Darkweb also called as sinkholes, blackholes, network telescopes, and darknet is the environment and the most favorable platform for illegal activities due to hidden IP address and therefore counted as unused address space, which is not available for normal user, and the anonymous behavior acts as catalyst for criminal or unauthorized behavior conduction. It is very difficult to suddenly trace the location of malicious activity origin but by traffic analysis and understanding the patterns, suspicious activities including email communication, audio–video streaming, chatting P2P, browsing data, chatting, and voice over Internet protocol constitute the hidden world web traffic. Several methods have been deployed to analysis and classify darkweb network traffic. The proposed work detects worms, dos attack, backdoor, DDos attack, RDoS attack, spam, and malicious contents. In the proposed work, term frequency-inverse document frequency (TF-IDF) and light gradient boosted machine algorithm method has been implemented on darknet traffic data. The light gradient boosted machine algorithm shows the value of 98.97% as accuracy and thus outperforms the other algorithms based on experiment values.