Indexed in

License and use

Citations

Altmetrics

Grant support

This work was partly supported by the funding received from the European Commission under the Horizon 2020 Programme (H2020) through the HEROES project (https://heroes-fct.eu/, Grant Agreement no. 101021801). In particular, Y.W. received travel funding to present the original paper at the 2024 European Interdisciplinary Cybersecurity Conference (EICC '24). B.A. and Y.W. are colleagues of one of the Special Issue Editors (S.L.), while J.H-C. is a former colleague of S.L. Additionally, B.A. collaborated with one of the other Special Issue Editors (M.S.) as Programme Committee Co-Chairs of a conference in 2023.

Analysis of institutional authors

Share

Secure in the dark? An in-depth analysis of dark web markets security

Publicated to:International Journal Of Information Security. 24 (3): 107- - 2025-06-01 24(3), DOI: 10.1007/s10207-025-01015-1

Authors: Wang, Yichao; Arief, Budi; Hernandez-Castro, Julio

Affiliations

Abstract

As the name implies, dark web markets-also commonly known as anonymous markets-have put in place measures for protecting the privacy of its users, both sellers and buyers, as this is a key priority that can attract users worldwide. With the rapid growth of dark web markets, competition among them has become more intense. In this environment, malicious attacks targeting competitors-for instance, aimed at reducing the availability of rivals' services-have also become more common. These attacks not only affect other services' availability and accessibility, but they may also lead to personal and private information being leaked. As such, it is understandable that dark web markets may want to implement strong security mechanisms to protect themselves and their users from both law enforcement and other operators. This is particularly true as good security can be a matter of survival but also help to gain a competitive edge over rivals. Although the literature has analysed and described dark web markets from multiple perspectives, there is still a gap in the understanding of the different security mechanisms they deploy. Furthermore, data collection-which is often considered a challenge in this research area-may be hindered by these very security mechanisms. Therefore, and in order to cover this gap, the study presented in this paper aims to investigate in depth the security mechanisms of various dark web markets. This will hopefully help to shed a brighter light on their operation. To achieve this, we performed data collection and experiments in twelve dark web markets. Although data collection practices may need to vary slightly for each market, all the data was collected over the span of four months, between May and August 2023. We found there are three main groups of security mechanisms in dark web markets: (1) those aimed towards increasing web security, (2) those mostly aimed at improving account security, and (3) those related to financial security. In addition, it is interesting to note that different types of security mechanisms on a given market may reflect the operator's business philosophy, technical knowledge and security posture, which in turn could have a big impact on the longevity, profitability and overall success of a particular market. The results of this study can help the academic and security research communities to understand the operation and evolution of dark web markets, hopefully to combat the crimes facilitated by these dark web markets more effectively. Additionally, findings in this study may provide some clues on how to improve the efficiency of data collection in this particularly hostile environment.

Keywords