Overlay networks that employ the Internet but also require a certain set of specific software requirements and configurations, the authority to access and contain some worldwide web content existing on them, is known as the Dark-Net. It is a part that has not been indexed by web search engines. Though, sometimes dark-web is mistakenly referred to as the deep web. The Dark-Net comprises small networks as well as large and well-known networks. The Dark-Net browsers are Tor, Freenet, I2P, and riffle. These are operated by public organizations and also by individuals. The clients of the Dark-Net have also termed the regular net as ‘Clearnet’. This is due to the fact that the regular net has no encryption. The Tor Dark-Net is also called ‘Onionland’ which is a reference made for the top-level domain suffixes of a network. Onion routing consists of traffic anonymity. There is a list of some common terminologies practiced to refer to it. But, looking at the general confusion which occurs due to the confusion between the dark-web and deep web, the deep web is one such term that is required to gain more clarity on. There have been recommendations to distinguish between them but not many amendments have been made.
Dark-Net Websites are accessed through some specific networks such as Tor, which is ‘The onion’ routing project or I2P which is the Invisible Internet Project. Dark-Net clients employ some frequently exercised Tor-accessible Web-Sites and Tor browser and these can be identified by the domain “.onion”. The function of Tor is to provide anonymous access to the Internet while the I2P has a specialization in providing authority to anonymously access Web-Sites. There is layered encryption in the Dark-Net and due to this the identities and locations of the Dark-Net clients cannot be tracked. The encryption provided by the Dark-Net has a powerful technology that is supposed to route the client’s data through some intermediate servers. This protects the identity of the client and also provides a guarantee of their anonymity.
There is a subsequent node in the scheme through which the information which has been transmitted is decrypted and this leads to the exit node. Owing to the complications of the system, it has become absolutely impossible for the node path to be produced again in order to decrypt the information layer by layer. Due to a level of encryption which is very high, it is difficult for the Web-Sites to be able to track the geolocation and the IP of the clients. Also, clients are unable to get any information about their hosts.
The communication that takes place between the Dark-Net clients is of a highly encrypted nature which allows them to exchange information and files in a very confidential manner. Illegal activities such as trade, forums and exchanges in the media happen with regard to pedophiles and terrorists. Simultaneously, there are certain traditional Websites that have created an alternative method to access for Tor browser to ease connectivity to the clients. ProPublica, for instance, launched a newer version of its Web-Site which was made available uniquely to the Tor clients. Some illicit practice of onion services has been highlighted by some researchers at King’s College London in the past. Some widely employed terms in the Dark-Net stories or its concept are:
Botnets: These are mostly structured with their command and control servers, which have found their base in hidden service which is resistant to censorship. These create a large amount of traffic which is related to the bot.
Bitcoin service: Some services of bitcoin such as tumblers are available on Tor and others such as Grams, provide Dark-Net market integration. There have been tested approaches that have been found to convert Bitcoin into a game currency that is exercised online. There has been evidence of blockchain and cryptocurrency being employed to regulate the Dark-Net.
Dark-Net markets: Transaction of illegal drugs happens in commercial Dark-Net markets. These have been able to pull significant media coverage given to the popularity of Silk Road. Software exploits and weapons are also sold in some markets.
Groups of Cyber-Invaders: There are Cyber-Invaders who function either individually or in groups. And, they sell their services similarly. There are some widely known groups such as Xdedic, Cyber-Strike forum, darkOde, TheRealdeal, Trojanforge, and Mazafaka.
The Into the Web of Profit report identified 12 categories of tools or services that could present a peril in the form of a network breach or data compromise:
- Infection or Strikes, including virus, distributed denial of service (DDoS) and botnets
- Access, including remote access Trojans (RATs), keyloggers and exploits
- Espionage, including services, customization and targeting
- Support services such as tutorials
- Credentials
- Phishing
- Refunds
- Customer data
- Operational data
- Financial data
- Intellectual properter/trade secrets
- Other emerging menace
- Devaluing the enterprise, by undermining brand trust, reputational damage or losing ground to a competitor
- Disrupting the enterprise, by DDoS Cyber-Invasion or other malware that affects business operations
- Defrauding the enterprise, by IP theft or espionage that impairs a company’s ability to compete or causes a direct financial loss