Dark Web Marketing and Surveillance: Reflection on Teaching (Dark Web-ITC578)
I chaired the session on Wireless Sensor Networks and Web Security and presented a paper on Dark Web Marketing and Surveillance at the 20th International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT-2019) held in December 2019 on the Gold Coast, Australia. The conference provided me an opportunity to engage with industry experts and academic specialists from all over the world on the same topic and bring practical and current knowledge to my teaching and delivery of ITC578- Dark Web.
What is important about this learning and teaching story and what did I learn that is relevant to my subject?
Charles Sturt University is a pioneer in designing and delivering curriculum on the Dark Web. It is a part of the World Wide Web that cannot be accessed using traditional browsers and it provides a platform for a range of criminal activities such as drug dealing, weapon mafia, slave marketing, document forgery, and industrial secrets. Special types of browsers are required to access the hidden web; The Onion Router (TOR), Freenet, and Invisible Internet Project (I2P) are examples of such types of browsers.
In the conference, I presented on the classification of cyber-criminal activities conducted through the hidden web, the various browsers used for each activity, such as TOR and I2P, and the technological and social engineering methods used to undertake such crimes. Fig.1 shows one of the darknet markets (Silk Road) found on the Dark Web to sell various illegal products which was cracked down on by the FBI in 2013.
Figure 1:Market on the Dark Web
Legitimate dark Web researchers and law enforcement agencies use sophisticated methods to access the hidden networks anonymously. Security agencies and intelligence forces are strengthening their approach and constantly revising their policies regarding access to the dark web but the problem is complex and most of the hidden and illegal users rebuild their dark webs repeatedly for activities; such as child pornography, live killing red rooms and weapons smuggling to name a few.
Law enforcement agencies all around the world are connected through the dark web to share resources and secrets, and to work in collaboration to stop the illegal use of the Dark Web. The US National Security Agency conducts mass surveillance programs such as “PRISM”, to track down cybercriminals worldwide. Some of the hidden networks such as Silk Road, Alpha Bay, Hansa has already been knock-down by law enforcement agencies.
In ITC578 we discuss the different types of browsers and software used to access the dark web, threats related to the dark web, cyber-criminal activities with a specific focus on dark web crimes. In one of the assessment items, students are required to investigate and differentiate the types of threats prevalent on the surface web and dark web. As part of another assessment item, students are also required to undertake a research project and some of the proposed topics are relevant to the above-mentioned research for example TOR network and Dark web forensic, which aligns with the learning outcomes of the subject. Learning about the Dark Web will also provide an opportunity for my students to boost their careers as Charles Sturt University is teaching the first Australian “Dark Web” subject. It is very important to teach innovative technologies to students so that once they graduate, they are ready to serve the community.
What are we trying to achieve?
The proposed design (in Figure 2) is to provide a solution for both types of user – Law Enforcement agencies and Legitimate dark web researchers. On the Law Enforcement side, the design is proposed to facilitate the relevant agencies in identifying the suspects of criminal activities and minimize future terrorist acts. Data searched on the TOR/I2P browser is stored in a database and then using one of forensic software such as Maltego, suspected criminal activities can be identified. The proposed design will assist law enforcement agencies to apprehend nameless and faceless criminals.
On the user side, the design is proposed for the common dark web user/ legitimate dark web researcher. An IP spoofing protocol is used (with minimal features) to spoof the IP address (from the public domain user) to enhance user confidence so that users are confident to search on the dark web. One of the reasons that research in the area is limited is due to users not being confident to explore the dark web. This will give confidence to users (students) to explore the deep web and produce quality research work.
One of the topics in ITC578 focusses on the emerging trend of the darknet and its mitigating techniques. Students need to do one of the research assessments on these new technologies. My experience and knowledge from this scholarly activity enhanced my teaching of the subject and provided motivation to my students about this new technology.
Figure 2: Proposed Design for Law enforcement and legitimate dark web researcher to access Dark web