Authors : K. Rama Aditya; B. Sathyanarayana Murthy; Dr. Chandramouli Venkatasrinivas Akana

Volume/Issue : Volume 9 - 2024, Issue 9 - September

Google Scholar : https://tinyurl.com/5n724e9n

Scribd : https://tinyurl.com/2t6r37p6

DOI : https://doi.org/10.38124/ijisrt/IJISRT24SEP340

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Abstract : The important work of classifying network traffic for control and monitoring is examined in this study. Data protection has taken centre stage as privacy concerns have grown over the last two decades. Online privacy is possible through the Tor network, which is well-known for enabling Onion Services and offering user anonymity. But the abuse of this anonymity—especially with Onion Services—has prompted the government to work on de-anonymizing users. In this work, we address three main goals: first, we achieve over 99% accuracy in distinguishing Onion Service traffic from other Tor traf- fic; second, we assess how well our methods perform in the event that Tor traffic is modified to hide information leaks; and third, we detect the utmost significant article integrations for our classification task. This study tackles issues related to privacy challenges and misuse concerns in network traffic analysis.

Keywords : Dark Web, Traffic Analysis, Machine Learning, Network Security, Data Privacy, Feature Selection.

References :

1. R. Dingledine, N. Mathewson, and P. Syverson, ‘‘Tor: The second-generation onion router,’’ in Proc. 13th USENIX Secur. Symp. (SSYM), San Diego, CA, USA, Aug. 2004, pp. 303–320.
2. M. Al Sabah, K. Bauer, and I. Goldberg, ‘‘Enhancing Tor’s performance using real-time traffic classification,’’ in Proc. ACM Conf. Comput. Com-mun. Secur. (CCS), New York, NY, USA, Oct. 2012, pp. 73–84.
3. A. H. Lashkari, G. D. Gil, M. S. I. Mamun, and A. A. Ghorbani, ‘‘Charac-terization of Tor traffic using time based features,’’ in Proc. 3rd Int. Conf. Inf. Syst. Secur. Privacy (ICISSP), Porto, Portugal, Feb. 2017, pp. 253–262.
4. M. Kim and A. Anpalagan, ‘‘Tor traffic classification from raw packet header using convolutional neural network,’’ in Proc. 1st IEEE Int. Conf. Knowl. Innov. Invention (ICKII), Jeju Island, South Korea, Jul. 2018, pp. 187–190.
5. G. He, M. Yang, J. Luo, and X. Gu, ‘‘Inferring application type information from Tor encrypted traffic,’’ in Proc. 2nd Int. Conf. Adv. Cloud Big Data (CBD), Washington, DC, USA, Nov. 2014, pp. 220–227.
6. A. Montieri, D. Ciuonzo, G. Aceto, and A. Pescapé, ‘‘Anonymity services tor, I2P, JonDonym: Classifying in the dark (web),’’ IEEE Trans. Depend-able Secure Comput., vol. 17, no. 3, pp. 662–675, May 2020.
7. (May 2017). WCry Ransomware Analysis. Accessed: Apr. 26, 2023. [Online]. Available: https://www.secureworks.com/research/wcry-ransomware-analysis
8. (Jul. 2019). Keeping a Hidden Identity: Mirai C&Cs in Tor Network. Accessed: Apr. 26, 2023. [Online]. Available: https://blog.trendmicro. com/trendlabs-security-intelligence/keeping-a-hidden-identity-mirai-ccs-in-tor-network/
9. (Nov. 2014). Global Action Against Dark Markets on Tor Network. Accessed: Aug. 4, 2020. [Online]. Available: https://www.europol.europa.eu/newsroom/news/global-action-against-dark-markets-tor-network
10. M. Juarez, M. Imani, M. Perry, C. Diaz, and M. Wright, ‘‘Toward an efficient website fingerprinting defense,’’ in Proc. 21st Eur. Symp. Res. Comput. Secur. (ESORICS), Heraklion, Greece, Sep. 2016, pp. 27–46.
11. T. Wang and I. Goldberg, ‘‘Walkie-talkie: An efficient defense against passive website fingerprinting attacks,’’ in Proc. 26th USENIX Secur. Symp. (SEC), Vancouver, BC, Canada, Aug. 2017, pp. 1375–1390.
12. W. De la Cadena, A. Mitseva, J. Hiller, J. Pennekamp, S. Reuter, J. Filter, T. Engel, K. Wehrle, and A. Panchenko, ‘‘TrafficSliver: Fighting web-site fingerprinting attacks with traffic splitting,’’ in Proc. ACM SIGSAC Conf. Comput. Commun. Secur. (CCS), New York, NY, USA, Nov. 2020, pp. 1971–1985.
13. J. Hayes and G. Danezis, ‘‘k-fingerprinting: A robust scalable website fin-gerprinting technique,’’ in Proc. 25th USENIX Conf. Secur. Symp. (SEC), Austin, TX, USA, Aug. 2016, pp. 1187–1203.
14. X. Bai, Y. Zhang, and X. Niu, ‘‘Traffic identification of Tor and web-mix,’’ in Proc. 8th Int. Conf. Intell. Syst. Design Appl. (ISDA), Kaohsiung, Taiwan, vol. 1, Nov. 2008, pp. 548–551.
15. O. Berthold, H. Federrath, and S. Köpsell, ‘‘Web MIXes: A system for anonymous and unobservable Internet access,’’ in Proc. Int. Workshop Design Issues Anonymity Unobservability, in Lecture Notes in Computer Science, vol. 2009, H. Federrath, Ed., Berkeley, CA, USA, Jul. 2000, pp. 115–129.
16. B. Zantout and R. Haraty, ‘‘I2P data communication system,’’ in Proc. 10th Int. Conf. Netw. (ICN), Sint Maarten, The Netherlands, Jan. 2011, pp. 401–409.
17. P. Sirinam, M. Imani, M. Juarez, and M. Wright, ‘‘Deep fingerprint-ing: Undermining website fingerprinting defenses with deep learning,’’ in Proc. ACM SIGSAC Conf. Comput. Commun. Secur. (CCS), Toronto, ON, Canada, Oct. 2018, pp. 1928–1943.
18. R. Overdorf, M. Juárez, G. Acar, R. Greenstadt, and C. Díaz, ‘‘How unique is your.onion?: An analysis of the fingerprintability of Tor onion services,’’ in Proc. ACM SIGSAC Conf. Comput. Commun. Secur. (CCS), Dallas, TX, USA, Oct. 2017, pp. 2021–2036.
19. I. H. Witten, E. Frank, and M. A. Hall, Data Mining: Practical Machine Learning Tools and Techniques, 3rd ed. San Francisco, CA, USA: Morgan Kaufmann, 2011.
20. X. He, D. Cai, and P. Niyogi, ‘‘Laplacian score for feature selection,’’ in Proc. Adv. Neural Inf. Process. Syst. (NIPS), Vancouver, BC, Canada, Dec. 2005, pp. 507–514