Volume 15 , Issue 1 , PP: 166-178, 2025 | Cite this article as | XML | Html | PDF | Full Length Article
Vinod Babu Bollikonda 1 * , KVD Kiran 2
Doi: https://doi.org/10.54216/JCIM.150113
This study is centered on the possible methods to analyze and investigate dark web crimes by technical and non-technical users such as law enforcement agencies. Also, the study focuses on learning anonymity procedures used by malicious actors to hide their identity on the dark web and identify the challenges to making a network-level investigation. The other objective is to study the proven methods to determine the hidden services directory (HSDir), active marketplaces, crawling and indexing of the dark web pages. Methods: A Proof of Concept (PoC) experiment explores multi-level anonymity techniques used by malicious actors. Level one involves using a commercial VPN to hide system details, and level two employs a hypervisor, MAC changer, proxy server, and the Tor network. The results reveal the complexities of Tor anonymity and provide insights into the methods employed by malicious actors. The proposed methodology offers a comprehensive approach to understanding and investigating dark web crimes, combining website fingerprinting, open-source intelligence, and threat intelligence data. Findings: Investigation teams face challenges as the proven and tested methods of previous works in this study, such as network-level bulk datasets and webpages fingerprinting dataset analysis, are technology-intensive and non-technical users will face challenges. Usage of Anonymous tools and techniques used at the host level (VM), Mac change, VPN and Tor network complicates the investigation to track and trace the activities. Tor browser has hopped through random nodes to anonymize the connection before connecting to the marketplace. MAC Changer will change the Mac address flashed on the network card by the device manufacturer to anonymize the system-level details. Novelty: Identified the requirement of a comprehensive and novel methodology that is adaptable to investigate dark web crimes by the technical and non-technical teams of law enforcement an agency is proposed in this study. This methodology includes website fingerprinting, OSINT and threat intelligence data collected from various sources. This methodology shall evolve with phase-wise steps of proven techniques such as crawling, indexing, attribute-based analysis, and dataset creation to obtain actionable intelligence proposed in this paper to investigate and eradicate dark web crimes.
Dark web , anonymity , hidden services , cybercrimes , tor ,
[1] Nukusheva, Aigul, et al. "Formation of a legislative framework in the field of combating cybercrime and strategic directions of its development." Security Journal 35.3 (2022): 893-912. https://doi.org/10.1057/s41284-021-00304-3
[2] János Besenyő, Attila Gulyas, The Effect of the Dark Web on the Security, Journal of Security and Sustainability Issues 11(2021), no. 1, 103-121, DOI 10.47459/jssi.2021.11.7, https://journals.lka.lt/journal/jssi/article/1510/info.
[3] Matthew Robert Shillito. (2019). Untangling the ‘Dark Web’: an emerging technological challenge for the criminal law, Information & Communications Technology Law. 28(2): 186-207. https://doi.org/10.1080/13600834.2019.1623449.
[4] Clarke, Ian & Sandberg, Oskar & Wiley, Brandon & Hong, Theodore. (2001). Freenet: A Distributed Anonymous Information Storage and Retrieval System. Lecture Notes in Computer Science. 2009. DOI 10.1007/3-540-44702-4_4.
[5] Roberto Magán-Carrión, Alberto Abellán-Galera, Gabriel Maciá-Fernández, Pedro García-Teodoro, Unveiling the I2P web structure: A connectivity analysis, Computer Networks, Volume 194, 2021, 108158, ISSN 1389-1286, https://doi.org/ 10.1016/j.comnet.2021.108158.
[6] L. Basyoni, N. Fetais, A. Erbad, A. Mohamed and M. Guizani, "Traffic Analysis Attacks on Tor: A Survey," 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), Doha, Qatar, 2020, pp. 183-188, doi: 10.1109/ICIoT48696.2020.9089497..
[7] Handalage, Upulie & Prasanga, Tereen. (2021). Dark Web, Its Impact on the Internet and the Society: A Review. 10.13140/RG.2.2.11964.36484.
[8] Martin, J., Munksgaard, R., Coomber, R., Demant, J. and Barratt, M. (2019) 'Selling drugs on dark web crypto markets: differentiated pathways, risks and rewards, British Journal of Criminology.
[9] Malathi S, Arockia Raj Y, Abhishek Kumar, V D Ashok Kumar, Ankit Kumar, Elangovan D, V D Ambeth Kumar*, Chitra B & a Abirami (2021) Prediction of cardiovascular disease using deep learning algorithms to prevent COVID 19, Journal of Experimental & Theoretical Artificial Intelligence, DOI: 10.1080/0952813X.2021.1966842.
[10] van der Bruggen, M., Blokland, A. (2021). Child Sexual Exploitation Communities on the Darkweb: How Organized Are They? In: Weulen Kranenbarg, M., Leukfeldt, R. (eds) Cybercrime in Context. Crime and Justice in Digital Society, vol I. Springer, Cham. https://doi.org/10.1007/978-3-030-60527-8_15.
[11] Kumar, V.D.A., Sharmila, S., Kumar, A. et al. (2023). A novel solution for finding postpartum haemorrhage using fuzzy neural techniques. Neural Comput & Applic. 35(33), 23683–23696
[12] T. Farah and L. Trajković, "Anonym: A tool for anonymization of the Internet traffic," 2013 IEEE International Conference on Cybernetics (CYBCO), Lausanne, Switzerland, 2013, pp. 261-266, doi: 10.1109/CYBConf.2013.6617434. https://ieeexplore.ieee.org/document/6617434
[13] Montieri, Antonio & Ciuonzo, Domenico & Bovenzi, Giampaolo & Persico, Valerio & Pescapè, Antonio. (2019). A Dive into the Dark Web: Hierarchical Traffic Classification of Anonymity Tools. PP. 10.1109/TNSE.2019.2901994.
[14] Kaur, Shubhdeep & Randhawa, Sukhchandan. (2020). Dark Web: A Web of Crimes. Wireless Personal Communications. Wireless Personal Communications: An International JournalVolume 112Issue 4Jun 2020 pp 2131–2158 https://doi.org/10.1007/s11277-020-07143-2.
[15] Ambeth Kumar, V.D. (2016). Human Life Protection In Trenches Using Gas Detection System. Journal of Biomedical Research. .27 (2), 475-484
[16] Openvpn is a VPN client solution, https://openvpn.net/, to connect with any VPN server. Free proxy/VPN server configuration downloaded from https//www.vpnbook.com/, last visited on 10th February 2023.
[17] Kumar, I., Kumar, A., Kumar, V.D.A. et al. (2022) Dense Tissue Pattern Characterization Using Deep Neural Network. Cogn Comput 14, 1728–1751.
[18] Wireshark is network packet analyzer software for network communication analysis, https://www.wireshark.org/download.html. They were last visited on 10th February 2023.
[19] Dwyer, Andrew & Hallett, Joseph & Peersman, Claudia & Edwards, Matthew & Davidson, Brittany & Rashid, Awais. (2022). How darknet market users learned to worry more and love PGP: Analysis of security advice on darknet marketplaces. https://doi.org/10.48550/arXiv.2203.08557
[20] Ambeth Kumar, V.D. Ramakrishnan,M. (2013). Temple and Maternity Ward Security using FPRS. Journal of Electrical Engineering & Technology, 8(3), 633-637.
[21] C. Cilleruelo, L. de-Marcos, J. Junquera-Sánchez and J. -J. Martínez-Herráiz, "Interconnection Between Darknets," in IEEE Internet Computing, vol. 25, no. 3, pp. 61-70, 1 May-June 2021, doi: 10.1109/MIC.2020.3037723. https://ieeexplore.ieee.org/document/9291465.
[22] S. Hemamalini ,V. D. Ambeth Kumar ,R. Venkatesan,S. Malathi. (2023). Relevance Mapping based CNN model with OSR-FCA Technique for Multi-label DR Classification. Journal of Fusion: Practice and Applications, 11 ( 2 ), 90-110.
[23] C. S. Manigandaa,V. D. Ambeth Kumar,G. Ragunath,R. Venkatesan,N. Senthil Kumar. (2023). De-Noising and Segmentation of Medical Images using Neutrophilic Sets. Journal of Fusion: Practice and Applications, 11 ( 2 ), 111-123.
[24] Ambeth Kumar, V.D. (2017). Automation of Image Categorization with Most Relevant Negatives. Pattern Recognition and Image Analysis, 27(3), 371–379.
