Dark Web
Dark Web
Dark Web vs Surface
Web
Anonymity
Tor
Bitcoins
Dark Web Usage
Privacy Issues
 SAFWAN HASHMI 19

Dark Web
• Dark web misinterpreted as Deep Web
• Dark Web is Part of Deep Web
• Unlinked content
• Only accessible using special browser software
• Protects anonymity and privacy

Dark Web vs Surface Web
• Surface Web • Dark Web
• Entries are statically generated
• Linked Content (web crawled)
• Readily accessible through any
browser or search engine unlike
the Deep Web, which requires
special search engines, browsers,
and proxies to access.
• Entries are dynamically
generated (submitted to a
query or accessed via form).
• Unlinked Content
• Contextual Web
• Private Web
• Scripted Content
• Non-HTML content
• Limited Access Content (anti-
robot protocols like CAPTCHA)

Anonymity?
• Tor designed to hide identity
• Surface internet browsing
• Doesn’t protect against vulnerabilities
o Server
 Anonymous
 Showboating?
o User’s computers
 Compromise = exposure
 Traps?
• Impossible to be completely anonymous online!

Access Through Tor
● “The onion router”
● Similar to a Firefox browser
● Simple, anyone can get it
● Host machine is untraceable
○ Can stay anonymous
○ Can access Darknet
○ Can see .onion extensions

Component of Tor
• Client: the user of the Tor network
• Server: the target TCP applications such as web servers
• Tor (onion) router: the special proxy relays the application data
• Directory server: servers holding Tor router information

How Tor Works? --- Onion Routing
Alice Bob
OR2
OR1
M
√M
• A circuit is built incrementally one hop by one hop
• Onion-like encryption
• Alice negotiates an AES key with each router
• Messages are divided into equal sized cells
• Each router knows only its predecessor and successor
• Only the Exit router (OR3) can see the message, however it does not
know where the message is from
M
OR3
M
C1 C2
C2 C3
C3 Port

TOR Reported Vulnerabilities
• TOR Possible vulnerabilities can be identified into following categories
• Probabilistic
• Entry and exit onion router selection
• Traffic and time analysis based attacks
• Protocol vulnerabilities
• Tor’s authentication protocol Exploits Tor’s bridge service

How Federal Agencies Break the
Hidden TOR Network?
• A former Tor Project developer created malware for the Federal Bureau of Investigation that
allowed agents to unmask users of the anonymity software.
• Matt Edman is a cybersecurity expert who developed a malware, the malware targeted the Flash
inside the Tor Browser to unmask the IP’s of anonymous user.
• Volynkin and McCord, (Researchers from CMU - Carnegie Mellon University) discovered a security
flaw in the Tor network while at their jobs at CERT. They then used it to carry out research into the
Tor network itself.
• Over a six-month period they added a group of relays to the anonymizing network which,
combined with their knowledge of the security flaw, enabled them to identify specific users
through their IP addresses, to track them, and to see specific websites they visited.
• The researchers did not inform the Tor Project of this flaw, but this news caught by FBI and they
used it in the real world to arrest two people one working on Silk Road and other on Child Sex
Abuse
• No one from CMU or the FBI is willing to speak on the record beyond the issued statements, so
perhaps this will remain a mystery of the internet. Well, unless Tor can get some hard evidence of
collusion between the FBI and Carnegie Mellon University.

telegraph.co.uk, 22 April 2014
17%
15%
8%
3%
9%7%
2%
39%
Child pornography
Drugs
Counterfeit goods
Hacking information
Politics
Hardware/Software information
Art
Other/Unknown
Dark Web Usage

Crypto Currency
• Currency in digital format in which cryptographic techniques are used for
regulatory, generation and verification purposes.
• Operate independently of a central bank so no central point of authority.
• Block chain database.
• Distributed ledger.
• Miners maintain the balance of ledger.
• Most crypto currencies are designed to gradually decrease production of
currency

Bitcoins
• Electronic currency created and held electronically.
• Proposed by Software Engineer Satoshi Nakamoto.
• Currency independent of any central authority.
• Transferrable electronically more or less instantly with low transaction fees.
• Bitcoins are ‘mined’.

Bitcoin-Payment Method
• Get a wallet
• Buy bitcoin
• Make a payment – Three possible ways:
1. Scan the QR
2. Open in Wallet
3. Send the payment
manually.
• Refund and troubleshooting

Who prints Bitcoin?
• No one
• This currency isn’t physically printed by a central bank
• Created digitally by community of people anyone can join.
• Mined using computational power in a distributed network.
• Same network is used as payment network for processing and validating
transactions.

How does mining work
• Process of adding transaction records to Bitcoin's public ledger of past
transactions or block chain.
• Serves two purposes:
1. Confirms transaction in a trustful manner when enough computational
power (effort) is devoted to block.
2. Creates (issues) new coins in block.
• Using computing power of third parties to achieve faster mining performance
(without knowledge and consent of the third party).

Mining Process

Attacks / Problem of Mining
• Distributed Denial of Service Attacks (DDoS)
• Lots of data is sent to nodes that make them so busy they cannot even
process normal bitcoin transactions.
• The 51% cartel attack /A Goldfinger attack
The ability of someone controlling a majority of network hash rate to revise
transaction history and prevent new transactions from confirming.
• Wallet services or mining hardware attacks
• Attacking High Net worth Individuals in the Community or Zero day
exploits, or attack the supply chain infrastructure, such as wallet services
or mining hardware.
• Selfish mining
• This is where one miner, or mining pool, does not publish and distribute a
valid solution to the rest of the network.

Privacy Issues of Dark Web
• The temptation of pursuing illegal activities on the Deep Web is difficult to
overcome.
• Installing the TOR browser does not make you a criminal, modern day patriots
come in the form of whistleblowers.
• The deep web can be considered a safe haven to expose corruption in high
levels of government and business.
• It is now revealed that NSA is invading the privacy of millions around the
world through its Surveillance
• TOR network can provide you Privacy of your contents by applying
cryptographic techniques (encrypted multiple times passing through nodes)
but if required, the agencies can invade your privacy, as it is evident from the
case of closing down the Silk road trading site in Oct, 2014.
• One need to take all those steps one takes on a Surface Web to protect his/her

References
• https://www.cryptocompare.com/coins/guides/what-is-bitcoin-selfish-mining/
• http://bitledger.info/tag/bitcoin-security/
• https://en.bitcoin.it/wiki/Weaknesses
• https://www.bitcoinmining.com/
• http://www.coindesk.com/information/how-bitcoin-mining-works/
• https://bitpay.com/pay-with-bitcoin
• https://en.wikipedia.org/wiki/Distributed_database
• National Security Implications of virtual currency – Examining the potential for non-state actor
deployment published by RAND Corporation
• The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries - (WEIS 2013)
Washington, DC, June 11-12, 2013