Global ETD Search

1	The Effects of Police Interventions on Darknet Market Drug Prices Hull, Glenn 01 January 2017 (has links) This paper determines the effects of police interventions on darknet markets. Darknet markets have been rapidly growing and the amount of drugs being sold on them keeps rising. This paper finds no significant changes in prices of drug listings before and after drug busts, and no significant changes in price per unit of drugs across the entire market. The results are similar to prior research done on normal drug markets that determined that police interventions have no significant effect on changing drug prices. With the rapid growth of drugs being sold on darknet markets, it is critical for law enforcement to understand how the markets react to police interventions. drugs police intervention darknet markets E-Commerce
2	Photo-based Vendor Re-identification on Darknet Marketplaces using Deep Neural Networks Wang, Xiangwen January 2018 (has links) Darknet markets are online services behind Tor where cybercriminals trade illegal goods and stolen datasets. In recent years, security analysts and law enforcement start to investigate the darknet markets to study the cybercriminal networks and predict future incidents. However, vendors in these markets often create multiple accounts (i.e., Sybils), making it challenging to infer the relationships between cybercriminals and identify coordinated crimes. In this thesis, we present a novel approach to link the multiple accounts of the same darknet vendors through photo analytics. The core idea is that darknet vendors often have to take their own product photos to prove the possession of the illegal goods, which can reveal their distinct photography styles. To fingerprint vendors, we construct a series deep neural networks to model the photography styles. We apply transfer learning to the model training, which allows us to accurately fingerprint vendors with a limited number of photos. We evaluate the system using real-world datasets from 3 large darknet markets (7,641 vendors and 197,682 product photos). A ground-truth evaluation shows that the system achieves an accuracy of 97.5%, outperforming existing stylometry-based methods in both accuracy and coverage. In addition, our system identifies previously unknown Sybil accounts within the same markets (23) and across different markets (715 pairs). Further case studies reveal new insights into the coordinated Sybil activities such as price manipulation, buyer scam, and product stocking and reselling. / Master of Science / Taking advantage of the high anonymity of darknet, cybercriminals have set up underground trading websites such as darknet markets for trading illegal goods. To understand the relationships between cybercriminals and identify coordinated activities, it is necessary to identify the multiple accounts hold by the same vendor. Apart from manual investigation, previous studies have proposed methods for linking multiple accounts through analyzing the writing styles hidden in the users' online posts, which face key challenges in similar tasks on darknet markets. In this thesis, we propose a novel approach to link multiple identities within the same darknet market or across different markets by analyzing the product photos. We develop a system where a series of deep neural networks (DNNs) are used with transfer learning to extract distinct features from a vendor's photos automatically. Using real-world datasets from darknet markets, we evaluate the proposed system which shows clear advantages over the writing style based system. Further analysis of the results reported by the proposed system reveal new insights into coordinated activities such as price manipulation, buyer scam and product stocking and reselling for those vendors who hold multiple accounts. Darknet Market Sybil Detection Image Analysis Stylometry
3	Diseño, integración y evaluación de herramientas de visualización de tráfico para el reconocimiento de ataques computacionales vía una Darknet Faccilongo Noce, Renata January 2012 (has links) Magíster en Ciencias, Mención Computación / Ingeniera Civil en Computación / Una red tipo darknet es una porción de direcciones IPs asignado y ruteado en el cual no existen servicios activos ni servidores. Actualmente no existe un sistema, públicamente disponible, que permita la visualizar de forma gráfica los datos entregados por una red de estas características. El objetivo principal de esta tesis es la creación de un sistema dedicado a la visualización y análisis de datos de una darknet. El desarrollo de éste involucra la integración y evaluación de herramientas existentes además de la creación de un software enfocado en la creación de variados gráficos ad-hoc. Éstos permiten estudiar el comportamiento de la red con el fin de monitorearla para detectar posibles ataques. La metodología se basó principalmente en la investigación de herramientas, análisis sobre sus resultados y el diseño e implementación de un software dedicado a la creación de gráficos. Para conseguir lo descrito, se realizó un estudio de representaciones gráficas útiles para un analista. Se estudiaron distintos formatos con que la darknet puede entregar la información sobre el tráfico que recibe. Se evaluaron herramientas ya existentes con el fin de determinar si éstas entregan información relevante en términos de seguridad, y se estudió si satisfacen las necesidades planteadas para así utilizarlas o, en caso contrario, modificarlas. Se diseñaron e implementaron nuevas soluciones para contar con información valiosa referente a la toma de decisiones a partir de gráficos. Para esto se estudió cómo manipular los datos fuente para extraerles la información relevante. Para el caso de que éstos crezcan mucho en el tiempo, se realizó un estudio consistente en cómo extender el sistema de gráficos para manejar grandes volúmenes de datos. Se utilizaron 4 software de monitoreo de tráfico ya desarrollados: Moncube, TCPstat, EtherApe y Moncube, para generar imágenes sobre la actividad en la red. Estos gráficos son producidos diariamente a través de scripts que corren automáticamente cada día. El software diseñado y desarrollado para la creación de nuevas imágenes permite tener una visión completa de la red a través de 10 gráficos diarios diferentes. A través de un sitio web el analista podrá solicitar nuevos gráficos con los datos que él necesite, obteniendo una respuesta en tiempo razonable. En caso de que los datos arrojados por la darknet aumenten considerablemente se estudió el caso de bigdata, realizando un ejemplo gráfico cuyos datos fueron procesados en un ambiente cloud obteniendo respuestas valiosas y en corto tiempo. Finalmente se obtuvo un sistema completo que, en opinión de los autores, otorga información variada e interesante para un analista en seguridad. El software fue diseñado para ser extensible sin grandes dificultades, paralelizable y aplicable a otras variantes de redes de tipo darknet lo que permitirá monitorearlas y reaccionar ante eventos de seguridad. En un futuro, y a la luz de la experiencia del gráfico procesado en la nube, todos los gráficos creados para este trabajo podrían ser procesados en la nube para conseguir respuestas aún más rápidas que las ya obtenidas y permitir el procesamiento de grandes volúmenes de información. Seguridad computacional Gráficos por computador Visualización gráfica Darknet
4	Security Framework for the Internet of Things Leveraging Network Telescopes and Machine Learning Shaikh, Farooq Israr Ahmed 04 April 2019 (has links) The recent advancements in computing and sensor technologies, coupled with improvements in embedded system design methodologies, have resulted in the novel paradigm called the Internet of Things (IoT). IoT is essentially a network of small embedded devices enabled with sensing capabilities that can interact with multiple entities to relay information about their environments. This sensing information can also be stored in the cloud for further analysis, thereby reducing storage requirements on the devices themselves. The above factors, coupled with the ever increasing needs of modern society to stay connected at all times, has resulted in IoT technology penetrating all facets of modern life. In fact IoT systems are already seeing widespread applications across multiple industries such as transport, utility, manufacturing, healthcare, home automation, etc. Although the above developments promise tremendous benefits in terms of productivity and efficiency, they also bring forth a plethora of security challenges. Namely, the current design philosophy of IoT devices, which focuses more on rapid prototyping and usability, results in security often being an afterthought. Furthermore, one needs to remember that unlike traditional computing systems, these devices operate under the assumption of tight resource constraints. As such this makes IoT devices a lucrative target for exploitation by adversaries. This inherent flaw of IoT setups has manifested itself in the form of various distributed denial of service (DDoS) attacks that have achieved massive throughputs without the need for techniques such as amplification, etc. Furthermore, once exploited, an IoT device can also function as a pivot point for adversaries to move laterally across the network and exploit other, potentially more valuable, systems and services. Finally, vulnerable IoT devices operating in industrial control systems and other critical infrastructure setups can cause sizable loss of property and in some cases even lives, a very sobering fact. In light of the above, this dissertation research presents several novel strategies for identifying known and zero-day attacks against IoT devices, as well as identifying infected IoT devices present inside a network along with some mitigation strategies. To this end, network telescopes are leveraged to generate Internet-scale notions of maliciousness in conjunction with signatures that can be used to identify such devices in a network. This strategy is further extended by developing a taxonomy-based methodology which is capable of categorizing unsolicited IoT behavior by leveraging machine learning (ML) techniques, such as ensemble learners, to identify similar threats in near-real time. Furthermore, to overcome the challenge of insufficient (malicious) training data within the IoT realm, a generative adversarial network (GAN) based framework is also developed to identify known and unseen attacks on IoT devices. Finally, a software defined networking (SDN) based solution is proposed to mitigate threats from unsolicited IoT devices. Darknet Deep Learning Ensemble Learners Network Statistics Electrical and Computer Engineering
5	Tvångsmedel och brottslighet på darknet – En analys av husrannsakan och kontroll av postförsändelse. / Coercive measures and criminality on darknet - An analysis of search warrant and mail delivery control within Swedish law. Olofsson, Linus January 2021 (has links) No description available. Tvångsmedel darknet narkotikaförsäljning husrannsakan postkontroll beslag Law Juridik
6	Strengthening MT6D Defenses with Darknet and Honeypot capabilities Basam, Dileep Kumar 09 December 2015 (has links) With the ever increasing adoption of IPv6, there has been a growing concern for security and privacy of IPv6 networks. Mechanisms like the Moving Target IPv6 Defense (MT6D) leverage the immense address space available with the new 128-bit addressing scheme to improve security and privacy of IPv6 networks. MT6D allows participating hosts to hop onto new addresses, that are cryptographically computed, without any disruption to ongoing conversations. However, there is no feedback mechanism in the current MT6D implementation to substantiate the core strength of the scheme i.e., to find an attacker attempting to discover and target any MT6D addresses. This thesis proposes a method to monitor the intruder activity targeting the relinquished addresses to extract information for reinforcing the defenses of the MT6D scheme. Our solution identifies and acquires IPv6 addresses that are being discarded by MT6D hosts on a local network, in addition to monitoring and visualizing the incoming traffic on these addresses. This is essentially equivalent to forming a darknet out of the discarded MT6D addresses. The solution's architecture also includes an ability to deploy a virtual (LXC-based) honeypot on-demand, based on any interesting traffic pattern observed on a discarded address. With this solution in place, we can become cognizant of an attacker trailing an MT6D-host along the address changes, as well as understanding the composition of attack traffic hitting the discarded MT6D addresses. With the honeypot deployment capabilities, the solution can take the conversation forward with the attacker to collect more information on attacker methods and delay further tracking attempts. The solution architecture also allows an MT6D host to query the solution database for network activity on its relinquished addresses as a JavaScript Object Notation (JSON) object. This feature allows the MT6D host to identify any suspicious activity on its discarded addresses and strengthen the MT6D scheme parameters accordingly. We have built a proof-of-concept for the proposed solution and analyzed the solution's feasibility and scalability. / Master of Science Moving Target Defense MT6D Darknet Honeypot Dionaea IPv6
7	Medierad narkotikahandel på internets skuggsida : En fallstudie kring svenska säljares erfarenheter / Mediated drug trafficking on the Internet's dark side : A case study on Swedish vendor's experiences Möller, John January 2016 (has links) I studien undersöks huruvida en grupp narkotikasäljare på den svenska hemsidan Flugsvamp drivs av andra motivationer än ett grundläggande vinstintresse. Sidan bygger på de teknologiska verktyg som utvecklades av den libertarianskt inspirerade Cypherpunkrörelsens arbete med stark kryptografi i slutet av 1990-talet. Dessa verktyg skyddar både brottslingar och frihetskämpar, men har främst associerats med de som använder anonymiteten i kriminella syften och således har verktygen fått ett dåligt rykte som riskerar äventyra kryptografins framtid. Genom semistrukturerade onlineintervjuer med fem säljare av skiftande karaktär samlade jag information gällande deras upplevelse av sidan, relationerna till kunder och administratörer, hur de rent moraliskt rationaliserade sin verksamhet och vilken påverkan de såg sig ha på samhället och kryptografin. En bild framträdde där majoriteten av säljarna uppvisade ansvarskänsla och eftertänksamhet genom att agera med transparens och professionalitet. Genom att utkonkurrera oärliga aktörer och med ett nära kollegialt samarbete med varandra använde dessa säljare sin roll för att utmana den traditionella majoritetsinställningen till narkotika och visa hur den ansvarsfulla digitala försäljningen i längden kan vara samhällsförändrande. En minoritet uppgav att de endast använde sidan för att tjäna extrapengar och egentligen tyckte att det var en rimlig idé för staten att förbjuda de kryptoanarkistiska verktygen då de främst anses användas i kriminella syften. Studien når fram till slutsatserna att samhället som helhet tjänar på att det narkotikarelaterade våldet försvinner från gatorna, visar på hur en inkonsekvent och konservativ lagstiftning gör sig mottaglig för starka motargument samt understryker att den framtida digitala mänskligheten kommer ha en betydande användning för de kryptoanarkistiska verktygen. Drug trafficing Narcotics Drugs Darknet Darkweb Tor Cypherpunk Crypto anarchy Narkotikahandel Narkotika Droger Darknet Darkweb Tor Cypherpunk Kryptoanarki
8	L’applicabilité de la loi pénale à l’endroit de la cybercriminalité dissimulée / The applicability of criminal law to hidden cybercrime Ouchene, Nadir 10 December 2018 (has links) Les formes de la criminalité varient selon la personnalité des auteurs d’infractions mais aussi en fonction de l’évolution des technologies. A ce titre, le développement très rapide de l’internet constitue un facteur susceptible de bouleverser les règles ordinaires du droit et de la procédure pénale en raison des problèmes particuliers que crée cet outil qui peut aisément devenir un moyen de commettre de multiples infractions pénales. En outre, l’internet présente des formes plus variées qu’il n’y paraît au premier abord car, au-delà de sa partie visible aisément accessible, les spécialistes ont mis en lumière l’existence de ce qu’ils appellent le « Deep web » ou « Web profond ».Ce « Deep web » est une partie du web en ligne non référencée par les moteurs de recherche habituels tels que Google ou Yahoo par exemple. Et selon Chris Sherman et Gary Price, dans leur livre The Invisible Web, seuls 3 à 10 % des pages seraient indexés sur internet. Le reste, non accessible pour les internautes ordinaires, constitue le web invisible et il existerait ainsi plus d’un milliard de données « cachées ». Les raisons pour lesquelles certains sites ne sont pas référencés sont diverses. Dans certains cas, les documents sont trop volumineux ou les bases de données sont trop complexes pour que leur contenu soit indexé, mais dans d’autres cas, des individus décident de ne pas référencer leur site afin de « privatiser » l’information puisque seuls ceux connaissant la dénomination du site pourront y accéder. Il s’agit donc de ce qui pourrait être appelé « partie immergée » d’Internet. Mais au delà du web profond, des outils de reconnaissance indétectables par les moteurs de recherches habituels sont apparus, ce sont les darknets. Ils permettent de décrypter les pages invisibles et garantissent un anonymat quasi absolu et surtout un accès au Darkweb, aussi appelé Web sombre. C’est ainsi que ce dernier a hébergé divers types de marchés noirs, de la drogue aux armes en passant par le trafic d’êtres humains. Le Hidden Wiki, sorte de Wikipédia illégal, se charge de référencer ces portes d’entrées sur cette partie d’Internet. De nombreux sites, commerciaux ou non, sont alors créés. A titre d’exemple, le site « Shroomtastic » permet d’apprendre à faire pousser des champignons hallucinogènes, activité illicite. Le site Silkroad, quant à lui, constitue un marché clandestin permettant d’acheter toutes sortes de drogues et il existe d’autres sites permettant de blanchir de l’argent, offrant les services de tueurs à gage, ou permettant d’obtenir de fausses cartes d’identité… En pratique, il est possible d’obtenir nombre de produits ou marchandises illégaux et, pour la livraison, cette couche d’internet possède même sa propre monnaie, le bitcoin. Il suffit alors au client de se mettre en relation avec le vendeur pour lui envoyer l’adresse de livraison de manière cryptée et anonyme grâce à une méthode de communication décentralisée.Sur le plan juridique, le thème présente de multiples intérêts et pose de nombreuses questions, la principale étant de savoir dans quelle mesure la répression peut-elle avoir lieu et comment peut s’organiser la lutte contre cette forme de cybercriminalité. Le sujet conduit notamment à se demander comment la loi pénale doit s’appliquer dans l’espace, de quelle manière le droit international peut appréhender efficacement le phénomène, comment coordonner la répression entre les différents États et quelles règles de procédure appliquer, la question se posant encore de savoir si des infractions spéciales devraient être créées ou si, au contraire, les incriminations de droit commun sont suffisantes pour permettre une répression efficace. Le sujet touche donc de nombreux thèmes essentiels du droit pénal général, du droit pénal spécial, de la procédure pénale, du droit pénal international ou même de la criminologie. / The "Deep web" is a part of the web which isn't referenced by usual search engines. According to Chris Sherman and Gary Price, these only refer to 3 to 10% of the pages. The rest which isn't accessible to regular web users consists in the "Deep Web" and more than one billion hidden datas remain. In a few cases, the documents are too heavy, or the databases are too complicated to have their contents indexed, but in other cases, individuals decide not to reference their websites in order to make the information private. We can consider this as the tip of the Internet. It hosts several black market types such as, drugs, weapons or human trafficking. On a judicial point of view, this topic is quite meaningful and raises a lot of questions. The main issue is to determine how to organise the repression on that medium. This leads us to think about the application of the law through different countries, how can the international law comprehend the phenomenon effectively. How the different states should coordinate their repressive measures and agree on the proper procedural rules to apply. We could ask ourselves rather regular law enforcements are relevant enough to allow an adequate repression, or if specific infractions should be created. So the topic deals with essential thoughts on the international law. Cybercriminalité Droit pénal Terrorisme Stupéfiants Bitcoin Pédopornographie Darknet Cybercriminality Darknet Criminal law Bitcoin
9	Hur svenska myndigheterna begränsas då de ska agera mot illegal verksamhet på Darknet : -Definition samt myndigheters påverkan -Svenska lagstiftningens begränsningar på myndigheternas arbete Alyass, Patrik, Samuelsson, William January 2020 (has links) Darknet är en del av den djupa webben, som är en icke indexerad del av internet. Det används för olika ändamål, till exempel att köpa läkemedel och finansiell information. Tillgången till Darknet kan vara anonym genom att använda TOR och Bitcoin. Anonymiteten vid webbsökning under användandet av Darknet kommer påverka bevis för myndigheter. Således kan det ha en möjlig effekt på brottsbekämpande arbete, särskilt angående digitalt kriminaltekniskt arbete, utifrån begränsningen av tillgängliga data. Således syftar denna studie till att fastställa vad de svenska myndigheterna arbetar med för att stoppa illegala aktiviteter som utförs med hjälp av Darknet, i samband med begränsningarna från svensk lagstiftning. Studien kommer att genomföras med hjälp av intervjuer med polis, advokat, köpare och tullen för att få deras insikt och åsikt om det valda ämnet. Medan statistiska uppgifter kommer från undersökningar med kunniga respondenter från forum. På grund av detta kan arbetet fungera som en väsentlig förståelse för hur Darknet kan påverka nutiden och framtida brottsutredningar. Ytterligare arbete måste utföras i området för att lösa potentiella implikationer, eftersom detta arbete endast examinerar om det finns påverkan / Darknet is a part of the Deep web, which an unindexed section of the internet. It is in use forvarious purposes, e.g., buying drugs and financial information. The access to Darknet can besubstantially anonymous by using TOR and bitcoin. Given anonymity for web browsing, it will directly impact evidence about illicit purchases. So, itmay have a possible effect on law enforcement work, particularly on digital forensic work due tothe limitation of data available. Thus, this study aims to determine what the Swedish government isdoing to stop Darknet trading, along with the limitations from Swedish regulations. The focus is thus on criminal prosecution and criminal investigation. The study will be throughconducting interviews with police, lawyer, buyer, and border control to get et their insight andopinion on the chosen topic. Statistical data is from conducting surveys with knowledgeablerespondents from forums. Due to this, the work can serve as an essential understanding of how Darknet may impact presentand future criminal investigations. Additional work must be done in the area to solve the potentialimplications, due to this work only examines if there are any impacts Darknet Deepweb IT Crime Surface web Darknet History Silk Road Tor Bitcoin Cyber Crime Internet drugs Online drug market Crypto market Darknet Forensic Darknet Market Crime on Darknet Darkweb IT brott Internet relaterade brott Drogförsäljning på nätet Information Systems, Social aspects
10	Darknet sítě jako způsob ochrany soukromí uživatelů internetu / Darknet networks as a way of protecting internet users' privacy Plevný, Marek January 2017 (has links) In this age when information technologies became inseparable parts of our lives we can hardly imagine for example living without internet. There is a phenomenon connected with internet and that is large scale collection of data about internet users and their activities. Because of this fact, it is important to protect our internet privacy as a very important aspect of our lives. This work examines large scale collection of data about users internet activities. During this work, different methods and reasons for this largescale data collection are examined. Later, different ways how internet users are protected by law or how they can protect themselves are examined. One of the ways how internet users can protect their internet privacy is by using so-called anonymizing networks connected with a phenomenon called Darknet. This work examines if it is possible by ordinary internet users to adapt this method of internet privacy protection.

Search results