TOR is an overlay network that enables anonymous communication between applications that communicate over TCP. This network serves hundreds of thousands of users, allowing them to decide when they wish to be identified, thus keeping their online data from being tracked and protecting the privacy of their activities against third-party tracking attempts. Despite being used mainly to avoid online censorship in countries under dictatorial regimes, this anonymity network is also used for cybercrime, such as sending SPAM and DDoS attacks. In this context, the project sought to provide a solution to the growing traffic of malicious code that is being sent over the network. The goal of this initiative was to research methods and techniques for protecting the TOR network against malicious traffic, while maintaining the privacy and anonymity of harmless traffic. As a result, the University of Campinas developed a platform to analyze malicious traffic in the Deep Web with a 98% level of accuracy in identifying traffic connected to cybercrime.