Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
search engines
Next
Download to read offline and view in fullscreen.

1

Share

Download to read offline

Spooky Halloween IT Security Lecture -- The Deep Web

Download to read offline

On the occasion of Halloween, I like to give the students in my IS 365 Information Security class at the University of Wisconsin-Madison, a break from the normal course material. Therefore, today, I presented a class lecture on the Deep Web (the hidden, scary and dark side of the Internet) Appropriate for this spooky time of year. While it was intended to be fun, it also sparked good conversation within the class, and they learned some solid concepts about ways in which people try to evade IT security controls, to preserve anonymity.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Spooky Halloween IT Security Lecture -- The Deep Web

  1. 1. Scary Halloween Lecture 365/765 The Deep Web—From Spooky to Creepy Presented by Nicholas Davis, CISSP, CISA
  2. 2. This presentation contains explicit content, which some people may find offensive. The examples shown do not represent my views or opinions, and are used for demonstration only. I do not endorse the use of the Deep Web for unethical or illicit activities. 10/28/16 UNIVERSITY OF WISCONSIN 2
  3. 3. Session OverviewSession Overview Introduction and Warning The Deep Web Defined Dynamic Content Unlinked Content Private Web Contextual Web Limited Access Content Scripted Content Non-HTML Content Deep Web Search Engines & Tor Client Examples of what can found on the Deep Web Exciting Documentary Video Question and Answer session 10/28/16 UNIVERSITY OF WISCONSIN 3
  4. 4. Some DefinitionsSome Definitions Deep Web, Deep Net, Invisible Web, or Hidden Web is not part of the Surface Web (that which is normally accessed). Do not confuse it with the Dark Internet, which refers to computers which can no longer be reached over the Internet Some people think that the Deep Web is a haven for serious criminality, and I agree with them 10/28/16 UNIVERSITY OF WISCONSIN 4
  5. 5. Normal Web SearchNormal Web Search vs. Deep Web Searchvs. Deep Web Search Searching on the Internet today can be compared to dragging a net across the surface of the ocean: a great deal may be caught in the net, but there is a wealth of information that is deep and therefore missed 10/28/16 UNIVERSITY OF WISCONSIN 5
  6. 6. Normal Web SearchNormal Web Search vs. Deep Web Searchvs. Deep Web Search Traditional search engines cannot see or retrieve content in the deep Web—those pages do not exist until they are created dynamically as the result of a specific search. As of 2001, the deep Web was several orders of magnitude larger than the surface Web 10/28/16 UNIVERSITY OF WISCONSIN 6
  7. 7. Deep Web SizeDeep Web Size It is impossible to measure or put estimates onto the size of the deep web because the majority of the information is hidden or locked inside databases. Early estimates suggested that the deep web is 4,000 to 5,000 times larger than the surface web 10/28/16 UNIVERSITY OF WISCONSIN 7
  8. 8. Deep Web ResourcesDeep Web Resources Dynamic ContentDynamic Content Dynamic pages which are returned in response to a submitted query or accessed only through a form, especially if open-domain input elements (such as text fields) are used; such fields are hard to navigate without domain knowledge. 10/28/16 UNIVERSITY OF WISCONSIN 8
  9. 9. Deep Web ResourcesDeep Web Resources Unlinked ContentUnlinked Content Unlinked content: pages which are not linked to by other pages, which may prevent Web crawling programs from accessing the content. This content is referred to as pages without backlinks (or inlinks). 10/28/16 UNIVERSITY OF WISCONSIN 9
  10. 10. Deep Web ResourcesDeep Web Resources Private WebPrivate Web Private Web: sites that require registration and login (password- protected resources). 10/28/16 UNIVERSITY OF WISCONSIN 10
  11. 11. Deep Web ResourcesDeep Web Resources Contextual WebContextual Web Contextual Web: pages with content varying for different access contexts (e.g., ranges of client IP addresses or previous navigation sequence). 10/28/16 UNIVERSITY OF WISCONSIN 11
  12. 12. Deep Web ResourcesDeep Web Resources Limited Access ContentLimited Access Content Limited access content: sites that limit access to their pages in a technical way (e.g., using the Robots Exclusion Standard or CAPTCHAs, or no-store directive which prohibit search engines from browsing them and creating cached copies 10/28/16 UNIVERSITY OF WISCONSIN 12
  13. 13. Deep Web ResourcesDeep Web Resources Scripted ContentScripted Content Scripted content: pages that are only accessible through links produced by JavaScript as well as content dynamically downloaded from Web servers via Flash or Ajax solutions. 10/28/16 UNIVERSITY OF WISCONSIN 13
  14. 14. Deep Web ResourcesDeep Web Resources Non HTML ContentNon HTML Content Non-HTML/text content: textual content encoded in multimedia (image or video) files or specific file formats not handled by search engines. 10/28/16 UNIVERSITY OF WISCONSIN 14
  15. 15. Accessing the Deep WebAccessing the Deep Web While it is not always possible to discover a specific web server's external IP address, theoretically almost any site can be accessed via its IP address, regardless of whether or not it has been indexed. 10/28/16 UNIVERSITY OF WISCONSIN 15
  16. 16. Accessing the Deep WebAccessing the Deep Web Certain content is intentionally hidden from the regular internet, accessible only with special software, such as Tor. Tor allows users to access websites using the .onion host suffix anonymously, hiding their IP address. Other such software includes I2P and Freenet. 10/28/16 UNIVERSITY OF WISCONSIN 16
  17. 17. The Onion Router (Tor)The Onion Router (Tor) Tool For the Deep WebTool For the Deep Web Tor is software that installs into your browser and sets up the specific connections you need to access dark Web sites. Critically, Tor is an encrypted technology that helps people maintain anonymity online. It does this in part by routing connections through servers around the world, making them much harder to track. 10/28/16 UNIVERSITY OF WISCONSIN 17
  18. 18. Who Invented Tor?Who Invented Tor? Oddly enough, Tor is the result of research done by the U.S. Naval Research Laboratory, which created Tor for political dissidents and whistleblowers, allowing them to communicate without fear of reprisal. 10/28/16 UNIVERSITY OF WISCONSIN 18
  19. 19. Tor Client AvailableTor Client Available For DownloadFor Download 10/28/16 UNIVERSITY OF WISCONSIN 19
  20. 20. Accessing the Deep WebAccessing the Deep Web .onion.onion .onion is a pseudo-top-level domain host suffix designating an anonymous hidden service reachable via the Tor network. Such addresses are not actual DNS names, and the .onion TLD is not in the Internet DNS root, but with the appropriate proxy software installed, Internet programs such as Web browsers can access sites with .onion addresses by sending the request through the network of Tor servers. 10/28/16 UNIVERSITY OF WISCONSIN 20
  21. 21. Accessing the Deep WebAccessing the Deep Web Tor2web 10/28/16 UNIVERSITY OF WISCONSIN 21
  22. 22. What Deep Web LinksWhat Deep Web Links Look LikeLook Like Deep Web links appear as a random string of letters followed by the .onion TLD. For example, http://xmh57jrzrnw6i nsl followed by .onion, links to TORCH, the Tor search engine web page. 10/28/16 UNIVERSITY OF WISCONSIN 22
  23. 23. Searching the Deep WebSearching the Deep Web To discover content on the Web, search engines use web crawlers that follow hyperlinks through known protocol virtual port numbers. This technique is ideal for discovering resources on the surface Web but is often ineffective at finding Deep Web resources. 10/28/16 UNIVERSITY OF WISCONSIN 23
  24. 24. Give the People What TheyGive the People What They Came Here For, Tonight!Came Here For, Tonight! Just like general web search, searching the Invisible Web is also about looking for the needle in the haystack. Only here, the haystack is much bigger. The Invisible Web is definitely not for the casual searcher. It is a deep but not dark because if you know what you are searching for, enlightenment is a few keywords away. 10/28/16 UNIVERSITY OF WISCONSIN 24
  25. 25. Deep Web SearchDeep Web Search EnginesEngines 10/28/16 UNIVERSITY OF WISCONSIN 25
  26. 26. In mid-2014, a hacker created Grams, the Dark Web’s first distributed search engine. Grams allows would-be criminals to search for drugs, guns, and stolen bank accounts across multiple hidden sites. It even includes an "I’m Feeling Lucky" button and targeted ads where drug dealers compete for clicks. 10/28/16 UNIVERSITY OF WISCONSIN 26
  27. 27. Grams Sample SearchGrams Sample Search Crunchy Dutch MoonrocksCrunchy Dutch Moonrocks 10/28/16 UNIVERSITY OF WISCONSIN 27
  28. 28. Tools of the TradeTools of the Trade 10/28/16 UNIVERSITY OF WISCONSIN 28
  29. 29. Things That Make theThings That Make the Deep Web WorkDeep Web Work Cryptocurrency Digital cash, such as bitcoin and darkcoin, and the payment system Liberty Reserve provide a convenient system for users to spend money online while keeping their real-world identities hidden. 10/28/16 UNIVERSITY OF WISCONSIN 29
  30. 30. Things That Make theThings That Make the Deep Web WorkDeep Web Work Bulletproof Web-hosting Services Some Web hosts in places such as Russia or Ukraine welcome all content, make no attempts to learn their customers’ true identities, accept anonymous payments in bitcoin, and routinely ignore subpoena requests from law enforcement. 10/28/16 UNIVERSITY OF WISCONSIN 30
  31. 31. Things That Make theThings That Make the Deep Web WorkDeep Web Work Cloud Computing By hosting their criminal malware with reputable firms, hackers are much less likely to see their traffic blocked by security systems. A recent study suggested that 16 percent of the world’s malware and cyberattack distribution channels originated in the Amazon Cloud. 10/28/16 UNIVERSITY OF WISCONSIN 31
  32. 32. Things That Make theThings That Make the Deep Web WorkDeep Web Work Crimeware Less skilled criminals can buy all the tools they need to identify system vulnerabilities, commit identity theft, compromise servers, and steal data. It was a hacker with just such a tool kit who invaded Target’s point-of-sale system in 2013. 10/28/16 UNIVERSITY OF WISCONSIN 32
  33. 33. Things That Make theThings That Make the Deep Web WorkDeep Web Work Hackers For Hire Organized cybercrime syndicates outsource hackers-for-hire. The Hidden Lynx group boasts up to 100 professional cyberthieves, some of whom are known to have penetrated systems at Google, Adobe, and Lockheed Martin. 10/28/16 UNIVERSITY OF WISCONSIN 33
  34. 34. Things That Make theThings That Make the Deep Web WorkDeep Web Work Multilingual Crime Call Centers Employees will play any duplicitous role you would like, such as providing job and educational references, initiating wire transfers, and unblocking hacked accounts. Calls cost around $10. 10/28/16 UNIVERSITY OF WISCONSIN 34
  35. 35. Be Careful of What YouBe Careful of What You Search For, You Might Just Find ItSearch For, You Might Just Find It 10/28/16 UNIVERSITY OF WISCONSIN 35
  36. 36. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 36
  37. 37. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 37
  38. 38. Deep Web, Dangerous WebDeep Web, Dangerous Web SteganographySteganography (ste-g&n-o´gr&-fē) (n.) The art and science of hiding information by embedding messages within other, seemingly harmless messages 10/28/16 UNIVERSITY OF WISCONSIN 38
  39. 39. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 39
  40. 40. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 40
  41. 41. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 41
  42. 42. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 42
  43. 43. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 43
  44. 44. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 44
  45. 45. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 45
  46. 46. Deep WebDeep Web Dangerous WebDangerous Web 10/28/16 UNIVERSITY OF WISCONSIN 46
  47. 47. Deep Web VideoDeep Web Video https://www.youtube.com/watch?v=osYwxy9B4Y4 10/28/16 UNIVERSITY OF WISCONSIN 47
  48. 48. Class DiscussionClass Discussion You love the Internet. However, you favorite sites, such as Facebook, Amazon, and wisc.edu are just the surface. There is another world out there: the Deep Web The Deep Web is where online information is password protected, or requires special software to access—and it’s massive, yet it’s almost completely out of sight. The Deep Web contains a hidden world, a community where malicious actors unite in common nefarious purpose. Should the government control or forbid certain sites? Why? Do you think buying the following items on the Internet is possible? If it is possible, should they be forbidden? How and why? • Drugs (both prescription and clearly the clearly illegal type) • Forged identity papers • Weapons, explosives and ammunition • Hired assassins • Human organs 10/28/16 UNIVERSITY OF WISCONSIN 48
  • TriciaAHoward

    Oct. 28, 2016

On the occasion of Halloween, I like to give the students in my IS 365 Information Security class at the University of Wisconsin-Madison, a break from the normal course material. Therefore, today, I presented a class lecture on the Deep Web (the hidden, scary and dark side of the Internet) Appropriate for this spooky time of year. While it was intended to be fun, it also sparked good conversation within the class, and they learned some solid concepts about ways in which people try to evade IT security controls, to preserve anonymity.

Views

Total views

453

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

16

Shares

0

Comments

0

Likes

1

×