Dark web trading: the dark space beyond search engines

　　The dark web is generally considered to be closely related to illegal activities, providing criminals with a low-risk collaboration platform and opportunities to challenge the "border". Hidden networks based on anonymous communication systems have developed into complex forms so far. However, it is not just criminals who rely on the anonymity of the dark web. Law enforcement personnel, military agencies, and intelligence agencies also need to use the dark web. They can conduct online monitoring, phishing law enforcement, and protect anonymous intelligence channels and top-secret plans.

　　The dark web has been frequently used as an illegal trading platform for a long time, and the elements to maintain its stable operation and development are closely related to the dark web market trust building mechanism. Understanding the complexity of the dark web market transaction process, exploring the trust mechanism that affects dark web trading activities, has important reference significance for understanding and destroying dark web trading links, maintaining the order of cyberspace, and building a harmonious digital governance system.

　　1. Dark web: a space explored from the surface web

　　In 2006, the first "dark web" that was "a household name"-"The Farmer's Market" (The Farmer's Market) was born. According to data from the US Drug Enforcement Administration (DEA), from 2006 to 2009, "Farmers Market" has developed more than 3,000 users in all 50 states and 34 other countries and regions in the United States. By 2011, the total annual transaction volume exceeded 1 million US dollars. The "farmer market" deals in almost all kinds of contraband, among which drugs and controlled drugs are the main ones. It relies on commissions to maintain the operation of the dark web. In its heyday, it was known as the "Amazon in the field of illegal transactions." In April 2012, the US Drug Enforcement Administration cooperated with local police and intelligence agencies such as the Netherlands, Colombia, and Scotland to defeat the "Farmers Market" and arrested eight organizers of different nationalities, including Mark William. In September 2014, the founder William was sentenced to 10 years in prison on charges of drug trafficking and money laundering. The remaining 7 people were convicted except one who died in prison.

　　In October 2013, the "Silk Road" that sold illegal drugs, provided digital goods such as malware and pirated media, forged documents, and provided illegal computer hacking services was seized, and its creator, Ulbritt, was sentenced Life imprisonment, this incident brought the "dark web" to the surface again and caused concern.

　　The dark web, also known as the hidden web, is a hidden server contained in the "deep web". As opposed to the surface web, it exists on the World Wide Web in the hidden web. The content that cannot be captured by traditional search engines requires special software and configuration. Or permission to log in. It is worth noting that the World Wide Web and the Internet are not synonymous. The World Wide Web is only a part of the Internet, and the websites that we can search through traditional search engines are only a part of the World Wide Web-the surface web. The number of domains on the dark web is 400 to 500 times that of the surface network, and visitors will not leave any traces on it. The deliberately hidden content contained in the dark web may be used for legal purposes or used to hide crimes. Behaviors or other malicious activities, the use of the dark web has attracted the attention of relevant departments and scholars.

　　Tor (Onion Routing), the most popular and practical anonymous communication system, is a common way for individuals to access the dark web. Tor's communication relies on a network of volunteer computer nodes that use the software. All the user's network traffic will be encrypted and transmitted through a series of other users' computer nodes on the network, so that the traffic cannot be traced back to the original user. By establishing a "hidden service", service providers and service requesters are anonymous to each other during the entire communication process. The Tor-based dark web uses this protocol to maintain the anonymity of dark web users.

　　On the dark web, users can use hidden catalog pages to browse classified encyclopedias, use hidden search engines to search for contraband and other transaction content, or use hidden forums, hidden chat rooms, hidden emails, and privately constructed communication methods To communicate. As scholars said: "A considerable amount of information is missed by search engines because it is hidden deep. The deep domain of the Internet has unknown breadth, depth, content, and users." The dark web is for activities such as the sale of illegal goods and criminals, The organization, communication, and collaboration of a series of malicious attackers such as terrorists and spies provide anonymous services and platforms to enable users to avoid censorship, access blocked content, and protect sensitive communications. The dark web mainly uses Bitcoin or other digital currencies to conduct transactions. Email is the main communication method in the dark web market. For sellers, customer reviews are an important proof of merchants’ reputation.

　　What needs to be pointed out is that not only criminals rely on the anonymity of the dark web, but law enforcement officers can also treat their bodies in their own way. In fact, law enforcement personnel, military agencies, and intelligence agencies also need to use the dark web. They can conduct online monitoring of the dark web, phishing law enforcement, and protect anonymous intelligence channels and top-secret plans. The anonymity in the dark web can be used to avoid censorship and identification and hacker attacks, to protect users from surveillance and eavesdropping, to attack and shut down illegal websites, and to interrupt server attacks and communications.

　　Although individuals may anonymize activities, researchers are already exploring ways to exploit security vulnerabilities to infiltrate, de-anonymize, and track malicious behavior. In order to identify the source of malicious attacks online and detect the true destination of network traffic visiting dark sites, researchers are constantly developing "deanonymization" technologies that can identify hidden services and individuals to resist the invasion of criminal forces from the dark web. The anonymity in the dark web can also be used to protect the military command and control system on the battlefield from enemy identification and attacks; at the same time, it can also shut down websites or interrupt network attacks to intercept enemy communications; it can also be used for countermeasures. Espionage, spreading false news, etc. For example, the researchers of the Advanced Intelligence Research Project (IARPA) of the US Department of Defense Advanced Research Projects Agency (DARPA) have explored various methods of "finding those who do not want to be discovered".

　　2. Double-edged sword: anonymous technology and dark web resource mining

　　The development of the dark web economy has promoted the rise of anonymous servers, anonymous mailboxes, and anonymous mailing services. Cryptocurrency has entered the field of vision of ordinary users, but while it brings convenience to people, it also opens a new door for money laundering and other economic crimes. The dark web market provides a lower risk platform for users to illegally trade. In the future, these online black markets will no longer be centralized websites such as the "Silk Road", but a form of decentralized commodity, information, payment, and feedback processes, making it more difficult to leverage.

　　The quantity and quality of dark web resource information are superior to those on the surface network. The demand for these resource information makes researchers continue to explore ways to efficiently fill the dark web query interface and obtain dark web resources. For example, scholars from Nankai University classify dark web resource information according to fields, including more than a dozen categories such as finance, Internet, literature, and chemistry, and each contains detailed subcategories. The dark web can be accessed through many decentralized anonymous nodes on the network, including Tor or I2P. When using these anonymous communication tools, the user’s IP address remains hidden, and the IP address displayed by the connection with any target website can be in fact Anywhere, so it is difficult to capture the user's source and location. When using Tor, the website URL will change its format. The website usually ends with the "ion" suffix to identify "hidden services" instead of ending with .com, .org, .net, etc. When using Tor to search the Internet, an onion icon Tor Browser is usually displayed. The biggest drawback of this service is its slowness.

　　In 2017, the “Dark Web Report” published by the US Congressional Research Service stated that the average number of Tor users per day in the United States was 353,783, accounting for 19.2% of the average number of Tor users per day. The United States has the largest number of Tor users per day, followed by Russia (11.9%), Germany (9.9%) and the UAE (9.2%). As for the way of communication on the dark web, individual users usually choose to start with the social news site Reddit. The dark web sub-section of the website often provides dark web access, and the website opens up a platform for user discussions, but it is not encrypted Or anonymously. Individuals who want to use a more secure form of communication can choose to use email hosted on Tor, web chat rooms or privately constructed communications. Many anonymous instant chat rooms are hosted on Tor. Some do not require users to provide any information, and there are some needs. Users register via email.

　　The anonymity and untraceability of the dark web allows any user to be anonymous in real time when accessing the dark web without revealing their identity to the server, including criminals who engage in illegal activities. For example, in 2016, the official website of a dark web trading platform was hacked, resulting in a large amount of information in the database being leaked, and countless credit card information and thousands of user accounts were stolen. Affect the original holder of the data.

　　But anonymity service is not an absolute weapon for illegal activities to "freeze" the Internet. In October 2011, the famous hacker organization Hacktivist launched an attack on the dark web, destroying a website called Freedom Hosting operated on Tor, which hosted more than 40 child pornographic websites. Hacktivist obtained the user database of the website, enabling the FBI to trace the true identities of individuals. At present, 185 of them have been successfully charged with criminal charges.

　　3. Dark web payment: the tip of the iceberg of illegal activities

　　In addition to the anonymity and untraceability of users, traders in the dark web world also need to solve the anonymity problem of transaction settlement. Since all countries have strict monitoring methods for the banking system, the realization of transaction settlement through traditional bank accounts for criminal activities based on the dark web will inevitably lead to tracking risks in the banking system. Some scholars believe that the rise of virtual currencies such as Bitcoin has exactly solved this problem.

　　As a payment medium, Bitcoin has impressed the public with its anonymity and privacy since its appearance. Every bitcoin payment record in the digital public ledger is called a blockchain, which records the transfer of bitcoins between users (essentially a transaction). Blockchain is a distributed accounting technology. Every transaction will be recorded on it. Everyone connected to the blockchain will have this ledger. Therefore, Bitcoin itself has a certain degree of transparency, because everyone will Obtain transaction records. Although the Bitcoin wallet has a unique coded identifier, it does not point to the identity of the trader, so it is impossible to know who the trader behind it is.

　　Bitcoin was born in 2009, but it was just an encrypted number at the beginning. It wasn't until the "Bitcoin Pizza Day" in 2010 that an American programmer used 10,000 Bitcoins to purchase a pizza worth $30, which made Bitcoin the first time worth $0.003. In 2011, the "Silk Road" was born, and cryptocurrency officially became the "official" currency in the darknet market. It solves the anonymity problem of traders' transaction settlement in the dark web market, and frees criminal behavior from the risk of being tracked by the traditional financial system.

　　In short, Bitcoin is a decentralized digital currency that uses anonymous peer-to-peer transactions. The user's address is associated and stored in the "electronic wallet", which contains the individual's "private key"-a string of secret numbers, allowing the person to spend bitcoins from the corresponding electronic wallet, similar to a password. The transaction address and encrypted signature are used to verify the transaction, the wallet and private key are not recorded in the public ledger, and the electronic wallet can be hosted on the network.

　　Since Bitcoin has no issuing agency, there is no crisis of being frozen like ordinary currencies, and it has become a new way for criminals to blackmail. In May 2017, the Wanna Cry ransomware became popular all over the world. Virus makers locked “poisoned” users and demanded payment of a certain amount of Bitcoin as the price of unlocking.

　　The dark web is generally considered to be closely related to illegal activities and provides a low-risk collaboration platform for criminals, such as using anonymous chat rooms and communication services to plan crimes and spread criminal techniques. All kinds of contraband, stolen goods, and stolen information can be sold for profit.

　　In the incident of Facebook leaking user information in the past two years, hackers revealed that the sales amount of relevant user information on the dark web was very cheap, and the real sought-after information was bank accounts and passwords. Ghost Sec, a hacker organization that combats terrorist organizations, traced a Bitcoin wallet worth 3 million U.S. dollars, confirming that virtual currency has become one of the channels for terrorist organizations to raise funds.

　　However, data on the activity of dark web sites such as bank accounts and passwords is scarce. It is estimated that only about 1.5% of Tor users can access hidden service pages or dark web pages, and it is unknown how much Tor traffic will flow to any of these sites. . It is difficult for ordinary users to touch the boundaries of these websites, and some websites must be accessed only after the user obtains an invitation code.

　　At the same time, the dark web provides criminals with opportunities to challenge "boundaries", including physical boundaries, physical-network boundaries, and network boundaries. As long as the network can reach, there is a possibility of crime. A large number of studies tend to describe the dark web as a "safe haven" for illegal activities and call for the supervision of the dark web to reduce the possibility of crime. Based on the characteristics of easy access to the dark web, strong concealment, special trading methods, and great harm to public safety of transaction content, the dark web can easily become an obscene information dissemination channel, a trading platform for illegal goods, and a safe haven for terrorism. To improve the dark web supervision mechanism, we must first strengthen the prevention and control of the dark web propaganda information, strengthen the supervision of the logistics industry, and increase the user's awareness of confidentiality. Some scholars also believe that the dark web problem is difficult to solve. The most important point is that the complexity of transnational crimes and the anonymity mechanism make the threat posed by the dark web not subject to geographical restrictions, especially the advantages of blockchain technology for dark web crimes The event provides great convenience. Scholars who have conducted research on dark web terrorist crimes believe that even though dark web criminals are more concealed in ways and means than criminal activities on the surface web, users need to update their tools frequently to improve anonymity and security. , And need to be familiar with various auxiliary software, which raises the technical threshold for using the dark web. Therefore, dark web criminal activities are functionally supplementary and are not the "culprit" of rampant criminal activities.

　　4. Dark web sellers: how to build trust

　　Although trust is a very personal emotion, sellers on the dark web, under the escort of anonymous technology, must also expand their user groups and market their products, technologies and services by building trust with buyers. . Fame is as important to dark web sellers as surface web and real buyers. For the dark web where face-to-face transactions cannot be conducted, and there are no trading regulations, buyers should normally be unable to establish trust with sellers. But the actual situation is just the opposite. Non-delivery or sale of defective products rarely occurs on the dark web, and Nicolas Christin, a scholar at Carnegie Mellon University, used 8 months to give 184804 feedback on the "Silk Road". According to the research conducted, the positive rate of dark web products is as high as 97.8%.

　　Like Airbnb hosts or surface-level online shopping platform sellers, the "suppliers" on the dark web also pay great attention to the reputation of their "brand" and customer satisfaction. Generally speaking, the supplier interface of the dark web will contain the following information: total number of completed transactions, supplier registration time, supplier last login time, supplier's other important aliases, competitive advantage, refund strategy, postage, shipping method. Ensure that buyers will be impressed with the seller’s credibility even if they don’t end up buying the goods they offer.

　　In fact, the marketing strategy used in the dark web is an imitation of ordinary e-commerce marketing strategies. They will not only present product pictures on the page, and mark the price, shipping location, delivery location, inventory, creation and update time, seller reviews, etc., but also discount activities (such as buy two get one free), member specials and Additional discounts provide a money-back guarantee for unsatisfied buyers. Dark web sellers even use marketing techniques such as "limited inventory" and "time-limited supply" to promote sales. Some suppliers eager to occupy the market or newly established suppliers will establish a “brand” image by providing services such as “free samples”, “the lowest of the whole network”, and “evaluation transactions”. They will also promote promotional activities by setting up “festivals” on the dark web. For example, the dark web will also celebrate "Black Friday" and carry out discount activities. The future of the dark web market does not depend on anonymous networks, Bitcoin, or other encryption methods. What can really retain customers is the excellent user service and experience.

　　Competitiveness, credibility and sincerity are the three basic elements for dark web sellers to build trust. In order to highlight reliability, buyers encourage sellers to comment on the speed of response, whether the communication is smooth, and whether the way of delivering goods is safe enough. Buyers’ feedback, whether positive or negative, cannot be deleted. "Good credit mechanism" attracts sellers from offline market to dark web. Generally speaking, we do not equate the dark web with ordinary online communities, but the dark web market does have a strong sense of community. For example, users will chat in the community on Reddit (social media platform) and publicly condemn them. Satisfied dark web seller. As the American management and information expert James Martin explained in his dark web drug research, the dark web has its own order, and users on the dark web also review the behavior of others with integrity standards, without relying on experience or individual evaluation. Instead, you can rely on the judgment of the entire dark web community to make choices.

　　Some related industries have emerged. For example, some websites will use professional testing personnel to provide services for random testing of drugs sold on the dark web. For example, a dark web site will also instantly update the dark web market ranking and product testing progress with the highest praise rate. Users can send the purchased samples to a drug testing laboratory independently established by the community for testing, and then they will feed back the test results to the users, whether it is "cut corners" or "shoddy", the results will be published here On the website, the information of suppliers who sell such products is disclosed, and untrusted suppliers will be expelled from the dark web market.

　　As mentioned earlier, every bitcoin payment record in the digital public ledger is called a blockchain, which records the transfer of bitcoins between users. This distributed accounting technology allows the dark web to form an independent virtual society, with its own independent and closed credit system, not under the control of offline credit systems, and difficult to be tracked by means of monitoring criminal acts.

　　A few days ago, officials of the US Securities and Exchange Commission issued a statement saying that Bitcoin and Ether are not securities. Prior to this, they also warned users about the risks of Bitcoin transactions. The Chinese government completely bans virtual currency ICOs (initial coin offerings, blockchain terminology) such as Bitcoin, making the trading prospects of cryptocurrencies in the mainstream market confusing. Despite the constraints of circulation, investors still hold expectations for the future development of Bitcoin. It is obviously inappropriate to limit the withdrawal of cryptocurrencies to weaken dark web transactions and their concealment.

　　(Author: Deng Bing, unit: New Media Institute, Peking University)