Abstract
Cybersecurity crimes masterminded at dark web pose social security threats global and open a conundrum for researchers in the field of security informatics. Dark web describes a layer beneath deep web on Internet protocol stack that is designed to be concealed from orthodox search engines. The concealment of orthodox search engines has made it extremely hard for law enforcement agencies to track specific websites that pose great cybersecurity threats. This research was supported financially by the BankSeta, Council on Scientific and Industrial Research and National Research Foundation of South Africa to track the malicious use of dark web through South African Internet protocol address space. The study applies the method of dark web crawling using onion router to track traffic with high tendency for cybersecurity threats. The results of crawling experimental indicate that child pornography, sales of spyware, hacking, sales of drugs, planning of violence and sales of dangerous weapons are the frequent malicious use of dark web in South Africa. The outcome of this study can help in creating an accurate revelation of cybersecurity threats to assist law enforcement agencies to combat cybercriminals in the country.
Similar content being viewed by others
References
Ablon L. Markets for cybercrime tools and stolen Data. IEEE Trans Internet Comput. 2014;6(2):3–5.
Adler M. An analysis of the degradation of anonymous protocols. ACM Trans Priv Secur. 2012;15(3):5–13.
Alsabah M. Enhancing TOR's performance using real time traffic classification. ACM Trans Web. 2014;12(4):73–84.
Bai X. Traffic identification of TOR and web-mix. IEEE Trans Knowl Data Eng. 2014;1(2):548–51.
Baravalle A, Lopez M. Mining the dark web: drugs and fake Ids. In Proceedings of the IEEE International Conference on Data Mining Workshops, ICDMW, New Orleans, LA, USA. 2017. pp. 350–356.
Barker D, Barker M. Internet research illustrated. Cengage J Internet Priv. 2016;8(6):4.
Bauer K. Low resource routing attacks against TOR. ACM Trans Internet Technol. 2014;17(5):11–20.
Burch B. Tracing anonymous packets to their approximate source. J Manag Inform Syst. 2014;8(5):319–28.
Van Buskirk J, Roxburgh A, Naicker S, Burns L. A response to Dolliver’s evaluating drug trafficking on the Tor network. Int J Drug Policy. 2015;26(11):1126–7.
Carvalho D. Darknet usage by country-the anonymous internet. IEEE Trans Knowl Data Eng. 2017;6(3):2–6.
Chaabane A. Digging into anonymous traffic: a deep analysis of the TOR anonymising network. IEEE J Internet Comput. 2012;5(8):167–74.
Charavarty S. Detecting eavesdropping in tor using decoys. ACM Trans Internet Technol. 2014;11(2):221–41.
Chen H. Dark web: Exploring and data mining the dark side of the web. J Sci Bus Media. 2014;6(2):134–43.
Chertoff M. The impact of the dark web on internet governance and cyber security. Global Comm Internet Gov. 2015;1(2):101–5.
Christin N. Traveling the silk road: a measurement analysis of a large anonymous online marketplace. Springer J Inform Secur Priv. 2013;9(3):3–11.
Christin N. Silk road: an analysis of a large anonymous online marketplace. J Inform Secur Priv. 2015;10(6):2–8.
Ciancaglin V. Below the surface: Exploring the deep web. ACM Trans Web. 2015;12(4):73–84.
DARPA. Defence advanced research project agency, Memex. ACM Trans Priv Secur. 2017;12(3):12–32.
Dingeldine R. The second-generation onion router. Springer J Inform Secur Priv. 2015;4(1):4–8.
Dolliver D. A rejoinder to authors: data collection on TOR. Int J Drug Pol. 2015;26(11):1128–9.
Flores R. Sextortion in the far east. J Manag Inform Syst. 2016;4(2):389–483.
Ghaffar Y. Spying in the Dark: TCP and TOR traffic analysis. Springer J Internet Secur Priv. 2016;6(8):100–19.
Goldsmith J. Who controls the internet? Univ Chicago Law Rev. 2016;1(1):1217–22.
Goncharov M. Russian underground 101. Trend micro security intelligence. ACM Trans Storage. 2015;7(6):87–95.
Hacquebord F. The mysterious MEVADE malware. ACM Trans Web. 2015;8(3):3–8.
Hayes D, Cappa F, Cardon J. A framework for more effective dark web marketplace investigations. J Manag Inform Syst. 2018;13(3):31–5.
Houmansadr A. The parrot is dead: Observing unobservable network communications. ACM Trans Internet Technol. 2014;15(7):65–79.
King G. How censorship in China allows government criticism but silences collective expression. Springer J Inform Secur Priv. 2015;7(7):23–34.
Mahto D. A dive into web scraper world. ACM Trans Internet Technol. 2016;15(7):65–79.
McCoy K. Performance measurements and statistics of TOR hidden services. IEEE Internet Comput. 2008;10(2):1–7.
McCoy K. Shining light in dark places: Understanding the TOR network. IEEE J Internet Comput. 2014;9(4):23–76.
MooreD, Rid T. Cryptopolitik and the darknet. In: IEEE Transactions on Knowledge and Data Engineering. 2016; pp. 123–135.
Murdoch S. Low-Cost Traffic Analysis of TOR. ACM Trans Internet Technol. 2015;8(6):183–95.
Norton Y. Sex addiction as affect dysregulation. J Clin Investig. 2016;1(1):1444–511.
Pannu C. Using deep web search engines for academic and scholarly research. J Manage Inf Syst. 2019;19(2):121–34.
Plachouras V, Carpentier F, Faheem M, Masanès J, Risse T, Senellart P, Siehndel P, Stavrakas Y. ARCOMEM crawling architecture. Future Internet. 2014;6(2):518–41.
Rahayuda I, Santiari P. Crawling and cluster hidden web using crawler framework and fuzzy-KNN. ACM Trans Privacy Security 2017;5(23): 212–5.
Revell T. US guns sold in Europe via dark web. J Manag Inform Syst Q. 2017;4(6):111–22.
Robertson J. Dark web cyber threat intelligence mining. Cambridge: Cambridge University Press; 2019.
Sancho D. Steganography and malware: Concealing code and C&C. Trendlabs Secur Intell. 2015;2(2):13–23.
Tang C. An improved algorithm for TOR circuit scheduling. ACM Trans Priv Secur. 2014;4(22):329–39.
TOR. TOR Metrics Portal. 2015. https://www.torproject.org/. Accessed 22 Sep 2017.
Trendlabs A. The many faces of cybercrime. Trend Micro Secur News. 2017;3(3):65–766.
Vinto K. Silk road CreaTORRoss. Int J Drug Policy. 2015;6(2):112–34.
Vitare B. Russian is collecting encryption keys as anti-terrorism legislation goes into effect. ACM Trans Privacy Secur. 2016;12(3):12–32.
Wanjala G. Social media forensics for hate speech opinion mining. Int J Comput. 2016;8(5):975–8887.
Weimann G. Going dark: Terrorism on dark web. Stud Confl Terror. 2016;1(1):195–206.
Westlake B. Assessing the validity of automated WebCrawler’s as data collection tools to investigate online child sexual exploitation. J Sex Abuse. 2017;29(7):2–10.
Winter P. How the great firewall of China is blocking TOR. Springer J Inf Secur Priv. 2014;7(6):1–4.
Wright P. Pentagon hunts for ISIS on the secret internet. IEEE Trans Serv Comput. 2017;3(1):4–8.
Yaneza J. Defending against TOR-using malware. Trendlabs Secur Intell Blog. 2014;6(1):12–8.
Zabihimayvan M, Sadeghi R. A broad evaluation of the Tor English content ecosystem. In: ACM Proceedings on Web Science.2019; pp. 333–342.
Zetter K. New “Google” for the dark web makes buying dope and guns easy. ACM Trans Priv Secur. 2017;4(22):329–39.
Zhang X, Chow KP. A framework for dark web threat intelligence analysis. Int J Digit Crime Forensics (IJDCF). 2018;10(4):108–17.
Zillman M. Deep web research and discovery resources. IEEE J Internet Comput. 2017;4(6):482–94.
Zulkarnine AT, Frank R, Monk B, Mitchell J, Davies G. Surfacing collaborated networks in dark web to find illicit and criminal content. In: IEEE Conference Proceedings on Intelligence and Security Informatics. 2016; pp. 109–114.
Funding
This study was funded by the Council on Scientific Industrial Research (CSIR) and the National Research Fund (NRF).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of Interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Gokhale, C., Olugbara, O.O. Dark Web Traffic Analysis of Cybersecurity Threats Through South African Internet Protocol Address Space. SN COMPUT. SCI. 1, 273 (2020). https://doi.org/10.1007/s42979-020-00292-y
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42979-020-00292-y