Darknet Series: What is the Darknet?

This is the first in a series of blog posts on the basics of the darknet. At the end of this series, you will have a better understanding of the darknet and its history, who uses the darknet and why, why organizations need to care about the darknet, the power of DARKINT and more.


The internet has become a baseline requirement to conducting business. Whether checking email, catching up on industry news or accessing customer information, most of us use the internet throughout the day, every day, in a variety of capacities. But, do we understand how it works? In order to better explain the darknet, let’s start with a brief overview of the internet.

The term internet is short for internetwork, a system created by connecting a number of computer networks together. An internet allows for communication between devices that are a part of that internetwork.

The internet, which until recently was denoted by a capital “I”, is the most well-known example of an internetwork. This is the internet that we find indispensable to our daily lives, and it links billions of devices across the world through a network of networks using standardized procedures or protocol.

Browsing websites on the web is not the only way in which information is shared via the internet. Email, instant messaging, and FTP are other ways to share information like emails, messages, and files.

To clarify, the web is not synonymous with the internet and should not be confused with it. The web is simply a way of accessing webpages over the medium of the internet.

The Surface Web

The websites we browse each day make up only a small percentage of the internet. These sites, collectively known as the surface web, are visible and accessible to common search engines such as Google and Yahoo. While estimates vary, many experts agree that the surface web comprises roughly 4% of all online content.

A simple version of the classic iceberg diagram used to explain the surface web, deep web and darknet. 

A simple version of the classic iceberg diagram used to explain the surface web, deep web and darknet. 

Below the Surface

Beyond the surface web, 96% of online content is found in the deep web and the darknet.

The Deep Web

The deep web consists of content that cannot be found or directly accessed via surface web search engines such as Google and Yahoo. Examples of deep web sites include websites that require credentials (registration and login), unlinked sites that require a direct link to access, sites that are purposefully designed to keep search crawlers out, and databases - the majority of content in the deep web. 

Deep web databases commonly have their own search functionality which allows users to access the data contained within them. Government databases, patient medical records, and library catalogs are just a few examples of deep web databases. While these databases do not have to require login credentials, many of them do.

The Darknet + The Dark Web

Beyond the deep web is the darknet. The darknet is a network, built on top of the internet, that is purposefully hidden, meaning it has been designed specifically for anonymity. Unlike the dark web, the darknet is only accessible with special tools and software - browsers and other protocol beyond direct links or credentials. You cannot access the darknet by simply typing a dark web address into your web browser. 

Above we mention that the internet we refer to and use daily is the most well-known example of an internet. Similarly, below are several examples of darknets (each links to more information):

  • Tor, or The Onion Router, is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Users connect through a series of virtual tunnels rather than making a direct connection. 
  • I2P, or the Invisible Internet Project, is an anonymous overlay network - a network within a network - intended to protect communication from surveillance and monitoring. 
  • Freenet is free software which allows users to anonymously share files, browse and publish "freesites" (web sites accessible only through Freenet) and chat on forums. Communications by Freenet nodes are encrypted and are routed through other nodes to make it extremely difficult to determine who is requesting the information and what its content is.
  • DN42 is an example of a darknet, a routing protocol, that is not necessarily meant to be secret - its aim is to explore internet routing technologies.

We'll use Tor, perhaps the most well-known and most-used, to better explain the darknet and dark web. Tor, short for The Onion Router (the project's original name), routes traffic to dark web sites through layers of encryption to allow for anonymity. The term dark web refers to websites on a darknet. In Tor's case, these dark web addresses all end in .onion. 

Onion routing is implemented by encryption, nested like the layers of an onion. Tor encrypts the data, including the destination, multiple times and sends it through a circuit of randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in order to pass the remaining encrypted data on. The final Tor relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source address.

The other darknets mentioned above employ similar methods of data transmission, all with the end goal of keeping users, usage, and information anonymous.

Here at OWL Cybersecurity, we're more than happy to answer your questions about the darknet, dark web, deep web and surface web.

Our goal, in addition to providing DARKINT and our darknet security solutions, is to educate you!