A novel application classification attack against Tor

He, Gaofeng; Luo, Junzhou; Gu, Xingyu

doi:10.1002/cpe.3593

Cited by 26 publications

(23 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Due to the complexity of encrypted traffic, most of the surveyed research focuses on supervised machine learning which required pre-training dataset to classify the traffic. The studies by [33], [36] utilized unsupervised machine learning solely for traffic clustering rather than traffic classification. Despite study by [34] managed to classify encrypted traffic using semi-supervised learning, this learning practice could be achieved with the presence of hierarchical classification approach.…”

Section: Discussion and Comparisonmentioning

confidence: 99%

“…These records than will be fragmented into the TCP packets before it will be send to another Tor node. These traffic layer mechanism enable features extraction of the traffic at three different levels for the machine traffic classification process as each layer has certain header information that are not encrypted [33].…”

Section: B Tlsmentioning

confidence: 99%

“…There is study on application classification attack on Tor network [33] which identify and classify the application types inside the Tor network traffic. The identification is based on application behaviour that characterized by traffic flow features such as burst volumes and directions.…”

Section: A Traffic Classification On Tormentioning

confidence: 99%

“…This approach would allow for the Tor traffic to be monitored in large scale and real-time. Although it is not directly deanonymized the user activity on the Tor network, learning the application information that being used by the users in the Tor network is a part of the Tor privacy concern [33]. This security monitoring capabilities could be achieved using machine learning classification technique similar to the classification of encrypted traffic on the surface web.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Survey on Tor Encrypted Traffic Monitoring

Aminuddin¹,

Zaaba²,

Singh³

et al. 2018

ijacsa

View full text Add to dashboard Cite

Tor (The Onion Router) is an anonymity tool that is widely used worldwide. Tor protect its user privacy against surveillance and censorship using strong encryption and obfuscation techniques which makes it extremely difficult to monitor and identify users' activity on the Tor network. It also implements strong defense to protect the users against traffic features extraction and website fingerprinting. However, the strong anonymity also became the heaven for criminal to avoid network tracing. Therefore, numerous of research has been performed on encrypted traffic analyzing and classification using machine learning techniques. This paper presents survey on existing approaches for classification of Tor and other encrypted traffic. There is preliminary discussion on machine learning approaches and Tor network. Next, there are comparison of the surveyed traffic classification and discussion on their classification properties.

show abstract

Section: Discussion and Comparisonmentioning

confidence: 99%

Section: B Tlsmentioning

confidence: 99%

Section: A Traffic Classification On Tormentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Survey on Tor Encrypted Traffic Monitoring

Aminuddin¹,

Zaaba²,

Singh³

et al. 2018

ijacsa

View full text Add to dashboard Cite

show abstract

“…The most important challenge is that apps deliver their data predominantly using Hypertext Transfer Protocol (HTTP)/Hypertext Transfer Protocol Secure (HTTPS) and may contact the same content or ad servers, so port-based and Internet Protocol (IP)-based methods will fail. For the same reason, traditional approaches 13,14 for identifying desktop applications are too coarse grained for mobile apps. To address this problem, several recent studies [15][16][17][18][19] have been conducted and various types of identification techniques have been proposed.…”

Section: Introductionmentioning

confidence: 99%

Mobile app identification for encrypted network flows by traffic correlation

Zhang

et al. 2018

International Journal of Distributed Sensor Networks

Self Cite

View full text Add to dashboard Cite

Mobile application (simply ''app'') identification at a per-flow granularity is vital for traffic engineering, network management, and security practices. However, uncertainty is caused by a growing fraction of encrypted traffic such as Hypertext Transfer Protocol Secure. To address this challenge, we have carefully analyzed mobile app traffic (mainly including Domain Name System, Hypertext Transfer Protocol, and encrypted traffic such as Secure Sockets Layer and Transport Layer Security) and observed that (1) the sets of server hostnames queried by different apps are distinguishable; (2) mobile apps may query multiple server hostnames simultaneously, that is, apps may send several Domain Name System lookups within a short time interval; and (3) the encrypted traffic may be similar to various other network flows generated by the same app. Based on these three observations, in this article, we propose a novel app identification methodology for encrypted network flows. To be specific, temporal, lexical, and metadata similarity are investigated to select correlated traffic and information retrieving techniques are adopted to identify apps. We ran a thorough set of experiments to assess the performance of the proposed approaches. The experimental results show that the identification accuracy can be as high as 95%, and the proposed methods have low storage requirements as well as fast training speeds.

show abstract

Recent research advances in cloud computing and big data

Dong

Malloy

2015

Concurrency and Computation

View full text Add to dashboard Cite

Cloud computing, often referred to as simply 'the cloud', is the delivery of on-demand computing resources-everything from applications to data centers-over the Internet on a pay-for-use basis [3]. Cloud computing also promises to accommodate a huge volume of data that is regarded as a promising methodology to deal with efficient big data processing. Integration of cloud and big data ecosystems thereby not only allows improved cloud resource utilization and efficiency but also brings optimized performance for big data applications underpinned by cloud infrastructures. Based on the trend that cloud infrastructures of traditional way in which big data applications are executed are undergoing radical change, cloud has evolved in many aspects including cloud architectures, cloud applications, cloud security, and cloud services. However, there are still many other challenges to be resolved to offer better support for big data applications.Research advances in big data and cloud computing continue to be major focus areas in research and industry and we expect that to continue for the next few years. This special issue focuses on new strategic research area that addresses 'Recent Research Advances in Cloud Computing and Big Data'. From the submitted papers for the 2nd

show abstract

A novel application classification attack against Tor

Cited by 26 publications

References 35 publications

A Survey on Tor Encrypted Traffic Monitoring

A Survey on Tor Encrypted Traffic Monitoring

Mobile app identification for encrypted network flows by traffic correlation

Recent research advances in cloud computing and big data

Contact Info

Product

Resources

About