Upload File

darknet analysis - kiras.at · classification: public 3 underground markeplaces • trading places...

  • Home
  • Documents
  • Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different
13
Darknet Analysis Peter KIESEBERG

Upload: others

Post on 22-Jun-2020

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Darknet Analysis

PeterKIESEBERG

Page 2: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 1

Darknet Analysis

Privacy-aware automated analysis of underground marketplaces

Page 3: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 2

The deep and the dark

SBA Research gGmbH, 2018

Taken from: https://www.deepweb-sites.com/

Page 4: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 3

Underground markeplaces •  Trading places

o  Malware (e.g. Ransomware, Bot nets)

o  Weapons, Drugs …

•  Based on different technologies o  Often TOR hidden services

o  Payment via Crypto-Currencies

•  Famous example: Silkroad

SBA Research gGmbH, 2018

Page 5: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 4

Goals Ø  Trends in the underground economy

Ø  Automated analysis of underground marketplaces

Ø  Four main targets: o  Automated information retrieval

o  Privacy sensitive analysis

o  Data protection and legal issues

o  Analysis of underground marketplaces

SBA Research gGmbH, 2018

Page 6: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 5

Special requirements 1.  Stealthy reconnaissance 2.  Privacy protection

3.  High degree of automation

4.  Integration with existing tools and workflows

SBA Research gGmbH, 2018

Page 7: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 6

Non-Goals Ø De-anonymization of TOR-traffic

Ø  Linking hidden services to actual places

Ø  Taking down marketplaces

Ø Comprehensive analysis of the market

SBA Research gGmbH, 2018

Page 8: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 7

Solution approach Ø  Iterative approach

Ø Several complete overhauls

Ø  Including structure

Ø Reducing size to app. 50 pages

SBA Research gGmbH, 2018

Page 9: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 8

Special Focus: Automation Core issue: Providers of UMs try to detect reconnaissance

Ø Source detection & generation

Ø Solving Captcha

Ø Automated profile generation

Ø Simulating user behavior

SBA Research gGmbH, 2018

Page 10: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 9

Privacy sensitive analysis Core issue: Provide analytical methods that respect privacy

Ø Study on the effects of anonymization on ML

Ø Privacy by Design in the reconnaissance process

Ø  Trends versus detailed analysis

Ø PAML SBA Research gGmbH, 2018

Page 11: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 10

Data Protection Ø Core issue: Protect the data collection for use as

evidence.

Ø Audit & Control

Ø Manipulation Detection

Ø  Traceability

SBA Research gGmbH, 2018

Page 12: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 11

Partners •  SBA Research •  TU Graz

•  University of Vienna (GSK)

•  Bravestone GmbH

•  BM.I

•  BMLV

SBA Research gGmbH, 2018

Page 13: Darknet Analysis - kiras.at · Classification: Public 3 Underground markeplaces • Trading places o Malware (e.g. Ransomware, Bot nets) o Weapons, Drugs … • Based on different

Classification: Public 12

Peter Kieseberg Research Coordinator SBA Research gGmbH Favoritenstraße 16, 1040 Vienna +43 660 312 6291 [email protected]

SBA Research gGmbH, 2018


pt BR SNWL-Infographic-Ransomware-US-IMAG-MKTG-458 · Detenha o ransomware com SonicWall Capture ATP das organizações foram infectadas por ransomware Fonte: CyberEdge Fonte: CNNMoney

RANSOMWARE PROTECTION€¦ · RANSOMWARE PROTECTION UIDE . ... Exploitation Exploit Mitigations Application Behavior Payload Execution ... PREVENTION AGAINST RANSOMWARE

Understanding Ransomware: Impact, Evolution and Defensive ...€¦ · 14/07/2014  · 3 Evolution of Ransomware 3.1 Historic Examples of Ransomware Ransomware trojans appeared as

Extracting information from darknet market advertisements

The Darknet Emerges

HONLEA 2017: Cybercrime, drugs and the darknet · 2017-06-30 · The Darknet • The Darknet is a collection of thousands of websites that use anonymity tools like TOR to hide their

Ransomware and tips to prevent ransomware attacks

Exploring the Darknet

Darknet: The Other Side

Ransomware - asecuritysite.com · Types •Locker Ransomware. Locks the computer. •Crypto Ransomware. Requires decryption key. •Master Boot Record Ransomware. Attack MBR so that

I See You: Darknet Revealed

Darknet-Based Inference of Internet Worm Temporal

Darknet · 2020-06-05 · convicted in Darknet. 3. Not only criminals use the Darknet. Politically persecuted people or journalists also need the anonymity to be able to work without

Darknet: la face sombre du web - 2

The OWL Cybersecurity Darknet Index - Squarespace · Introduction The OWL Cybersecurity Darknet Index Reranking the Fortune 500* using Darknet Intelligence (DARKINT) We live in an

Buying drugs on a Darknet market: a better deal? Studying ... · Road are commonly referred to as cryptomarkets, or Darknet markets (DNM). In this context, the Darknet is a set of

Cybercrime Tactics & Techniques: Q2 2019 Ransomware ......Ransomware shifts to business targets » Consumer ransomware drops -12% YoY & -25% QoQ » Business focused ransomware increase

Ransomware: Modern Day PiratesRansomware • What is ransomware • History of ransomware • Actors and their motivations • Anatomy of a ransomware attack • Cost of a ransomware

Follow the money in the cryptocurrency world · Follow the money in the cryptocurrency world. RANSOMWARE 3 MILLION ATTACKS 1 BILLION USD + 6000% IN BITCOIN. DARKNET MARKETS WEAPONS

The Darknet Index: U.S. Government Edition - The Denver Post · • Darknet Index Score - The darknet footprint score on which the rankings are based. • Sector - The market segment

Darker than Dark: The DarkNet

A visit to the darknet

The Effects of Police Interventions on Darknet Market Drug Prices · 2019-01-08 · Abstract This paper determines the effects of police interventions on darknet markets. Darknet

Darknet 150531165004-lva1-app6892

HOW DARK IS THE DARKNET? - IARIA · How Dark is the Darknet? { Dangers and Possibilities for the Digital Society. Darknet and Its Public Awareness: Is Reputation of Sciences and Technologies

Journey into The Darknet - RSA Conference · SESSION ID: #RSAC Greg Jones Journey into The Darknet CCT-R06 Director Digital Assurance @da_security

THE DEEP WEB AND THE DARKNET - Pensiero Critico · the Darknet has become a conduit for illegal and often dangerous activities. This policy brief outlines what the Deep Web and Darknet

The Dangers Of Using Tor On The Darknet And How To Fix It. · The Dangers of Using Tor on the Darknet Intro to Tor and the Darknet The darknet is a notion most internet users have

Darknet - Is it good for you?

ZERO TRACE DARKNET CARDER'S GUIDE

Ecommerce darknet

Going Dark: A Case Study on Banned Darknet Drug Forums€¦ · Darknet Drug Forums Selina Cho & Joss Wright Department of Computer Science & Oxford Internet Institute. Darknet Markets

Responding To Ransomware - NYMISSA · Ransomware is getting more sophisticated, and shifting to an enterprise threat. Ransomware Nightmares ... 50% of ransomware victims have paid

PAZINIT: RANSOMWARE · TRENDOVI •Tox - RaaS –Ransomware as a Service •Any user can register on the darknet site and choose to create their own cryptolocker-style software. They

The darknet