T-shirts for hackers, designed by a hacker! @ ControlAlt.shop [CLICK HERE]   
Skip to main content

Advertisement

SpringerLink
Log in

Dark Web Traffic Analysis of Cybersecurity Threats Through South African Internet Protocol Address Space

  • Original Research
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

Cybersecurity crimes masterminded at dark web pose social security threats global and open a conundrum for researchers in the field of security informatics. Dark web describes a layer beneath deep web on Internet protocol stack that is designed to be concealed from orthodox search engines. The concealment of orthodox search engines has made it extremely hard for law enforcement agencies to track specific websites that pose great cybersecurity threats. This research was supported financially by the BankSeta, Council on Scientific and Industrial Research and National Research Foundation of South Africa to track the malicious use of dark web through South African Internet protocol address space. The study applies the method of dark web crawling using onion router to track traffic with high tendency for cybersecurity threats. The results of crawling experimental indicate that child pornography, sales of spyware, hacking, sales of drugs, planning of violence and sales of dangerous weapons are the frequent malicious use of dark web in South Africa. The outcome of this study can help in creating an accurate revelation of cybersecurity threats to assist law enforcement agencies to combat cybercriminals in the country.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Source:

Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15

Similar content being viewed by others

References

  1. Ablon L. Markets for cybercrime tools and stolen Data. IEEE Trans Internet Comput. 2014;6(2):3–5.

    Google Scholar 

  2. Adler M. An analysis of the degradation of anonymous protocols. ACM Trans Priv Secur. 2012;15(3):5–13.

    Google Scholar 

  3. Alsabah M. Enhancing TOR's performance using real time traffic classification. ACM Trans Web. 2014;12(4):73–84.

  4. Bai X. Traffic identification of TOR and web-mix. IEEE Trans Knowl Data Eng. 2014;1(2):548–51.

    Google Scholar 

  5. Baravalle A, Lopez M. Mining the dark web: drugs and fake Ids. In Proceedings of the IEEE International Conference on Data Mining Workshops, ICDMW, New Orleans, LA, USA. 2017. pp. 350–356.

  6. Barker D, Barker M. Internet research illustrated. Cengage J Internet Priv. 2016;8(6):4.

    Google Scholar 

  7. Bauer K. Low resource routing attacks against TOR. ACM Trans Internet Technol. 2014;17(5):11–20.

    Google Scholar 

  8. Burch B. Tracing anonymous packets to their approximate source. J Manag Inform Syst. 2014;8(5):319–28.

    Google Scholar 

  9. Van Buskirk J, Roxburgh A, Naicker S, Burns L. A response to Dolliver’s evaluating drug trafficking on the Tor network. Int J Drug Policy. 2015;26(11):1126–7.

    Google Scholar 

  10. Carvalho D. Darknet usage by country-the anonymous internet. IEEE Trans Knowl Data Eng. 2017;6(3):2–6.

    Google Scholar 

  11. Chaabane A. Digging into anonymous traffic: a deep analysis of the TOR anonymising network. IEEE J Internet Comput. 2012;5(8):167–74.

    Google Scholar 

  12. Charavarty S. Detecting eavesdropping in tor using decoys. ACM Trans Internet Technol. 2014;11(2):221–41.

    Google Scholar 

  13. Chen H. Dark web: Exploring and data mining the dark side of the web. J Sci Bus Media. 2014;6(2):134–43.

    MathSciNet  Google Scholar 

  14. Chertoff M. The impact of the dark web on internet governance and cyber security. Global Comm Internet Gov. 2015;1(2):101–5.

    Google Scholar 

  15. Christin N. Traveling the silk road: a measurement analysis of a large anonymous online marketplace. Springer J Inform Secur Priv. 2013;9(3):3–11.

    Google Scholar 

  16. Christin N. Silk road: an analysis of a large anonymous online marketplace. J Inform Secur Priv. 2015;10(6):2–8.

    Google Scholar 

  17. Ciancaglin V. Below the surface: Exploring the deep web. ACM Trans Web. 2015;12(4):73–84.

    Google Scholar 

  18. DARPA. Defence advanced research project agency, Memex. ACM Trans Priv Secur. 2017;12(3):12–32.

    Google Scholar 

  19. Dingeldine R. The second-generation onion router. Springer J Inform Secur Priv. 2015;4(1):4–8.

    Google Scholar 

  20. Dolliver D. A rejoinder to authors: data collection on TOR. Int J Drug Pol. 2015;26(11):1128–9.

    Google Scholar 

  21. Flores R. Sextortion in the far east. J Manag Inform Syst. 2016;4(2):389–483.

    Google Scholar 

  22. Ghaffar Y. Spying in the Dark: TCP and TOR traffic analysis. Springer J Internet Secur Priv. 2016;6(8):100–19.

    Google Scholar 

  23. Goldsmith J. Who controls the internet? Univ Chicago Law Rev. 2016;1(1):1217–22.

    Google Scholar 

  24. Goncharov M. Russian underground 101. Trend micro security intelligence. ACM Trans Storage. 2015;7(6):87–95.

    Google Scholar 

  25. Hacquebord F. The mysterious MEVADE malware. ACM Trans Web. 2015;8(3):3–8.

    Google Scholar 

  26. Hayes D, Cappa F, Cardon J. A framework for more effective dark web marketplace investigations. J Manag Inform Syst. 2018;13(3):31–5.

    Google Scholar 

  27. Houmansadr A. The parrot is dead: Observing unobservable network communications. ACM Trans Internet Technol. 2014;15(7):65–79.

    Google Scholar 

  28. King G. How censorship in China allows government criticism but silences collective expression. Springer J Inform Secur Priv. 2015;7(7):23–34.

    Google Scholar 

  29. Mahto D. A dive into web scraper world. ACM Trans Internet Technol. 2016;15(7):65–79.

    Google Scholar 

  30. McCoy K. Performance measurements and statistics of TOR hidden services. IEEE Internet Comput. 2008;10(2):1–7.

    Google Scholar 

  31. McCoy K. Shining light in dark places: Understanding the TOR network. IEEE J Internet Comput. 2014;9(4):23–76.

    Google Scholar 

  32. MooreD, Rid T. Cryptopolitik and the darknet. In: IEEE Transactions on Knowledge and Data Engineering. 2016; pp. 123–135.

  33. Murdoch S. Low-Cost Traffic Analysis of TOR. ACM Trans Internet Technol. 2015;8(6):183–95.

    Google Scholar 

  34. Norton Y. Sex addiction as affect dysregulation. J Clin Investig. 2016;1(1):1444–511.

    Google Scholar 

  35. Pannu C. Using deep web search engines for academic and scholarly research. J Manage Inf Syst. 2019;19(2):121–34.

    Google Scholar 

  36. Plachouras V, Carpentier F, Faheem M, Masanès J, Risse T, Senellart P, Siehndel P, Stavrakas Y. ARCOMEM crawling architecture. Future Internet. 2014;6(2):518–41.

    Google Scholar 

  37. Rahayuda I, Santiari P. Crawling and cluster hidden web using crawler framework and fuzzy-KNN. ACM Trans Privacy Security 2017;5(23): 212–5.

  38. Revell T. US guns sold in Europe via dark web. J Manag Inform Syst Q. 2017;4(6):111–22.

    Google Scholar 

  39. Robertson J. Dark web cyber threat intelligence mining. Cambridge: Cambridge University Press; 2019.

    Google Scholar 

  40. Sancho D. Steganography and malware: Concealing code and C&C. Trendlabs Secur Intell. 2015;2(2):13–23.

    Google Scholar 

  41. Tang C. An improved algorithm for TOR circuit scheduling. ACM Trans Priv Secur. 2014;4(22):329–39.

    Google Scholar 

  42. TOR. TOR Metrics Portal. 2015. https://www.torproject.org/. Accessed 22 Sep 2017.

  43. Trendlabs A. The many faces of cybercrime. Trend Micro Secur News. 2017;3(3):65–766.

    Google Scholar 

  44. Vinto K. Silk road CreaTORRoss. Int J Drug Policy. 2015;6(2):112–34.

    Google Scholar 

  45. Vitare B. Russian is collecting encryption keys as anti-terrorism legislation goes into effect. ACM Trans Privacy Secur. 2016;12(3):12–32.

    Google Scholar 

  46. Wanjala G. Social media forensics for hate speech opinion mining. Int J Comput. 2016;8(5):975–8887.

    Google Scholar 

  47. Weimann G. Going dark: Terrorism on dark web. Stud Confl Terror. 2016;1(1):195–206.

    Google Scholar 

  48. Westlake B. Assessing the validity of automated WebCrawler’s as data collection tools to investigate online child sexual exploitation. J Sex Abuse. 2017;29(7):2–10.

    Google Scholar 

  49. Winter P. How the great firewall of China is blocking TOR. Springer J Inf Secur Priv. 2014;7(6):1–4.

    Google Scholar 

  50. Wright P. Pentagon hunts for ISIS on the secret internet. IEEE Trans Serv Comput. 2017;3(1):4–8.

    MathSciNet  Google Scholar 

  51. Yaneza J. Defending against TOR-using malware. Trendlabs Secur Intell Blog. 2014;6(1):12–8.

    Google Scholar 

  52. Zabihimayvan M, Sadeghi R. A broad evaluation of the Tor English content ecosystem. In: ACM Proceedings on Web Science.2019; pp. 333–342.

  53. Zetter K. New “Google” for the dark web makes buying dope and guns easy. ACM Trans Priv Secur. 2017;4(22):329–39.

    Google Scholar 

  54. Zhang X, Chow KP. A framework for dark web threat intelligence analysis. Int J Digit Crime Forensics (IJDCF). 2018;10(4):108–17.

    Google Scholar 

  55. Zillman M. Deep web research and discovery resources. IEEE J Internet Comput. 2017;4(6):482–94.

    Google Scholar 

  56. Zulkarnine AT, Frank R, Monk B, Mitchell J, Davies G. Surfacing collaborated networks in dark web to find illicit and criminal content. In: IEEE Conference Proceedings on Intelligence and Security Informatics. 2016; pp. 109–114.

Download references

Funding

This study was funded by the Council on Scientific Industrial Research (CSIR) and the National Research Fund (NRF).

Author information

Authors and Affiliations

  1. ICT & Society Research Group, South Africa Luban Workshop, Durban University of Technology, Durban, South Africa

    C. Gokhale & O. O. Olugbara

Authors
  1. C. Gokhale
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. O. O. Olugbara
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to C. Gokhale.

Ethics declarations

Conflict of Interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gokhale, C., Olugbara, O.O. Dark Web Traffic Analysis of Cybersecurity Threats Through South African Internet Protocol Address Space. SN COMPUT. SCI. 1, 273 (2020). https://doi.org/10.1007/s42979-020-00292-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-020-00292-y

Keywords

Search

Navigation