Home » Articles


Investigating discussion topics on drug related darknet forums

Online drug trafficking has been flourishing on darknet marketplaces during the past few years. The skyrocketing popularity of these cryptomarkets can be attributed to the evasion of law enforcement, mainly due to lack of physical interaction between sellers and buyers. Another reason is that these marketplaces rely on encrypted algorithms to promote the anonymity of transactions. Many forums were launched ... Read More »

Research: Using the Hidden Markov Model to identify Meek based Tor network traffic

Tor is by far the most widely used internet censorship circumvention solution. The Tor browser relies on a unique obfuscation technology known as “Meek” to promote users’ privacy. Meek obfuscates Tor network traffic so that it seems like ordinary forms of internet traffic. However, hidden Markov models can be used to identify Tor network traffic. A recently published research paper ... Read More »

The Dark Web 2.0

In the coming decade, the Dark Web may become even easier to access than it is at present. Many blockchain start-ups are planning to create new decentralised alternatives to the web services we use today. This concept is called the Web 3.0. Projects like Storj, Status, and Substratum all aim to make internet storage faster, easier and, most importantly, uncensored. ... Read More »


Research: Identifying bitcoin addresses linked to transactions on darknet marketplaces and other Tor hidden services

Due to its pseudo-anonymous nature and decentralized infrastructure, bitcoin has been exploited in darknet marketplaces which facilitate the trading of a myriad of illegal products and services, including illicit drugs, stolen personal data, weapons, hacking tools, and more. The history of bitcoin transactions is recorded on a public ledger, known as the blockchain. However, the real world identity of a ... Read More »


Using writing style and photographs to fingerprint darknet marketplace vendors

Darknet marketplaces, or cryptomarkets, are Tor hidden services where users trade illicit drugs and a myriad of illegal goods. During the past few years, law enforcement agencies have started to study the networks of darknet vendors in an attempt to link them to their real world identities. Nevertheless, cryptomarket vendors usually use multiple accounts, which render it extremely difficult to ... Read More »

Research: Phishing attacks via Tor hidden services

Phishing is by far one of the most serious threats against the security of personal data. Launching phishing attacks often relies on sending emails that seem to have been sent by a trusted entity. The goal is to trick the recipient to provide sensitive personal information including usernames, passwords, online banking credentials, etc. The emails attempt to deceive the victims ... Read More »

Research: Maximizing privacy of the interledger protocol (ILP) via Tor-like onion routing circuits

The Interledger Protocol (ILP) is a network protocol that facilitates micropayments and settlements between different payment systems. Nevertheless, it leads to the unmasking of all transaction information including transaction amount, sender wallet address, and recipient wallet address. A recently published research paper proposes an application layer, named ILP-CEPA, that operates on top of ILP in order to hide transaction information ... Read More »


Research: The challenges associated with geographical avoidance of Tor nodes

Traffic analysis attacks are by far among the most serious threats compromising the anonymity of Tor users. When law enforcement agencies or malicious adversaries attempt to deanonymize Tor users, they launch traffic confirmation attacks and observe encrypted traffic in order to extract metadata. When combined with routing attacks, traffic confirmation attacks are extremely efficient in deanonymization of Tor users. Even ... Read More »

Research: Improving Tor circuits’ anonymous communication forwarding strategy

Anonymous communication can be achieved by concealing the relationship between the origin and destination of traffic flow via means of a special method, so that an adversary cannot identify the communication relationship or the data being exchanged between both ends of the communication route. Anonymous protection has to achieve three main goals: recipient anonymity, sender anonymity, and impossibility to correlate ... Read More »

Security Onion – A network monitoring and analysis machine

Maintaining bulletproof network security has become a challenging task, as hackers are acquiring more skills and developing highly effective malicious tools every day. As such, even with powerful security systems such as antivirus technologies, firewalls, and strong authentication systems, it is still difficult to mitigate all network vulnerabilities. Since a secured network can still be hacked, we need systems that ... Read More »

Research: Security monitoring of a darknet using a novel attacker behavior based metric

Monitoring of network traffic is indispensable for managing and securing various types of networks. One of the main difficulties associated with handling of network’s traffic (data packets, flow, etc) is the unsatisfactory semantic of independent parameters including number of data packets, IP addresses, TCP/UDP port numbers, network protocol, etc. Even though many parameters can be quantified by numerical values, it ... Read More »

Research: Tor marketplaces as a threat to national e-ID infrastructures

Electronic identification (e-ID) has been increasingly adopted by many states during the past few years. The past decade has witnessed large-scale initiatives in many European countries to develop their very own e-ID infrastructures. These forms of digital infrastructures vary in terms of frameworks, institutional entities involved, and the types of services accessible by citizens via their issued digital identities. Occasionally, ... Read More »

Research: A novel user friendly system for monitoring darknet marketplaces

Darknet markets have been emerging during the past few years as the ideal online platforms for trading various forms of illicit goods and services including drugs, weapons, counterfeit documents, stolen private data, hacking tools, and others. As such, it is pivotal for law enforcement agencies all over the world to develop effective means for monitoring darknet marketplaces and tracing individuals ... Read More »

Research: Using text spotting to detect textual information hidden within images hosted on onion domains

Due to the continuous efforts of law enforcement agencies to monitor illegal activities taking place on the Tor network, darknet marketplace vendors have developed novel means for evading the digital forensic tools used to gather evidence of such activities. Specifically, hiding textual content within images can effectively evade text analysis techniques used to monitor content on onion hidden services. A ... Read More »

Research: How are digital and communication technologies exploited to facilitate human trafficking?

The human trafficking business has flourished during the past few years, thanks to the wide use of digital and networking technologies. Even though the exploitation of digital technologies in human trafficking represents a growing global problem, few research studies have been conducted to assess the implications of the trafficking-digital technology nexus. As such, little is known regarding how digital and ... Read More »