Home » Articles


VMWare Fusion 8.PNG

VMWare and virtualization of the Tor network for research purposes

There are currently many approaches to conducting Tor network security research. Direct experiments on the live Tor network, formal modeling, connection simulation, and emulation of the Tor network represent a few examples of these approaches. It should be emphasized that there are multiple ethical issues associated with conducting experiments on the live Tor network. The main challenges include undermining the ... Read More »


Using Website Fingerprinting (WF) to deanonymize Tor users

The Tor network was established to provide anonymity to internet users who are concerned about preserving their anonymity when browsing specific online content. The Tor network is comprised of a set of router circuits that utilize cryptography to apply multiple layers of encryption to transmitted data packets, thus concealing the IP address of the user, the established connection between the ... Read More »

financial bubble.png

Is Bitcoin Really a Financial Bubble?

Even though 2017 was Bitcoin’s most profitable year, 2018 is ending up with the biggest losses in the currency’s market capital since its advent. Many traditional economists believe that bitcoin represents a huge bubble that is destined to burst, especially since its massive gains were driven, at least partly, by newbie buyers and speculators. As bitcoin price has plummeted below ... Read More »


Research – Categorization of Content Hosted on Freenet

Western societies have recently been highly attentive to a part of the internet known as the darknet during the past few years. While mainstream media has focused on the criminal aspects of these invisible parts of the internet, research, on the other hand, has paid more attention to the darknet technology, known as Tor. A recently published research paper focused ... Read More »


Research: Using Network Investigative Techniques (NITs) to Home in on Tor Cybercriminals

Network Investigative Techniques (NITs) are special forms of digital law enforcement tools that enable law enforcement agencies (LEAs) to hack into suspicious computers via the exploitation of vulnerabilities. NITs have aided in the location and identification of cybercriminals operating on various darknets where conventional investigative means proved to be useless. They play a significant role in cybercrime investigations, as well ... Read More »


Research: Using Darknet Forums by Black Hat Hackers During Crisis Periods (Darknet Marketplace Shutdown)

Darknet marketplaces are growing at a rather rapid rate. These marketplaces are not only markets for illegal and illicit drugs, but they are also places where hackers are selling various hacking tools and offering hacking as a service (HaaS) for anyone who can pay the predetermined price in cryptocurrency. The black hat hacker market evolved from being merely a playground ... Read More »


Clickstream tracking of users of the Tor browser – A research paper

The growing significance of web analytics, we have been witnessing throughout the past few years, has been also accompanied by an enormous growth in the number of web users concerned about preserving their online anonymity. The Tor browser has been often considered as the best online browsing tool available, as evidenced by more than 2.5 million people using it daily. ... Read More »

Tor traffic 1.jpg

Studying Tor Network Traffic Using Hidden Markov Modeling and Dynamic Learning by Tamer Sameeh

Experimentation techniques aid in the testing of Tor’s performance and discovery of security problems, as well as allowing researchers to privately and safely conduct Tor experiments without imposing harm on live Tor users. Nevertheless, researchers using these techniques configure them in such a way to generate network traffic on the basis of simplifying assumptions as well as invalid measurements and ... Read More »

I2P peer population.PNG

I2P Network Current Status and Censorship Resistance – A Research Paper

Tor and I2P are by far the most widely used anonymity networks all over the globe. Tor relies on centralized directory services to help understand the Tor network, as well as measure and visualize its infrastructure via the Tor Metrics project. Oppositely, I2P lacks such centralized directory servers, which renders obtaining a full view of the network a considerably challenging ... Read More »


Prevention against DDoS attacks

DDoS attacks lead to the most devastating effects within a network. DDoS attacks are forms of congestion-control problems, and because most forms of such congestion are secondary to the effects of malicious hosts not following conventional end-to-end congestion control, the problem must be solved by routers. Designing a mechanism to counteract unidentified attacks targeting the application and transport layer represents ... Read More »

digital forensics.jpg

Important forensic tools used in harvesting the deep web

The internet, especially the dark web, has become a place where illegal activities such as fraud, the trading of illegal drugs, human trafficking, extremism, firearm smuggling, etc. take place. The legitimate concerns, including privacy and anonymity, are exploited to catalyze nefarious needs within various parts of the deep web. The anonymity and cryptographic approaches utilized by dark web visitors impose ... Read More »

An overview of various deployment strategies across the Tor network

The significance of anonymous networks, namely Tor, has massively grown during the past few years. To keep up with present and future requirements of the Tor network, carrying out active research is indispensable, especially to improve performance of the network and strengthen anonymity against various forms of adversaries. Innovative developments will eventually fail to achieve practical significance if they cannot ... Read More »

Cybercrime-as-a-Service Provider Have Helpdesk Service On the Dark Web

No longer does one need to be a coding guru to venture into the world of cybercrime, especially with the coming of cybercrime-as-a-service (CaaS). Now, hacking has become easier than it has ever been and is still on the verge of getting more comfortable by the day. If there is anything to worry about, then this eventuality features are among ... Read More »

Tor (the myth and reality.PNG

DeepCorr – A novel efficient system for flow correlation attacks on Tor

Flow correlation represents one of the essential techniques utilized in a myriad of deanonymization attacks launched against Tor. Even though flow correlation attacks are highly important , current flow correlation techniques are ineffective in linking Tor traffic flows when implemented at a large scale, i.e. they require long flow observation rates that are highly impractical, or are associated with high ... Read More »

Valhalla's application architecure.PNG

Valhalla (Scam) cryptomarket analysis and user de-anonymization

Darknet marketplaces are cryptomarkets, where vendors can sell illicit drugs and services to anyone, and anywhere in the world. Darknet marketplaces are hidden services that are accessible via the Tor network. Users of these cryptomarkets usually use PGP to interact with each other and bitcoin as the currency for their various transactions. A recently published thesis performed quantitative analysis of ... Read More »