A method for identifying Tor hosts based on machine learning techniques

A method for identifying Tor hosts based on machine learning techniques

Tor is an anonymous Internet communication system based on onion routing network protocol. Network traffics generated by normal applications become hard to trace when they are delivered by Tor system. However, an increasing number of cyber criminals are utilizing Tor to remain anonymous while carryi...

Full description

Bibliographic Details
Main Authors: Zhang Ling, Wei Chuanzheng, Lin Zhenbiao, Duan Linlin
Format: Article
Language:zho
Published: National Computer System Engineering Research Institute of China 2021-04-01
Series:Dianzi Jishu Yingyong
Subjects:
darknet detection
tor
communication entity recognition
machine learning
Online Access:http://www.chinaaet.com/article/3000130543
Description
Summary:Tor is an anonymous Internet communication system based on onion routing network protocol. Network traffics generated by normal applications become hard to trace when they are delivered by Tor system. However, an increasing number of cyber criminals are utilizing Tor to remain anonymous while carrying out their crimes or make illegal transactions. As a countermeasure, this paper presents a method able to identify Tor traffics and thereby recognize related Tor hosts. The method proposes several groups of features extracted from network traffic and resort to machine learning algorithm to evaluate feature effectiveness. Experiments in real world dataset demonstrate that the proposed method is able to distinguish Tor flows from normal traffics as well as recognize the kind of activity in Tor generated by different normal applications.
ISSN:0258-7998

Similar Items