{"title":"Tor、I2P、ZeroNet、Freenet中用户行为的流量分类","authors":"Yuzong Hu, Futai Zou, Linsen Li, P. Yi","doi":"10.1109/TrustCom50675.2020.00064","DOIUrl":null,"url":null,"abstract":"In recent years, more and more anonymous network have been developed. Since user's identity is difficult to trace in anonymous networks, many illegal activities are carried out in darknet. In this paper, we propose a hierarchical classifier of darknet traffic which can distinguish four types of darknet(Tor, I2P, ZeroNet, Freenet) and 25 darknet users' behavior. Due to the lack of public datasets, we deployed a darknet data probe that can capture real darknet traffic in Tor, I2P, ZeroNet, Freenet. After collecting and labeling darknet traffic, we extract 26 time-based flow features that can represent the characteristics of darknet traffic and train a hierarchical classifier constructed by 6 local classifiers. Results show that the classifier can easily distinguish Tor, I2P, ZeroNet, Freenet four kinds of darknet clients with an accuracy of 96.9% and identify 8 kinds of user behaviors for each type of darknet with an accuracy of 91.6% on average. With the help of this hierarchical classification method, darknet user behaviors can be accurately distinguished at the traffic exit.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"121 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Traffic Classification of User Behaviors in Tor, I2P, ZeroNet, Freenet\",\"authors\":\"Yuzong Hu, Futai Zou, Linsen Li, P. Yi\",\"doi\":\"10.1109/TrustCom50675.2020.00064\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, more and more anonymous network have been developed. Since user's identity is difficult to trace in anonymous networks, many illegal activities are carried out in darknet. In this paper, we propose a hierarchical classifier of darknet traffic which can distinguish four types of darknet(Tor, I2P, ZeroNet, Freenet) and 25 darknet users' behavior. Due to the lack of public datasets, we deployed a darknet data probe that can capture real darknet traffic in Tor, I2P, ZeroNet, Freenet. After collecting and labeling darknet traffic, we extract 26 time-based flow features that can represent the characteristics of darknet traffic and train a hierarchical classifier constructed by 6 local classifiers. Results show that the classifier can easily distinguish Tor, I2P, ZeroNet, Freenet four kinds of darknet clients with an accuracy of 96.9% and identify 8 kinds of user behaviors for each type of darknet with an accuracy of 91.6% on average. With the help of this hierarchical classification method, darknet user behaviors can be accurately distinguished at the traffic exit.\",\"PeriodicalId\":221956,\"journal\":{\"name\":\"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"volume\":\"121 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom50675.2020.00064\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom50675.2020.00064","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Traffic Classification of User Behaviors in Tor, I2P, ZeroNet, Freenet
In recent years, more and more anonymous network have been developed. Since user's identity is difficult to trace in anonymous networks, many illegal activities are carried out in darknet. In this paper, we propose a hierarchical classifier of darknet traffic which can distinguish four types of darknet(Tor, I2P, ZeroNet, Freenet) and 25 darknet users' behavior. Due to the lack of public datasets, we deployed a darknet data probe that can capture real darknet traffic in Tor, I2P, ZeroNet, Freenet. After collecting and labeling darknet traffic, we extract 26 time-based flow features that can represent the characteristics of darknet traffic and train a hierarchical classifier constructed by 6 local classifiers. Results show that the classifier can easily distinguish Tor, I2P, ZeroNet, Freenet four kinds of darknet clients with an accuracy of 96.9% and identify 8 kinds of user behaviors for each type of darknet with an accuracy of 91.6% on average. With the help of this hierarchical classification method, darknet user behaviors can be accurately distinguished at the traffic exit.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
