Analysis And Research On Threat Intelligence Of Dark Net

With the development of Internet technology,dark net and deep net have been paid more and more attention because of their anonymity and high value of data content.However,the illegal abuse of the dark net seriously harms the security of personal information and national network.Therefore,it is an urgent work to study the threat intelligence of dark net,which has certain value of scientific research and application.At present,there are some problems in the research of dark net,such as difficult collection of domain name address,complex data type,etc.In addition,although researchers have made good achievements in the theory and algorithm of related problems,few researches have put forward solutions to the realization of the complete system.To solve these problems,this paper proposes a dark net threat intelligence detection framework.The framework mainly includes domain name address collection module,dark net data crawling module and dark net threat intelligence analysis module.Among them,the dark net threat intelligence detection is realized by designing domain name address collector,designing key search algorithm,designing crawler frame and improving Page Rank algorithm.The specific research contents mainly include the following aspects:First,as to the problem of the dark net domain name address collection,two aspects are studied in the domain name address collection module: According to the design idea of onionrunner,the core detection function of domain name address is realized by using onionscan in Python;an improved keyword search algorithm is proposed to solve the problem that the number of searching keywords is limited and the address can not be collected comprehensively.The Algorithm not only considers the effect of the first 16 bytes on the address collection,but also finds the rule of suffix domain name through statistical analysis,and designs suffix domain name.Secondly,for the data analysis module of the dark net,we determine the classification model by comparing the common machine learning algorithms to realize the classification of dark net data,and analyze the main components and characteristics of illegal activities;at the same time,in order to improve the priority of the detection and analysis of the home page in the dark net,the improved Page Rank algorithm andthe new calculation formula of Page Rank value are given combined with the characteristics of the dark net.Finally,the validity of the detection framework is verified by experiments.For the address collection,and the designed automatic domain name address collector is faster than the traditional onionrunner.The designed keyword search algorithm also found 5more than the original 26;At the same time,it was found that the improved Page Rank algorithm had more dark web home pages for the same data.Experiments show that the framework is effective and practical,which can effectively detect the dark net space and analyze the main components of illegal activities.