Cyber thieves and terrorists use the dark web as one of the most difficult channels to achieve their nefarious goals. There are many similarities between cyber-crimes and real-world crimes taking place on the dark web. However, the dark web's sheer breadth and anonymity are key to tracing the offenders. The first step in finding effective solutions to cybercrime is to assess the different dark web criminal hazards. The investigation of the dark web includes a review of crimes to minimize crime issues. To assist cyber security specialists, the authors used the systematic literature review approach and extracted data from 65 publications from the most relevant internet resources to meet research aims. As a result of an exhaustive investigation, systematic literature review is able to provide a clear picture of how criminal activity on the dark web is expanding and examine the strengths and weaknesses of existing methods for tracking down criminals. This study has showed, to aid law enforcement in the apprehension of criminals, digital evidence must be analyzed as per established standards.
TopIntroduction
In spite of its complexity, the World Wide Web (WWW) holds an unimaginable amount of digital information. Search engines like Google and Yahoo make it easier to find information on the Internet's most common topics. However, there are enormous swaths of the Internet that are not indexed by the major search engines. The Deep Web, a hidden portion of the Internet, is thought to account for 96% of all WWW content (Holgado and Peñalvo,2018). The Dark Web or Dark Net is a subclass of the Deep Web that is mostly utilised for unlawful purposes (Nabki et al.,2017). A whopping 57% of the Dark Web's traffic is comprised of criminal activity or unlawful material. Illegal narcotics, weapons trafficking, child pornography, stolen financial information, illegal talks, false money, and terrorist communication are just a few of the more prevalent ones (Chertoff and Simon,2015).
In 2013, the FBI took down Silk Road, the most notorious marketplace on the Dark Web, and these illicit actions were brought to the public's notice. The Dark Web's harmful intentions and unlawful material may be found through hidden wiki and deep search engines. Many further Deep Web connections may be found using these portals (Holgado and Peñalvo,2018). Forensic analysts researching criminal activity on the Dark Web have a significant problem because of the anonymity afforded by Dark Web services. Use of the Dark Web's content and services is common among anonymity services such as Tor, Freenet.
In contrast to a centralised computer server, the most widely used Dark Web service is the TOR network, which enables users to transmit information covertly and anonymously through peer-to-peer connections. Naval Research Laboratory developed this service in 2002 to overcome censorship and protect critical communications (Dredge,2013). The anonymity of the TOR network makes it difficult to monitor the Dark Web. Criminals use the Onion Router (TOR) to access the Dark Web because it is untraceable and tough to shut down. Thus, security and law enforcement are under tremendous pressure to monitor and track the activities of people on the Dark Web.
The TOR is often used by criminals to hide their activity on the Dark Web behind a relay station. This means that when police trace an IP address to a crime committed using the TOR browser, they can only discover one TOR exit relay. Various tactics and approaches have been developed by researchers to keep track of and catch criminals on the Deep Web. Memex is a successful Dark Web data mining tool developed and used by the United States Defense Advanced Research Projects Agency (DARPA) (William et al.,2021). Findings from a research study included mapping and monitoring of hidden service directories; monitoring social media; customer data monitoring; semantic analysis; and market profiling (Ciancaglini et al.,2013). Additionally, law enforcement has used numerous tactics to discover offenders, such as social media, IP addresses, monitoring user activity, and monitoring Bitcoin accounts.
There are several advantages to doing a comprehensive evaluation of scientific literature in order to discover the research issues and the rationale for further investigation in any given field . An SLR is a methodical review of the literature aimed at discovering relevant works in a certain field by following a series of research stages and procedures. To our knowledge, no comprehensive literature study on the evaluation of the Dark Web as a threat assessment has been done, which has prompted us to offer this survey. These crimes include drug trades, terrorism, human trafficking, and marketplaces for cybercrime tools. This research examines the effects of these crimes, as well as their accompanying crime-monitoring technology. To do this, we have methodically identified and examined 65 papers that are related to our study objective. As a result, the paper's contributions include: