Anonymity in decentralized apps: Study of implications for cybercrime investigations
DOI:
https://doi.org/10.52756/ijerr.2023.v32.017Keywords:
Anonymous communication, decentralized application, DApps, OSINT, cybercrime investigation, digital evidence, digital forensicsAbstract
In the digital age, cybercrime facilitated by anonymous communication apps raises significant concerns. Criminals exploit the anonymity provided by these apps, creating challenges for law enforcement and cybersecurity professionals when investigating and combating cybercrime. The complexity of decentralized applications (DApps) without centralized servers further complicates evidence certification. Although anonymity features to protect privacy, they impede the establishment of connections between digital accounts and real-world identities. In centralized server environments, data access for investigations is relatively straightforward. However, this study reveals that DApps present challenges due to decentralized control, anonymity, encrypted communication, and jurisdictional issues. DApps designed for anonymous communication allow users to interact without revealing their identities, making it challenging to trace criminals. While cybercrime investigations in centralized environments involve systematic evidence collection, correlation, analyzing communication patterns, collaboration with agencies, tracking IP addresses, legal authorization, and forensic analysis of digital devices, DApps-based investigations require vital intelligence gathering through open-source techniques (OSINT). This includes retrieving digital footprints, analyzing social media profiles, and tracing ownership information. Moreover, investigators may exploit human vulnerabilities, engage in deceptive communication, or use social engineering techniques to gather information while carefully considering the balance between user privacy and investigative requirements. In this study, we explore the many facets of anonymity in DApps and what challenges they impose for the investigation of cybercrime. The anonymity of users and their transactions in the context of new blockchain and decentralized technology presents difficulties for law enforcement. In the end, our research helps shed light on the complex relationship between anonymity in decentralized systems and the need for fairness online.
References
Abbing, R. R., Diehm, C., & Warreth, S. (2023). Decentralised social media. Internet Policy Review, 12(1). https://doi.org/10.14763/2023.1.1681
Abdulaziz, M., Çulha, D., & Yazici, A. (2018). A decentralized application for secure messaging in a trustless environment. 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), 1–5. https://doi.org/10.1109/IBIGDELFT.2018.8625362
Alabdulwahhab, F. A. (2018). Web 3.0: the decentralized web blockchain networks and protocol innovation. 2018 1st International Conference on Computer Applications & Information Security (ICCAIS), 1–4. https://doi.org/10.1109/CAIS.2018.8441990
Azad, I. (2022). An introduction to cryptocurrency investigations. In Privacy, Security And Forensics in The Internet of Things (IoT) (pp. 97–129). Springer. https://doi.org/10.1007/978-3-030-91218-5_5
Brasse, A., & Hyun, S. (2023). Cryptocurrency Exchanges and the Future of Cryptoassets. In The Emerald Handbook on Cryptoassets: Investment Opportunities and Challenges (pp. 341–353). Emerald Publishing Limited. https://doi.org/10.1108/978-1-80455-320-620221022
Cai, W., Wang, Z., Ernst, J. B., Hong, Z., Feng, C., & Leung, V. C. M. (2018). Decentralized applications: The blockchain-empowered software system. IEEE Access, 6, 53019–53033. https://doi.org/10.1109/ACCESS.2018.2870644
Caviglione, L., Wendzel, S., & Mazurczyk, W. (2017). The future of digital forensics: Challenges and the road ahead. IEEE Security & Privacy, 15(6), 12–17. https://doi.org/10.1109/MSP.2017.4251117
Chang, L. Y. C. (2017). Cybercrime and cyber security in ASEAN. Comparative Criminology in Asia, 135–148. https://doi.org/10.1007/978-3-319-54942-2_10
Chougule, H., Dhadiwal, S., Lokhande, M., Naikade, R., & Patil, R. (2022). Digital Evidence Management System for Cybercrime Investigation using Proxy Re-Encryption and Blockchain. Procedia Computer Science, 215, 71–77. https://doi.org/10.1016/j.procs.2022.12.008
Di Stefano, F. (2022). Money laundering in the decentralized era: how blockchain technology enables illicit activities.
Dyson, S., Buchanan, W. J., & Bell, L. (2019). The challenges of investigating cryptocurrencies and blockchain related crime. ArXiv Preprint ArXiv:1907.12221.
Ermoshina, K., Musiani, F., & Halpin, H. (2016). End-to-end encrypted messaging protocols: An overview. Internet Science: Third International Conference, INSCI 2016, Florence, Italy, September 12-14, 2016, Proceedings 3, 244–254. https://doi.org/10.1007/978-3-319-45982-0_22
Goohs Jr, J. A. (2021). Reasonable Expectation of Privacy in an IP Address: The Tor Browser and Other Anonymization Measures. Colum. Undergraduate L. Rev., 18, 127.
Granja, F. M., & Rafael, G. D. R. (2017). The preservation of digital evidence and its admissibility in the court. International Journal of Electronic Security and Digital Forensics, 9(1), 1–18. https://doi.org/10.1504/IJESDF.2017.081749
Hunton, P. (2011). The stages of cybercrime investigations: Bridging the gap between technology examination and law enforcement investigation. Computer Law & Security Review, 27(1), 61–67. https://doi.org/10.1016/j.clsr.2010.11.001
Hwang, Y.-W., Lee, I.-Y., Kim, H., Lee, H., Kim, D., & others. (2022). Current status and security trend of osint. Wireless Communications and Mobile Computing, 2022. https://doi.org/10.1155/2022/1290129
Jeffries, S., & Apeh, E. (2020). Standard operating procedures for cybercrime investigations: a systematic literature review. Emerging Cyber Threats and Cognitive Vulnerabilities, 145–162. https://doi.org/10.1016/B978-0-12-816203-3.00007-1
Jordan, A. (2020). Cybercrime prevention principles for internet service providers.
Kesari, A., Hoofnagle, C., & McCoy, D. (2017). Deterring cybercrime: Focus on intermediaries. Berkeley Tech. LJ, 32, 1093.
Nurmi, J., & Niemelä, M. S. (2017). Tor de-anonymisation techniques. Network and System Security: 11th International Conference, NSS 2017, Helsinki, Finland, August 21-23, 2017, Proceedings 11, 657–671. https://doi.org/10.1007/978-3-319-64701-2_52
Patil, A., Banerjee, S., Jadhav, D., & Borkar, G. (2022). Roadmap of digital forensics investigation process with discovery of tools. Cyber Security and Digital Forensics, 241–269. https://doi.org/10.1002/9781119795667.ch11
Petcu, A., Pahontu, B., Frunzete, M., & Stoichescu, D. A. (2023). A Secure and Decentralized Authentication Mechanism Based on Web 3.0 and Ethereum Blockchain Technology. Applied Sciences, 13(4), 2231. https://doi.org/10.3390/app13042231
Pop, C., Cioara, T., Anghel, I., Antal, M., & Salomie, I. (2020). Blockchain based decentralized applications: Technology review and development guidelines. ArXiv Preprint ArXiv:2003.07131.
Rahmadika, S., Firdaus, M., Lee, Y.H., & Rhee, K.H. (2021). An Investigation of Pseudonymization Techniques in Decentralized Transactions. J. Internet Serv. Inf. Secur., 11(4), 1–18.
Raj, K. (2019). Foundations of blockchain: the pathway to cryptocurrencies and decentralized blockchain applications. Packt Publishing Ltd.
Ranakoti, P., Yadav, S., Apurva, A., Tomer, S., & Roy, N. R. (2017). Deep web & online anonymity. 2017 International Conference on Computing and Communication Technologies for Smart Nation (IC3TSN), 215–219. https://doi.org/10.1109/IC3TSN.2017.8284479
Redford, M. (2011). US and EU Legislation on Cybercrime. 2011 European Intelligence and Security Informatics Conference, 34–37. https://doi.org/10.1109/EISIC.2011.38
Reedy, P. (2020). Interpol review of digital evidence 2016-2019. Forensic Science International: Synergy, 2, 489–520. https://doi.org/10.1016/j.fsisyn.2020.01.015
Santamaria, P., Tobarra, L., Pastor-Vargas, R., & Robles-Gómez, A. (2023). Smart Contracts for Managing the Chain-of-Custody of Digital Evidence: A Practical Case of Study. Smart Cities, 6(2), 709–727. https://doi.org/10.3390/smartcities6020034
Schwerha, J. J. (2004). Cybercrime: legal standards governing the collection of digital evidence. Information Systems Frontiers, 6, 133–151. https://doi.org/10.1023/B:ISFI.0000025782.13582.87
Shah, A., & Chudasama, D. (2021). Investigating Various Approaches and Ways to Detect Cybercrime. Journal of Network Security, 9(2), 12–20.
Shen, M., Zhang, J., Zhu, L., Xu, K., & Du, X. (2021). Accurate decentralized application identification via encrypted traffic analysis using graph neural networks. IEEE Transactions on Information Forensics and Security, 16, 2367–2380. https://doi.org/10.1109/TIFS.2021.3050608
Sorbán, K. (2019). The role of Internet intermediaries in combatting cybercrime: Organisation and liabilities. Central and Eastern European EDem and EGov Days, 19–31. https://doi.org/10.24989/ocg.v335.1
Wang, S.Y. K., Hsieh, M.L., Chang, C. K.M., Jiang, P.S., & Dallier, D. J. (2021). Collaboration between law enforcement agencies in combating cybercrime: Implications of a Taiwanese case study about ATM hacking. International Journal of Offender Therapy and Comparative Criminology, 65(4), 390–408. https://doi.org/10.1177/0306624X20952391
Wu, K., Ma, Y., Huang, G., & Liu, X. (2021). A first look at blockchain-based decentralized applications. Software: Practice and Experience, 51(10), 2033–2050. https://doi.org/10.1002/spe.2751
Yeboah-Ofori, A., & Brown, A. D. (2020). Digital forensics investigation jurisprudence: issues of admissibility of digital evidence. Journal of Forensic, Legal & Investigative Sciences, 6(1), 1–8. https://doi.org/10.24966/FLIS-733X/100045
Yue, K., Zhang, Y., Chen, Y., Li, Y., Zhao, L., Rong, C., & Chen, L. (2021). A survey of decentralizing applications via blockchain: The 5G and beyond perspective. IEEE Communications Surveys & Tutorials, 23(4), 2191–2217. https://doi.org/10.1109/COMST.2021.3115797
Zheng, P., Jiang, Z., Wu, J., & Zheng, Z. (2023). Blockchain-based Decentralized Application: A Survey. IEEE Open Journal of the Computer Society. https://doi.org/10.1109/OJCS.2023.3251854
Downloads
Published
How to Cite
Issue
Section
