|De-Anonymizing TOR and Darknet Operations: "Low-Tech" Options for Law Enforcement
Sponsored By: TeleStrategies' ISS WorldŽ
February 20, 2018 : Online Webinar
TIME: 9:00-10:00 AM New York Time, Eastern USA Time
Free for Law Enforcement, the government intelligence community and private enterprise cyber security managers. Registration with Government or Corporate e-mail address is required.
Click Here To Register
De-Anonymizing TOR and Darknet Operations: "Low-Tech" Options for Law Enforcement
Large intel agencies have the resources and know-how to break TOR, darknet servers and related anonymizing protocols. However, their investigation techniques are technically difficult to develop and costly to implement. As such, these capabilities are closely held by the intel community and reserved for serious national security concerns, leaving most LEAs stranded in their local “darknet” investigations involving drug markets, gambling, ransomware, card resale, exploitation and other illicit online activity.
While “intel-grade” de-anonymization approaches (e.g., network packet correlation, DPI/content fingerprinting, protocol compromises, malware and others) are beyond the capabilities of traditional law enforcement agencies, the good news is that many online criminals do not have the skills to properly implement anonymization protocols. This leaves a small door open for LEAs.
This webinar will present relatively “low tech” options and network investigation techniques that any LEA can use to reveal the identities of poorly configured anonymization protocols and systems. The presenters will first give an overview of anonymizing protocols in use on the internet today (e.g., TOR, I2P, Freenet, Tribler, Riffle); how they are used in practice to hide the identity of both clients and servers; and what makes them difficult to investigate. Part two of the webinar will look at server analyzation approaches that exploit poorly configured darknet servers to expose identity information. Specific techniques covered include web server profiling, OS/network fingerprinting, java exploits and other “non-intel grade” approaches that have been successfully used to bring down inexperienced darknet operators.
Andrew is the former CEO and co-founder of the Tor Project. He’s an advisor with military and intelligence agencies in the US and its Allies, having worked on SAFER Warfighter, MEMEX, SHARKSEER, CRISP, and others.
All Contents Copyright © 2018