Abstract
The Dark Web sites are operated over anonymity-preserving protocols like Tor, making users of the Dark Web services more resilient to identification and monitoring. Although some previous works have focused on understanding the size of the Dark Web services and investigating their criminal activities, there is a lack of research on chronological analysis and in-depth profiling of the Dark Web sites, particularly in South Korea. Therefore, in this study, we implemented a Dark Web crawling system, and collected seed and sub Dark Web URLs using it. Then, the 3,000 Dark Web sites from the seed URLs were selected and their web pages were captured for profiling. An in-depth analysis was then conducted on the collected 3,000 Dark Web sites, and an intensive categorization was performed on the basis of their major criminal activities. We then carried out an in-depth profiling for top 3 Korean Dark Web sites to investigate cyber criminal activities in South Korea. In the profiling, criminal activities were collected and analyzed in a chronological point of view. Personal information leakage and Sybil IDs in the Dark Web were also identified based on the PGP keys we collected.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
For example, when we applied this approach to HiGH KOREA, which is the largest Dark Web site in Korea, we could increase the number of the collected web pages from 792 to 7,740.
References
Bing (2019). http://www.bing.com. Accessed 14 June 2019
Deepweblinks (2019). https://deepweblinks.net/directories/. Accessed 14 June 2019
Google (2019). http://www.google.com. Accessed 14 June 2019
Hidden Wiki (2019). https://thehiddenwiki.org. Accessed 14 June 2019
Not Evil (2019). https://hss3uro2hsxfogfq.onion.to. Accessed 14 June 2019
Selenium (2019). https://www.seleniumhq.org. Accessed 14 June 2019
Thedarkweblinks (2019). https://www.thedarkweblinks.com. Accessed 14 June 2019
Yahoo (2019). http://www.yahoo.com. Accessed 14 June 2019
Catakoglu, O., Balduzzi, M., Balzarotti, D.: Attacks landscape in the dark side of the web. In: Proceedings of the Symposium on Applied Computing, pp. 1739–1746. ACM (2017)
Ciancaglini, V., Balduzzi, M., Goncharov, M., McArdle, R.: Deepweb and cybercrime. Trend Micro Rep. 9, 1–22 (2013)
Ciancaglini, V., Balduzzi, M., McArdle, R., Rösler, M.: Below the surface: exploring the deep web. Trend Micro pp. 1–48 (2015)
He, B., Patel, M., Zhang, Z., Chang, K.C.C.: Accessing the deep web: a survey. Commun. ACM 50(5), 94–101 (2007)
Hong, Y., Kwon, H., Lee, J., Hur, J.: A practical de-mixing algorithm for bitcoin mixing services. In: Proceedings of the 2nd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts, pp. 15–20. ACM (2018)
Hopwood, D., Bowe, S., Hornby, T., Wilcox, N.: Zcash protocol specification. Technical report 2016–1.10. Zerocoin Electric Coin Company, Technical report (2016)
Kappos, G., Yousaf, H., Maller, M., Meiklejohn, S.: An empirical analysis of anonymity in zcash. In: 27th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 18), pp. 463–477 (2018)
Koshy, P., Koshy, D., McDaniel, P.: An analysis of anonymity in bitcoin using P2P network traffic. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 469–485. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_30
Kwon, A., AlSabah, M., Lazar, D., Dacier, M., Devadas, S.: Circuit fingerprinting attacks: passive deanonymization of tor hidden services. In: 24th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 2015), pp. 287–302 (2015)
Liu, W., Meng, X., Meng, W.: ViDE: a vision-based approach for deep web data extraction. IEEE Trans. Knowl. Data Eng. 22(3), 447–460 (2009)
Madhavan, J., Ko, D., Kot, Ł., Ganapathy, V., Rasmussen, A., Halevy, A.: Google’s deep web crawl. Proc. VLDB Endowment 1(2), 1241–1252 (2008)
Miller, A., Möser, M., Lee, K., Narayanan, A.: An empirical analysis of linkability in the monero blockchain 2017 (2017)
Mittal, P., Khurshid, A., Juen, J., Caesar, M., Borisov, N.: Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 215–226. ACM (2011)
Moore, D., Rid, T.: Cryptopolitik and the darknet. Survival 58(1), 7–38 (2016)
Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of Tor. In: 2005 IEEE Symposium on Security and Privacy (S&P 2005), pp. 183–195. IEEE (2005)
Noether, S.: Ring signature confidential transactions for monero. IACR Cryptology ePrint Archive 2015, 1098 (2015)
Sanchez-Rola, I., Balzarotti, D., Santos, I.: The onions have eyes: a comprehensive structure and privacy analysis of tor hidden services. In: Proceedings of the 26th International Conference on World Wide Web, pp. 1251–1260. International World Wide Web Conferences Steering Committee (2017)
Soska, K., Christin, N.: Measuring the longitudinal evolution of the online anonymous marketplace ecosystem. In: 24th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 2015), pp. 33–48 (2015)
Van Wegberg, R., et al.: Plug and prey? measuring the commoditization of cybercrime via online anonymous markets. In: 27th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 2018), pp. 1009–1026 (2018)
Wang, X., Peng, P., Wang, C., Wang, G.: You are your photographs: detecting multiple identities of vendors in the darknet marketplaces. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 431–442. ACM (2018)
Acknowledgment
This work was supported by Institute of Information communications Technology Planning Evaluation (IITP) grant funded by the Korea government (MSIT) (No.2018-0-00269, A research on safe and convenient big data processing methods), (No.2019-0-01697, Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Lee, J., Hong, Y., Kwon, H., Hur, J. (2020). Shedding Light on Dark Korea: An In-Depth Analysis and Profiling of the Dark Web in Korea. In: You, I. (eds) Information Security Applications. WISA 2019. Lecture Notes in Computer Science(), vol 11897. Springer, Cham. https://doi.org/10.1007/978-3-030-39303-8_27
Download citation
DOI: https://doi.org/10.1007/978-3-030-39303-8_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-39302-1
Online ISBN: 978-3-030-39303-8
eBook Packages: Computer ScienceComputer Science (R0)