{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T16:14:57Z","timestamp":1774368897341,"version":"3.50.1"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031710247","type":"print"},{"value":"9783031710254","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-71025-4_14","type":"book-chapter","created":{"date-parts":[[2025,1,6]],"date-time":"2025-01-06T07:46:03Z","timestamp":1736149563000},"page":"271-290","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Honeypot-Based Data Collection for Dark Web Investigations Using the Tor Network"],"prefix":"10.1007","author":[{"given":"Krishan Pal","family":"Singh","sequence":"first","affiliation":[]},{"given":"Emmanuel","family":"Pilli","sequence":"additional","affiliation":[]},{"given":"Vijay","family":"Laxmi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,1,7]]},"reference":[{"key":"14_CR1","doi-asserted-by":"crossref","unstructured":"A. Alaidi, R. Alairaji, S. Alrikabi, I. Aljazaery and S. Abbood, Dark Web illegal activities crawling and classifying using data mining techniques, International Journal of Interactive Mobile Technologies, vol. 16(10), pp. 122\u2013139, 2022.","DOI":"10.3991\/ijim.v16i10.30209"},{"key":"14_CR2","unstructured":"F. Astolfi, J. Kroese and J. Van Oorschot, I2P \u2013 The Invisible Internet Project, Web Technology Report, Media Technology, Leiden University, Leiden, The Netherlands, 2015."},{"key":"14_CR3","doi-asserted-by":"crossref","unstructured":"O. Bamsey and R. Montasari, A critical analysis of the Dark Web challenges to digital policing, in Social Media Analytics, Strategies and Governance, H. Jahankhani, S. Kendzierskyj, R. Montasari and N. Chelvachandran (Eds.), CRC Press, Boca Raton, Florida, pp. 192\u2013202, 2022.","DOI":"10.1201\/9781003243748-9"},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"O. Catakoglu, M. Balduzzi and D. Balzarotti, Attack landscape in the dark side of the web, Proceedings of the Symposium on Applied Computing, pp. 1739\u20131746, 2017.","DOI":"10.1145\/3019612.3019796"},{"key":"14_CR5","doi-asserted-by":"crossref","unstructured":"J. Chan, S. He, D. Qiao and A. Whinston, Shedding light on the dark: The impact of legal enforcement on Darknet transactions, Information Systems Research, vol. 35(1), pp. 145\u2013164, 2023.","DOI":"10.1287\/isre.2023.1222"},{"key":"14_CR6","doi-asserted-by":"crossref","unstructured":"I. Clarke, O. Sandberg, B. Wiley and T. Hong, Freenet: A distributed anonymous information storage and retrieval system, in Designing Privacy-Enhancing Technologies, H. Federrath (Ed.), Springer, Berlin Heidelberg, Germany, pp. 46\u201366, 2001.","DOI":"10.1007\/3-540-44702-4_4"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"R. Dingledine, N. Mathewson and P. Syverson, Tor: The second-generation Onion Router, Proceedings of the Thirteenth USENIX Security Symposium, pp. 303\u2013320, 2004.","DOI":"10.21236\/ADA465464"},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"W. Fan, Z. Du, D. Fernandez and V. Villagra, Enabling an anatomic view to investigate honeypot systems: A survey, IEEE Systems Journal, vol. 12(4), pp. 3906\u20133919, 2018.","DOI":"10.1109\/JSYST.2017.2762161"},{"key":"14_CR9","doi-asserted-by":"crossref","unstructured":"F. Gallo-Serpillo and J. Valls-Prieto, Analysis of CSEM offenders on the Dark Web using honeypots to geolocate IP addresses from Spain, Computers in Human Behavior, vol. 154, article no. 108137, 2024.","DOI":"10.1016\/j.chb.2024.108137"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"M. Ghanem, P. Mulvihil, K. Ouazzane, R. Djemai and D. Dunsin, D2WFP: A novel protocol for forensically identifying, extracting and analyzing Deep and Dark Web browsing activities, Journal of Cybersecurity and Privacy, vol. 3(4), pp. 808\u2013829, 2023.","DOI":"10.3390\/jcp3040036"},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"A. Ghourabi, T. Abbes and A. Bouhoula, Characterization of attacks collected from the deployment of a web service honeypot, Security and Communication Networks, vol. 7(2), pp. 338\u2013351, 2014.","DOI":"10.1002\/sec.737"},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"K. Godawatte, M. Raza, M. Murtaza and A. Saeed, Dark Web along with Dark Web marketing and surveillance, Proceedings of the Twentieth International Conference on Parallel and Distributed Computing, Applications and Technologies, pp. 483\u2013485, 2019.","DOI":"10.1109\/PDCAT46702.2019.00095"},{"key":"14_CR13","doi-asserted-by":"crossref","unstructured":"M. Hatta, Deep Web, Dark Web, Dark Net: A taxonomy of the \u201chidden\u201d Internet, Annals of Business Administrative Science, vol. 19(6), pp. 277\u2013292, 2020.","DOI":"10.7880\/abas.0200908a"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"C. Horan and H. Saiedian, Cyber crime investigation: Landscape, challenges and future research directions, Journal of Cybersecurity and Privacy, vol. 1(4), pp. 580\u2013596, 2021.","DOI":"10.3390\/jcp1040029"},{"key":"14_CR15","doi-asserted-by":"crossref","unstructured":"Y. Hu, F. Zou, L. Li and P. Yi, Traffic classification of user behaviors in Tor, I2P, ZeroNet and Freenet, Proceedings of the Nineteenth International Conference on Trust, Security and Privacy in Computing and Communications, pp. 418\u2013424, 2020.","DOI":"10.1109\/TrustCom50675.2020.00064"},{"key":"14_CR16","doi-asserted-by":"crossref","unstructured":"A. Jadoon, W. Iqbal, M. Amjad, H. Afzal and Y. Bangash, Forensic analysis of the Tor browser: A case study for privacy and anonymity on the web, Forensic Science International, vol. 299, pp. 59\u201373, 2019.","DOI":"10.1016\/j.forsciint.2019.03.030"},{"key":"14_CR17","doi-asserted-by":"crossref","unstructured":"D. Kavallieros, D. Myttas, E. Kermitsis, E. Lissaris, G. Giataganas and E. Darra, Understanding the Dark Web, in Dark Web Investigation, B. Akhgar, M. Gercke, S. Vrochidis and H. Gibson (Eds.), Springer, Cham, Switzerland, pp. 3\u201326, 2021.","DOI":"10.1007\/978-3-030-55343-2_1"},{"key":"14_CR18","doi-asserted-by":"crossref","unstructured":"I. Koniaris, G. Papadimitriou, P. Nicopolitidis and M. Obaidat, Honeypot deployment for the analysis and visualization of malware activity and malicious connections, Proceedings of the IEEE International Conference on Communications, pp. 1819\u20131824, 2014.","DOI":"10.1109\/ICC.2014.6883587"},{"key":"14_CR19","doi-asserted-by":"crossref","unstructured":"D. Laferriere and D. Decary-Hetu, Examining the uncharted Dark Web: Trust signaling in single vendor shops, Deviant Behavior, vol. 44(1), pp. 37\u201356, 2023.","DOI":"10.1080\/01639625.2021.2011479"},{"key":"14_CR20","doi-asserted-by":"crossref","unstructured":"F. Lamy, R. Daniulaityte and S. Dudley \u201cPressed OXY M30 pills, Great press, potent, fast shipping!!!\u201d Availability of counterfeit and pharmaceutical oxycodone pills in one major cryptomarket, Journal of Psychoactive Drugs, vol. 56(1), pp. 1\u20137, 2023.","DOI":"10.1080\/02791072.2023.2176954"},{"key":"14_CR21","doi-asserted-by":"crossref","unstructured":"A. Mairh, D. Barik, K. Verma and D. Jena, Honeypots in network security: A survey, Proceedings of the International Conference on Communication, Computing and Security, pp. 600\u2013605, 2011.","DOI":"10.1145\/1947940.1948065"},{"key":"14_CR22","doi-asserted-by":"crossref","unstructured":"I. Mokube and M. Adams, Honeypots: Concepts, approaches and challenges, Proceedings of the Forty-Fifth Annual Southeast Regional Conference, pp. 321\u2013326, 2007.","DOI":"10.1145\/1233341.1233399"},{"key":"14_CR23","doi-asserted-by":"crossref","unstructured":"C. Moore, Detecting ransomware with honeypot techniques, Proceedings of the Cybersecurity and Cyberforensics Conference, pp. 77\u201381, 2016.","DOI":"10.1109\/CCC.2016.14"},{"key":"14_CR24","doi-asserted-by":"crossref","unstructured":"J. Moubarak and C. Bassil, On Darknet honeybots, Proceedings of the Fourth Cyber Security in Networking Conference, 2020.","DOI":"10.1109\/CSNet50428.2020.9265528"},{"key":"14_CR25","doi-asserted-by":"crossref","unstructured":"C. Murty, H. Rana, R. Verma, R. Pathak and P. Rughani, Building an AI\/ML-based classification framework for Dark Web text data, Proceedings of the International Conference on Computing and Communication Networks, pp. 93\u2013111, 2022.","DOI":"10.1007\/978-981-19-0604-6_9"},{"key":"14_CR26","doi-asserted-by":"crossref","unstructured":"S. Nazah, S. Huda, J. Abawajy and M. Hassan, Evolution of Dark Web threat analysis and detection: A systematic approach, IEEE Access, vol. 8, pp. 171796\u2013171819, 2020.","DOI":"10.1109\/ACCESS.2020.3024198"},{"key":"14_CR27","doi-asserted-by":"crossref","unstructured":"A. Nursetyo, D. Setiadi, E. Rachmawanto and C. Sari, Website and network security techniques against brute force attacks using honeypots, Proceedings of the Fourth International Conference on Informatics and Computing, 2019.","DOI":"10.1109\/ICIC47613.2019.8985686"},{"key":"14_CR28","unstructured":"Z. Omar and J. Ibrahim, An overview of Darknet, rise and challenges and its assumptions, International Journal of Computer Science and Information Technology, vol. 8(3), pp. 110\u2013116, 2020."},{"key":"14_CR29","doi-asserted-by":"crossref","unstructured":"T. Pavel, Malicious financial activities in the Dark Web \u2013 Prevailing information and knowledge, in Cyber Laundering: International Policies and Practices, N. Rebe (Ed.), World Scientific, London, United Kingdom, pp. 145\u2013173, 2023.","DOI":"10.1142\/9781800612839_0006"},{"key":"14_CR30","doi-asserted-by":"crossref","unstructured":"L. Poe, Cybercrime in the age of digital transformation, rising nationalism and the demise of global governance, in Modern Police Leadership, M. Roycroft and L. Brine (Eds.), Palgrave Macmillan, Cham, Switzerland, pp. 109\u2013126, 2021.","DOI":"10.1007\/978-3-030-63930-3_11"},{"key":"14_CR31","doi-asserted-by":"crossref","unstructured":"G. Sadasivam, C. Hota and B. Anand, Detection of severe SSH attacks using honeypot servers and machine learning techniques, Journal of Software Networking, vol. 2017(1), pp. 79\u2013100, 2017.","DOI":"10.13052\/jsn2445-9739.2017.005"},{"key":"14_CR32","doi-asserted-by":"crossref","unstructured":"J. Saleem, R. Islam and M. Kabir, The anonymity of the Dark Web: A survey, IEEE Access, vol. 10, pp. 33628\u201333660, 2022.","DOI":"10.1109\/ACCESS.2022.3161547"},{"key":"14_CR33","doi-asserted-by":"crossref","unstructured":"F. Tazi, S. Shrestha, J. De La Cruz and S. Das, SoK: An evaluation of the secure end user experience on the Dark Net through systematic literature review, Journal of Cybersecurity and Privacy, vol. 2(2), pp. 329\u2013357, 2022.","DOI":"10.3390\/jcp2020018"},{"key":"14_CR34","doi-asserted-by":"crossref","unstructured":"E. Vasilomanolakis, S. Karuppayah, P. Kikiras and M. Muhlhauser, A honeypot-driven cyber incident monitor: Lessons learned and steps ahead, Proceedings of the Eighth International Conference on Security of Information and Networks, pp. 158\u2013164, 2015.","DOI":"10.1145\/2799979.2799999"},{"key":"14_CR35","doi-asserted-by":"crossref","unstructured":"L. Waller, S. Johnson, N. Satchell, D. Gordon, G. Daley, H. Reid, K. Fender, P. Llewellyn, L. Smyle and P. Linton, Woe is the Dark Web: The main challenges that governments of the Commonwealth Caribbean will face in combating Dark-Web-facilitated criminal activities, Transforming Government: People, Process and Policy, vol. 17(1), pp. 87\u2013100, 2023.","DOI":"10.1108\/TG-06-2022-0082"},{"key":"14_CR36","doi-asserted-by":"crossref","unstructured":"S. Wang, Y. Gao, J. Shi, X. Wang, C. Zhao and Z. Yin, Look deep into the new deep network: A measurement study on the ZeroNet,  Proceedings of Twentieth International Conference on Computational Science, pp. 595\u2013608, 2020.","DOI":"10.1007\/978-3-030-50371-0_44"},{"key":"14_CR37","doi-asserted-by":"crossref","unstructured":"P. William, M. Jawale, A. Pawar, R. Bibave and P. Narode, Systematic approach for detection and assessment of Dark Web threat evolution, in Using Computational Intelligence for the Dark Web and Illicit Behavior Detection, R. Rawat, U. Kaur, S. Khan, R. Sikarwar and K. Sankaran (Eds.), IGI Global, Hershey, Pennsylvania, pp. 230\u2013256, 2022.","DOI":"10.4018\/978-1-6684-6444-1.ch013"},{"key":"14_CR38","doi-asserted-by":"crossref","unstructured":"R. Zeid, J. Moubarak and C. Bassil, Investigating the Darknet, Proceedings of the International Wireless Communications and Mobile Computing Conference, pp. 727\u2013732, 2020.","DOI":"10.1109\/IWCMC48107.2020.9148422"}],"container-title":["IFIP Advances in Information and Communication Technology","Advances in Digital Forensics XX"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-71025-4_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,22]],"date-time":"2025-04-22T11:14:55Z","timestamp":1745320495000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-71025-4_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031710247","9783031710254"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-71025-4_14","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"value":"1868-4238","type":"print"},{"value":"1868-422X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"7 January 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DigitalForensics","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Digital Forensics","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"New Delhi","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 January 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 January 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"digitalforensics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ifip119.org\/Conferences\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}