De-anonymizing of entities on the onion sites operating on TOR Network
ABSTARCT :
Background: Dark web is being used for illegal purposes and number of market places are being operated by the underground operators which facilitate illegal buying/selling of drugs/weapons/data leaks/counterfeit moneys/documents etc. Platforms, being anonymise to the LEA, make it difficult to identify the market place running on dark web mainly TOR Network. Description: Running the illegal sites on dark web network only requires the access of TOR Browser and TORRC file to run the market from local system.
For hosting the services, people may utilise the paid or freely available hosting servers.
Being on TOR network (V3), it is very difficult to identify the underground operator running the market. Amid running market on TOR network, the underground operator provides the access of his portal though his ISP/VPN services which has been taken from the respective ISP of his country and the VPN service provider.
Expected Solution: It is expected that any solution like tool or technique may be developed the underground operator running the market may be identified.
The participants may target finding the actual IP/VPN IP being used by the players of the onion sites. The participants may also try to find out other personally identifiable information (PII) regarding the underground operators active on the onion sites.
EXISTING SYSTEM :
We find that many Tor users misunderstand technical aspects of onion services, such as the nature of the domain format, rendering these users more vulnerable to phishing attacks. Second, we find that users have many issues using and managing onion services, including having trouble discovering and tracking new onion domains.
Our data also suggests that users may visit onion domains that are slight variations of popular onion domains, suggesting that typos or phishing attacks may occur on onion domains.
Third, users want improvements to onion services such as improved performance and easier ways to keep track of and verify onion domains as authentic.
Many of the shortcomings that we discover could be addressed with straightforward and immediate improvements to the Tor Browser, including improved security indicators and mechanisms to automatically detect domains that may be typos or phishing attacks.
DISADVANTAGE :
1. Privacy Violations
Risk to Individuals: De-anonymization can lead to the exposure of sensitive personal information, which may result in harassment, stalking, or worse. People who use Tor for privacy reasons—whether for legal activities or to evade persecution—can suffer severe consequences if their identities are revealed.
Chilling Effect: The fear of being de-anonymized can deter people from using Tor for legitimate purposes, such as whistleblowing, political activism, or protecting personal privacy.
2. Legal and Ethical Issues
Illegality: Attempting to de-anonymize individuals on the Tor network often involves activities that may be illegal or unethical. For instance, it may involve hacking, illegal surveillance, or other forms of unauthorized access.
Misuse of Information: Even if de-anonymization is achieved, the information might be used unethically. This can include blackmail, false accusations, or other harmful actions against individuals.
PROPOSED SYSTEM :
The system would start with a Traffic Analysis Module that employs sophisticated algorithms to monitor and correlate traffic patterns, aiming to identify relationships between users and onion sites. Complementing this, the End-to-End Timing Attacks Module would focus on analyzing the time delays in data transmission to detect correlations that could reveal user identities.
The Network Analysis Module would involve monitoring traffic at key points within the Tor network, such as exit nodes and hidden services, to uncover potential identifiers.
Additionally, the De-Anonymization Techniques Module would utilize advanced profiling and fingerprinting methods to build detailed user profiles based on browsing behavior and technical characteristics. The Vulnerability Exploitation Module would focus on identifying and exploiting weaknesses in Tor software and protocols to gain insights into user identities.
Integrated with these modules, the Data Integration and Analysis Module would cross-reference data from various sources to create comprehensive user profiles.
ADVANTAGE :
1. Combatting Illegal Activities
Disrupting Criminal Networks: De-anonymizing entities can help law enforcement agencies and other authorities to identify and dismantle illegal operations, such as drug trafficking, human trafficking, or other forms of organized crime that utilize the anonymity of Tor to operate.
Preventing Harm: By uncovering the identities of individuals involved in illegal activities, authorities can prevent potential harm to victims and address criminal actions more effectively.
2. National Security and Counterterrorism
Preventing Terrorism: De-anonymizing individuals who are using Tor for planning or executing terrorist activities can be crucial for national security. Identifying and disrupting such activities can prevent potential attacks and enhance public safety.
Tracking Extremist Groups: Authorities can track and investigate extremist groups that operate on Tor, reducing the risk of radicalization and violent actions.
3. Legal and Investigative Purposes
Criminal Investigations: In some cases, de-anonymizing individuals may be necessary for legal investigations and prosecution. This can be crucial for building cases against suspects involved in serious crimes where anonymity has been used to evade justice.
Judicial Oversight: Properly executed de-anonymization, under judicial oversight, can support lawful investigations and ensure that due process is followed, balancing privacy concerns with the need for security.
4. Improving Anonymity Technologies
Strengthening Privacy Tools: Understanding the techniques and methods used to de-anonymize users can lead to advancements in privacy technologies. Researchers and developers can use this knowledge to strengthen the anonymity and security features of tools like Tor, ensuring that users are better protected in the future.
|