Identification and Classification of Illegal Dark Web Activities in East Africa Region
| dc.contributor.advisor | Fitsum Assamnew (PhD) | |
| dc.contributor.author | Tariku Eshetu | |
| dc.date.accessioned | 2025-10-07T09:13:53Z | |
| dc.date.available | 2025-10-07T09:13:53Z | |
| dc.date.issued | 2024-08 | |
| dc.description.abstract | Online criminal activity manifests in various forms across the Surface, Deep, and Dark Web layers of the Internet. The darknet environment is notorious for various illegal activities, including financial crimes, hacking, recruitment for terrorism and extremism, child pornography, human organ trafficking, drug trafficking, and illegal arms trading. Law enforcement faces significant challenges in identifying specific criminal websites due to the ineffectiveness of traditional investigative techniques. In East Africa, the growth of technology has created economic and social opportunities, but it has also led to increased internet penetration and connectivity, making the region an attractive target for cybercriminals. Compounding the issue are the insufficient readiness of security organizations and a lack of user awareness, which further facilitate cybercrime. This thesis investigates the landscape of cybercrime on the Dark Web, focusing specifically on East African Internet Protocol (IP) address spaces, an area that has been largely under-researched in the existing literature. This research seeks to address a pronounced gap in knowledge regarding the types of illegal activities and associated protocols on the Dark Web, particularly given existing studies’ inadequacies in contextualizing research within East African socio-political frameworks. The research pivots around two key questions: (1) What types of protocols operate through the Dark Web in East African IP address spaces? and (2) What illegal activities are conducted through these protocols? The objectives of this study are multifaceted, aiming to develop a robust methodology for data collection and analysis from Tor exit nodes within the East African, classify the prevalent communication protocols, and categorize the diverse illegal activities identified. Through thorough examination of Tor network traffic, the study reveals crucial patterns, including a dominance of TCP and TLS protocols, smaller percentages using other protocols such as DATA, Bitcoin, HTTP, DNS, and SSH and with illicit activities significantly associated with drug, violence, and software piracy. The findings underscore the pressing need for tailored law enforcement strategies, informed policymaking, and collaborative regional approaches to manage the escalating threats. By innovatively integrating advanced data analytics techniques and multithreaded computing, this thesis provides a unique framework for ongoing cybercrime analysis, enhancing situational awareness for stakeholders and facilitating more effective monitoring of the Dark Web. The implications of this research extend beyond academic inquiry; it offers practical resources for law enforcement agencies, policymakers, and researchers in mitigating cyber threats, thereby contributing to a safer digital environment in East Africa. | |
| dc.identifier.uri | https://etd.aau.edu.et/handle/123456789/7459 | |
| dc.language.iso | en_US | |
| dc.publisher | Addis Ababa University | |
| dc.subject | Darkweb | |
| dc.subject | TOR | |
| dc.subject | TCP | |
| dc.subject | TLS | |
| dc.subject | SSH | |
| dc.subject | Mini-LM | |
| dc.subject | TF/IDF | |
| dc.subject | Cosign | |
| dc.subject | DNS resolution | |
| dc.subject | Scrapping | |
| dc.subject | Wireshark | |
| dc.subject | Elasticsearch | |
| dc.subject | Kibana | |
| dc.title | Identification and Classification of Illegal Dark Web Activities in East Africa Region | |
| dc.type | Thesis |