Spooky Halloween IT Security Lecture -- The Deep Web

Scary Halloween Lecture 365/765
The Deep Web—From Spooky to Creepy
Presented by Nicholas Davis, CISSP, CISA

This presentation contains explicit content,
which some people may find offensive.
The examples shown do not represent my
views or opinions, and are used for
demonstration only.
I do not endorse the use of the Deep Web
for unethical or illicit activities.
10/28/16 UNIVERSITY OF WISCONSIN 2

Session OverviewSession Overview
Introduction and Warning
The Deep Web Defined
Dynamic Content
Unlinked Content
Private Web
Contextual Web
Limited Access Content
Scripted Content
Non-HTML Content
Deep Web Search Engines & Tor Client
Examples of what can found on the Deep Web
Exciting Documentary Video
Question and Answer session

Some DefinitionsSome Definitions
Deep Web, Deep Net, Invisible Web, or
Hidden Web is not part of the Surface
Web (that which is normally accessed).
Do not confuse it with the Dark Internet,
which refers to computers which can no
longer be reached over the Internet
Some people think that the Deep Web is
a haven for serious criminality, and I
agree with them

Normal Web SearchNormal Web Search
vs. Deep Web Searchvs. Deep Web Search
Searching on the Internet today can be
compared to dragging a net across the
surface of the ocean: a great deal may be
caught in the net, but there is a wealth of
information that is deep and therefore
missed

Normal Web SearchNormal Web Search
vs. Deep Web Searchvs. Deep Web Search
Traditional search engines cannot see or
retrieve content in the deep Web—those
pages do not exist until they are created
dynamically as the result of a specific
search. As of 2001, the deep Web was
several orders of magnitude larger than
the surface Web

Deep Web SizeDeep Web Size
It is impossible to measure
or put estimates onto the
size of the deep web
because the majority of the
information is hidden or
locked inside databases.
Early estimates suggested
that the deep web is 4,000
to 5,000 times larger than
the surface web

Deep Web ResourcesDeep Web Resources
Dynamic ContentDynamic Content
Dynamic pages which are returned in
response to a submitted query or
accessed only through a form, especially
if open-domain input elements (such as
text fields) are used; such fields are hard
to navigate without domain knowledge.

Unlinked ContentUnlinked Content
Unlinked content: pages which are not
linked to by other pages, which may
prevent Web crawling programs from
accessing the content. This content is
referred to as pages without backlinks
(or inlinks).

Private WebPrivate Web
Private Web: sites that require
registration and login (password-
protected resources).

Contextual WebContextual Web
Contextual Web:
pages with content
varying for different
access contexts (e.g.,
ranges of client IP
addresses or previous
navigation sequence).

Limited Access ContentLimited Access Content
Limited access content: sites that limit
access to their pages in a technical way
(e.g., using the Robots Exclusion
Standard or CAPTCHAs, or no-store
directive which prohibit search engines
from browsing them and creating
cached copies

Scripted ContentScripted Content
Scripted content: pages that are only
accessible through links produced by
JavaScript as well as content
dynamically downloaded from Web
servers via Flash or Ajax solutions.

Non HTML ContentNon HTML Content
Non-HTML/text
content: textual
content encoded
in multimedia
(image or video)
files or specific
file formats not
handled by
search engines.

Accessing the Deep WebAccessing the Deep Web
While it is not always possible to
discover a specific web server's external
IP address, theoretically almost any site
can be accessed via its IP address,
regardless of whether or not it has been
indexed.

Certain content is
intentionally hidden from
the regular internet,
accessible only with special
software, such as Tor. Tor
allows users to access
websites using the .onion
host suffix anonymously,
hiding their IP address.
Other such software includes
I2P and Freenet.

The Onion Router (Tor)The Onion Router (Tor)
Tool For the Deep WebTool For the Deep Web
Tor is software that installs into your
browser and sets up the specific
connections you need to access dark
Web sites. Critically, Tor is an encrypted
technology that helps people maintain
anonymity online. It does this in part by
routing connections through servers
around the world, making them much
harder to track.

Who Invented Tor?Who Invented Tor?
Oddly enough, Tor is the result of research
done by the U.S. Naval Research
Laboratory, which created Tor for political
dissidents and whistleblowers, allowing
them to communicate without fear of
reprisal.

Tor Client AvailableTor Client Available
For DownloadFor Download

.onion.onion
.onion is a pseudo-top-level domain host
suffix designating an anonymous hidden
service reachable via the Tor network.
Such addresses are not actual DNS
names, and the .onion TLD is not in the
Internet DNS root, but with the
appropriate proxy software installed,
Internet programs such as Web
browsers can access sites with .onion
addresses by sending the request
through the network of Tor servers.

Tor2web

What Deep Web LinksWhat Deep Web Links
Look LikeLook Like
Deep Web links
appear as a random
string of letters
followed by the .onion
TLD. For example,
http://xmh57jrzrnw6i
nsl followed by .onion,
links to TORCH, the
Tor search engine web
page.

Searching the Deep WebSearching the Deep Web
To discover content on the
Web, search engines use web
crawlers that follow
hyperlinks through known
protocol virtual port
numbers. This technique is
ideal for discovering
resources on the surface
Web but is often ineffective
at finding Deep Web
resources.

Give the People What TheyGive the People What They
Came Here For, Tonight!Came Here For, Tonight!
Just like general web search, searching
the Invisible Web is also about looking
for the needle in the haystack. Only
here, the haystack is much bigger. The
Invisible Web is definitely not for the
casual searcher. It is a deep but not dark
because if you know what you are
searching for, enlightenment is a few
keywords away.

Deep Web SearchDeep Web Search
EnginesEngines

In mid-2014, a hacker created Grams, the Dark Web’s
first distributed search engine. Grams allows would-be
criminals to search for drugs, guns, and stolen bank
accounts across multiple hidden sites. It even includes
an "I’m Feeling Lucky" button and targeted ads where
drug dealers compete for clicks.

Grams Sample SearchGrams Sample Search
Crunchy Dutch MoonrocksCrunchy Dutch Moonrocks

Tools of the TradeTools of the Trade

Things That Make theThings That Make the
Deep Web WorkDeep Web Work
Cryptocurrency
Digital cash, such as bitcoin and darkcoin, and the
payment system Liberty Reserve provide a convenient
system for users to spend money online while keeping
their real-world identities hidden.

Bulletproof Web-hosting Services
Some Web hosts in places such as Russia or Ukraine welcome all
content, make no attempts to learn their customers’ true
identities, accept anonymous payments in bitcoin, and routinely
ignore subpoena requests from law enforcement.

Cloud Computing
By hosting their criminal
malware with reputable
firms, hackers are much less
likely to see their traffic
blocked by security systems.
A recent study suggested that
16 percent of the world’s
malware and cyberattack
distribution channels
originated in the Amazon
Cloud.

Crimeware
Less skilled criminals can buy
all the tools they need to
identify system
vulnerabilities, commit
identity theft, compromise
servers, and steal data. It was
a hacker with just such a tool
kit who invaded Target’s
point-of-sale system in 2013.

Hackers For Hire
Organized cybercrime
syndicates outsource
hackers-for-hire. The
Hidden Lynx group boasts
up to 100 professional
cyberthieves, some of whom
are known to have
penetrated systems at
Google, Adobe, and
Lockheed Martin.

Multilingual Crime Call
Centers
Employees will play any
duplicitous role you would
like, such as providing job
and educational
references, initiating wire
transfers, and unblocking
hacked accounts. Calls
cost around $10.

Be Careful of What YouBe Careful of What You
Search For, You Might Just Find ItSearch For, You Might Just Find It

Deep WebDeep Web
Dangerous WebDangerous Web

Deep WebDeep Web

Deep Web, Dangerous WebDeep Web, Dangerous Web
SteganographySteganography
(ste-g&n-o´gr&-fē) (n.) The art and
science of hiding information by
embedding messages within other,
seemingly harmless messages

Deep WebDeep Web

Deep Web VideoDeep Web Video
https://www.youtube.com/watch?v=osYwxy9B4Y4

Class DiscussionClass Discussion
You love the Internet. However, you favorite sites, such as Facebook,
Amazon, and wisc.edu are just the surface. There is another world out
there: the Deep Web
The Deep Web is where online information is password protected, or
requires special software to access—and it’s massive, yet it’s almost
completely out of sight. The Deep Web contains a hidden world, a
community where malicious actors unite in common nefarious purpose.
Should the government control or forbid certain sites? Why? Do you
think buying the following items on the Internet is possible? If it is
possible, should they be forbidden? How and why?
• Drugs (both prescription and clearly the clearly illegal type)
• Forged identity papers
• Weapons, explosives and ammunition
• Hired assassins
• Human organs

Spooky Halloween IT Security Lecture -- The Deep Web

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (6)

Semelhante a Spooky Halloween IT Security Lecture -- The Deep Web

Semelhante a Spooky Halloween IT Security Lecture -- The Deep Web (20)

Mais de Nicholas Davis

Mais de Nicholas Davis (20)

Último

Último (20)

Spooky Halloween IT Security Lecture -- The Deep Web