Publication
Forensic Science International: Digital Investigation
Paper

Monitoring an anonymity network: Toward the deanonymization of hidden services

View publication

Abstract

Anonymity networks are an example of Privacy Enhancing Technology (PET) whose historical goal is to avoid censorship, preserve users privacy, and promote freedom of speech. Such networks, however, also provide a “safe haven” for criminal activity: previous research observed a dominance of commerce platforms delivered as hidden services within The Onion Router (Tor) network, undoubtedly the most popular anonymization technology at the time of writing, largely around narcotics and illegal financial services. Extensive research has been conducted on locating hidden services on the Tor network, but a general method that is able, given a service delivered via anonymity network, to effectively produce a list of candidate nodes responsible for delivering the service still remains an open research problem. In this paper we describe the infrastructure we have designed and implemented for monitoring the Invisible Internet Project (I2P) network, which is a smaller scale anonymity network compared to Tor but already proven to be used for illicit activities, and how its output can be used to enable such general method.