中圖分類號: TN918 文獻標(biāo)識碼: A DOI:10.16157/j.issn.0258-7998.200759 中文引用格式: 張玲,,衛(wèi)傳征,林臻彪,,等. 一種基于機器學(xué)習(xí)的Tor網(wǎng)絡(luò)識別探測技術(shù)[J].電子技術(shù)應(yīng)用,,2021,47(4):54-58. 英文引用格式: Zhang Ling,,Wei Chuanzheng,,Lin Zhenbiao,et al. A method for identifying Tor hosts based on machine learning techniques[J]. Application of Electronic Technique,,2021,,47(4):54-58.
A method for identifying Tor hosts based on machine learning techniques
1.Beijing Cyber XingAn Technology Co.,Ltd.,,Beijing 102200,,China; 2.School of Information Engineering,,Zhengzhou University,,Zhengzhou 450001,China
Abstract: Tor is an anonymous Internet communication system based on onion routing network protocol. Network traffics generated by normal applications become hard to trace when they are delivered by Tor system. However, an increasing number of cyber criminals are utilizing Tor to remain anonymous while carrying out their crimes or make illegal transactions. As a countermeasure, this paper presents a method able to identify Tor traffics and thereby recognize related Tor hosts. The method proposes several groups of features extracted from network traffic and resort to machine learning algorithm to evaluate feature effectiveness. Experiments in real world dataset demonstrate that the proposed method is able to distinguish Tor flows from normal traffics as well as recognize the kind of activity in Tor generated by different normal applications.
Key words : darknet detection,;Tor,;communication entity recognition;machine learning