Home » Articles



Research: Identifying bitcoin addresses linked to transactions on darknet marketplaces and other Tor hidden services

Due to its pseudo-anonymous nature and decentralized infrastructure, bitcoin has been exploited in darknet marketplaces which facilitate the trading of a myriad of illegal products and services, including illicit drugs, stolen personal data, weapons, hacking tools, and more. The history of bitcoin transactions is recorded on a public ledger, known as the blockchain. However, the real world identity of a ... Read More »


Using writing style and photographs to fingerprint darknet marketplace vendors

Darknet marketplaces, or cryptomarkets, are Tor hidden services where users trade illicit drugs and a myriad of illegal goods. During the past few years, law enforcement agencies have started to study the networks of darknet vendors in an attempt to link them to their real world identities. Nevertheless, cryptomarket vendors usually use multiple accounts, which render it extremely difficult to ... Read More »

Research: Phishing attacks via Tor hidden services

Phishing is by far one of the most serious threats against the security of personal data. Launching phishing attacks often relies on sending emails that seem to have been sent by a trusted entity. The goal is to trick the recipient to provide sensitive personal information including usernames, passwords, online banking credentials, etc. The emails attempt to deceive the victims ... Read More »

Research: Maximizing privacy of the interledger protocol (ILP) via Tor-like onion routing circuits

The Interledger Protocol (ILP) is a network protocol that facilitates micropayments and settlements between different payment systems. Nevertheless, it leads to the unmasking of all transaction information including transaction amount, sender wallet address, and recipient wallet address. A recently published research paper proposes an application layer, named ILP-CEPA, that operates on top of ILP in order to hide transaction information ... Read More »


Research: The challenges associated with geographical avoidance of Tor nodes

Traffic analysis attacks are by far among the most serious threats compromising the anonymity of Tor users. When law enforcement agencies or malicious adversaries attempt to deanonymize Tor users, they launch traffic confirmation attacks and observe encrypted traffic in order to extract metadata. When combined with routing attacks, traffic confirmation attacks are extremely efficient in deanonymization of Tor users. Even ... Read More »

Research: Improving Tor circuits’ anonymous communication forwarding strategy

Anonymous communication can be achieved by concealing the relationship between the origin and destination of traffic flow via means of a special method, so that an adversary cannot identify the communication relationship or the data being exchanged between both ends of the communication route. Anonymous protection has to achieve three main goals: recipient anonymity, sender anonymity, and impossibility to correlate ... Read More »

Security Onion – A network monitoring and analysis machine

Maintaining bulletproof network security has become a challenging task, as hackers are acquiring more skills and developing highly effective malicious tools every day. As such, even with powerful security systems such as antivirus technologies, firewalls, and strong authentication systems, it is still difficult to mitigate all network vulnerabilities. Since a secured network can still be hacked, we need systems that ... Read More »

Research: Security monitoring of a darknet using a novel attacker behavior based metric

Monitoring of network traffic is indispensable for managing and securing various types of networks. One of the main difficulties associated with handling of network’s traffic (data packets, flow, etc) is the unsatisfactory semantic of independent parameters including number of data packets, IP addresses, TCP/UDP port numbers, network protocol, etc. Even though many parameters can be quantified by numerical values, it ... Read More »

Research: Tor marketplaces as a threat to national e-ID infrastructures

Electronic identification (e-ID) has been increasingly adopted by many states during the past few years. The past decade has witnessed large-scale initiatives in many European countries to develop their very own e-ID infrastructures. These forms of digital infrastructures vary in terms of frameworks, institutional entities involved, and the types of services accessible by citizens via their issued digital identities. Occasionally, ... Read More »

Research: A novel user friendly system for monitoring darknet marketplaces

Darknet markets have been emerging during the past few years as the ideal online platforms for trading various forms of illicit goods and services including drugs, weapons, counterfeit documents, stolen private data, hacking tools, and others. As such, it is pivotal for law enforcement agencies all over the world to develop effective means for monitoring darknet marketplaces and tracing individuals ... Read More »

Research: Using text spotting to detect textual information hidden within images hosted on onion domains

Due to the continuous efforts of law enforcement agencies to monitor illegal activities taking place on the Tor network, darknet marketplace vendors have developed novel means for evading the digital forensic tools used to gather evidence of such activities. Specifically, hiding textual content within images can effectively evade text analysis techniques used to monitor content on onion hidden services. A ... Read More »

Research: How are digital and communication technologies exploited to facilitate human trafficking?

The human trafficking business has flourished during the past few years, thanks to the wide use of digital and networking technologies. Even though the exploitation of digital technologies in human trafficking represents a growing global problem, few research studies have been conducted to assess the implications of the trafficking-digital technology nexus. As such, little is known regarding how digital and ... Read More »


Research: Categorization of digital anti-forensic tools used by cybercriminals

Even though information technologies have greatly enhanced our living standards, they have also offered criminals innovative means to commit their crimes. Cybercrimes represent a diverse group of illegal activities that include identity theft, hacking, online piracy, drug trafficking, money laundering, and others. To counteract cybercrimes, novel tools and techniques are frequently being utilized by digital forensics’ professionals. On the other ... Read More »

Innovative legislation to counteract criminal and terrorist use of cryptocurrency

Bitcoin, and other cryptocurrencies, are increasingly being used by cybercriminals in various forms of illegal activities including money laundering, drug trafficking, malware trading, ransomware attacks, fraud, and others. Moreover, the past few years have witnessed the usage of cryptocurrencies to provide funding for terrorist organizations, especially ISIS. The current regulatory framework and legislation in the USA are obviously inadequate to ... Read More »

TOR has Released OnionShare 2, a Major Version with macOS Sandbox

After about a year of engaging work from a dedicated team of software designers, developers, and translators, OnionShare has released OnionShare 2, a major next-generation version with exciting updates. OnionShare is an open source tool used to anonymously and securely send and receive files using The Onion Router (TOR) services. Unlike on other platforms such as DropBox, Google Drive, WeTransfer, ... Read More »