Acknowledgements
Authors
Introduction
About This Book
Who This Book Is For
1 Introduction to Cybersecurity and Dark Web
Introduction
Cybersecurity and Cybercrime
Cybersecurity
Cybercrime
Web and Its Levels
Web Levels
Web Categories
Dark Net
The Implication of the Dark Web Crime
Ransomware
Malware, Worms, and Trojan Horses
Botnets and Zombies
Distributed Denial-of-Service Attack
Scareware
Social Network Attacks
Key Hitches
Categories of Crime
Malicious Activities in the Dark Web
Taxonomy of Malware
Challenges of Malware in Cyberspace
Malware Analysis
Static Analysis
Dynamic Analysis
Defense against Malware
The Dark Web in the Context of Emerging Crime Threats
Human Trafficking and Sex Trafficking
Pornography Industry
Assassinations and Its Marketing
Drug Transactions
Child Pornography
Terrorist and ISIS Use the Dark Web
Techniques to Locate Criminals in the Deep Web and Challenges
Summary
Questions
Further Reading
2 Threat Landscape in Dark Net
Emerging Crime Threats in Dark Net
Dark Net Black Markets
Silk Road
AlphaBay
Hansa
Dream Market
Apple Market
Your Drug
Stoned 100
QualityKing
MushBud
Fight Club
L33TER
Agora Market and Forum
Atlantis
Blue Sky Marketplace
Caravan Marketplace
Darknet Heroes League
Outlaw Market
The RealDeal Market
Sheep Marketplace
Russian Anonymous Marketplace
UK Guns and Ammo
HQEB
USA/EU Fake Documents Store
Illegal Goods and Services Offered on the Dark Net
Drugs
Weapons
Communication Channels for Terrorists
Hacking
Assassinations
Fraud
Fake IDs/Driving Licenses
Illegal Wildlife Trade
Child Porn
Malware for Sale
Botnets
Bitcoin Laundry
Leaking of Government Officials’ and Celebrities’ Secrets
Bitcoin and Cryptocurrency Fraud
Terrorism
Conclusion of the Chapter
Summary
References
3 Malicious Dark Net—Tor Network
Introduction to Tor
Usage
Working Pattern of Tor
Challenges of the Tor Network
Website Fingerprinting
Eavesdropping
Traffic Analysis
Exit Node Block
Bad Apple Attack
Browser Vulnerabilities
Freedom Hosting Bug
FoxAcid
Deep Web and Tor
Tor’s Hidden Services
E-Commerce Services
Communication Services
Instant Messaging
Email
File Storage
Financial Services
News Archives
Whistle-blowing Sites
Search Engines
Social Media Platforms
The Users of Tor
Conclusion of the Chapter
Summary
References
4 Malware
Introduction
Learning Outcomes
Classification of Malware
Viruses
Worms
Instant Messaging Worm
Email Worms
P2P Worm
Net Worm
Trojans
Backdoors
Exploit
Rootkit
Trojan ArcBomb
Trojan-Banker
Trojan-Clicker
Trojan DDoS
Trojan Downloader
Trojan Dropper
Trojan FakeAV
Trojan IM
Trojan Proxy
Trojan Ransom
Trojan SMS
Trojan Spy
Malicious Tools
Purpose of Malware
Criminal Business Model of Malware
Source Code Setup: Toolkits, Malicious Codes, Malware Source Codes, Exploits
Infection
Infrastructure
Target Selection: Attack Selection, Attack Vector
Cash Out: Cash-Out Strategies
New Value Chains
Value Chain 1: Man-in-the-Middle Attack on Untargeted Victims
Value Chain 2: Remote Access Tooling Targeting- Small to Medium Enterprise
Value Chain 3: Remote Access Tooling against Financial Institutions
Malware Analysis
Static Analysis
Dynamic/Behavioral Analysis
Malware Detection Techniques
Signature-Based or Fingerprinting Techniques
Heuristics-Based Detection
Behavioral Detection
Cloud-Based Detection
Summary of the Chapter
Questions
Further Reading
5 Cybercriminal Activities in Dark Net
Introduction
Cybercrime and Its Categories
Computer Fraud
Business Email Compromise
Data Breach
Denial of Service
Email Account Compromise
Malware
Phishing
Ransomware
NotPetya
BadRabbit
Locky
Cyberterrorism
Cyber Extortion
Cyberwarfare
Cybercriminal Activities through the Dark Net
Drugs
Human Trafficking, Sex Trade, and Pornography
Weapons
Fake Documents
ATM PIN Pad Skimmers and ATM Malware
Counterfeit Currency
Data Dumps
Exploit Kits
Fake Websites
Data Exfiltration
Monetization of Cybercrime
Extortion
Phishing
Adverts
Theft of Login Details
Premium Rate SMSs
Malware-as-a-Service and Money Laundering
Exploit Writers
Bot Herders
Malware Writers
Money Laundering
Summary of the Chapter
Questions
Further Reading
6 Evolution of the Web and Its Hidden Data
Introduction
Terminologies and Explanations
Origins of the Internet
Internet Characteristics
The World Wide Web
Surface Web Characteristics
Deep Web
Internet Relay Chat
Usenet
Email
Hosting
Evolution of the Hidden Web
Deep Web Information Retrieval Process
Summary of the Chapter
Questions
Further Reading
7 Dark Web Content Analyzing Techniques
Introduction
Surface Web versus Deep Web
Traditional Web Crawlers Mechanism
Surfacing Deep Web Content
Schema Matching for Sources
Data Extraction
Data Selection
Analysis of Deep Web Sites
Qualification of a Deep Web Site Search Analysis
Analysis of the Number of Deep Web Websites
Deep Web Size Analysis
Content Type Analysis
Site Popularity Analysis
Log Analysis
Summary of the Chapter
Questions
Further Reading
8 Extracting Information from Dark Web Contents/Logs
Introduction
Analyzing the Web Contents/Logs
Web Content Analysis
Benefits of Content Analysis
Policy Guidelines for Log Analysis
Risk Assessment
Duties and Responsibilities on Risk Assessment and Mitigation
Risk Mitigation
Responsibility for Maintenance of Web Content Logs
Log Analysis Tools
Advantages of Using Hadoop Framework
Analyzing Files
Extracting Information from Unstructured Data
Summary of the Chapter
Questions
Further Reading
9 Dark Web Forensics
Introduction
Introduction to Forensics
Crypto Market and Cryptocurrencies in the Dark Web
Cryptocurrencies and Money Laundering
Bitcoin ATMs
Bitcoin Mixers
Bitcoin Property Exchanges
Monero
Exposed Cryptocurrency Laundering Schemes
Arrests of Bitcoin Laundering
BTC-e
Forensic Investigation Scope and Models
Scope
Policy and Procedure Development
Evidence Assessment
Evidence Acquisition
Evidence Examination
Documentation and Reporting
Digital Forensic Models
Digital Forensics Framework Investigative Model
Abstract Digital Forensics Model
Integrated Digital Investigation Process
Forensic Toolkit
Anti-Forensics Analysis
VM and Sandbox Detection
Search Engine Characteristics
Summary of the Chapter
Questions
Further Reading
10 Open Source Intelligence
Introduction
What Is Open Source Intelligence?
Security Intelligence and Its Challenges
Cybercrime-as-a-Service
Rising Return on Investment for Cyber Weapons on the Dark Web
Dark Web Security Intelligence Companies
Intelligence Gathering Focus
Hacking-as-a-Service
Exploits for Sale
Vulnerabilities for Sale
Stolen Intellectual Property
Stolen Financial Data
Stolen Personally Identifiable Information
Spam and Phishing Campaigns
The Value for Dark Web Threat Intelligence
Challenges of Security Intelligence
Open Source Intelligence Monitoring Tools
Maltego
Recon-Ng
theHarvester
Shodan
Google Dorks
Data Gathering
Chat Rooms
Direct Conversations
Market Listings
Advanced Search Queries
Challenges in Gathering Data from the Dark Web
Summary of the Chapter
Questions
Further Reading
11 Emerging Trends in the Dark Web and Mitigating Techniques
Introduction
Recent Evolution of the Dark Web
Improved Security, Privacy, and Usability
Improvements in User Interface Design
Trust-Based Markets
Continuity
Crime Patterns
Money Laundering Via Cryptocurrencies
Terrorism on the Dark Web
The Rise of Botnets for Hire
Growth of Hacking-as-a-Service
Increased Malware for Sale Listings
Sale of Stolen Data Listings
Ivory/Rhino Horn Trade on the Dark Web
Preferred Cryptocurrencies
Threat Mapping
Kaspersky Threat Map
Norse
Fortinet
Checkpoint
FireEye
Arbor Networks
Trend Micro
Akamai
State-of-the-Art Mitigating Techniques
Memex
Network Investigation Techniques
Some Conventional Techniques
Informants
Undercover Operations
Tracking of Individuals
Postal Interception
Cyber Patrols
Dark Net Trade Disruptions
Summary of the Chapter
Questions
Further Reading
Index