A method for identifying Tor hosts based on machine learning techniques
Tor is an anonymous Internet communication system based on onion routing network protocol. Network traffics generated by normal applications become hard to trace when they are delivered by Tor system. However, an increasing number of cyber criminals are utilizing Tor to remain anonymous while carryi...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
National Computer System Engineering Research Institute of China
2021-04-01
|
| Series: | Dianzi Jishu Yingyong |
| Subjects: | |
| Online Access: | http://www.chinaaet.com/article/3000130543 |
| id |
doaj-dbf9155bf2b1460db6885d67d9a1ba4f |
|---|---|
| record_format |
Article |
| spelling |
doaj-dbf9155bf2b1460db6885d67d9a1ba4f2021-05-21T06:13:10ZzhoNational Computer System Engineering Research Institute of ChinaDianzi Jishu Yingyong0258-79982021-04-01474545810.16157/j.issn.0258-7998.2007593000130543A method for identifying Tor hosts based on machine learning techniquesZhang Ling0Wei Chuanzheng1Lin Zhenbiao2Duan Linlin3Beijing Cyber XingAn Technology Co.,Ltd.,Beijing 102200,ChinaBeijing Cyber XingAn Technology Co.,Ltd.,Beijing 102200,ChinaBeijing Cyber XingAn Technology Co.,Ltd.,Beijing 102200,ChinaSchool of Information Engineering,Zhengzhou University,Zhengzhou 450001,ChinaTor is an anonymous Internet communication system based on onion routing network protocol. Network traffics generated by normal applications become hard to trace when they are delivered by Tor system. However, an increasing number of cyber criminals are utilizing Tor to remain anonymous while carrying out their crimes or make illegal transactions. As a countermeasure, this paper presents a method able to identify Tor traffics and thereby recognize related Tor hosts. The method proposes several groups of features extracted from network traffic and resort to machine learning algorithm to evaluate feature effectiveness. Experiments in real world dataset demonstrate that the proposed method is able to distinguish Tor flows from normal traffics as well as recognize the kind of activity in Tor generated by different normal applications.http://www.chinaaet.com/article/3000130543darknet detectiontorcommunication entity recognitionmachine learning |
| collection |
DOAJ |
| language |
zho |
| format |
Article |
| sources |
DOAJ |
| author |
Zhang Ling Wei Chuanzheng Lin Zhenbiao Duan Linlin |
| spellingShingle |
Zhang Ling Wei Chuanzheng Lin Zhenbiao Duan Linlin A method for identifying Tor hosts based on machine learning techniques Dianzi Jishu Yingyong darknet detection tor communication entity recognition machine learning |
| author_facet |
Zhang Ling Wei Chuanzheng Lin Zhenbiao Duan Linlin |
| author_sort |
Zhang Ling |
| title |
A method for identifying Tor hosts based on machine learning techniques |
| title_short |
A method for identifying Tor hosts based on machine learning techniques |
| title_full |
A method for identifying Tor hosts based on machine learning techniques |
| title_fullStr |
A method for identifying Tor hosts based on machine learning techniques |
| title_full_unstemmed |
A method for identifying Tor hosts based on machine learning techniques |
| title_sort |
method for identifying tor hosts based on machine learning techniques |
| publisher |
National Computer System Engineering Research Institute of China |
| series |
Dianzi Jishu Yingyong |
| issn |
0258-7998 |
| publishDate |
2021-04-01 |
| description |
Tor is an anonymous Internet communication system based on onion routing network protocol. Network traffics generated by normal applications become hard to trace when they are delivered by Tor system. However, an increasing number of cyber criminals are utilizing Tor to remain anonymous while carrying out their crimes or make illegal transactions. As a countermeasure, this paper presents a method able to identify Tor traffics and thereby recognize related Tor hosts. The method proposes several groups of features extracted from network traffic and resort to machine learning algorithm to evaluate feature effectiveness. Experiments in real world dataset demonstrate that the proposed method is able to distinguish Tor flows from normal traffics as well as recognize the kind of activity in Tor generated by different normal applications. |
| topic |
darknet detection tor communication entity recognition machine learning |
| url |
http://www.chinaaet.com/article/3000130543 |
| work_keys_str_mv |
AT zhangling amethodforidentifyingtorhostsbasedonmachinelearningtechniques AT weichuanzheng amethodforidentifyingtorhostsbasedonmachinelearningtechniques AT linzhenbiao amethodforidentifyingtorhostsbasedonmachinelearningtechniques AT duanlinlin amethodforidentifyingtorhostsbasedonmachinelearningtechniques AT zhangling methodforidentifyingtorhostsbasedonmachinelearningtechniques AT weichuanzheng methodforidentifyingtorhostsbasedonmachinelearningtechniques AT linzhenbiao methodforidentifyingtorhostsbasedonmachinelearningtechniques AT duanlinlin methodforidentifyingtorhostsbasedonmachinelearningtechniques |
| _version_ |
1721432467359924224 |