Characterization of Tor Traffic using Time based Features

被引：532

作者：

Lashkari, Arash Habibi ^{[1
]}

Gil, Gerard Draper ^{[1
]}

Mamun, Mohammad Saiful Islam ^{[1
]}

Ghorbani, Ali A. ^{[1
]}

机构：

[1] Univ New Brunswick, Canadian Inst Cybersecur, Fredericton, NB, Canada

来源：

ICISSP: PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY | 2017年

关键词：

Tor; Network Traffic Characterization; Network Traffic Analysis; Time-based Features; Machine Learning; CLASSIFICATION;

D O I：

10.5220/0006105602530262

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Traffic classification has been the topic of many research efforts, but the quick evolution of Internet services and the pervasive use of encryption makes it an open challenge. Encryption is essential in protecting the privacy of Internet users, a key technology used in the different privacy enhancing tools that have appeared in the recent years. Tor is one of the most popular of them, it decouples the sender from the receiver by encrypting the traffic between them, and routing it through a distributed network of servers. In this paper, we present a time analysis on Tor traffic flows, captured between the client and the entry node. We define two scenarios, one to detect Tor traffic flows and the other to detect the application type: Browsing, Chat, Streaming, Mail, Voip, P2P or File Transfer. In addition, with this paper we publish the Tor labelled dataset we generated and used to test our classifiers.

引用

页码：253 / 262

页数：10

共 20 条

[11]

Hall M., 2009, SIGKDD EXPLORATIONS, V11, P10, DOI [DOI 10.1145/1656274.1656278, 10.1145/1656274.1656278]

[12]

ISCXFlowMeter, 2016, INF SEC CTR EXC

[13]

Johnson A., 2013, ACM SIGSAC C COMP CO, P337

[14] A Critical Evaluation of Website Fingerprinting Attacks [J].

Juarez, Marc ;

Afroz, Sadia ;

Acar, Gunes ;

Diaz, Claudia ;

Greenstadt, Rachel .

CCS'14: PROCEEDINGS OF THE 21ST ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2014, :263-274

[15]

Ling Z, 2014, IEEE INFOCOM SER, P1402, DOI 10.1109/INFOCOM.2014.6848074

[16]

Mittal P, 2011, PROCEEDINGS OF THE 18TH ACM CONFERENCE ON COMPUTER & COMMUNICATIONS SECURITY (CCS 11), P215

[17] A Survey of Techniques for Internet Traffic Classification using Machine Learning [J].

Nguyen, Thuy T. T. ;

Armitage, Grenville .

IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2008, 10 (04) :56-76

[18]

Quinlan J.R., 2014, C4. 5: programs for machine learning

[19]

SERJANTOV A, 2003, P EUR S RES COMP SEC, P116

[20]

Shmatikov V, 2006, LECT NOTES COMPUT SC, V4189, P18

← 1 2 →