DarkBot an automated threat intelligence system

The propose system is based upon the concept of automation in the field of threat intelligence over the darknet. There are two kind of users; one is the super user (who will be admin) and other is a normal end user. The super user will have control over the login credentials allotted to an end user.

Project Title

DarkBot an automated threat intelligence system

Project Area of Specialization

Cyber Security

Project Summary

The propose system is based upon the concept of automation in the field of threat intelligence over the darknet. There are two kind of users; one is the super user (who will be admin) and other is a normal end user. The super user will have control over the login credentials allotted to an end user. He will also be able to monitor the activities of the end users. While on the other hand, the end user will use our web-based interface to login to and interact with the system. There will be a private dashboard where the concerned person will be able to query. The query can be a domain name, bank account info, BIN number, company name or email id. The system will query, and all the dark sites, channels and forums fed to it to find the matching results. This would be done by using a dynamic crawler over the TOR network. The matching results will be returned to dashboard. These can be represented graphically with respect to date, time and channel info. It will also show all the seller info found from the dark web forum. This info can be seller’s contact details/Bitcoin Wallet ID. This info can be used to track and identify the persons with illegal access to their data. The graphical representation of compromised data gives the users an idea about the vulnerabilities in their system. The end user can keep the record of the query results by using ‘Report Generation feature’. This feature will generate a detailed report of the results after doing analysis of the extracted information. This system has also some limitations like it does not provide the end user with an option to make a customized search; there will be no option for the user to search a query over normal site to check either same data is being used on any network instead of a dark web.

Project Objectives

The proposed system will be able to provide solution to the prevailing security problems mentioned above. It will cover almost all the forums and channels from the dark web as well as deep web. It will crawl over all the pages of the dark sites fed to the system to find the matching results for the input query of the end user. If some results are found, the system will then analyze those results and purify them to extract some useful information from those results. These results will also contain the seller info like contact no and his Bitcoin wallet ID provided by him on the forum. The end-user will be able to see the final purified form of the results. The end user will be able to visualize the results in graphical form. The seller info/Bitcoin Wallet ID will be used for tracking the persons with unauthorized access to take legal actions against them. Finally, the organization will also further measures to improve their security systems and prevent data leakage. Secondly, the proposed system will be hosted from within Pakistan and also it will be maintained and regularly updated. So, it will be the first ever automated threat intelligence engine useful for the banks in Pakistan.

Project Implementation Method

For design methodology, we have chosen Object Oriented Design. With the help of OOP design, we can achieve abstraction and modularity. The reason why we choose OOP is that with OOP designing, we can reuse our code through inheritance and can have effective problem solving technique. Secondly, procedural approach was used where OOP was not found suitable.

For software process model, we will be using Incremental Development Model. The main advantage of Incremental Model is that it is flexible and we can change requirements easily. With Incremental Model, system development will be broken into small projects and allow us to divide the project requirements in accordance with the modules that needs to satisfy those requirements.

Benefits of the Project

Advantages of the proposed system (DarkBot) are:

1. It will save time of banking organizations by automating the process of finding any data leakage in their system.
2. It will update threat data automatically in real-time to make decision making easy.
3. It will reduce the cost of manual labor and other resources to find threats.
4. The end-users will be able to keep record of one-time search results by using report generation feature.
5. The end users will not only get info about the data being leaked but will also get info about the sellers of the data, their wallet info etc.
6. An organization will also be able to take legal actions against the sellers of the leaked data.

Technical Details of Final Deliverable

Finally, it will be a web based system which will be hosted on a linux based server with tor services ready on it. The authenticated users will be able to search a query over the darnet and find possible threats. The query can be a bank name, bank BIN number, account number, email id, debit/credit card numbers.

Final Deliverable of the Project

Software System

Type of Industry

Security

Technologies

Others

Sustainable Development Goals

Partnerships to achieve the Goal

Required Resources

If you need this project, please contact me on contact@adikhanofficial.com