The Dark Web Phenomenon: A Review and Research Agenda

The internet can be broadly divided into three parts: surface, deep and dark. The dark web has become notorious in the media for being a hidden part of the web where all manner of illegal activities take place. This review investigates how the dark web is being utilised with an emphasis on cybercrime, and how law enforcement plays the role of its adversary. The review describes these hidden spaces, sheds light on their history, the activities that they harbour including cybercrime, the nature of attention they receive, and methodologies employed by law enforcement in an attempt to defeat their purpose. More importantly, it is argued that these spaces should be considered a phenomenon and not an isolated occurrence to be taken as merely a natural consequence of technology. This paper contributes to the area of dark web research by serving as a reference document and by proposing a research agenda.

[1]  Gareth Owen,et al.  Empirical analysis of Tor Hidden Services , 2016, IET Inf. Secur..

[2]  Claudia Díaz,et al.  Inside Job: Applying Traffic Analysis to Measure Tor from Within , 2018, NDSS.

[3]  Tuure Tuunanen,et al.  A Contigency Model for Requirements Development , 2007, J. Assoc. Inf. Syst..

[4]  Wee Keong Ng,et al.  Application of Stylometry to DarkWeb Forum User Identification , 2016, ICICS.

[5]  Rens Scheepers,et al.  Asset Identification in Information Security Risk Assessment: A Business Practice Approach , 2016, Commun. Assoc. Inf. Syst..

[6]  David Hoffman,et al.  It Takes Data to Protect Data , 2017 .

[7]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[8]  J. Nye Deterrence and Dissuasion in Cyberspace , 2017, International Security.

[9]  Kevin C. Desouza,et al.  Strategically-motivated advanced persistent threat: Definition, process, tactics and a disinformation model of counterattack , 2019, Comput. Secur..

[10]  Jay F. Nunamaker,et al.  Exploring Emerging Hacker Assets and Key Hackers for Proactive Cyber Threat Intelligence , 2017, J. Manag. Inf. Syst..

[11]  Graeme G. Shanks,et al.  A situation awareness model for information security risk management , 2014, Comput. Secur..

[12]  Atif Ahmad,et al.  Incorporating a knowledge perspective into security risk assessments , 2011 .

[13]  Thomas Rid,et al.  Cryptopolitik and the Darknet , 2016 .

[14]  J. Broséus,et al.  Characterising the online weapons trafficking on cryptomarkets. , 2018, Forensic science international.

[15]  Martin C. Libicki,et al.  Markets for Cybercrime Tools and Stolen Data: Hackers' Bazaar , 2014 .

[16]  Paulo Shakarian,et al.  Early Warnings of Cyber Threats in Online Discussions , 2017, 2017 IEEE International Conference on Data Mining Workshops (ICDMW).

[17]  Paul F. Syverson,et al.  Locating hidden servers , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[18]  Björn Scheuermann,et al.  The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network , 2014, NDSS.

[19]  Zizi Papacharissi,et al.  The virtual sphere: The internet as a public sphere , 2018, New Media Soc..

[20]  Government Activities to Detect, Deter and Disrupt Threats Enumerating from the Dark Web , 2017 .

[21]  Ahmed Abbasi,et al.  Affect Intensity Analysis of Dark Web Forums , 2007, 2007 IEEE Intelligence and Security Informatics.

[22]  George Tsakalidis,et al.  A Systematic Approach Toward Description and Classification of Cybercrime Incidents , 2019, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[23]  Mark van Staalduinen,et al.  Towards a Comprehensive Insight into the Thematic Organization of the Tor Hidden Services , 2014, 2014 IEEE Joint Intelligence and Security Informatics Conference.

[24]  Ahmad Diab,et al.  Darknet and deepnet mining for proactive cybersecurity threat intelligence , 2016, 2016 IEEE Conference on Intelligence and Security Informatics (ISI).

[25]  R. Broadhurst,et al.  Cyber Terrorism: Research Review: Research Report of the Australian National University Cybercrime Observatory for the Korean Institute of Criminology , 2017 .

[26]  Prateek Mittal,et al.  RAPTOR: Routing Attacks on Privacy in Tor , 2015, USENIX Security Symposium.

[27]  Eran Shor,et al.  Counterterrorist Legislation and Respect for Civil Liberties: An Inevitable Collision? , 2017 .

[28]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[29]  Alex Biryukov,et al.  Content and Popularity Analysis of Tor Hidden Services , 2013, 2014 IEEE 34th International Conference on Distributed Computing Systems Workshops (ICDCSW).

[30]  Debasis Samanta,et al.  Network and Security Analysis of Anonymous Communication Networks , 2018, ArXiv.

[31]  Roderic Broadhurst Cybercrime: Thieves, Swindlers, Bandits and Privateers in Cyberspace , 2017 .

[32]  Robert J. Bunker,et al.  Narco-Submarines: Drug Cartels’ Innovative Technology , 2014 .

[33]  Tobby Simon,et al.  The Impact of the Dark Web on Internet Governance and Cyber Security , 2015 .

[34]  Meropi Tzanetakis,et al.  Comparing cryptomarkets for drugs. A characterisation of sellers and buyers over time. , 2018, The International journal on drug policy.

[35]  Peter Stephenson Hiring Hackers , 1999, Inf. Secur. J. A Glob. Perspect..

[36]  Nicolas Christin,et al.  Traveling the silk road: a measurement analysis of a large anonymous online marketplace , 2012, WWW.

[37]  Richard T. Watson,et al.  Analyzing the Past to Prepare for the Future: Writing a Literature Review , 2002, MIS Q..

[38]  Lucy Burns,et al.  The closure of the Silk Road: what has this meant for online drug trading? , 2014, Addiction.

[39]  Sophia Vogt The Digital Underworld: Combating Crime on the Dark Web in the Modern Era , 2017 .

[40]  Marc Dacier,et al.  Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services , 2015, USENIX Security Symposium.

[41]  Gabriel Weimann,et al.  Going Dark: Terrorism on the Dark Web , 2016 .

[42]  M. Barratt,et al.  Constructive activism in the dark web: cryptomarkets and illicit drugs in the digital ‘demimonde’ , 2016 .

[43]  Campbell Wilson,et al.  Criminal motivation on the dark web: A categorisation model for law enforcement , 2018, Digit. Investig..

[44]  Gabriel Weimann,et al.  Terrorist Migration to the Dark Web , 2016 .

[45]  Atif Ahmad Tactics of Attack and Defence in Physical and Digital Environments: An Asymmetric Warfare Approach , 2010 .

[46]  Alex Biryukov,et al.  Bitcoin over Tor isn't a Good Idea , 2014, 2015 IEEE Symposium on Security and Privacy.

[47]  Jeimy J. Cano,et al.  Cybercrime and cybercriminals: A comprehensive study , 2016 .

[48]  Andrew S. Tanenbaum,et al.  Distributed systems: Principles and Paradigms , 2001 .

[49]  Michael Chertoff,et al.  A public policy perspective of the Dark Web , 2017 .

[50]  Florian Skopik,et al.  Collaborative Cyber Threat Intelligence : Detecting and Responding to Advanced Cyber Attacks at the National Level , 2017 .

[51]  Kristan Stoddart UK cyber security and critical national infrastructure protection , 2016 .

[52]  Fredrik Johansson,et al.  Harvesting and analysis of weak signals for detecting lone wolf terrorists , 2012, 2012 European Intelligence and Security Informatics Conference.