TY - GEN
T1 - Shedding Light on Dark Korea
T2 - 20th World Conference on Information Security Applications, WISA 2019
AU - Lee, Jinhee
AU - Hong, Younggee
AU - Kwon, Hyunsoo
AU - Hur, Junbeom
N1 - Funding Information:
Acknowledgment. This work was supported by Institute of Information communications Technology Planning Evaluation (IITP) grant funded by the Korea government (MSIT) (No.2018-0-00269, A research on safe and convenient big data processing methods), (No.2019-0-01697, Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security).
Publisher Copyright:
© 2020, Springer Nature Switzerland AG.
PY - 2020
Y1 - 2020
N2 - The Dark Web sites are operated over anonymity-preserving protocols like Tor, making users of the Dark Web services more resilient to identification and monitoring. Although some previous works have focused on understanding the size of the Dark Web services and investigating their criminal activities, there is a lack of research on chronological analysis and in-depth profiling of the Dark Web sites, particularly in South Korea. Therefore, in this study, we implemented a Dark Web crawling system, and collected seed and sub Dark Web URLs using it. Then, the 3,000 Dark Web sites from the seed URLs were selected and their web pages were captured for profiling. An in-depth analysis was then conducted on the collected 3,000 Dark Web sites, and an intensive categorization was performed on the basis of their major criminal activities. We then carried out an in-depth profiling for top 3 Korean Dark Web sites to investigate cyber criminal activities in South Korea. In the profiling, criminal activities were collected and analyzed in a chronological point of view. Personal information leakage and Sybil IDs in the Dark Web were also identified based on the PGP keys we collected.
AB - The Dark Web sites are operated over anonymity-preserving protocols like Tor, making users of the Dark Web services more resilient to identification and monitoring. Although some previous works have focused on understanding the size of the Dark Web services and investigating their criminal activities, there is a lack of research on chronological analysis and in-depth profiling of the Dark Web sites, particularly in South Korea. Therefore, in this study, we implemented a Dark Web crawling system, and collected seed and sub Dark Web URLs using it. Then, the 3,000 Dark Web sites from the seed URLs were selected and their web pages were captured for profiling. An in-depth analysis was then conducted on the collected 3,000 Dark Web sites, and an intensive categorization was performed on the basis of their major criminal activities. We then carried out an in-depth profiling for top 3 Korean Dark Web sites to investigate cyber criminal activities in South Korea. In the profiling, criminal activities were collected and analyzed in a chronological point of view. Personal information leakage and Sybil IDs in the Dark Web were also identified based on the PGP keys we collected.
KW - Dark Web
KW - Deep Web
KW - Profiling
KW - Sybil identity detection
UR - http://www.scopus.com/inward/record.url?scp=85079093535&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-39303-8_27
DO - 10.1007/978-3-030-39303-8_27
M3 - Conference contribution
AN - SCOPUS:85079093535
SN - 9783030393021
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 357
EP - 369
BT - Information Security Applications - 20th International Conference, WISA 2019, Revised Selected Papers
A2 - You, Ilsun
PB - Springer
Y2 - 21 August 2019 through 24 August 2019
ER -