Ok while we are not going to even attempt to define the first two we can cover the last. The Darknet is a part of the internet that exists outside the “normal” internet. It is an IP only network of typically unused IP addresses. An IP address is the numeric address of a computer system on a network. When you browse to a website the name you type in is translated to an IP address by the Domain Name System. The use of DNS names is what most call the “real” internet.
Now sometimes malicious individuals (or governments and their agencies) will hijack an owned, but unused IP address for the purpose of controlling, spreading or monitoring malware. These IP addresses have also been used by people wanting to distribute illegal material over the internet. Some even believe that the Dark Net is where piracy starts as it trickles down to other sites and services like torrent and P2P file sharing.
Now researchers at NICT (National Institution for Communications Technology) in Japan have found a method to track and identify traffic going from the internet to those unused IP addresses. The technology that allows someone to track the packets as they move through the internet is nothing new and there are a multitude of products that will let you do this. Even your most basic home router can show you where your traffic is going. The problem is not the monitoring, but finding a way to make the information easy to read and informative enough that you will know then there is a real threat and when it is just random traffic.
The new system is called Daedalus (Direct Alert Environment for Darknet and Livenet Unified Security) is an alerting system that monitors and visualizes two existing tools nicter and the Darknet Observation Network. These two tools monitor traffic between the regular internet and the Darknet in real time. The system is looking for specific traffic between the two networks in order to identify the beginnings of a potential security threat (like a virus or an established attack).
Daedalus (as we have already mentioned) is a visualization tool for these two tools. It provides a 3D interface to show what is going on in the monitored networks (these are networks that have been added and not the entire internet). Right now the system monitors around 190,000 IP addresses, both used and unused. NICT will be providing these tools to universities in Japan for free, but has apparently singed a commercial contract with Clwit, an internet security company, that will integrate this with their SiteVisor product.
The video on this is pretty impressive as are the real-time alerts that pop up, but what interests me more is the potential for this product to be used for more than security. We are pretty sure that there are other applications like Daedalus that may already be in place that provide a visual representation of traffic on the internet what uses those are being put to is anyone’s guess.
Picture, video and srouce Diginfo.tv
Discuss this in our Forum
Final question!
At the end of Marvin’s (the Paranoid Android) looooooong life what part had not been replaced? Email this to us at