Bermudez Villalva, Dario Adriano;
(2022)
Understanding the difference in malicious activity between Surface Web and Dark Web.
Doctoral thesis (Ph.D), UCL (University College London).
Preview |
Text
Thesis_Final.pdf - Accepted Version Download (2MB) | Preview |
Abstract
The world has seen a dramatic increase in illegal activities on the Internet. Prior research has investigated different types of cybercrime, especially in the Surface Web, which is the portion of the content on the World Wide Web that popular engines may index. At the same time, evidence suggests cybercriminals are moving their operations to the Dark Web. This portion is not indexed by conventional search engines and is accessed through network overlays such as The Onion Router network. Since the Dark Web provides anonymity, cybercriminals use this environment to avoid getting caught or blocked, which represents a significant challenge for researchers. This research project investigates the modus operandi of cybercriminals on the Surface Web and the Dark Web to understand how cybercrime unfolds in different layers of the Web. Honeypots, specialised crawlers and extraction tools are used to analyse different types of online crimes. In addition, quantitative analysis is performed to establish comparisons between the two Web environments. This thesis is comprised of three studies. The first examines the use of stolen account credentials leaked in different outlets on the Surface and Dark Web to understand how cybercriminals interact with stolen credentials in the wild. In the second study, malvertising is analysed from the user's perspective to understand whether using different technologies to access the Web could influence the probability of malware infection. In the final study, underground forums on the Surface and Dark Web are analysed to observe differences in trading patterns in both environments. Understanding how criminals operate in different Web layers is essential to developing policies and countermeasures to prevent cybercrime more efficiently.
Type: | Thesis (Doctoral) |
---|---|
Qualification: | Ph.D |
Title: | Understanding the difference in malicious activity between Surface Web and Dark Web |
Open access status: | An open access version is available from UCL Discovery |
Language: | English |
Additional information: | Copyright © The Author 2022. Original content in this thesis is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) Licence (https://creativecommons.org/licenses/by-nc/4.0/). Any third-party copyright material present remains the property of its respective owner(s) and is licensed under its existing terms. Access may initially be restricted at the author’s request. |
Keywords: | cybercrime, cybersecurity, crime science |
UCL classification: | UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science UCL > Provost and Vice Provost Offices > UCL BEAMS UCL |
URI: | https://discovery.ucl.ac.uk/id/eprint/10147915 |
Archive Staff Only
View Item |