Dark Web Monitoring as an Emerging Cybersecurity Strategy for Businesses

PDF (691KB), PP.54-67

Views: 0 Downloads: 0

Author(s)

Ashwini Dalvi 1,* Sunil Bhirud 1

1. Department of Computer Engineering, Veermata Jijabai Technological Institute, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijieeb.2024.02.05

Received: 24 Jun. 2023 / Revised: 25 Aug. 2023 / Accepted: 13 Oct. 2023 / Published: 8 Apr. 2024

Index Terms

Dark web, Monitoring Tools, Commercial cybersecurity solutions, Threat Intelligence framework

Abstract

The increasing frequency and sophistication of cyberattacks targeting institutions have necessitated proactive measures to prevent losses and mitigate damages. One of these measures is to monitor the dark web. The dark web is a complex network of hidden services and encrypted communication protocols, with the primary purpose of providing anonymity to its users. However, criminals use the dark web to sell stolen data, launch zero-day attacks, and distribute malware. Therefore, identifying suspicious activity on the dark web is necessary for businesses to counter these threats. 
An analysis of dark web monitoring as an emerging trend in cyber security strategy is presented in this article. The article presents a systematic review of (a) why dark web surveillance enhances businesses' cybersecurity strategies, (b) how advanced tools and technologies are used to monitor dark web data in the commercial sector, (c) the key features of threat monitoring frameworks proposed by researchers, and (d) the limitations and challenges associated with dark web monitoring solutions. In summary, the proposed work involves analyzing various sources of information related to the topic and presenting a thorough assessment of the need and challenges of dark web surveillance to enhance the security measures of businesses.

Cite This Paper

Ashwini Dalvi, Sunil Bhirud, "Dark Web Monitoring as an Emerging Cybersecurity Strategy for Businesses", International Journal of Information Engineering and Electronic Business(IJIEEB), Vol.16, No.2, pp. 54-67, 2024. DOI:10.5815/ijieeb.2024.02.05

Reference

[1]Huang, Keman, Michael Siegel, and Stuart Madnick. "Systematically understanding the cyber attack business: A survey." ACM Computing Surveys (CSUR) 51, no. 4 (2018): 1-36.
[2]Leszczyna, Rafał. "Review of cybersecurity assessment methods: Applicability perspective." Computers & Security 108 (2021): 102376. 
[3]Cascavilla, Giuseppe, Damian A. Tamburri, and Willem-Jan Van Den Heuvel. "Cybercrime threat intelligence: A systematic multi-vocal literature review." Computers & Security 105 (2021): 102258.
[4]Kaur, Shubhdeep, and Sukhchandan Randhawa. "Dark web: A web of crimes." Wireless Personal Communications 112 (2020): 2131-2158.
[5]Zenebe, Azene, Mufaro Shumba, Andrei Carillo, and Sofia Cuenca. "Cyber threat discovery from dark web." EPiC Series in Computing 64 (2019): 174-183.
[6]Sarkar, Soumajyoti, Mohammad Almukaynizi, Jana Shakarian, and Paulo Shakarian. "Predicting enterprise cyber incidents using social network analysis on dark web hacker forums." The Cyber Defense Review (2019): 87-102.
[7]Rowley, Jennifer, and Frances Slack. "Conducting a literature review." Management research news 27, no. 6 (2004): 31-39.
[8]Basheer, Randa, and Bassel Alkhatib. "Threats from the dark: a review over dark web investigation research for cyber threat intelligence." Journal of Computer Networks and Communications 2021 (2021): 1-21.
[9]Nazah, Saiba, Shamsul Huda, Jemal Abawajy, and Mohammad Mehedi Hassan. "Evolution of dark web threat analysis and detection: A systematic approach." IEEE Access 8 (2020): 171796-171819.
[10]Alghamdi, Hanan, and Ali Selamat. "Techniques to detect terrorists/extremists on the dark web: a review." Data Technologies and Applications (2022).
[11]Mazi, Hilary & Mailewa, Akalanka & Ngniteyo, Arsene "The Influence of Black Market Activities through Dark Web on the Economy: A Survey.". (2020).
[12]Easttom, Chuck. "Conducting investigations on the Dark Web." Journal of Information Warfare 17, no. 4 (2018): 26-37.
[13]Hurlburt, George. "Shining light on the dark web." Computer 50, no. 04 (2017): 100-105.
[14]DEEPWEBADMIN. 2017. Build a black market in dark web only for $4500; Cybercrime goes PAAS. Visited on 30th March 2023 https://www.deepweb-sites.com/build-black-market-dark-web-4500-cybercrime-goes-paas/.
[15]Huang, Keman, Michael Siegel, and Stuart Madnick. Cybercrime-as-a-service: identifying control points to disrupt. Vol. 17. (2017).
[16]Meland, Per Håkon, Yara Fareed Fahmy Bayoumy, and Guttorm Sindre. "The Ransomware-as-a-Service economy within the darknet." Computers & Security 92 (2020): 101762.
[17]Camillo, Mark. "Cybersecurity: Risks and management of risks for global banks and financial institutions." Journal of Risk Management in Financial Institutions 10, no. 2 (2017): 196-200.
[18]Hossain, Md Jafrin, Umme Nusrat Jahan, Rejuan Haque Rifat, Annajiat Alim Rasel, and Muhammad Abdur Rahman. "Classifying Cyberattacks on Financial Organizations Based on Publicly Available Deep Web Dataset." In 2023 International Conference On Cyber Management And Engineering (CyMaEn),. IEEE, (2023): 108-116.
[19]Mador, Ziv. "Keep the dark web close and your cyber security tighter." Computer Fraud & Security 2021, no. 1 (2021): 6-8.
[20]Burgess, Jonah. "Malware and Exploits on the Dark Web." arXiv preprint arXiv:2211.15405 (2022).
[21]Pantelis, George, Petros Petrou, Sophia Karagiorgou, and Dimitrios Alexandrou. "On Strengthening SMEs and MEs Threat Intelligence and Awareness by Identifying Data Breaches, Stolen Credentials and Illegal Activities on the Dark Web." In Proceedings of the 16th International Conference on Availability, Reliability and Security, ( 2021): 1-7.
[22]Swasey, Katelyn. "Insufficient healthcare cybersecurity invites ransomware attacks and sale of phi on the dark web." Center for Anticipatory Intelligence Student Research Reports (2020).
[23]Akintaro, Mojolaoluwa, Teddy Pare, and Akalanka Mailewa Dissanayaka. "Darknet and black market activities against the cybersecurity: a survey." In The Midwest Instruction and Computing Symposium. (MICS), North Dakota State University, Fargo, ND. (2019).
[24]Samtani, Sagar, Ryan Chinn, and Hsinchun Chen. "Exploring hacker assets in underground forums." In 2015 IEEE international conference on intelligence and security informatics (ISI). IEEE, (2015): 31-36
[25]Gad, Mahmoud. "Crimeware marketplaces and their facilitating technologies." Technology Innovation Management Review 4, no. 11 (2014).
[26]Godawatte, Kithmini, Mansoor Raza, Mohsin Murtaza, and Ather Saeed. "Dark web along with the dark web marketing and surveillance." In 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT),  IEEE, (2019): 483-485. 
[27]Gupta, Abhineet, Sean B. Maynard, and Atif Ahmad. "The dark web phenomenon: A review and research agenda." (2019).
[28]Dalvi, Ashwini, Gunjan Patil, and S. G. Bhirud. "Dark Web Marketplace Monitoring-The Emerging Business Trend of Cybersecurity." In 2022 International Conference on Trends in Quantum Computing and Emerging Business Technologies (TQCEBT), IEEE, (2022): 1-6.
[29]Miloshevska, Tanja. "Dark web as a contemporary challenge to cyber security." Kriminalističke teme–Časopis za kriminalistiku, kriminologiju i sigurnosne studije 19, no. 5 (2019): 117-128.
[30]Dark owl monitoring. https://www.darkowl.com/  Accessed on 30th March 2023.
[31]Echosec Beacon https://flashpoint.io/platform/echosec/ Accessed on 30th March 2023.
[32]Alert Logic Dark Web scanner. https://www.alertlogic.com/resources/webinars/addressing-vulnerabilities-and-threats-from-dark-web-attacks/  Accessed on 30th March 2023.
[33]Acid Cyberintelligence. https://www.acid-tech.com/ Accessed on 30th March 2023. 
[34]Norton DRK Web Monitoring  https://us.norton.com/feature/dark-web-monitoring Accessed on 30th March 2023. 
[35]Ghosh, Shalini, Ariyam Das, Phil Porras, Vinod Yegneswaran, and Ashish Gehani. "Automated categorization of onion sites for analyzing the darkweb ecosystem." In Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, (2017): 1793-1802
[36]Schäfer, Matthias, Markus Fuchs, Martin Strohmeier, Markus Engel, Marc Liechti, and Vincent Lenders. "BlackWidow: Monitoring the dark web for cyber security information." In 2019 11th International Conference on Cyber Conflict (CyCon), vol. 900, IEEE, (2019): 1-21.
[37]Zambiasi, Diego. "Drugs on the web, crime in the streets. the impact of shutdowns of dark net marketplaces on street crime." Journal of Economic Behavior & Organization 202 (2022): 274-306.
[38]Catolino, Gemma, "Illicit Darkweb Classification via Natural-language Processing: Classifying Illicit Content of Webpages based on Textual Information", ISBN 978-989-758-590-6, (2022)
[39]Williams, Ryan, Sagar Samtani, Mark Patton, and Hsinchun Chen. "Incremental hacker forum exploit collection and classification for proactive cyber threat intelligence: An exploratory study." In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI), IEEE (2018): 94-99.
[40]Biswas, Baidyanath, Arunabha Mukhopadhyay, Sudip Bhattacharjee, Ajay Kumar, and Dursun Delen. "A text-mining based cyber-risk assessment and mitigation framework for critical analysis of online hacker forums." Decision Support Systems 152 (2022): 113651.
[41]Ebrahimi, Mohammadreza, Yidong Chai, Sagar Samtani, and Hsinchun Chen. "Cross-Lingual Cybersecurity Analytics in the International Dark Web with Adversarial Deep Representation Learning MIS quarterly 46, no. 2 (2022).
[42]Samtani, Sagar, Yidong Chai, and Hsinchun Chen. "Linking exploits from the dark web to known vulnerabilities for proactive cyber threat intelligence: An attention-based deep structured semantic model." MIS quarterly 46, no. 2 (2022): 911-946.
[43]Jeziorowski, Susan, Muhammad Ismail, and Ambareen Siraj. "Towards image-based dark vendor profiling: An analysis of image metadata and image hashing in dark web marketplaces." In Proceedings of the Sixth International Workshop on Security and Privacy Analytics, (2020): 15-22. 
[44]Kavallieros, Dimitrios, Dimitrios Myttas, Emmanouil Kermitsis, Euthimios Lissaris, Georgios Giataganas, and Eleni Darra. "Understanding the dark web." Dark Web Investigation (2021): 3-26.
[45]Al Jawaheri, Husam, Mashael Al Sabah, Yazan Boshmaf, and Aiman Erbad. "Deanonymizing Tor hidden service users through Bitcoin transactions analysis." Computers & Security 89 (2020): 101684.
[46]He, Siyu, Yongzhong He, and Mingzhe Li. "Classification of illegal activities on the dark web." In Proceedings of the 2nd International Conference on Information Science and Systems, (2019): 73-78.
[47] Queiroz, Andrei Lima, Susan Mckeever, and Brian Keegan. "Detecting Hacker Threats: Performance of Word and Sentence Embedding Models in Identifying Hacker Communications." In AICS, pp. 116-127. 2019.
[48]Sabbah, Thabit, and Ali Selamat. "Modified frequency-based term weighting scheme for accurate dark web content classification." In Information Retrieval Technology: 10th Asia Information Retrieval Societies Conference, AIRS 2014, Kuching, Malaysia, Springer International Publishing, (2014): 184-196.
[49]Dalins, Janis, Campbell Wilson, and Mark Carman. "Criminal motivation on the dark web: A categorisation model for law enforcement." Digital Investigation 24 (2018): 62-71.
[50]Avarikioti, Georgia, Roman Brunner, Aggelos Kiayias, Roger Wattenhofer, and Dionysis Zindros. "Structure and content of the visible Darknet." arXiv preprint arXiv:1811.01348 (2018).
[51]Marin, Ericsson, Ahmad Diab, and Paulo Shakarian. "Product offerings in malicious hacker markets." In 2016 IEEE conference on intelligence and security informatics (ISI), IEEE, (2016): 187-189.
[52]Zabihimayvan, Mahdieh, Reza Sadeghi, Derek Doran, and Mehdi Allahyari. "A broad evaluation of the tor english content ecosystem." In Proceedings of the 10th ACM Conference on Web Science, pp. 333-342. 2019.
[53]Fidalgo, Eduardo, Enrique Alegre, Victor González-Castro, and Laura Fernández-Robles. "Illegal activity categorisation in DarkNet based on image classification using CREIC method." In International Joint Conference SOCO'17-CISIS'17-ICEUTE'17 León, Spain, Springer International Publishing, (2018): 600-609.
[54]Dalvi, Ashwini, Soham Bhoir, Irfan Siddavatam, and S. G. Bhirud. "Dark Web Image Classification Using Quantum Convolutional Neural Network." In 2022 International Conference on Trends in Quantum Computing and Emerging Business Technologies (TQCEBT), IEEE, (2022): 1-5.
[55]Gercke, Marco. "Ethical and Societal Issues of Automated Dark Web Investigation: Part 4." Dark Web Investigation (2021): 169-187.
[56]Chertoff, Michael. "A public policy perspective of the Dark Web." Journal of Cyber Policy 2, no. 1 (2017): 26-38.
[57]Best Dark Web Monitoring Tools https://sourceforge.net/software/dark-web-monitoring/ Accessed on 30th March 2023.