SlideShare une entreprise Scribd logo

Tor project and Darknet Report

A
Ahmed Mater

A free software implementation of second-generation onion routing that help the user to be anonymous while using the internet so it protect the user’s privacy from being monitored Some people use it in the wrong way which lead to what is called now “The Darknet” : A black spot in the internet which involve all the criminal activities on the internet such as selling Drugs, fraud, copyright infringement and piracy and so on.

Formation
1  sur  21
Télécharger pour lire hors ligne
Tor Project and The Darknet Computer Networks By: Ahmed Motair El Said Mater 4th year Computer and Systems Dept. Presented to: Dr. Nesreen I. Zidan
Contents: 1. Introduction 2. The Network Surveillance 3. The Creation of Tor 1. Dr. David Lee Chaum (Mix Network Approach) 2. Paul Syverson (The Onion Router Approach) 4. The Usage of TOR (Legal Hidden Services) 5. What is the Darknet (Illegal Hidden Services) 6. Internet vs Deep web vs Darknet 7. Attacks on TOR Network (Operation Onymous) 1. Introduction: Tor is a free software used to protect privacy against internet surveillance. It provides the user full anonymity so that the Technology companies and ISP companies can’t track back its traffic. Internet Surveillance has spread in a wide range maybe It’s done by some websites which monitor your internet traffic, analysis it and save it in their databases in a special profile dedicated for you which can be useful in the next future or It could be done by the governments who collect intel about the citizen claims to be for maintaining the security in the country. This data is very sensitive as it may contain private details about people which no one has to know about, but the technology companies on the other hand make use of this data and sell it to the advertising companies or may be sent to an intelligent agency or the government in the country as a part of a surveillance project. This leads to thinking about Tor which is designed to protect the users from being surveilled by other companies or agencies or governments. Now using Tor you can surf the internet freely without any worries of surveillance or traffic monitoring. Tor is the acronym of “The Onion Router” which is the technique used to protect the users traffic from being monitored and hide their real identity. The Onion Routing -in a brief- is working very simple where the message is encrypted several times, send over several nodes, at each node one encryption layer is decrypted and send to the next node until it reaches the
last node with the last encryption layer which is decrypted and now we have the message and the destination address and this node starts to send the it to the destination so any traffic analysis will think that this last node is the sender but actually it isn’t. Although the Tor Network was intended to help people protect their privacy and their traffic from being surveilled but also this powerful secure tool is used for an evil purpose in which criminals uses it to hide their identities while committing crimes and a black side in the internet has emerged “The Darknet”. It’s the place where so many illegal activities take place on the internet such as selling drugs, hiring murders, piracy, pornography, gambling and all kind of fraud… etc. Tor is praised for providing that strong privacy and anonymity by computer security researchers and agencies of the NSA who said: “It’s the King of high-secure, low-latency internet anonymity”. But on the other hand It’s not 100% secure specially for close and manually monitoring of Tor users and some other means such as targeting outdated versions of Firefox browsers codenamed Egotistical Giraffe or implementing a vulnerable software on a Tor user’s computer, Tor network has also suffered a great attack known as the “Operation Onymous” which has been led by the some security agencies such as FBI, NSA, DHS, DEA and more other law enforcements to shut down some black markets in the Darknet such as: Silk Road and Hydra. 2. The Network Surveillance: Most of the technology companies are monitoring the internet traffic of their customers while surfing the internet. Not only the Technology companies but also many of the government agencies around the world under projects which is considered mass surveillance over the society, the internet users and even the data over the cell phones too. First we will talk about How the network surveillance is done: Packets of data are sent over the network which are moving from one node to another along the path from its source until it’s assembled at its destination. During this routing the companies put a computer program or may be a piece of
hardware that intercept the data movement or may be a hardware, These are called Packet Capture or Packet Sniffing. This Packet Capture is an application can intercept the data transferred over the network and also log all the traffic. It also has the ability to capture the packet, copy, decode its raw data and know its content and after analyzing this data it saves the information to a profile. Edward Snowden is a computer security professional, former CIA employee and former government (NSA) contractor. On June, 6 2013, Edward has leaked a very sensitive documents to The Guardian and The Washington Post that proves the existence of mass data collection projects that were more far beyond what the public knew. He characterized these projects with “Dangerous” and “Criminal” activity, One of these projects is known as PRISM which is a secret surveillance program under the supervision of the National Security Agency (NSA) which collects the data traffic of the users from at least nine major internet company in the USA. With the help of more other technology companies that participate in this project such: Microsoft in 2007, Yahoo! in 2008, Facebook in 2009, Paltalk in 2009, Google in 2009, YouTube in 2010, Skype in 2011, AOL in 2011 and Apple in 2012. The documents leaked by Edward indicate that 98% of the PRISM production is based on Yahoo, Microsoft and Google. After the revealing of this important documents by Edward the public has made a wide range of outcry over these technology companies that helped the NSA in its spying project which led to a great lose for these companies. The loss is estimated in the cloud-based computing systems up to 35 million dollars in the next three years especially: Google, Cisco and AT&T. In an interview with The Guardian, Snowden said: “I don’t want to live in a society that does these sort of things”
PRISM Overview PRISM was just an example for one of the surveillance projects but there are more other projects such as: MUSCULAR (DS-200B), DCSNet, X- Keyscore, Stellar Wind ,….. etc. The Advantages of the Network Surveillance: 1. It helped some countries to maintain its security and prevent some crimes or any illegal activities in their countries. 2. Also most of the Social Media Websites such as Twitter, Facebook, YouTube…. etc. enable people to contact and communicate with friends, family and get new friends everyday
The Disadvantages of the Network Surveillance: 1. If these data are leaked into the wrong hand it will threaten the life of many people because of the very sensitive private details 2. Some of the journalists and whistleblowers uses the internet to transfer very important document about corruption in some companies so if their identities are known they will be in danger Finally we can see that Surveillance is a double-edged weapon that may be useful to protect the national security of the country but it may go beyond this to threaten people life. 3. The Creation of TOR : 1. Mix-Networks Approach: The story begins with Dr. David Lee Chaum who is considered the father of anonymity. He is a cryptographer and the inventor of many cryptographic protocols. In the early 1980s, He was very ahead of his time as he predicted that in the next 15 or 20 years the privacy of the user on the internet won’t be private and the world with computer networks and the great progress in computer abilities will make the idea of mass surveillance possible. Although it was early in his time but he started working on an idea that could protect the user from being surveilled and he called it “Mix Networks”. The Mix Networks Routing Protocols: they are routing protocols that work on making the user anonymous while using the internet. In general, they create a hard-to-trace communications between nodes by encrypting the messages coming from multiple nodes and send them to a node which decrypts the layer of encryption, shuffle them and send them to their destinations in a random order. Due to the separation between the sender and receiver it becomes harder for the packet analyzer to determine the sender or the receiver of which message sent over the network.
The Mix Networks in detail: For Example: we have 4 nodes (A, B, C and D) and each node has a message to be sent. 1. Each message is encrypted using a public key cryptography to each proxy which result in a layer of encryption and not only one layer but they are 3 layers of encryption, this is similar to the Russian Doll (Matryoshka). - The message and the destination are in the inner most of the packet - Each layer has packet encrypted and the address of the next node - The whole packet is routed over several nodes (called mixers) 2. At the first Node : Let’s start with message A as example, when the message A reaches the first node (first mixer), the first layer is decrypted using its Private key, and it waits until another messages are received in this node and added to the waiting queue. 3. After receiving a bunch of messages they are shuffled and sent in a random order to the second node (second mixer). 4. The second mixer receives each message and decrypt the second layer of encryption using its private key and determine the next destination and waits for more messages to shuffle them and send them in random order to the third mixer.
5. Finally at the third mixer, the messages are received and the final layer of encryption is decrypted, now we have the messages and the addresses of their destination where they will be sent to. The security in this method is that at each mixer: 1. The sender and the destination aren’t real and the packet is encrypted 2. The incoming messages and outgoing one aren’t in the same order 3. The content of messages look different Those makes it difficult for the Hacker or the Attacker to correlate between the incoming and outgoing messages at each mixer. At the beginning, when David Chaum thought about this method it was based on mixing the messages at one node (one mixer), that was a major flaw as if the hacker comprised the shuffled message at that mixer then he can know the sender and the receiver that will reveal the identity of the user, and the solution to this problem is to chain a bunch of mixers that will make it more difficult for the hacker to comprise all the mixer to defeat the anonymity provided by this approach. Although the Mix-Networks Approach is successful in making the user more anonymous but there is some disadvantages such as: 1. Latency: as the message needs to wait for another more messages to shuffle and hide between them. 2. Complexity: as to make the network more secure you have to increase the number of the mixers. 2. The Onion Router Approach: In the mid-1990s, the US Naval Research Laboratory has worked on a project which is its purpose is to protect the US intelligence communications online from being monitored or surveilled by the technology company or any other traffic tracker. Paul Syverson, Michael Reed, David Goldschlag, Nick Mathewson and Roger Dingledine are mathematicians and computer scientists who worked on the TOR project.
- In 1997 the Onion Routing is developed by DARPA - On 20 Sept 2002 The Onion Router or TOR Project is launched - On 13 August 2004 TOR 2nd Generation is presented - In 2004 US Naval Research Lab released the code of TOR under the free license - In 2006 the Electronic Frontier Foundation (EFF) begun funding the TOR project as a non-profit organization by Dingledine and Mathewson and five others Dr. Paul Syverson continued the work of Dr. David Chaum in the anonymity and overcome the disadvantages in his approach, by not depending on collecting some messages but routing the message through some anonymous users. According to his method, He can’t be anonymous alone but he needs more anonymous users to be anonymous with them and this is will build the TOR Network. The Onion Routing aims to conceal the identity of the user and his activity from any network surveillance by routing his packet through a volunteering worldwide network of servers which makes it difficult on the attackers from monitoring the internet traffic. Now How the Onion Routing works in details? First we have to describe the environment of the TOR Network in which we have a Sender node (Let’s say its Alice’s Computer) and a network of anonymous TOR clients (the Clients with the + sign) and we have a Destination (Let’s say its Bob’s Computer)
So what will happen if Alice want to send a message to Bob 1. The routing path has to be constructed by sending a request from the sender to a Central Server (It’s the node that has information about the Tor nodes sometimes called Directory Node), It replies with a set of Tor nodes which we call them Circuit or Chain This Circuit consists of 3 nodes: 1. The 1st node is called the Entry Node 2. The 2nd node is called the Middle Node 3. The 3rd node is called the Exit Node 2. The Sender (Alice) will make a Node to Node connection with the Entry Node by sending a creation request with a Node to Node Key (Let’s call it ID1) which is only know by the Entry Node and the Sender only, then the Entry Node replies with circuit created. 3. Now we have a secure path from Alice to the Entry Node. 4. Then Alice continue in creating the Path by sending an extend request to the Entry Node with the address of the next node. 5. The Entry Node will make a Node to Node connection with the Middle Node by sending a creation request to the Middle Node with a Node to Node key (Let’s say ID2) which is only known by the Entry Node and Middle Node only and the Sender doesn’t know it, then the Middle Node replies with circuit created. 6. Now for the last circuit, The sender send an extend circuit request to the Entry Node with the address of the next Node which will send another extend circuit request to the Middle Node with the address of the next Node
7. The Middle Node will send a creation request to the Exit Node with a Node to Node Key (Let’s say ID3) which is only known by the Middle Node and the Exit Node, and the Sender and the Entry Nodes doesn’t have to know it, then the Exit Node replies circuit created 8. The previous steps are only to establish a secure circuit between nodes but until now no data has been sent over the circuit, this last figure represents the secure channel where the data will be sent. 9. Now the Circuit is complete let’s send the Data, The Sender will encrypt the data with the three layers of encryption as in (Chaum Mix-Networks) and each Node has a different private key to decrypt one of these layers of encryption. 10. When the data reach the exit node and the final layer of encryption is decrypted, the Exit Node now have the message and the destination. It will establish a connection between it and the destination node to send the message, this node will seem to others as it’s the real sender but in fact it isn’t.
Some Notes on The Onion Router: 1. Each Node from the 3 nodes can’t send to or receive from except the previous node and the next node, also it can’t see the full circuit ex: the Middle node can deal only with the Exit and Entry Node and don’t know anything about the Sender or the Destination nodes. 2. Each connection between any two adjacent nodes is secured with a unique ID for transferring, and no other nodes know about this ID. 3. The Packet is encrypted multiple times with a unique public key and its corresponding private key is found at one of the nodes in the circuit. 4. If we want more security we can increase the number of the routing nodes but it will cause more delay in the data transfer due to the more encryption and decryption and connection creating. The Advantages of TOR: 1. Tor is considered a strong security tool against surveillance 2. It’s the low latency anonymity network 3. Unlike Mix-Networks, the message doesn’t have to wait for more messages The Disadvantages of TOR: 1. It isn’t safe against end-to-end correlation (attacks at the boundaries of Tor network) and manual traffic analysis. 2. It’s slow as the message is routed many times 3. Some ISP tries to search and block Tor relays 4. The Usage of TOR: TOR enables users to surf the internet freely without any traffic analysis or being afraid from surveillance. Users can chat or communicate anonymously using Tor. But Tor is considered a double-edged weapon in which some users use it in legal and illegal purposes. A common question is asked, why someone needs to be anonymous on the internet. The first thought that comes to mind that he is up to something illegal or maybe he is paranoid about privacy, but you be wrong about that as Tor helps many people for good and legal purposes.
The websites hosted by the Tor Servers (Tor nodes) are called (Hidden Services) they can’t be accessed by the IP address or a normal address but with an encrypted address called the onion address. Who uses TOR (Legal Hidden Services)? 1. Normal people: uses it to protect their privacy from being monitored by the companies, also to protect their private life issues from being surveilled and sold!!!! Also protecting their daily movements from being known. If this information are known, it may cause dangers for the family members. 2. Journalists: who report sensitive information over the internet, especially if this information could reveal the corruption of someone or companies so their identity must be kept secret. 3. Law enforcement officers: when tracking illegal sites on the internet, some officers are exposed to danger if their identities are known. So they uses Tor in their operations. 4. Activists: uses Tor to hide their identities, so they can communicate more secure without being monitored by the government. They used Tor in wide range especially in the Arab Spring in the middle east, all the Human Right organizations recommend Tor for the safety of the activists. 5. Whistleblowers: as for the activist, also Whistleblowers uses Tor to report their sensitive information, many of them are being pursued and wanted by the governments so keeping their identities hidden is very important. 6. Government organizations: uses Tor for their communications especially between agents in different countries. So the agents can report information safely without being tracked or the information surveilled. It is worth to be mentioned one of the most famous Hidden Services in the Tor network which is “WikiLeaks”. It’s an International non-profit journalist’s organization that publishes secret sensitive information, classified media from anonymous users and
news leaks related to some countries that shows their corruption reveal the truth about many missions. Julian Paul Assange is an activist, computer programmer and a hacker who hacked into the databases of many high profile organizations, and on October 2006, he started working on WikiLeaks a website that intended to collect and share confidential leaked documents, and start to encourage more activists all over the world to send more leaked documents using Tor that keep their identities safe from the governments. One of the famous leaks shared in the web site is the documents of (Iraq war & Afghan war) in 2010. They released a U.S. military manual that provided detailed information on the Guantanamo detention center and they were referred to it with “The largest leak of classified documents in the history” Those leaks outraged the US and UK governments so they put Assange under investigation and now he granted a political asylum by the Embassy of the Ecuador in London. These are examples of the Legal uses of the Tor network but on the other hand some people have misused Tor for illegal purposes and releases what is known by the Darknet 4.What is The Darknet? The Darknet is a vast amount of Hidden Services or Websites which is related to the criminal activities and all the illegal activities on the internet, Its Content isn’t indexed by the search engines and can’t be accessible direct by their addresses but they need special software such as Tor or some configurations. Some of the users refer to the Tor Darknet with the “OnionLand”.
What is the Content of the Darknet (Illegal Hidden Services)? 1. Black Markets: are markets to sell all the illegal stuff such as: Drugs, Guns and stolen stuff and so on, they have made use of the anonymous tools to build these markets such as Tor and Bitcoin, but the most interesting about these black markets are about making reviews and ratings for the items, the Most famous Black Market is (Silk Road). 2. Hacking Services: as Tor is hidding the identity of the users, many hackers are using Tor for their attacks so they can’t be identified, and where they offer their services. One of the famous Hacking groups is (Anonymous). 3. Fraud: like the black market, Tor is used for fraud activity and selling stolen credit cards and bank accounts, also many websites that works for scams and counterfeiting. 4. Hitmen for Hire: some murders offer to kill people using Tor so they can keep their identities safe on these websites of the Darknet, some may refer to this as (Assassination Market) where people offer money for the assassination of someone. 5. Illegal Pornography: some websites include contents of child pornography under the legal age of 18, also revenge porn, sexualized torture. Some of these sites is full of harmful malwares. 6. Terrorism: some groups uses Tor to commit crimes and kill innocence peoples such as (ISIS – Daesh), During the Onymous Operation one of their websites has been seized and another one is hacked by the Group (Anonymous) in November 2015 after the Paris attacks. 7. Copyright Infragment: using some tools such as Tor, BitTorrent and other peer-to-peer file sharing tools, some users share copyrighted items such as books, films, videos, and more other copyrighted items. The Most famous file sharing sites (The Pirate Bay)
8. The Hidden Wikis: Its main page includes many links to many illegal advertises such as drugs, guns, fraud, hiring murders, hacking services but the most of them is child abuse advertises which raged many Hacking groups such as: Anonymous and they said: “It does not matter who you are, if we find you to be hosting, promoting, or supporting child pornography, you will become a target” With the presence of anonymous tools such as Tor (for anonymous identity) and Bitcoin (as an anonymous virtual currency), a black market becomes no big deal where you can buy and sell without being tracked or known, but we have to consider that Tor has its own legal usages to such as protecting Journalists and activists who work to reveal the truth such as the news shared by WikiLeaks, also for protecting users from surveillance and their privacy from being monitored. It isn’t the fault of Tor that the criminals are using it for their illegal purposes, The story begins when the agencies all over the world are gathering information about every citizen in their countries and working on mass surveillance projects to gain control over the people. “Now the criminals have the privacy and they became very powerful” Some Comments about the Darknet: 1. Criminals can already do bad things. Since they're willing to break laws, they already have lots of options available that provide better privacy than Tor provides.... 2. Tor aims to provide protection for ordinary people who want to follow the law. Only criminals have privacy right now, and we need to fix that....
6. The Internet, Deep Web and Darknet: You must have heard about those terms and they seem to be confusing so we are going to explain them in details: 1. The Internet: It’s the ordinary part accessible by everyone and indexed by the search engines such as: Facebook and Wikipedia and other websites, it may be called the Ordinary or the Surface Web too. 2. The Deep Web: It’s the part that can’t be accessible by searching as it isn’t indexed by the search engines, and to access any site of it you have to log on to it direct using its address such as: Academic information and Bank databases, It’s very large for the search engines to cover, and It’s larger than the internet too. 3. The Darknet: It’s a subset of the Deep Web which mean that it’s unindexed by the search engines too so you can’t search for them using Google or Bing or other search engines, but they differ from the Deep Web as they need special configuration and authentication to gain access to them, and they seem to be associated with criminal activities such as: Hire-for-hit, Drugs, Fraud, Pornography and Gambling, and so on.
7. Attacks on TOR (Operation Onymous): “TOR Stinks” was a headline in a classified slide deck in a leaked document from the NSA by Edward Snowden, It also said: “We will never be able to de-anonymize all Tor users all the time” but on the other hand “With manual analysis we can de- anonymize a very small fraction of Tor users”. Some people claim that Tor isn’t safe especially after the recent attacks and closure of some black markets such as: Silk Road and the arrest of their Administrators, so Is it really safe to use Tor without being monitored? In October 2013, after analyzing the leaked documents of the NSA by Snowden, The Guardian reported that NSA tried many times to crack the Tor network and failed due to its powerful security. So How Websites as Silk Road are shut down? Before that we will talk first about Operation Onymous: It’s the largest attack that Tor has ever faced since its creation, it was led by the US and European security agencies who worked hard to infiltrate the Tor network and bring its black markets down, their main target was Silk Road. It took about 2 years of investigation and gathering intel but finally the Attack was very successful as in October 2013 The FBI had shut down the biggest black market Silk Road and arrested its Administrator who is known as
“Dread Pirate Roberts” with real name “Ross William Ulbricht”. Ross fall due to a mistake as he is using his e-mail address rossulbricht@gmail.com and The FBI agents starts to link it with his Google+ and YouTube accounts and his LinkedIn profile until they got many evidences, arrested him and was sentenced to life in prison without possibility of parole, the FBI described this website as: “The most sophisticated and extensive criminal marketplace on the Internet today” They have also seized over 400 Websites beside Silk Road such as: Hydra and Cloud 9 and Other Sites which involved criminal activities such as money laundering and fraud, also the attack has involved the arrest of 17 Administrators and seized millions of dollars in Bit coins beside drugs and the illegal stuff. The Question now, after this huge attack on the Tor network Is Tor really make us anonymous? and How these sites are brought down? The Law enforcement are very secretive about the way and tools they uses in that attack as Troels Oerting who is the Head of the European Cybercrime Centre EC3 said: “This is something we want to keep for ourselves. The way we do this, we can’t share with the whole world, because we want to do it again and again and again” No one until now know how did they cracked the Tor network but on the other hand Tor’s developers gave some possibilities: 1. Poor Operation security: one of the most obvious explanation for the success of the attack is the poor administration of the websites, most of the Administrators was careless in hiding their identities, there are some reports of one of the websites that has been infiltrated by undercover agents such as (Silk Road) 2. SQL Injections: most of the websites are quickly coded but not well coded, and many of them have many bugs which is a very big problem this helps the attacker to gain information about the administrator.
3. Bitcoin de-anonymization: Ivan Postogarov has recently worked on a method for de-anonymizing the Bitcoin and get the traffic transactions of the clients who uses it, although it need some requirements to successfully track the clients but may be some clients have fallen victims to this method. Tor protects clients from being surveilled or monitored by the security agencies and technology companies but if you are fool enough to give them the identity information about yourself It isn’t TOR’s fault. As what happens with (Ross Ulbricht) who uses his personal Gmail in Silk Road. Tor’s developers thought that this attack starts by infiltration using undercover agents in their hidden services who are gathering intel about the owners of these Darknet websites so they can track them solely and manually using another techniques of Eavesdropping While Tor dose provide protection against traffic analysis but It can’t prevent correlations at the boundaries of the TOR network, and here is some Eavesdropping Techniques Used: 1. Autonomous System (AS) eavesdropping: if the routing of Tor is in the same AS, the system can correlate the traffic between the entry and the exit nodes so Tor has to avoid choosing the nodes in the same Autonomous System. 2. Exiting Node eavesdropping: since the channel between the exit node the destination doesn’t use encryption as SSL or TLS, attackers can intercept this traffic and monitor the data transfer to know any information about the data or the source 3. Traffic Analysis Attack: two researchers Murdoch and Danezis presented an article in 2005 about traffic analysis techniques that allow attacker with only partial knowledge of the network to guess the nodes used in the Tor relays 4. Bad Apple Attack: this method consists of two parts the first is to exploit an insecure application and the second part is to associate this insecure application with another secure application to know the user’s IP address, this name came from this sentence “One bad apple spoils the bunch”
5. Heartbleed Bug: It’s a security bug in the OpenSSL cryptography library which is used in the TLS protocol, Tor project recommended that Tor nodes and the Hidden Services administrators has to generate fresh keys after patching OpenSSL. And there are more another methods to eavesdropping the Tor network, such as: Sniper Attack and some protocols expose the IP addresses especially at the exit node. But in spite of all those weaknesses in TOR, It still the most resilient and classified as the one of the most hardest networks to be analyzed and monitored by classic and normal softwares or normal techniques, and if you are careful enough to not present any information that could lead to your identity, Tor will keep you safe from being tracked and also many developers works in Tor project to enhance its security and anonymous systems against any attacks. 8. The References: 1. Wikipedia Articles: 1) Network Surveillance 2) PRISM (surveillance program) 3) Tor (anonymity) 4) Onion Routing 5) Mix-Networks 6) Dark Web 7) Silk Road 8) Operation Onymous 2. Videos: 1) How Tor Works - A Compute Cycle Deep Dive 2) Inside The Darknet ( Documentary 2014) 3) The Deep Web ( Documentary 2015) 4) The Tor Project, protecting online anonymity – Jacoub at TEDx 3. Books: 1) Network Security Illustrated - 2004 - (How Mix-Networks works) 4. Tor Project’s Website: 1) Who uses Tor 2) Thoughts and Concerns about Operation Onymous

Recommandé

Firewall
FirewallFirewall
FirewallApo
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network) Netwax Lab
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationTayabaZahid
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)sonangrai
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationyogendrasinghchahar
 
What is firewall
What is firewallWhat is firewall
What is firewallHarshana Jayarathna
 

Recommandé

Firewall
FirewallFirewall
FirewallApo
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network) Netwax Lab
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationTayabaZahid
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)sonangrai
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationyogendrasinghchahar
 
What is firewall
What is firewallWhat is firewall
What is firewallHarshana Jayarathna
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORKRishikese MR
 
Https presentation
Https presentationHttps presentation
Https presentationpatel jatin
 
Network security
Network securityNetwork security
Network securityNkosinathi Lungu
 
Ppt
PptPpt
PptGeetu Khanna
 
TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer SecurityByronKimani
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Virtual private network(vpn)
Virtual private network(vpn)Virtual private network(vpn)
Virtual private network(vpn)sonalikasingh15
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYJASHU JASWANTH
 
Proxy Presentation
Proxy PresentationProxy Presentation
Proxy Presentationprimeteacher32
 
Tor Presentation
Tor PresentationTor Presentation
Tor PresentationHassan Faraz
 
Firewall
FirewallFirewall
FirewallMuhammad Sohaib Afzaal
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network mainKanika Gupta
 
Packet sniffer repot
Packet sniffer repotPacket sniffer repot
Packet sniffer repotKunal Thakur
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)Avinash Nath
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon KNisha Menon K
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The DarknetAhmed Mater
 
Vincent O. Mwando - Encryption
Vincent O. Mwando - EncryptionVincent O. Mwando - Encryption
Vincent O. Mwando - EncryptionVincent Mwando
 

Contenu connexe

Tendances

Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Https presentation
Https presentationHttps presentation
Https presentationpatel jatin
 
TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer SecurityByronKimani
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Virtual private network(vpn)
Virtual private network(vpn)Virtual private network(vpn)
Virtual private network(vpn)sonalikasingh15
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYJASHU JASWANTH
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network mainKanika Gupta
 
Packet sniffer repot
Packet sniffer repotPacket sniffer repot
Packet sniffer repotKunal Thakur
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)Avinash Nath
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon KNisha Menon K
 

Tendances (20)

Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
 
Https presentation
Https presentationHttps presentation
Https presentation
 
Network security
Network securityNetwork security
Network security
 
Ppt
PptPpt
Ppt
 
TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer Security
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
 
Virtual private network(vpn)
Virtual private network(vpn)Virtual private network(vpn)
Virtual private network(vpn)
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Wireshark
WiresharkWireshark
Wireshark
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
 
Proxy Presentation
Proxy PresentationProxy Presentation
Proxy Presentation
 
Tor Presentation
Tor PresentationTor Presentation
Tor Presentation
 
Firewall
FirewallFirewall
Firewall
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network main
 
Packet sniffer repot
Packet sniffer repotPacket sniffer repot
Packet sniffer repot
 
FIREWALL
FIREWALL FIREWALL
FIREWALL
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon K
 

Similaire à Tor project and Darknet Report

Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The DarknetAhmed Mater
 
Vincent O. Mwando - Encryption
Vincent O. Mwando - EncryptionVincent O. Mwando - Encryption
Vincent O. Mwando - EncryptionVincent Mwando
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
FreeSpeak- Anonymous messaging over on-demand cloud services
FreeSpeak- Anonymous messaging over on-demand cloud servicesFreeSpeak- Anonymous messaging over on-demand cloud services
FreeSpeak- Anonymous messaging over on-demand cloud servicesPablo Panero
 
Dark Web Kristin Finklea Specialist in Domestic Se
Dark Web Kristin Finklea Specialist in Domestic SeDark Web Kristin Finklea Specialist in Domestic Se
Dark Web Kristin Finklea Specialist in Domestic SeOllieShoresna
 
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...Maurice Dawson
 
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptxdarkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptxGeetha982072
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsBiagio Botticelli
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementationINSIGHT FORENSIC
 
Revision Terrorist And Rebel Use Of It (David & Jorge)
Revision Terrorist And Rebel Use Of It (David & Jorge)Revision Terrorist And Rebel Use Of It (David & Jorge)
Revision Terrorist And Rebel Use Of It (David & Jorge)itgsabc
 
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...Matthew Kurnava
 
Deeplight Intelliagg
Deeplight IntelliaggDeeplight Intelliagg
Deeplight IntelliaggGavin O'Toole
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersBrent Muir
 
Security Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of ThingsSecurity Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of ThingsMaurice Dawson
 
Dark Web1.docx
Dark Web1.docxDark Web1.docx
Dark Web1.docxmayurbokan
 
Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Marcus Leaning
 
A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...IAEME Publication
 

Similaire à Tor project and Darknet Report (20)

Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
 
Vincent O. Mwando - Encryption
Vincent O. Mwando - EncryptionVincent O. Mwando - Encryption
Vincent O. Mwando - Encryption
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
FreeSpeak- Anonymous messaging over on-demand cloud services
FreeSpeak- Anonymous messaging over on-demand cloud servicesFreeSpeak- Anonymous messaging over on-demand cloud services
FreeSpeak- Anonymous messaging over on-demand cloud services
 
Dark Web Kristin Finklea Specialist in Domestic Se
Dark Web Kristin Finklea Specialist in Domestic SeDark Web Kristin Finklea Specialist in Domestic Se
Dark Web Kristin Finklea Specialist in Domestic Se
 
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
 
Cyber Crime Challanges
Cyber Crime ChallangesCyber Crime Challanges
Cyber Crime Challanges
 
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptxdarkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
darkwebbbvxvbjvccjjbvcgjnbvvvbnhc nmk.pptx
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing Protocols
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
Revision Terrorist And Rebel Use Of It (David & Jorge)
Revision Terrorist And Rebel Use Of It (David & Jorge)Revision Terrorist And Rebel Use Of It (David & Jorge)
Revision Terrorist And Rebel Use Of It (David & Jorge)
 
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
 
Network Security
Network SecurityNetwork Security
Network Security
 
Anonymizers
AnonymizersAnonymizers
Anonymizers
 
Deeplight Intelliagg
Deeplight IntelliaggDeeplight Intelliagg
Deeplight Intelliagg
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
 
Security Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of ThingsSecurity Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of Things
 
Dark Web1.docx
Dark Web1.docxDark Web1.docx
Dark Web1.docx
 
Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR
 
A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...A framework for practical vulnerabilities of the tor (the onion routing) anon...
A framework for practical vulnerabilities of the tor (the onion routing) anon...
 

Dernier

1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Pooja Nehwal
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...anjaliyadav012327
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 

Dernier (20)

1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 

Tor project and Darknet Report

  • 1. Tor Project and The Darknet Computer Networks By: Ahmed Motair El Said Mater 4th year Computer and Systems Dept. Presented to: Dr. Nesreen I. Zidan
  • 2. Contents: 1. Introduction 2. The Network Surveillance 3. The Creation of Tor 1. Dr. David Lee Chaum (Mix Network Approach) 2. Paul Syverson (The Onion Router Approach) 4. The Usage of TOR (Legal Hidden Services) 5. What is the Darknet (Illegal Hidden Services) 6. Internet vs Deep web vs Darknet 7. Attacks on TOR Network (Operation Onymous) 1. Introduction: Tor is a free software used to protect privacy against internet surveillance. It provides the user full anonymity so that the Technology companies and ISP companies can’t track back its traffic. Internet Surveillance has spread in a wide range maybe It’s done by some websites which monitor your internet traffic, analysis it and save it in their databases in a special profile dedicated for you which can be useful in the next future or It could be done by the governments who collect intel about the citizen claims to be for maintaining the security in the country. This data is very sensitive as it may contain private details about people which no one has to know about, but the technology companies on the other hand make use of this data and sell it to the advertising companies or may be sent to an intelligent agency or the government in the country as a part of a surveillance project. This leads to thinking about Tor which is designed to protect the users from being surveilled by other companies or agencies or governments. Now using Tor you can surf the internet freely without any worries of surveillance or traffic monitoring. Tor is the acronym of “The Onion Router” which is the technique used to protect the users traffic from being monitored and hide their real identity. The Onion Routing -in a brief- is working very simple where the message is encrypted several times, send over several nodes, at each node one encryption layer is decrypted and send to the next node until it reaches the
  • 3. last node with the last encryption layer which is decrypted and now we have the message and the destination address and this node starts to send the it to the destination so any traffic analysis will think that this last node is the sender but actually it isn’t. Although the Tor Network was intended to help people protect their privacy and their traffic from being surveilled but also this powerful secure tool is used for an evil purpose in which criminals uses it to hide their identities while committing crimes and a black side in the internet has emerged “The Darknet”. It’s the place where so many illegal activities take place on the internet such as selling drugs, hiring murders, piracy, pornography, gambling and all kind of fraud… etc. Tor is praised for providing that strong privacy and anonymity by computer security researchers and agencies of the NSA who said: “It’s the King of high-secure, low-latency internet anonymity”. But on the other hand It’s not 100% secure specially for close and manually monitoring of Tor users and some other means such as targeting outdated versions of Firefox browsers codenamed Egotistical Giraffe or implementing a vulnerable software on a Tor user’s computer, Tor network has also suffered a great attack known as the “Operation Onymous” which has been led by the some security agencies such as FBI, NSA, DHS, DEA and more other law enforcements to shut down some black markets in the Darknet such as: Silk Road and Hydra. 2. The Network Surveillance: Most of the technology companies are monitoring the internet traffic of their customers while surfing the internet. Not only the Technology companies but also many of the government agencies around the world under projects which is considered mass surveillance over the society, the internet users and even the data over the cell phones too. First we will talk about How the network surveillance is done: Packets of data are sent over the network which are moving from one node to another along the path from its source until it’s assembled at its destination. During this routing the companies put a computer program or may be a piece of
  • 4. hardware that intercept the data movement or may be a hardware, These are called Packet Capture or Packet Sniffing. This Packet Capture is an application can intercept the data transferred over the network and also log all the traffic. It also has the ability to capture the packet, copy, decode its raw data and know its content and after analyzing this data it saves the information to a profile. Edward Snowden is a computer security professional, former CIA employee and former government (NSA) contractor. On June, 6 2013, Edward has leaked a very sensitive documents to The Guardian and The Washington Post that proves the existence of mass data collection projects that were more far beyond what the public knew. He characterized these projects with “Dangerous” and “Criminal” activity, One of these projects is known as PRISM which is a secret surveillance program under the supervision of the National Security Agency (NSA) which collects the data traffic of the users from at least nine major internet company in the USA. With the help of more other technology companies that participate in this project such: Microsoft in 2007, Yahoo! in 2008, Facebook in 2009, Paltalk in 2009, Google in 2009, YouTube in 2010, Skype in 2011, AOL in 2011 and Apple in 2012. The documents leaked by Edward indicate that 98% of the PRISM production is based on Yahoo, Microsoft and Google. After the revealing of this important documents by Edward the public has made a wide range of outcry over these technology companies that helped the NSA in its spying project which led to a great lose for these companies. The loss is estimated in the cloud-based computing systems up to 35 million dollars in the next three years especially: Google, Cisco and AT&T. In an interview with The Guardian, Snowden said: “I don’t want to live in a society that does these sort of things”
  • 5. PRISM Overview PRISM was just an example for one of the surveillance projects but there are more other projects such as: MUSCULAR (DS-200B), DCSNet, X- Keyscore, Stellar Wind ,….. etc. The Advantages of the Network Surveillance: 1. It helped some countries to maintain its security and prevent some crimes or any illegal activities in their countries. 2. Also most of the Social Media Websites such as Twitter, Facebook, YouTube…. etc. enable people to contact and communicate with friends, family and get new friends everyday
  • 6. The Disadvantages of the Network Surveillance: 1. If these data are leaked into the wrong hand it will threaten the life of many people because of the very sensitive private details 2. Some of the journalists and whistleblowers uses the internet to transfer very important document about corruption in some companies so if their identities are known they will be in danger Finally we can see that Surveillance is a double-edged weapon that may be useful to protect the national security of the country but it may go beyond this to threaten people life. 3. The Creation of TOR : 1. Mix-Networks Approach: The story begins with Dr. David Lee Chaum who is considered the father of anonymity. He is a cryptographer and the inventor of many cryptographic protocols. In the early 1980s, He was very ahead of his time as he predicted that in the next 15 or 20 years the privacy of the user on the internet won’t be private and the world with computer networks and the great progress in computer abilities will make the idea of mass surveillance possible. Although it was early in his time but he started working on an idea that could protect the user from being surveilled and he called it “Mix Networks”. The Mix Networks Routing Protocols: they are routing protocols that work on making the user anonymous while using the internet. In general, they create a hard-to-trace communications between nodes by encrypting the messages coming from multiple nodes and send them to a node which decrypts the layer of encryption, shuffle them and send them to their destinations in a random order. Due to the separation between the sender and receiver it becomes harder for the packet analyzer to determine the sender or the receiver of which message sent over the network.
  • 7. The Mix Networks in detail: For Example: we have 4 nodes (A, B, C and D) and each node has a message to be sent. 1. Each message is encrypted using a public key cryptography to each proxy which result in a layer of encryption and not only one layer but they are 3 layers of encryption, this is similar to the Russian Doll (Matryoshka). - The message and the destination are in the inner most of the packet - Each layer has packet encrypted and the address of the next node - The whole packet is routed over several nodes (called mixers) 2. At the first Node : Let’s start with message A as example, when the message A reaches the first node (first mixer), the first layer is decrypted using its Private key, and it waits until another messages are received in this node and added to the waiting queue. 3. After receiving a bunch of messages they are shuffled and sent in a random order to the second node (second mixer). 4. The second mixer receives each message and decrypt the second layer of encryption using its private key and determine the next destination and waits for more messages to shuffle them and send them in random order to the third mixer.
  • 8. 5. Finally at the third mixer, the messages are received and the final layer of encryption is decrypted, now we have the messages and the addresses of their destination where they will be sent to. The security in this method is that at each mixer: 1. The sender and the destination aren’t real and the packet is encrypted 2. The incoming messages and outgoing one aren’t in the same order 3. The content of messages look different Those makes it difficult for the Hacker or the Attacker to correlate between the incoming and outgoing messages at each mixer. At the beginning, when David Chaum thought about this method it was based on mixing the messages at one node (one mixer), that was a major flaw as if the hacker comprised the shuffled message at that mixer then he can know the sender and the receiver that will reveal the identity of the user, and the solution to this problem is to chain a bunch of mixers that will make it more difficult for the hacker to comprise all the mixer to defeat the anonymity provided by this approach. Although the Mix-Networks Approach is successful in making the user more anonymous but there is some disadvantages such as: 1. Latency: as the message needs to wait for another more messages to shuffle and hide between them. 2. Complexity: as to make the network more secure you have to increase the number of the mixers. 2. The Onion Router Approach: In the mid-1990s, the US Naval Research Laboratory has worked on a project which is its purpose is to protect the US intelligence communications online from being monitored or surveilled by the technology company or any other traffic tracker. Paul Syverson, Michael Reed, David Goldschlag, Nick Mathewson and Roger Dingledine are mathematicians and computer scientists who worked on the TOR project.
  • 9. - In 1997 the Onion Routing is developed by DARPA - On 20 Sept 2002 The Onion Router or TOR Project is launched - On 13 August 2004 TOR 2nd Generation is presented - In 2004 US Naval Research Lab released the code of TOR under the free license - In 2006 the Electronic Frontier Foundation (EFF) begun funding the TOR project as a non-profit organization by Dingledine and Mathewson and five others Dr. Paul Syverson continued the work of Dr. David Chaum in the anonymity and overcome the disadvantages in his approach, by not depending on collecting some messages but routing the message through some anonymous users. According to his method, He can’t be anonymous alone but he needs more anonymous users to be anonymous with them and this is will build the TOR Network. The Onion Routing aims to conceal the identity of the user and his activity from any network surveillance by routing his packet through a volunteering worldwide network of servers which makes it difficult on the attackers from monitoring the internet traffic. Now How the Onion Routing works in details? First we have to describe the environment of the TOR Network in which we have a Sender node (Let’s say its Alice’s Computer) and a network of anonymous TOR clients (the Clients with the + sign) and we have a Destination (Let’s say its Bob’s Computer)
  • 10. So what will happen if Alice want to send a message to Bob 1. The routing path has to be constructed by sending a request from the sender to a Central Server (It’s the node that has information about the Tor nodes sometimes called Directory Node), It replies with a set of Tor nodes which we call them Circuit or Chain This Circuit consists of 3 nodes: 1. The 1st node is called the Entry Node 2. The 2nd node is called the Middle Node 3. The 3rd node is called the Exit Node 2. The Sender (Alice) will make a Node to Node connection with the Entry Node by sending a creation request with a Node to Node Key (Let’s call it ID1) which is only know by the Entry Node and the Sender only, then the Entry Node replies with circuit created. 3. Now we have a secure path from Alice to the Entry Node. 4. Then Alice continue in creating the Path by sending an extend request to the Entry Node with the address of the next node. 5. The Entry Node will make a Node to Node connection with the Middle Node by sending a creation request to the Middle Node with a Node to Node key (Let’s say ID2) which is only known by the Entry Node and Middle Node only and the Sender doesn’t know it, then the Middle Node replies with circuit created. 6. Now for the last circuit, The sender send an extend circuit request to the Entry Node with the address of the next Node which will send another extend circuit request to the Middle Node with the address of the next Node
  • 11. 7. The Middle Node will send a creation request to the Exit Node with a Node to Node Key (Let’s say ID3) which is only known by the Middle Node and the Exit Node, and the Sender and the Entry Nodes doesn’t have to know it, then the Exit Node replies circuit created 8. The previous steps are only to establish a secure circuit between nodes but until now no data has been sent over the circuit, this last figure represents the secure channel where the data will be sent. 9. Now the Circuit is complete let’s send the Data, The Sender will encrypt the data with the three layers of encryption as in (Chaum Mix-Networks) and each Node has a different private key to decrypt one of these layers of encryption. 10. When the data reach the exit node and the final layer of encryption is decrypted, the Exit Node now have the message and the destination. It will establish a connection between it and the destination node to send the message, this node will seem to others as it’s the real sender but in fact it isn’t.
  • 12. Some Notes on The Onion Router: 1. Each Node from the 3 nodes can’t send to or receive from except the previous node and the next node, also it can’t see the full circuit ex: the Middle node can deal only with the Exit and Entry Node and don’t know anything about the Sender or the Destination nodes. 2. Each connection between any two adjacent nodes is secured with a unique ID for transferring, and no other nodes know about this ID. 3. The Packet is encrypted multiple times with a unique public key and its corresponding private key is found at one of the nodes in the circuit. 4. If we want more security we can increase the number of the routing nodes but it will cause more delay in the data transfer due to the more encryption and decryption and connection creating. The Advantages of TOR: 1. Tor is considered a strong security tool against surveillance 2. It’s the low latency anonymity network 3. Unlike Mix-Networks, the message doesn’t have to wait for more messages The Disadvantages of TOR: 1. It isn’t safe against end-to-end correlation (attacks at the boundaries of Tor network) and manual traffic analysis. 2. It’s slow as the message is routed many times 3. Some ISP tries to search and block Tor relays 4. The Usage of TOR: TOR enables users to surf the internet freely without any traffic analysis or being afraid from surveillance. Users can chat or communicate anonymously using Tor. But Tor is considered a double-edged weapon in which some users use it in legal and illegal purposes. A common question is asked, why someone needs to be anonymous on the internet. The first thought that comes to mind that he is up to something illegal or maybe he is paranoid about privacy, but you be wrong about that as Tor helps many people for good and legal purposes.
  • 13. The websites hosted by the Tor Servers (Tor nodes) are called (Hidden Services) they can’t be accessed by the IP address or a normal address but with an encrypted address called the onion address. Who uses TOR (Legal Hidden Services)? 1. Normal people: uses it to protect their privacy from being monitored by the companies, also to protect their private life issues from being surveilled and sold!!!! Also protecting their daily movements from being known. If this information are known, it may cause dangers for the family members. 2. Journalists: who report sensitive information over the internet, especially if this information could reveal the corruption of someone or companies so their identity must be kept secret. 3. Law enforcement officers: when tracking illegal sites on the internet, some officers are exposed to danger if their identities are known. So they uses Tor in their operations. 4. Activists: uses Tor to hide their identities, so they can communicate more secure without being monitored by the government. They used Tor in wide range especially in the Arab Spring in the middle east, all the Human Right organizations recommend Tor for the safety of the activists. 5. Whistleblowers: as for the activist, also Whistleblowers uses Tor to report their sensitive information, many of them are being pursued and wanted by the governments so keeping their identities hidden is very important. 6. Government organizations: uses Tor for their communications especially between agents in different countries. So the agents can report information safely without being tracked or the information surveilled. It is worth to be mentioned one of the most famous Hidden Services in the Tor network which is “WikiLeaks”. It’s an International non-profit journalist’s organization that publishes secret sensitive information, classified media from anonymous users and
  • 14. news leaks related to some countries that shows their corruption reveal the truth about many missions. Julian Paul Assange is an activist, computer programmer and a hacker who hacked into the databases of many high profile organizations, and on October 2006, he started working on WikiLeaks a website that intended to collect and share confidential leaked documents, and start to encourage more activists all over the world to send more leaked documents using Tor that keep their identities safe from the governments. One of the famous leaks shared in the web site is the documents of (Iraq war & Afghan war) in 2010. They released a U.S. military manual that provided detailed information on the Guantanamo detention center and they were referred to it with “The largest leak of classified documents in the history” Those leaks outraged the US and UK governments so they put Assange under investigation and now he granted a political asylum by the Embassy of the Ecuador in London. These are examples of the Legal uses of the Tor network but on the other hand some people have misused Tor for illegal purposes and releases what is known by the Darknet 4.What is The Darknet? The Darknet is a vast amount of Hidden Services or Websites which is related to the criminal activities and all the illegal activities on the internet, Its Content isn’t indexed by the search engines and can’t be accessible direct by their addresses but they need special software such as Tor or some configurations. Some of the users refer to the Tor Darknet with the “OnionLand”.
  • 15. What is the Content of the Darknet (Illegal Hidden Services)? 1. Black Markets: are markets to sell all the illegal stuff such as: Drugs, Guns and stolen stuff and so on, they have made use of the anonymous tools to build these markets such as Tor and Bitcoin, but the most interesting about these black markets are about making reviews and ratings for the items, the Most famous Black Market is (Silk Road). 2. Hacking Services: as Tor is hidding the identity of the users, many hackers are using Tor for their attacks so they can’t be identified, and where they offer their services. One of the famous Hacking groups is (Anonymous). 3. Fraud: like the black market, Tor is used for fraud activity and selling stolen credit cards and bank accounts, also many websites that works for scams and counterfeiting. 4. Hitmen for Hire: some murders offer to kill people using Tor so they can keep their identities safe on these websites of the Darknet, some may refer to this as (Assassination Market) where people offer money for the assassination of someone. 5. Illegal Pornography: some websites include contents of child pornography under the legal age of 18, also revenge porn, sexualized torture. Some of these sites is full of harmful malwares. 6. Terrorism: some groups uses Tor to commit crimes and kill innocence peoples such as (ISIS – Daesh), During the Onymous Operation one of their websites has been seized and another one is hacked by the Group (Anonymous) in November 2015 after the Paris attacks. 7. Copyright Infragment: using some tools such as Tor, BitTorrent and other peer-to-peer file sharing tools, some users share copyrighted items such as books, films, videos, and more other copyrighted items. The Most famous file sharing sites (The Pirate Bay)
  • 16. 8. The Hidden Wikis: Its main page includes many links to many illegal advertises such as drugs, guns, fraud, hiring murders, hacking services but the most of them is child abuse advertises which raged many Hacking groups such as: Anonymous and they said: “It does not matter who you are, if we find you to be hosting, promoting, or supporting child pornography, you will become a target” With the presence of anonymous tools such as Tor (for anonymous identity) and Bitcoin (as an anonymous virtual currency), a black market becomes no big deal where you can buy and sell without being tracked or known, but we have to consider that Tor has its own legal usages to such as protecting Journalists and activists who work to reveal the truth such as the news shared by WikiLeaks, also for protecting users from surveillance and their privacy from being monitored. It isn’t the fault of Tor that the criminals are using it for their illegal purposes, The story begins when the agencies all over the world are gathering information about every citizen in their countries and working on mass surveillance projects to gain control over the people. “Now the criminals have the privacy and they became very powerful” Some Comments about the Darknet: 1. Criminals can already do bad things. Since they're willing to break laws, they already have lots of options available that provide better privacy than Tor provides.... 2. Tor aims to provide protection for ordinary people who want to follow the law. Only criminals have privacy right now, and we need to fix that....
  • 17. 6. The Internet, Deep Web and Darknet: You must have heard about those terms and they seem to be confusing so we are going to explain them in details: 1. The Internet: It’s the ordinary part accessible by everyone and indexed by the search engines such as: Facebook and Wikipedia and other websites, it may be called the Ordinary or the Surface Web too. 2. The Deep Web: It’s the part that can’t be accessible by searching as it isn’t indexed by the search engines, and to access any site of it you have to log on to it direct using its address such as: Academic information and Bank databases, It’s very large for the search engines to cover, and It’s larger than the internet too. 3. The Darknet: It’s a subset of the Deep Web which mean that it’s unindexed by the search engines too so you can’t search for them using Google or Bing or other search engines, but they differ from the Deep Web as they need special configuration and authentication to gain access to them, and they seem to be associated with criminal activities such as: Hire-for-hit, Drugs, Fraud, Pornography and Gambling, and so on.
  • 18. 7. Attacks on TOR (Operation Onymous): “TOR Stinks” was a headline in a classified slide deck in a leaked document from the NSA by Edward Snowden, It also said: “We will never be able to de-anonymize all Tor users all the time” but on the other hand “With manual analysis we can de- anonymize a very small fraction of Tor users”. Some people claim that Tor isn’t safe especially after the recent attacks and closure of some black markets such as: Silk Road and the arrest of their Administrators, so Is it really safe to use Tor without being monitored? In October 2013, after analyzing the leaked documents of the NSA by Snowden, The Guardian reported that NSA tried many times to crack the Tor network and failed due to its powerful security. So How Websites as Silk Road are shut down? Before that we will talk first about Operation Onymous: It’s the largest attack that Tor has ever faced since its creation, it was led by the US and European security agencies who worked hard to infiltrate the Tor network and bring its black markets down, their main target was Silk Road. It took about 2 years of investigation and gathering intel but finally the Attack was very successful as in October 2013 The FBI had shut down the biggest black market Silk Road and arrested its Administrator who is known as
  • 19. “Dread Pirate Roberts” with real name “Ross William Ulbricht”. Ross fall due to a mistake as he is using his e-mail address rossulbricht@gmail.com and The FBI agents starts to link it with his Google+ and YouTube accounts and his LinkedIn profile until they got many evidences, arrested him and was sentenced to life in prison without possibility of parole, the FBI described this website as: “The most sophisticated and extensive criminal marketplace on the Internet today” They have also seized over 400 Websites beside Silk Road such as: Hydra and Cloud 9 and Other Sites which involved criminal activities such as money laundering and fraud, also the attack has involved the arrest of 17 Administrators and seized millions of dollars in Bit coins beside drugs and the illegal stuff. The Question now, after this huge attack on the Tor network Is Tor really make us anonymous? and How these sites are brought down? The Law enforcement are very secretive about the way and tools they uses in that attack as Troels Oerting who is the Head of the European Cybercrime Centre EC3 said: “This is something we want to keep for ourselves. The way we do this, we can’t share with the whole world, because we want to do it again and again and again” No one until now know how did they cracked the Tor network but on the other hand Tor’s developers gave some possibilities: 1. Poor Operation security: one of the most obvious explanation for the success of the attack is the poor administration of the websites, most of the Administrators was careless in hiding their identities, there are some reports of one of the websites that has been infiltrated by undercover agents such as (Silk Road) 2. SQL Injections: most of the websites are quickly coded but not well coded, and many of them have many bugs which is a very big problem this helps the attacker to gain information about the administrator.
  • 20. 3. Bitcoin de-anonymization: Ivan Postogarov has recently worked on a method for de-anonymizing the Bitcoin and get the traffic transactions of the clients who uses it, although it need some requirements to successfully track the clients but may be some clients have fallen victims to this method. Tor protects clients from being surveilled or monitored by the security agencies and technology companies but if you are fool enough to give them the identity information about yourself It isn’t TOR’s fault. As what happens with (Ross Ulbricht) who uses his personal Gmail in Silk Road. Tor’s developers thought that this attack starts by infiltration using undercover agents in their hidden services who are gathering intel about the owners of these Darknet websites so they can track them solely and manually using another techniques of Eavesdropping While Tor dose provide protection against traffic analysis but It can’t prevent correlations at the boundaries of the TOR network, and here is some Eavesdropping Techniques Used: 1. Autonomous System (AS) eavesdropping: if the routing of Tor is in the same AS, the system can correlate the traffic between the entry and the exit nodes so Tor has to avoid choosing the nodes in the same Autonomous System. 2. Exiting Node eavesdropping: since the channel between the exit node the destination doesn’t use encryption as SSL or TLS, attackers can intercept this traffic and monitor the data transfer to know any information about the data or the source 3. Traffic Analysis Attack: two researchers Murdoch and Danezis presented an article in 2005 about traffic analysis techniques that allow attacker with only partial knowledge of the network to guess the nodes used in the Tor relays 4. Bad Apple Attack: this method consists of two parts the first is to exploit an insecure application and the second part is to associate this insecure application with another secure application to know the user’s IP address, this name came from this sentence “One bad apple spoils the bunch”
  • 21. 5. Heartbleed Bug: It’s a security bug in the OpenSSL cryptography library which is used in the TLS protocol, Tor project recommended that Tor nodes and the Hidden Services administrators has to generate fresh keys after patching OpenSSL. And there are more another methods to eavesdropping the Tor network, such as: Sniper Attack and some protocols expose the IP addresses especially at the exit node. But in spite of all those weaknesses in TOR, It still the most resilient and classified as the one of the most hardest networks to be analyzed and monitored by classic and normal softwares or normal techniques, and if you are careful enough to not present any information that could lead to your identity, Tor will keep you safe from being tracked and also many developers works in Tor project to enhance its security and anonymous systems against any attacks. 8. The References: 1. Wikipedia Articles: 1) Network Surveillance 2) PRISM (surveillance program) 3) Tor (anonymity) 4) Onion Routing 5) Mix-Networks 6) Dark Web 7) Silk Road 8) Operation Onymous 2. Videos: 1) How Tor Works - A Compute Cycle Deep Dive 2) Inside The Darknet ( Documentary 2014) 3) The Deep Web ( Documentary 2015) 4) The Tor Project, protecting online anonymity – Jacoub at TEDx 3. Books: 1) Network Security Illustrated - 2004 - (How Mix-Networks works) 4. Tor Project’s Website: 1) Who uses Tor 2) Thoughts and Concerns about Operation Onymous