I was invited in Web Tech Talk Event as a Speaker. The event was organized by Tech Speakers Bangladesh. On that event, I gave a speech on Deep and Dark Web. I made this slide for that speech.
I was invited in Web Tech Talk Event as a Speaker. The event was organized by Tech Speakers Bangladesh. On that event, I gave a speech on Deep and Dark Web. I made this slide for that speech.
A brief introduction to Dark Web. Covers difference between Surface, Deep and Dark Web. Shows application of Dark Web like illegal marketing of drugs, arms, etc. Also covers a case study of Silk Road which shows how it works and it's payment mode. It also covers technologies used to access Dark Web using various browsers like TOR and covers it's internal mechanism how it works keeping anonymity using Onion Routing.It also shows some Illegal marketing statistics which shows how it's affecting real world.
The Deep Web, TOR Network and Internet AnonymityAbhimanyu Singh
Presentation Contents:
Introduction to Deep Web, Contents of the Deep Web, Accessing the Deep Web, Advisement, Deep Web vs. Surface Web, Importance of Anonymity and Privacy, and Conclusions.
Most investigators turn to Google and common social media platforms such as Facebook and Twitter to conduct research for their investigations. However, much of the Internet is inaccessible through simple searches, and criminals are increasingly turning to the dark web to conduct illicit business.
The dark web is anonymous and requires a special browser to access and some knowledge of how to navigate it safely. However, used properly, it can be a valuable source of information for investigators. It’s worthwhile for every investigator to develop the skills and knowledge to mine this treasure trove of dark data.
Join Chad Los Schumacher, investigator and researcher at iThreat Cyber Group, as he leads participants on an exploration of investigations in the dark web.
Webinar attendees will learn:
What the dark web is and how it fits into the rest of the worldwide web
What can be found on the dark web
How to get to the dark web using Tor and other browsers
How to locate common hubs and resources on the dark web and explore what they have to offer
How to bring leads from the dark web to the surface in an investigation
The dark web is like a secret internet, hidden and mysterious. People think it's full of bad stuff and danger, but it's also a place where some go to be safe and private. It's a mix of scary stories and places where people can hide online.
dark web Facts and understanding how it works
A free software implementation of second-generation onion routing that help the user to be anonymous while using the internet so it protect the user’s privacy from being monitored
Some people use it in the wrong way which lead to what is called now “The Darknet” : A black spot in the internet which involve all the criminal activities on the internet such as selling Drugs, fraud, copyright infringement and piracy and so on.
A brief introduction to Dark Web. Covers difference between Surface, Deep and Dark Web. Shows application of Dark Web like illegal marketing of drugs, arms, etc. Also covers a case study of Silk Road which shows how it works and it's payment mode. It also covers technologies used to access Dark Web using various browsers like TOR and covers it's internal mechanism how it works keeping anonymity using Onion Routing.It also shows some Illegal marketing statistics which shows how it's affecting real world.
The Deep Web, TOR Network and Internet AnonymityAbhimanyu Singh
Presentation Contents:
Introduction to Deep Web, Contents of the Deep Web, Accessing the Deep Web, Advisement, Deep Web vs. Surface Web, Importance of Anonymity and Privacy, and Conclusions.
Most investigators turn to Google and common social media platforms such as Facebook and Twitter to conduct research for their investigations. However, much of the Internet is inaccessible through simple searches, and criminals are increasingly turning to the dark web to conduct illicit business.
The dark web is anonymous and requires a special browser to access and some knowledge of how to navigate it safely. However, used properly, it can be a valuable source of information for investigators. It’s worthwhile for every investigator to develop the skills and knowledge to mine this treasure trove of dark data.
Join Chad Los Schumacher, investigator and researcher at iThreat Cyber Group, as he leads participants on an exploration of investigations in the dark web.
Webinar attendees will learn:
What the dark web is and how it fits into the rest of the worldwide web
What can be found on the dark web
How to get to the dark web using Tor and other browsers
How to locate common hubs and resources on the dark web and explore what they have to offer
How to bring leads from the dark web to the surface in an investigation
The dark web is like a secret internet, hidden and mysterious. People think it's full of bad stuff and danger, but it's also a place where some go to be safe and private. It's a mix of scary stories and places where people can hide online.
dark web Facts and understanding how it works
A free software implementation of second-generation onion routing that help the user to be anonymous while using the internet so it protect the user’s privacy from being monitored
Some people use it in the wrong way which lead to what is called now “The Darknet” : A black spot in the internet which involve all the criminal activities on the internet such as selling Drugs, fraud, copyright infringement and piracy and so on.
Dark Web insights regarding how to use the dark web and how to benefit from it. The reason i did this is to do the awareness of Dark Web as a concept. Try to learn it and to use it in a good way because it's very important.
This presentation was made by collecting all publicly available materials and it is purely for educational purpose. Author wants to thank each and every contributor of pictures, video, text in this presentation.
A talk and live demo I wrote and gave at a number of cyber insurance events, discussing how the Dark Web works, how to access it, who uses it, and it's advantages and disadvantages.
A look at the methodology and techniques or hackers, cyber criminals and state sponsored attackers. Explores the kill chain, Geo political instability and the dark web.
Topics covered are:
-What is Onion Routing?
-What is Tor onion routing?
-How is Tor different from other proxies?
-How Tor works?
-Advantages of Tor
-Disadvantages of Tor
-Tor .onion domains
-Deep web v/s Dark web
-Dark web
-The Hidden Wiki
Tor browser with types of web and how you can search the data anonymously. which kinds of data stored on a different web types.
Is all the searches are legal on Tor browser and who can use the Tor browser.
Presentation of "Anonymity in the web based on routing protocols" technical report developed for the Web Security course of the Master Degree in Engineering in Computer Science curriculum in Cyber Security at University of Rome "La Sapienza".
Link: https://www.slideshare.net/BiagioBotticelli/anonymity-in-the-web-based-on-routing-protocols
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
2. 2
Introduction to the dark web
The Onion Router and Hidden Services
Dark Web Takedowns
Protecting yourself from the dark web
Illuminating the Dark Web
12. 12
• Based on technology developed by the US Naval Research Laboratory in 1990s
• Designed to protect US intelligence communications online
• Tor project launched in 2002, first public release in 2004
• The Tor Project Inc. launched in 2006 as a non-profit organisation
What is Tor?
13. 13
Tor can provide two levels of anonymity:
Anonymous access to surface web services
• The Tor network provides an anonymous access through the Tor network.
• The Tor network “exit node” connects to the surface web server
Anonymous access to hidden services
• The Tor network provides complete end-to-end anonymity
• Hides the identity of both client and server
How muchAnonymity does Tor Provide?
16. 16
How Anonymous?
“Alice is using the Tor service”
Tor relay nodes are publicly known
“Someone is connecting to Bob
from the Tor network”
“We can see this traffic”
17. 17
How Anonymous?
“Alice is using a VPN service”
HTTPS
VPN Provider
“Someone is connecting to Bob
from the Tor network”
19. 19
Volunteers.
Often universities and other institutions
Most people host Relay or Guard (Entry) nodes
Nodes cannot become guards unless they are stable, and have at least 2Mbytes/s bandwidth
Running an Exit node opens up the potential of receiving abuse complaints
Exit nodes are often blocked by providers or website owners
Who Owns the Tor Nodes?
22. 22
• Hidden services provide anonymity for the server
• Servers are identified by an onion address such as 4nrvt5xpejyo27zf.onion
• These are not resolved by DNS, rather by the Tor network itself
• Most importantly:
• There is no link between server name and server address
Tor Hidden Services
26. 26
• It’s more than just Tor!
• Payment methods
• Delivery of goods
• All other system tools and applications must be anonymized
• Ancillary communications (forgotten passwords, tech support)
• Web services platforms (Wordpress, Joomla etc. are full of vulnerabilities)
Perfect anonymity is Difficult
27. 27
In 2013, the FBI managed to infiltrate “Freedom Hosting”,
a hosting operation serving child pornography sites
It inserted an exploit kit which targeted a vulnerability in Firefox 17
(used in Tor browser)
This resulted in the download of a file which would report back the identity of the user
Resulted in the arrests of the owner, and many of the consumers
The Silk Road marketplace was reportedly identified through
a non-anonymized captcha
Freedom Hosting
Silk Road
28. 28
Child sex abuse marketplace
More than 8 terabytes of data
Used bitcoin – 7,300 recorded transactions from
more than 1 million user addresses
UK National Crime Agency used BitCoin
transaction analysis to identify users
Arrests of 337 users made in 38 countries
23 abused children identified and rescued
Abusers found, not by using offensive hacking, but by simply tracing bitcoin transactions
Welcome To Video
29. 29
Dark Web Markets
Silk Road
Data leaked via
CAPTCHA
US DEA and FBI
June 2013
Silk Road 2.0
Bitcoin
Vulnerability
FBI & Europol
Nov 2014
AlphaBay
Email address
leakage
July 2017
Dream Market
Sustained DDoS
Attacks?
March 2019
Wall Street
Market
Careless use of
VPN
Europol
May 2019
Deepdotweb.com
Dark web links site
Taken down because of
links to illegal markets
FBI, Europol, NCA
May 2019
Hansa
Addresses leaked
in IRC logs
Operation
Bayonet
(multinational law
enforcement)
34. 34
Several sites provide the list in convenient form:
https://check.torproject.org/exit-addresses (exit nodes only)
https://www.dan.me.uk/tornodes (exit only, or all relays)
http://blutmagie.de (exit only, or all relays)
Security vendors often have automatically-updated node lists built in to their solutions.
Tor Detection by RelayAddresses
35. 35
Good news: It is possible to detect the Tor protocol
Not so good news: Tor provides explicit means to avoid being detected
Fortinet has built-in application detection of Tor, I2P, FreeNet, and others, as well as
popular proxy applications such as Psiphon and Ultrasurf.
Tor does makes it possible to use private relay nodes and personalized transport protocols
which can make detection close to impossible.
However, in practice, there are many associated difficulties with these techniques.
Detection by Protocol
36. 36
• Dark web is more about the technology than the content
• Much of the content is legal and legitimate
• Tor is by far the most popular access technology
• It is very difficult to make a site 100% anonymous
• The dark web can present a risk to legitimate users and companies
• Simple security measures can deter all but the most determined attackers
Key Takeaways