Article

Manish Kumar*, Dr. M Hanumanthappa**, and Dr. T V Suresh Kumar***

*Assistant Professor, Department of MCA, M S Ramaiah Institute of Technology, MSR Nagar, MSRIT Post, Bangalore 560 054, Karnataka, INDIA,
** Associate Professor, Dept. of Computer Science and Applications, Jnana Bharathi Campus, Bangalore University, Bangalore -560 056, INDIA
***Professor & Head, Dept. of Master of Computer Applications, M. S. Ramaiah Institute of Technology, Bangalore-560 054

Deep Web
The Underworld of Cyberworld
While the world is thriving on the
enormous possibilities and expansions
that Internet can provide to us in the years
to come, there is a hidden universe that
exists behind this technology. It will be apt,
if I say its Underworld of Cyberworld.

to combat this growing menance, inspite

of being aware of their existence. To
understand this whole mess which exists
under the hood, we need to understand
about some technologies, which were
developed for the good cause, but got

Experts estimation claims that deep web can be up to 200

times larger than the surface Internet, and it allows people to
communicate without detection.
I am talking about deep web (also
known as hidden web or Tor services).
What Google is capable of, merely
scrapes the surface of what Deep Web
really has. Experts estimation claims
that deep web can be up to 200 times
larger than the surface Internet, and it
allows people to communicate without
detection. What happens in a cyber world
where people can slip in and out of sites,
which shift every now and then without
leaving any permanent trace. This is where
child trafficking, drug peddling, people
offering hitmen services, and threads on
how to build bombs are available. From
counterfeit and stolen products, to illegal
drugs, stolen identities, and weapons,
nearly anything can be purchased online
with a few clicks of the mouse. The online
black market not only can be accessed
by anyone with an internet connection,
but the whole process of ordering illicit
goods and services is alarmingly easy
and anonymous. Its a dark world of the
internet, where majority of the worlds
population are oblivious to.
The most surprising thing is that law
enforcement agencies are almost helpless

exploited by the ill minded anti social

elements.
Before continuing our walkthrough
towards these technologies, I would
like to say, we are NOT endorsing these
activities. This information can help

the internet starts with two open source

programs: Tor browser and Bitcoin. Tor
browser gives platform to the user for
anonymous communication, and Bitcoin
work as an online currency for nancial
transaction for illicit purpose. The next
section will give you the overall idea about
these technologies which will help you
to understand the whole scenario of this
darknet.

TOR The Onion Routing

Tor was originally designed, implemented,
and deployed as a third-generation onion
routing project of the U.S. Naval Research
Laboratory. It was originally developed
with the U.S. Navy in mind, for the primary
purpose of protecting government
communications. Tor was nancially
supported by the Electronic Frontier

Tor aims to conceal its users' identities and their network activity
from surveillance and traffi c analysis by separating identi
cation and routing. It is an implementation of onion routing,
which encrypts and then randomly bounces communications
through a network of relays run by volunteers around the globe.
security professionals to understand
how stolen identities and credit cards
are used, how products are fenced or
distributed illegally, and more. Unless until
we understand about this hidden activity,
we cannot develop any counter measure
techniques to prevent it. So objective of
this article is to spread the awareness in
the computer professional society, and
igniting the professionals to come out with
their novel ideas to combat it.
A journey into the darker side of

A journey into the darker side of the internet starts with two
open source programs: A Tor browser and Bitcoin. Tor browser
gives platform to the user for anonymous communication, and
Bitcoin work as an online currency for nancial transaction for
illicit purpose.

Foundation of U.S. from 2004 to 2005.

Tor software is now developed by the
Tor Project, which has been a researcheducation nonprot organization based in
U.S. since December 2006.
Tor aims to conceal its users'
identities and their network activity
from surveillance and traffic analysis by
separating identication and routing. It is
an implementation of onion routing, which
encrypts and then randomly bounces
communications through a network of
relays run by volunteers around the globe.
These onion routers employ encryption in
a multi-layered manner (hence the onion
metaphor) to ensure perfect forward
secrecy between relays, thereby providing
users with anonymity in network location.
Tor is a network of virtual tunnels that
allows people and groups to improve
their privacy and security on the Internet.
Individuals use Tor to keep websites from

CSI Communications | March 2013 | 23

Bitcoin is an experimental new digital currency that enables

instant payments to anyone, anywhere in the world. Bitcoin uses
peer-to-peer technology to operate with no central authority:
managing transactions and issuing money are carried out
collectively by the network.
tracking them and their family members,
or to connect to news sites, instant
messaging services, or the like when
these are blocked by their local Internet
providers. Tor's hidden services let users
publish web sites and other services
without revealing the location of the
site. Individuals also use Tor for socially
sensitive communication. Journalists
use Tor to communicate more safely
with whistleblowers. Non-governmental
organizations (NGOs) use Tor to allow
their workers to connect to their home
website while they're in a foreign country,
without notifying everybody nearby that
they're working with that organization.

Objectives of TOR
The Tor protects a common form of
Internet surveillance known as "traffic
analysis." Traffic analysis can be used
to infer who is talking to whom over a
public network. Knowing the source and
destination Internet traffic allows others
to track behavior and interests of users.
As we know Internet data packets
have two parts: a data payload and a
header used for routing. The data payload
works on the principle that whatever
is being sent, whether that's an email
message, a web page, or an audio le.
Even if you encrypt the data payload of
your communications, traffic analysis still
reveals a great deal about what you're
doing and, possibly, what you're saying.
That's because it focuses on the header,
which discloses source, destination, size,
timing, and so on.
A basic problem for the privacy is that
the recipient of your communications can
see that you sent it by looking at headers,

so can authorized intermediaries like

Internet service providers and sometimes
unauthorized intermediaries as well.
There are some more powerful kinds
of traffic analysis. Some attackers spy
on multiple parts of the Internet and use
sophisticated statistical techniques to
track the communication patterns of many
different organizations and individuals.
Encryption does not help against these
attackers, since it only hides the content
of Internet traffic, not the headers.
Tor helps to reduce the risks of both
simple and sophisticated traffic analysis,
by distributing your transactions over
several places on the Internet, so no single
point can link you to your destination. The
idea is similar to using a twisty, hard-tofollow route in order to throw off somebody
who is tailing you and then periodically
erasing your footprints. Instead of taking
a direct route from source to destination,
data packets on the Tor network take a
random pathway through several relays
that cover your tracks, so no observer at
any single point can tell where the data
came from or where it's going.
Well, no doubt that the intention
of Tor development was an anonymous
communication for the good cause, but
the technology has been misused for
illegal activity. It suits the requirements
of cyber criminals and helps them in all
ways to be hidden, but when it comes
for the nancial transaction, tor alone
can not help them to be hidden. When
there is online business, there is online
Transaction. As normal online transaction
is monitored by federal government, it
will reveal the identity of the people doing

The digital monetary system online is predominately operated

by the likes of PayPal, Western Union, and banking companies
that try to follow government regulations to prevent fraud and
money laundering.

CSI Communications | March 2013 | 24

illegal business. To overcome this problem

the cyber criminal uses a different
currency and transaction system known
as Bitcoin. Its a very different technique
for nancial transaction and raises a
challenging issue for the government to
monitor it. Next section will give you a
brief idea that how Bitcoin works without
revealing the identity of the users and
works as a real currency in the cyberworld.

Bitcoin The Digital Currency

Bitcoin is an experimental new digital
currency that enables instant payments
to anyone, anywhere in the world. Bitcoin
uses peer-to-peer technology to operate
with no central authority: managing
transactions and issuing money are carried
out collectively by the network. Bitcoin is
also the name of the open source software
which enables the use of this currency.
Bitcoin is one of the rst
implementations of a concept called
crypto-currency which was rst described
in 1998 by Wei Dai on the cypherpunks
mailing list. Building upon the notion
that money is any object, or any sort of
record, accepted as payment for goods
and services and repayment of debts in a
given country or socio-economic context,
Bitcoin is designed around the idea of
using cryptography to control the creation
and transfer of money, rather than relying
on central authorities.
Bitcoin is system tool that will act as
a personal bank for storing and investing
digital currency on your computer. Once
it's installed on your system, it sits empty
like a piggy bank, waiting to be lled with
untraceable digital cash.
Getting it lled is the tricky part.
The digital monetary system online is
predominately operated by the likes of
PayPal, Western Union, and banking
companies that try to follow government
regulations to prevent fraud and money
laundering. There are two steps to legally
take money and have it converted at the
current Bitcoin rate into BTCs in our digital
and anonymous bank.
You can start by opening a Dwolla
banking account with no fees. You can use
your real information to open the account
as its not an illegal activity. After few
days you will be given a test and have to
identify small transfers in your Dwolla and
personal bank account. Once your account

www.csi-india.org

Tor Servers are now the norm for storing, accessing ,and hiding
illicit activity. Tor's Hidden Servers provide a real insight to an
underground world that once was limited to dark alleys, shady
places, and dangerous criminals.
is conrmed, you can transfer any amount
from your personal bank to Dwolla.
Next you need to set up an account
with the Bitcoin exchanger e.g. MtGox.
After your Dwolla transfer moves to
MtGox, you can use the money to
purchase Bitcoins on the open market for
a small percentage-based fee. Once this
sale is complete, your Bitcoins are best
stored in your own bank account that is
residing digitally on your computer. Now
you are ready to go shopping on the black
market.
Combination of Tor and Bitcoin has
unfortunately served all the purpose of
cyber criminals. Tor Servers are now the
norm for storing, accessing ,and hiding
illicit activity. Tor's Hidden Servers provide
a real insight to an underground world
that once was limited to dark alleys,
shady places, and dangerous criminals.
Much like the internet has expanded our
e-commerce into a borderless global
market, Bitcoins and Tor have made
shopping for illicit goods and services

almost as easy as ordering a gift on eBay

or an iTunes song on your computer.
The level of protection provided by Tor,
makes law enforcement's agencies job for
tracking such activities, next to impossible.

Conclusion
Anonymity has given wings to the cyber
criminals and anonymous digital cash
becomes their strength. The technology
like Tor and Bitcoin has added a potential
threat in cyber community. These are
the new challenges for which adequate
monitoring mechanism should be
developed. We accept that somewhere
anonymity is necessary ,but we should
try to develop a mechanism that unsocial
elements should not be able to use for
illegal activity.

References
[1] Jacob Appelbaum. Tor and NAT
devices: increasing bridge & relay
reach ability or, enabling the use
of NAT-PMP and UPnP by default.
Technical Report 2012-08-001, The

Tor Project, August 2012.

[2] Karsten Loesing. Counting daily
bridge users. Technical Report 201210-001, The Tor Project, October
2012.
[3] Philipp Winter. Design requirements
for a Tor censorship analysis tool.
Technical Report 2013-02-001, The
Tor Project, February 2013.
[4] R Mark Bortner. Cyber laundering:
Anonymous Digital Cash and Money
Laundering. Presented as nal paper
requirement for Law & the Internet
(LAW 745). A seminar at the
University of Miami School of Law1996.
[5] Satoshi Nakamoto. Bitcoin: A Peerto-Peer Electronic Cash System,
Bitcoin Research Paper- 2009
[6] Simon Barber, Xavier Boyen, Elaine
Shi, Ersin Uzun. Bitter to Better
How to Make Bitcoin a Better
Currency. Financial Cryptography
and Data Security. Lecture Notes
in Computer Science Volume 7397,
2012, pp 399-414.
[7] Brandon Gregg. Online black markets
and how they work, 01 May 2012.
http://features.techworld.com/
[8] http://www.torproject.org.in/
[9] https://en.bitcoin.it/
n

About the Authors

Manish Kumar is working as Assistant Professor in Department of Master of Computer Applications, M. S. Ramaiah
Institute of Technology, Bangalore, India. His specialization is in Network and Information Security and Computer
Forensic. He has worked on the R&D projects related on theoretical and practical issues about a conceptual framework
for E-Mail, Web site, and Cell Phone tracking, which could assist in curbing misuse of Information Technology and
Cyber Crime. He is also the president of International Association of Cyber Crime Prevention (India Chapter).
Dr. M Hanumanthappa is currently working as Associate Professor in the Department of Computer Science and
Applications, Bangalore University, Bangalore, India. He has over 15 years of teaching (Post Graduate) as well as
Industry experience. He is member of Board of Studies /Board of Examiners for various Universities in Karnataka,
India. He is actively involved in the funded research project and guiding research scholars in the eld of Data Mining
and Network Security.
Dr. T V Suresh Kumar is working as Professor and Head, Department of Master of Computer Applications and Registrar
(Academic), M S Ramaiah Institute of Technology, Bangalore. He has delivered lectures at various organizations
like Honeywell, SAP Labs, Wipro Technologies, DRDO, Mphasis, Indian Institute of Science (Procience), HCL
Technologies, L&T Infotech, Nokia and various Universities/Academic Institutions. He is actively involved in R&D
projects. He has published several research papers in various National and International Conferences and Journals.

I had plenty of pimples as a kid. One day I fell asleep in the library. When I woke up, a blind man was reading
my face.
~ Rodney Dangereld

CSI Communications | March 2013 | 25