentation darknet
Presentation darknetDvir Barel
 
Darkle Slideshow _ by Slidesgo.pptx
Darkle Slideshow _ by Slidesgo.pptxDarkle Slideshow _ by Slidesgo.pptx
Darkle Slideshow _ by Slidesgo.pptxJamalAmzil6
 
Demystifying the Dark Web
Demystifying the Dark WebDemystifying the Dark Web
Demystifying the Dark WebTom Kranz
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyb coatesworth
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous CommunicationFabio Pietrosanti
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterMohammed Bharmal
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsBiagio Botticelli
 

Similar to Illuminating the dark web (20)

The Dark Web : Hidden Services
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
 
Dark Web.pptx
Dark Web.pptxDark Web.pptx
Dark Web.pptx
 
Deep web
Deep webDeep web
Deep web
 
Dark Web.pptx
Dark Web.pptxDark Web.pptx
Dark Web.pptx
 
Анонимность Tor: миф и реальность
Анонимность Tor: миф и реальностьАнонимность Tor: миф и реальность
Анонимность Tor: миф и реальность
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk   anonymous network concepts and implementation(130727) #fitalk   anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
Dark net
Dark netDark net
Dark net
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction &  Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction &  Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
 
Presentation darknet
Presentation darknetPresentation darknet
Presentation darknet
 
Dw communication
Dw communicationDw communication
Dw communication
 
Ali shahbazi khojasteh - deep web
Ali shahbazi khojasteh - deep webAli shahbazi khojasteh - deep web
Ali shahbazi khojasteh - deep web
 
Darkle Slideshow _ by Slidesgo.pptx
Darkle Slideshow _ by Slidesgo.pptxDarkle Slideshow _ by Slidesgo.pptx
Darkle Slideshow _ by Slidesgo.pptx
 
Demystifying the Dark Web
Demystifying the Dark WebDemystifying the Dark Web
Demystifying the Dark Web
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
 
2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication2006: Hack.lu Luxembourg 2006: Anonymous Communication
2006: Hack.lu Luxembourg 2006: Anonymous Communication
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
 
.Onion
.Onion.Onion
.Onion
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
 
Darknet
DarknetDarknet
Darknet
 

More from Jisc

Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 
ExpertsknightOct23.pptx
ExpertsknightOct23.pptxExpertsknightOct23.pptx
ExpertsknightOct23.pptxJisc
 
BeyondBlended17Oct23.pptx
BeyondBlended17Oct23.pptxBeyondBlended17Oct23.pptx
BeyondBlended17Oct23.pptxJisc
 
Collective Funding Models for OA Books 3 - Thoth presentation.pptx
Collective Funding Models for OA Books 3 - Thoth presentation.pptxCollective Funding Models for OA Books 3 - Thoth presentation.pptx
Collective Funding Models for OA Books 3 - Thoth presentation.pptxJisc
 

More from Jisc (20)

Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 
ExpertsknightOct23.pptx
ExpertsknightOct23.pptxExpertsknightOct23.pptx
ExpertsknightOct23.pptx
 
BeyondBlended17Oct23.pptx
BeyondBlended17Oct23.pptxBeyondBlended17Oct23.pptx
BeyondBlended17Oct23.pptx
 
Collective Funding Models for OA Books 3 - Thoth presentation.pptx
Collective Funding Models for OA Books 3 - Thoth presentation.pptxCollective Funding Models for OA Books 3 - Thoth presentation.pptx
Collective Funding Models for OA Books 3 - Thoth presentation.pptx
 

Recently uploaded

ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...Neo4j
 
Revolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
Revolutionizing The Banking Industry: The Monzo Way by CPO, MonzoRevolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
Revolutionizing The Banking Industry: The Monzo Way by CPO, MonzoProduct School
 
Geospatial Synergy: Amplifying Efficiency with FME & Esri
Geospatial Synergy: Amplifying Efficiency with FME & EsriGeospatial Synergy: Amplifying Efficiency with FME & Esri
Geospatial Synergy: Amplifying Efficiency with FME & EsriSafe Software
 
Enterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewEnterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewAshraf Fouad
 
PrismCRM-RealEstate-SalesCRM_byCode5Company
PrismCRM-RealEstate-SalesCRM_byCode5CompanyPrismCRM-RealEstate-SalesCRM_byCode5Company
PrismCRM-RealEstate-SalesCRM_byCode5CompanyMustafa Kuğu
 
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Product School
 
Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Product School
 
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24Umar Saif
 
How AI and ChatGPT are changing cybersecurity forever.pptx
How AI and ChatGPT are changing cybersecurity forever.pptxHow AI and ChatGPT are changing cybersecurity forever.pptx
How AI and ChatGPT are changing cybersecurity forever.pptxInfosec
 
How to write an effective Cyber Incident Response Plan
How to write an effective Cyber Incident Response PlanHow to write an effective Cyber Incident Response Plan
How to write an effective Cyber Incident Response PlanDatabarracks
 
Q4 2023 Quarterly Investor Presentation - FINAL.pdf
Q4 2023 Quarterly Investor Presentation - FINAL.pdfQ4 2023 Quarterly Investor Presentation - FINAL.pdf
Q4 2023 Quarterly Investor Presentation - FINAL.pdfTejal81
 
National Institute of Standards and Technology (NIST) Cybersecurity Framework...
National Institute of Standards and Technology (NIST) Cybersecurity Framework...National Institute of Standards and Technology (NIST) Cybersecurity Framework...
National Institute of Standards and Technology (NIST) Cybersecurity Framework...MichaelBenis1
 
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlueCloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlueShapeBlue
 
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHubHow We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHubShapeBlue
 
Learning About GenAI Engineering with AWS PartyRock [AWS User Group Basel - F...
Learning About GenAI Engineering with AWS PartyRock [AWS User Group Basel - F...Learning About GenAI Engineering with AWS PartyRock [AWS User Group Basel - F...
Learning About GenAI Engineering with AWS PartyRock [AWS User Group Basel - F...Chris Bingham
 
CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...
CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...
CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...ShapeBlue
 
Confoo 2024 Gettings started with OpenAI and data science
Confoo 2024 Gettings started with OpenAI and data scienceConfoo 2024 Gettings started with OpenAI and data science
Confoo 2024 Gettings started with OpenAI and data scienceSusan Ibach
 
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner,  Challenge Like a VC by former CPO, TripadvisorAct Like an Owner,  Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner, Challenge Like a VC by former CPO, TripadvisorProduct School
 
AI improves software testing to be more fault tolerant, focused and efficient
AI improves software testing to be more fault tolerant, focused and efficientAI improves software testing to be more fault tolerant, focused and efficient
AI improves software testing to be more fault tolerant, focused and efficientKari Kakkonen
 
Artificial Intelligence, Design, and More-than-Human Justice
Artificial Intelligence, Design, and More-than-Human JusticeArtificial Intelligence, Design, and More-than-Human Justice
Artificial Intelligence, Design, and More-than-Human JusticeJosh Gellers
 

Recently uploaded (20)

ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
ASTRAZENECA. Knowledge Graphs Powering a Fast-moving Global Life Sciences Org...
 
Revolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
Revolutionizing The Banking Industry: The Monzo Way by CPO, MonzoRevolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
Revolutionizing The Banking Industry: The Monzo Way by CPO, Monzo
 
Geospatial Synergy: Amplifying Efficiency with FME & Esri
Geospatial Synergy: Amplifying Efficiency with FME & EsriGeospatial Synergy: Amplifying Efficiency with FME & Esri
Geospatial Synergy: Amplifying Efficiency with FME & Esri
 
Enterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewEnterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book Review
 
PrismCRM-RealEstate-SalesCRM_byCode5Company
PrismCRM-RealEstate-SalesCRM_byCode5CompanyPrismCRM-RealEstate-SalesCRM_byCode5Company
PrismCRM-RealEstate-SalesCRM_byCode5Company
 
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
 
Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...
 
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
 
How AI and ChatGPT are changing cybersecurity forever.pptx
How AI and ChatGPT are changing cybersecurity forever.pptxHow AI and ChatGPT are changing cybersecurity forever.pptx
How AI and ChatGPT are changing cybersecurity forever.pptx
 
How to write an effective Cyber Incident Response Plan
How to write an effective Cyber Incident Response PlanHow to write an effective Cyber Incident Response Plan
How to write an effective Cyber Incident Response Plan
 
Q4 2023 Quarterly Investor Presentation - FINAL.pdf
Q4 2023 Quarterly Investor Presentation - FINAL.pdfQ4 2023 Quarterly Investor Presentation - FINAL.pdf
Q4 2023 Quarterly Investor Presentation - FINAL.pdf
 
National Institute of Standards and Technology (NIST) Cybersecurity Framework...
National Institute of Standards and Technology (NIST) Cybersecurity Framework...National Institute of Standards and Technology (NIST) Cybersecurity Framework...
National Institute of Standards and Technology (NIST) Cybersecurity Framework...
 
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlueCloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
CloudStack Authentication Methods – Harikrishna Patnala, ShapeBlue
 
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHubHow We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
How We Grew Up with CloudStack and its Journey – Dilip Singh, DataHub
 
Learning About GenAI Engineering with AWS PartyRock [AWS User Group Basel - F...
Learning About GenAI Engineering with AWS PartyRock [AWS User Group Basel - F...Learning About GenAI Engineering with AWS PartyRock [AWS User Group Basel - F...
Learning About GenAI Engineering with AWS PartyRock [AWS User Group Basel - F...
 
CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...
CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...
CloudStack 101: The Best Way to Build Your Private Cloud – Rohit Yadav, VP Ap...
 
Confoo 2024 Gettings started with OpenAI and data science
Confoo 2024 Gettings started with OpenAI and data scienceConfoo 2024 Gettings started with OpenAI and data science
Confoo 2024 Gettings started with OpenAI and data science
 
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner,  Challenge Like a VC by former CPO, TripadvisorAct Like an Owner,  Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
 
AI improves software testing to be more fault tolerant, focused and efficient
AI improves software testing to be more fault tolerant, focused and efficientAI improves software testing to be more fault tolerant, focused and efficient
AI improves software testing to be more fault tolerant, focused and efficient
 
Artificial Intelligence, Design, and More-than-Human Justice
Artificial Intelligence, Design, and More-than-Human JusticeArtificial Intelligence, Design, and More-than-Human Justice
Artificial Intelligence, Design, and More-than-Human Justice
 

Illuminating the dark web

  • 1. 1 Illuminating the Dark Web Simon Bryden Consulting Systems Engineer, EMEA
  • 2. 2 Introduction to the dark web The Onion Router and Hidden Services Dark Web Takedowns Protecting yourself from the dark web Illuminating the Dark Web
  • 4. 4 Protected by authentication layer or paywall Not linked from any other pages Not referenced by search engines Deep Web characteristics
  • 5. 5 Anonymous Special access software Associated with illegal activities Dark Web characteristics
  • 6. 6 Illegal content Illegal marketplaces Cybercrime services Cryptocurrency services What can be found on the Dark Web?
  • 7. 7
  • 8. 8
  • 9. 9
  • 10. 10 Journalism Legal markets Social Media Repressed minorities Legal dark web services
  • 12. 12 • Based on technology developed by the US Naval Research Laboratory in 1990s • Designed to protect US intelligence communications online • Tor project launched in 2002, first public release in 2004 • The Tor Project Inc. launched in 2006 as a non-profit organisation What is Tor?
  • 13. 13 Tor can provide two levels of anonymity: Anonymous access to surface web services • The Tor network provides an anonymous access through the Tor network. • The Tor network “exit node” connects to the surface web server Anonymous access to hidden services • The Tor network provides complete end-to-end anonymity • Hides the identity of both client and server How muchAnonymity does Tor Provide?
  • 14. 14
  • 15. 15
  • 16. 16 How Anonymous? “Alice is using the Tor service” Tor relay nodes are publicly known “Someone is connecting to Bob from the Tor network” “We can see this traffic”
  • 17. 17 How Anonymous? “Alice is using a VPN service” HTTPS VPN Provider “Someone is connecting to Bob from the Tor network”
  • 19. 19 Volunteers. Often universities and other institutions Most people host Relay or Guard (Entry) nodes Nodes cannot become guards unless they are stable, and have at least 2Mbytes/s bandwidth Running an Exit node opens up the potential of receiving abuse complaints Exit nodes are often blocked by providers or website owners Who Owns the Tor Nodes?
  • 20. 20 Where are the relays? Germany UK Netherlands USA France
  • 22. 22 • Hidden services provide anonymity for the server • Servers are identified by an onion address such as 4nrvt5xpejyo27zf.onion • These are not resolved by DNS, rather by the Tor network itself • Most importantly: • There is no link between server name and server address Tor Hidden Services
  • 23. 23 Tor Hidden Service Operation RP
  • 26. 26 • It’s more than just Tor! • Payment methods • Delivery of goods • All other system tools and applications must be anonymized • Ancillary communications (forgotten passwords, tech support) • Web services platforms (Wordpress, Joomla etc. are full of vulnerabilities) Perfect anonymity is Difficult
  • 27. 27 In 2013, the FBI managed to infiltrate “Freedom Hosting”, a hosting operation serving child pornography sites It inserted an exploit kit which targeted a vulnerability in Firefox 17 (used in Tor browser) This resulted in the download of a file which would report back the identity of the user Resulted in the arrests of the owner, and many of the consumers The Silk Road marketplace was reportedly identified through a non-anonymized captcha Freedom Hosting Silk Road
  • 28. 28 Child sex abuse marketplace More than 8 terabytes of data Used bitcoin – 7,300 recorded transactions from more than 1 million user addresses UK National Crime Agency used BitCoin transaction analysis to identify users Arrests of 337 users made in 38 countries 23 abused children identified and rescued Abusers found, not by using offensive hacking, but by simply tracing bitcoin transactions Welcome To Video
  • 29. 29 Dark Web Markets Silk Road Data leaked via CAPTCHA US DEA and FBI June 2013 Silk Road 2.0 Bitcoin Vulnerability FBI & Europol Nov 2014 AlphaBay Email address leakage July 2017 Dream Market Sustained DDoS Attacks? March 2019 Wall Street Market Careless use of VPN Europol May 2019 Deepdotweb.com Dark web links site Taken down because of links to illegal markets FBI, Europol, NCA May 2019 Hansa Addresses leaked in IRC logs Operation Bayonet (multinational law enforcement)
  • 31. 31 Case 1: Employees access dark web sites
  • 32. 32 Case 2: Employees hosting dark web sites
  • 33. 33 Case 3: Anonymous external reconnaisance
  • 34. 34 Several sites provide the list in convenient form: https://check.torproject.org/exit-addresses (exit nodes only) https://www.dan.me.uk/tornodes (exit only, or all relays) http://blutmagie.de (exit only, or all relays) Security vendors often have automatically-updated node lists built in to their solutions. Tor Detection by RelayAddresses
  • 35. 35 Good news: It is possible to detect the Tor protocol Not so good news: Tor provides explicit means to avoid being detected Fortinet has built-in application detection of Tor, I2P, FreeNet, and others, as well as popular proxy applications such as Psiphon and Ultrasurf. Tor does makes it possible to use private relay nodes and personalized transport protocols which can make detection close to impossible. However, in practice, there are many associated difficulties with these techniques. Detection by Protocol
  • 36. 36 • Dark web is more about the technology than the content • Much of the content is legal and legitimate • Tor is by far the most popular access technology • It is very difficult to make a site 100% anonymous • The dark web can present a risk to legitimate users and companies • Simple security measures can deter all but the most determined attackers Key Takeaways
  • 37. Come and see us at stand 14