Machine learning approach for detection of nonTor traffic

Elike Hodo, Xavier Bellekens, Ephraim Iorkyase, Andrew Hamilton, Christos Tachtatzis, Robert Atkinson

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)
45 Downloads (Pure)

Abstract

Intrusion detection has attracted a considerable interest from researchers and industries. After many years of research the community still faces the problem of building reliable and efficient intrusion detection systems (IDS) capable of handling large quantities of data with changing patterns in real time situations. The Tor network is popular in providing privacy and security to end user by anonymising the identity of internet users connecting through a series of tunnels and nodes. This work focuses on the classification of Tor traffic and nonTor traffic to expose the activities within Tor traffic that minimizes the protection of users. A study to compare the reliability and efficiency of Artificial Neural Network and Support vector machine in detecting nonTor traffic in UNB-CIC Tor Network Traffic dataset is presented in this paper. The results are analysed based on the overall accuracy, detection rate and false positive rate of the two algorithms. Experimental results show that both algorithms could detect nonTor traffic in the dataset. A hybrid Artificial neural network proved a better classifier than SVM in detecting nonTor traffic in UNB-CIC Tor Network Traffic dataset.
Original languageEnglish
Title of host publicationProceedings of the 12th International Conference on Availability, Reliability and Security
Place of PublicationNew York
PublisherAssociation for Computing Machinery (ACM)
Number of pages6
ISBN (Electronic)9781450352574
DOIs
Publication statusPublished - 29 Aug 2017
Event12th International Conference on Availability, Reliability and Security - University Mediterranea, Reggio Calabria, Italy
Duration: 29 Aug 20171 Sep 2017
Conference number: 12
https://www.ares-conference.eu/conference2017/

Publication series

NameACM International Conference Proceeding Series
PublisherACM

Conference

Conference12th International Conference on Availability, Reliability and Security
Abbreviated titleARES 2012
CountryItaly
CityReggio Calabria
Period29/08/171/09/17
Internet address

Fingerprint Dive into the research topics of 'Machine learning approach for detection of nonTor traffic'. Together they form a unique fingerprint.

  • Cite this

    Hodo, E., Bellekens, X., Iorkyase, E., Hamilton, A., Tachtatzis, C., & Atkinson, R. (2017). Machine learning approach for detection of nonTor traffic. In Proceedings of the 12th International Conference on Availability, Reliability and Security [85] (ACM International Conference Proceeding Series). Association for Computing Machinery (ACM). https://doi.org/10.1145/3098954.3106068