Understanding The Concept Of Deep Web: Security Challenges And Potential Solutions

What is the Deep Web?

Discuss about the Information Security of Deep Web .

The deep web or the hidden web is the specific parts of World Wide Web or WWW, where all the contents are not indexed by the standard of web search engines for any particular reason (Zhao et al., 2016, p. 2). There are various interesting pages of indexes, internal networks, databases or ideas on the deep web. These pages could either be nefarious or innocent for the management of deep web. The opposite of the deep web is known as the surface web that could be accessed by everyone with the help of the Internet connection. The contents of this deep web is completely hidden in the forms of HTTP and thus is involving the various utilizations like web mail, services, online banking and many more, which is required by any user to be paid off and is protected and secured by any typical pay wall (Sharma & Sharma, 2017, p.2). This pay wall could be various online magazines, newspapers and videos on demand. All the contents of this deep web could be easily located as well as accessed by the direct URL or the IP address and thus would need various security accesses and passwords from the previous website page.

The following report outlines a brief discussion on the concept of the technology of deep web and how this deep web is being utilized by all users. This report will be providing the background of deep web with various security challenges or issues that are faced by the users of deep web. Moreover, the potential solutions will also be provided here.

The deep web is the part of the Internet that is not being indexed by any of the search engines. It is the most diversified world that could be nefarious in nature. The term deep web was at first coined by the popular computer scientist, Michael K. Bergman (Huang e al., 2013, p.1). He said that this part of the Internet is nothing but a simple search indexing term. The conflation of the two terms of deep web as well as the dark web first came into account in the year of 2009. The terminology of the deep web search engine was eventually discussed with all types of illegal and unethical actions that were taking place on the specific Freenet darknet (Thamviset & Wongthanavasu, 2014, p. 1109). After the year of 2009, the utilization within the media reporting of Silk Road, several people and outlets of media are utilizing this deep web with the dark net or dark web. There is a distinct difference between the deep web and dark web. Deep web is the typical type of search engine that helps to search anything online; however, dark web is the exact opposite of deep web. It is the nefarious activities of deep web, thus overshadowing the simple nature of deep web (Oita, Amarilli & Senellart, 2017, p. 1). Deep web is the most significant and important reference to any particular site that is not accessible with the help of any traditional search engine, the dark web, on the other hand, is the smaller part of the deep web, which is intentionally kept hidden and is also inaccessible by the standard methods or browsers. The part of the web, which is being indexed by the standard search engines, is called the surface web. During the year of 2001, the deep web was larger than the surface web in terms of the orders of magnitude (Mallede, Marir & Vassilev, 2013, p. 32). It is nearly impossible in measuring as well as putting estimates on the deep web size as most of the information is either hidden or is locked within the databases. The information or the sites added within the deep web are making the growth of it extremely high and thus could not be quantified.

History and Differences between Deep Web and Dark Web

Although, deep web is extremely important as well as beneficial for all the users, there are some of the most significant security challenges posed by it (Furche et al., 2013, p.24). These security challenges make the entire concept of deep web often threatening for the society and the users. The most significant and important security challenges of the deep web are as follows:

1. i) Access to Deep Web: The first and the foremost security challenge of the deep web is the excess access to this deep web (Caudevilla, 2016, p. 70). The people, who are accessing the Deep Web usually, take up a service, namely Tor. This Tor is the specific service that is being developed by the United States Naval Research Laboratory. It acts the browser of Firefox or Google Chrome. The most significant difference between them is that Tor does not take the direct route within the computer and deep parts of Web; rather this particular browser utilizes any random path of the encrypted servers, called the nodes (Khelghati, Hiemstra & Van Keulen, 2013, p.3). It enables the users in connecting to Deep Web without having the fear of actions like being tracked on the history. The major problem with this Tor service is that there is anonymity and thus a dark side is enabled where the criminals and the hackers operate in shadows and does not get caught.
2. ii) Misusing of Deep Web: The second important security issue or challenge in the deep web is the misusing of this technology. For few of the users, this Deep Web is responsible for offering the basic opportunity in bypassing the local restrictions and even accessing the services (Khurana & Chandak, 2016, p. 409). Huge or bulk amount of data is present within it and thus, there is always a high chance that misusing of deep web can lead to the loss of data. This data could be confidential and sensitive and comprise of the real names, phone numbers, bank account details or even addresses of the authorized users. Hence, the loss of data could be extremely dangerous for them.
3. iii) Distributed Denial of Service Attacks: The DDoS attacks are the third important security challenge of deep web. These types of attacks are the specific subclass of denial of service attacks and are responsible for involving with various connected or linked online devices, jointly called the botnet (Noor, Daud & Manzoor, 2013, p. 132). These are utilized for the purpose of overwhelming the target website with the fake traffic. These distributed denial of service attacks breach the security of the deep web site and thus making them unavailable or inaccessible to the authorized users. Moreover, these types of distributed denial of service attacks even takes down all the security appliances for breaching the security perimeter of the target (Wu & Zhong, 2013, p. 137). The successful DDoS attacks within the deep web are an extremely dangerous weapon of the hackers, cyber vandals, attackers or any other.
4. iv) Lack of Encryption: Another important challenge of security within the broad concept of deep web is the lack of encryption. The data that is searched or is entered through this deep web is not encrypted (Zhao et al., 2016, p. 1). In cryptography, encryption is the basic way of securing the data and thus preserving or protecting the data or information of the users. It is the most effective or efficient method for achieving the security of the confidential or sensitive data. The unencrypted text is the plain text and the text that is encrypted for protection is known as cipher text. A specific public or private key is to be utilized in this phenomenon of encryption (Sharma & Sharma, 2017, p. 1). The data that is entered within the deep web is never encrypted and thus the hackers get the hold of this data. They could even utilize this data for various wrong intentions and thus this is a significant issue in case of security of the deep web.
5. v) Lack of Authorization: Another significant issue or challenge within the deep web is the lack of authorization or authentication. This lack of authentication or authorization is one of the major problems for losing confidential or sensitive data (Huang et al., 2013, p. 5). Moreover, the inadequate authorization or authentication could eventually result to the data loss, corruption problems, lacking of the accountability, denying of the accesses. This type of problem is common in deep web and thus the users often suffer through various significant problems. The device or the accounts of the user are easily hacked by the attackers or hackers and the confidentiality or integrity of the data gets lost completely (Oita, Amarilli & Senellart, 2017, p. 3). Weak passwords to the system or the Wi-Fi are one of the major reasons for lack of authorization. If the internet connectivity is public, the data or the information could be easily accessed from the browser cookies.
6. vi) Ransomware: This is the sixth important and significant cyber security issues in deep web. It can be defined as the malware subset from where the confidential data is locked on the authorized user’s systems. This is usually done by encryption. The victim’s data or information is eventually blocked by the hackers and the user is unable to do anything (Mallede, Marir & Vassilev, 2013, p. 41). The hackers keep this data blocked, until and unless a huge ransom is being paid off to the hackers. These are usually carried out with the help of Trojan, which remains hidden as an authorized file that the victim is tricked to download or open.

The above mentioned security issues are extremely dangerous for the society and to all those people, who are using this technology. However, there are some of the potential solutions to these problems. They are as follows:

1. i) Access to Deep Web: there should a strict access control for the users of deep web and thus the extra access would be stopped (Furche et al., 2013, p.1). Each and every authorized user should be provided with a unique username and password and a track should be kept about the usability of the deep web.
2. ii) Misusing Deep Web: The solution to the misuse of deep web is same as the access to deep web. The control should be checked and restricted. This would eventually stop the misuse of deep web.
3. iii) DDoS Attacks: Firewalls are the best answer to the DDoS attacks. These are utilized for detection and prevention of the DDoS attacks (Khelghati, Hiemstra & Van Keulen, 2013, p. 5).
4. iv) Lack of Encryption: The process of encryption should be incorporated within deep web. This would prevent the hackers from stealing confidential data.
5. v) Lack of Authorization: The authorization and authenticity of the data in deep web could be maintained with the various security measures like firewalls, antivirus, encryption and many more (Noor, Daud & Manzoor, 2013, p. 133).
6. vi) Ransomware: Regular updates of software are the best solution for stopping the ransomware attacks in deep web.

Conclusions and Future Trends

Therefore, from the above discussion, it can be concluded that deep web or invisible web is one of the largest parts of the connection of Internet, which is solely inaccessible to the conventional search engines. The contents of the deep web majorly includes various chat messages, emails, private contents over the social media, electronic records of health, electronic bank statements and many others. The contents of deep web also include which are accessed on the Interne; however, are not indexed or crawled by the search engines such as Yahoo, Bing, Google or DuckDuckGo. The most significant reason for this not indexing the contents of deep web varies eventually. The content could either be proprietary, where the content is accessed through the VPN or virtual private network. When the content of the deep web is absolutely commercial in nature, they reside within the member wall and could only be accessed by the clients, who have made the payment. This content could even be PII or personal identifiable information, and then this is to be protected with the help of compliance regulations. The components of the deep web often lack the permanent URL or uniform resource location for becoming the part of the technology. The above report has provided the detailed description about the part of WWW, i.e. deep web by providing relevant details. Moreover, the several security and privacy issues that are common in deep web are also given here. Solutions are also provided in the report for each and every problem identified and the final part of the report has discussed about the future trends of this deep web.

The future of the Deep Web is quite advanced and increased with popularity. There are five predictions that the Deep Web will be more advanced in the near future. These predictions of future trends of Deep Web are given below:

1. i) Becoming More Secured: The first and the foremost prediction of future of the Deep Web is that it would continue to become more safe and secured. The detection of the search by deep web would be avoided in the future by the law enforcement agencies.
2. ii) Stronger Marketplaces: The second prediction in the future of deep web is the stronger marketplaces. The rise of the new and completely decentralized marketplaces would be enhanced with the deep web. The implementation of the full brown marketplaces would be done with the future trends of deep web.
3. iii) Easier in Gauging Reputation: The third significant prediction of the future of Deep Web is that it would be becoming extremely easier to gauge the information. The trust and the reputation amongst the sellers as well as the buyers will not have to rely on the external authority.
4. iv) Security of Bitcoins Higher: The next important prediction of the future of Deep Web is that it would be brining high security to the Bitcoins. All the crypto currencies always go hand in hand with the marketplaces of the Deep Web. This particular type of advancement with deep web would eventually make the Bitcoins less traceable by the attackers or hackers. This would make the technology of Bitcoin even more popular and famous for the users.
5. v) More Usability: Another important prediction of the future of the Deep Web is that it would be more popular and more users would be using it. Hence, public awareness should be increased about Deep Web and Dark Web.

These above mentioned five predictions about the future of deep web will be bringing out the future trends of this Deep Web effective immediately.

References

Caudevilla, F. (2016). The emergence of deep web marketplaces: a health perspective. In The internet and drug markets (EMCDDA Insights 21) (pp. 69-75). Publications Office of the European Union, Luxembourg.

Furche, T., Gottlob, G., Grasso, G., Guo, X., Orsi, G., & Schallhart, C. (2013). The ontological key: automatically understanding and integrating forms to access the deep Web. The VLDB Journal, 22(5), 615-640.

Huang, P. S., He, X., Gao, J., Deng, L., Acero, A., & Heck, L. (2013, October). Learning deep structured semantic models for web search using clickthrough data. In Proceedings of the 22nd ACM international conference on Conference on information & knowledge management (pp. 2333-2338). ACM.

Khelghati, M., Hiemstra, D., & Van Keulen, M. (2013, May). Deep web entity monitoring. In Proceedings of the 22Nd International Conference on World Wide Web (pp. 377-382). ACM.

Khurana, K., & Chandak, M. B. (2016). Survey of Techniques for Deep Web Source Selection and Surfacing the Hidden Web Content. INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 7(5), 409-418.

Mallede, W. Y., Marir, F., & Vassilev, V. T. (2013). Algorithms for mapping RDB schema to RDF for facilitating access to deep web. In Proceedings of the First International Conference on Building and Exploring Web Based Environments (pp. 32-41).

Noor, U., Daud, A., & Manzoor, A. (2013, September). Latent dirichlet allocation based semantic clustering of heterogeneous deep web sources. In Intelligent Networking and Collaborative Systems (INCoS), 2013 5th International Conference on (pp. 132-138). IEEE.

Oita, M., Amarilli, A., & Senellart, P. (2017). Cross-fertilizing deep Web analysis and ontology enrichment.

Sharma, D. K., & Sharma, A. K. (2017). Deep Web Information retrieval Process. The Dark Web: Breakthroughs in Research and Practice: Breakthroughs in Research and Practice, 114.

Thamviset, W., & Wongthanavasu, S. (2014). Information extraction for deep web using repetitive subject pattern. World Wide Web, 17(5), 1109-1139.

Wu, W., & Zhong, T. (2013, May). Searching the deep web using proactive phrase queries. In Proceedings of the 22nd International Conference on World Wide Web (pp. 137-138). ACM.

Zhao, F., Zhou, J., Nie, C., Huang, H., & Jin, H. (2016). SmartCrawler: a two-stage crawler for efficiently harvesting deep-web interfaces. IEEE transactions on services computing, 9(4), 608-620.