Abstract
The Onion Router (TOR) networks provide anonymity, in terms of identity and location, to the Internet users by encrypting traffic multiple times along the path and routing it via an overlay network of servers. Although TOR was initially developed as a medium to maintain users' privacy, cyber criminals and hackers take advantage of this anonymity, and as a result, many illegal activities are carried out using TOR networks. With the ever-changing landscape of Internet services, traditional traffic analysis methods are not efficient for analyzing encrypted traffic and there is a need for alternative methods for analyzing TOR traffic. In this paper, we develop a machine learning model to identify whether a given network traffic is TOR or nonTOR. We use the ISCX2016 TOR-nonTOR dataset to train our model and perform random oversampling and random undersampling to remove data imbalance. Furthermore, to improve the efficiency of our classifiers, we use k-fold cross-validation and Grid Search algorithms for hyperparameter tuning. Results show that we achieve more than 90% accuracy with random sampling and hyperparameter tuning methods.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
