#HITBGSEC - Dr. Marco Balduzzi & Dr. Vincenzo Ciancaglini - Cybercrime In The Deep Web





The interactive transcript could not be loaded.


Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 11, 2015


All content not indexed by traditional web-based search engines is known as the DeepWeb.

Wrongly been associated uniquely with the Onion Routing (TOR), the DeepWeb’s ecosystem comprises a number of other anonymous and decentralized networks. The Invisible Internet Project (I2P), FreeNET and Alternative Domain Names (like Name.Space and OpenNic) are examples of networks leveraged by bad actors to host malware, high-resilient botnets, underground forums and bitcoin-based cashout systems (e.g., for cryptolockers).

We designed and implemented a prototype system called DeWA for the automated collection and analysis of the DeepWeb, with the goal of quickly identifying new threats as soon they appear.

In this talk, we provide concrete examples of how using DeWA to detect, e.g., trading of illicit and counterfeit goods, underground forums, privacy leaks, hidden dropzones, malware hosting and TOR-based botnets.

Dr. Marco Balduzzi holds a Ph.D. in applied IT security from Télécom ParisTech and a M.Sc. in computer engineering from the University of Bergamo.

His interests concern all aspect of computer security, with particular emphasis on real problems that affect systems and networks. Some topics on which he worked on are web and browser security, code analysis, botnets detection, cybercrime investigation, privacy and threats in social networks, malware and intrusion detection systems.

He has been involved in IT security for more than 10 years with international experiences in both industrial and academic fields. He previously worked as security consultant and engineer for different companies, before joining the International Secure Systems Lab and then Trend Micro Research as senior research scientist.

His work has been published in top peer-reviewed conferences, e.g. NDSS, RAID and DIMVA, and he spoke in the major security venues like Black Hat, Hack In The Box and OWASP AppSec. His applied research has been acknowledged and published by important media such as Forbes, The Register, Slashdot, InfoWorld and DarkReading.

He is now part of the review board of different conferences, including OWASP AppSec Research, Hack In The Box, DIMVA and others.

Dr. Vincenzo Ciancaglini got a M.Sc. in Telecommunications Engineering from the Politecnico of Turin and a M.Sc. in Electrical Engineering, Wireless Systems, from the Royal Institute of Technology in Stockholm, Sweden.

For some years he has worked as a developer in a travel IT company in Sophia Antipolis, France, a period during which he also took part in the foundation of a research and innovation lab within his company, where he was responsible for analysing new upcoming technologies and their potential business developments.

In the period 2009-2013 he obtained his Ph.D. from the National Research Institute in Automation and Computer Science (INRIA) in Sophia Antipolis, with a thesis about peer-to-peer networks interoperability and next-generation internet protocols.

Since 2012 he works in Trend Micro as a research scientist within the Forward-Looking Threat Research team (FTR), a team distributed all over the world, responsible for performing technological scouting and investigation on cyber-criminal activities, and their potential development in the coming years. His duties in the team go from the development of new data analytics prototypes to identify targeted attacks to the research on new encrypted networks (Darkweb), and also research on the Internet of Things (IoT).


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...