DOI QR코드

DOI QR Code

Cyber Threat Intelligence Traffic Through Black Widow Optimisation by Applying RNN-BiLSTM Recognition Model

  • Kanti Singh Sangher (School of IT, Centre for Development of Advanced Computing) ;
  • Archana Singh (Amity School of Engineering & Technology, Amity University) ;
  • Hari Mohan Pandey (Data Science and Artificial Intelligence, School of Technology, Bournemouth University)
  • Received : 2023.11.05
  • Published : 2023.11.30

Abstract

The darknet is frequently referred to as the hub of illicit online activity. In order to keep track of real-time applications and activities taking place on Darknet, traffic on that network must be analysed. It is without a doubt important to recognise network traffic tied to an unused Internet address in order to spot and investigate malicious online activity. Any observed network traffic is the result of mis-configuration from faked source addresses and another methods that monitor the unused space address because there are no genuine devices or hosts in an unused address block. Digital systems can now detect and identify darknet activity on their own thanks to recent advances in artificial intelligence. In this paper, offer a generalised method for deep learning-based detection and classification of darknet traffic. Furthermore, analyse a cutting-edge complicated dataset that contains a lot of information about darknet traffic. Next, examine various feature selection strategies to choose a best attribute for detecting and classifying darknet traffic. For the purpose of identifying threats using network properties acquired from darknet traffic, devised a hybrid deep learning (DL) approach that combines Recurrent Neural Network (RNN) and Bidirectional LSTM (BiLSTM). This probing technique can tell malicious traffic from legitimate traffic. The results show that the suggested strategy works better than the existing ways by producing the highest level of accuracy for categorising darknet traffic using the Black widow optimization algorithm as a feature selection approach and RNN-BiLSTM as a recognition model.

Keywords

References

  1. Jardine, Eric. "Privacy, censorship, data breaches and Internet freedom: The drivers of support and opposition to Dark Web technologies." new media & society 20, no. 8 (2018): 2824-2843. https://doi.org/10.1177/1461444817733134
  2. Hayes, Darren R., Francesco Cappa, and James Cardon. "A framework for more effective dark web marketplace investigations." Information 9, no. 8 (2018): 186.
  3. da Cunha, Bruno Requiao, Padraig MacCarron, Jean Fernando Passold, Luiz Walmocyr dos Santos, Kleber A. Oliveira, and James P. Gleeson. "Assessing police topological efficiency in a major sting operation on the dark web." Scientific reports 10, no. 1 (2020): 1-10. https://doi.org/10.1038/s41598-019-56847-4
  4. Alharbi, Abdullah, Mohd Faizan, Wael Alosaimi, Hashem Alyami, Alka Agrawal, Rajeev Kumar, and Raees Ahmad Khan. "Exploring the topological properties of the Tor Dark Web." IEEE Access 9 (2021): 21746-21758. https://doi.org/10.1109/ACCESS.2021.3055532
  5. Nazah, Saiba, Shamsul Huda, Jemal H. Abawajy, and Mohammad Mehedi Hassan. "An Unsupervised Model for Identifying and Characterizing Dark Web Forums." IEEE Access 9 (2021): 112871-112892. https://doi.org/10.1109/ACCESS.2021.3103319
  6. Shakarian, Paulo. "Dark-web cyber threat intelligence: from data to intelligence to prediction." Information 9, no. 12 (2018): 305.
  7. Wilson, Emily. "Disrupting dark web supply chains to protect precious data." Computer Fraud & Security 2019, no. 4 (2019): 6-9.
  8. Alkhatib, Bassel, and Randa S. Basheer. "Mining the Dark Web: A Novel Approach for Placing a Dark Website under Investigation." International Journal of Modern Education & Computer Science 11, no. 10 (2019).
  9. Hayes, Darren R., Francesco Cappa, and James Cardon. "A framework for more effective dark web marketplace investigations." Information 9, no. 8 (2018): 186.
  10. Samtani, Sagar, Weifeng Li, Victor Benjamin, and Hsinchun Chen. "Informing cyber threat intelligence through dark Web situational awareness: The AZSecure hacker assets portal." Digital Threats: Research and Practice (DTRAP) 2, no. 4 (2021): 1-10. https://doi.org/10.1145/3450972
  11. Koloveas, Paris, Thanasis Chantzios, Christos Tryfonopoulos, and Spiros Skiadopoulos. "A crawler architecture for harvesting the clear, social, and dark web for IoT-related cyber-threat intelligence." In 2019 IEEE World Congress on Services (SERVICES), vol. 2642, pp. 3-8. IEEE, 2019.
  12. Woodhams, Jessica, Juliane A. Kloess, Brendan Jose, and Catherine E. Hamilton-Giachritsis. "Characteristics and behaviors of anonymous users of dark web platforms suspected of child sexual offenses." Frontiers in Psychology 12 (2021): 623668.
  13. AlKhatib, Bassel, and Randa Basheer. "Crawling the Dark Web: A Conceptual Perspective, Challenges and Implementation." J. Digit. Inf. Manag. 17, no. 2 (2019): 51.
  14. McMeel, Dermott John James. "The Dark Web of Urban Data: Fitness Data Ecosystems, Urban Design and Privacy in the Modern City." International Journal of Art, Culture and Design Technologies (IJACDT) 7, no. 2 (2018): 12-25. https://doi.org/10.4018/IJACDT.2018070102
  15. Rajawat, Anand Singh, Romil Rawat, Kanishk Barhanpurkar, Rabindra Nath Shaw, and Ankush Ghosh. "Vulnerability analysis at industrial internet of things platform on dark web network using computational intelligence." In Computationally intelligent systems and their applications, pp. 39-51. Springer, Singapore, 2021.
  16. Mador, Ziv. "Keep the dark web close and your cyber security tighter." Computer Fraud & Security 2021, no. 1 (2021): 6-8. https://doi.org/10.1016/S1361-3723(21)00006-3
  17. Topor, Lev, and Pnina Shuker. "Cyber Influence Campaigns in the Dark Web." Cyber, Intelligence, and Security 3, no. 2 (2019): 63-79.
  18. Hiramoto, Naoki, and Yoichi Tsuchiya. "Measuring dark web marketplaces via Bitcoin transactions: From birth to independence." Forensic Science International: Digital Investigation 35 (2020): 301086.
  19. Goldstein, Fay, Oded Yarkoni, Lihi Shalmon, Haim Glikman, Shachar Azriel, and Guy Molho. "Monitoring automotive cyber risks throughout the deep and dark web." (2021).
  20. Coffey, Mollie L. "Library application of Deep Web and Dark Web technologies." School of Information Student Research Journal 10, no. 1 (2020): 8.
  21. Haasio, Ari, J. Tuomas Harviainen, and Reijo Savolainen. "Information needs of drug users on a local dark Web marketplace." Information Processing & Management 57, no. 2 (2020): 102080.
  22. Sarkar, Soumajyoti, Mohammad Almukaynizi, Jana Shakarian, and Paulo Shakarian. "Predicting enterprise cyber incidents using social network analysis on dark web hacker forums." The Cyber Defense Review (2019): 87-102.
  23. ElBahrawy, Abeer, Laura Alessandretti, Leonid Rusnac, Daniel Goldsmith, Alexander Teytelboym, and Andrea Baronchelli. "Collective dynamics of dark web marketplaces." Scientific reports 10, no. 1 (2020): 1-8. https://doi.org/10.1038/s41598-019-56847-4
  24. Montieri, Antonio, Domenico Ciuonzo, Giuseppe Aceto, and Antonio Pescape. "Anonymity services tor, i2p, jondonym: classifying in the dark (web)." IEEE Transactions on Dependable and Secure Computing 17, no. 3 (2018): 662-675. https://doi.org/10.1109/TDSC.2018.2804394
  25. Wu, Hsin-Te, and Chun-Wei Tsai. "An intelligent agriculture network security system based on private blockchains." Journal of Communications and Networks 21, no. 5 (2019): 503-508. https://doi.org/10.1109/JCN.2019.000043
  26. Hayes, Darren R., Francesco Cappa, and James Cardon. "A framework for more effective dark web marketplace investigations." Information 9, no. 8 (2018): 186.
  27. Samtani, Sagar, Weifeng Li, Victor Benjamin, and Hsinchun Chen. "Informing cyber threat intelligence through dark Web situational awareness: The AZSecure hacker assets portal." Digital Threats: Research and Practice (DTRAP) 2, no. 4 (2021): 1-10. https://doi.org/10.1145/3450972
  28. Allhusen, Andrew, Izzat Alsmadi, Abdullah Wahbeh, Mohammad Al-Ramahi, and Ahmad Al-Omari. "Dark Web Analytics: A Comparative Study of Feature Selection and Prediction Algorithms." Available at SSRN 3949786 (2021).
  29. Kaur, Shubhdeep, and Sukhchandan Randhawa. "Dark web: a web of crimes." Wireless Personal Communications 112, no. 4 (2020): 2131-2158. https://doi.org/10.1007/s11277-020-07143-2
  30. Sharma, Shweta, Parvesh Sharma, and Gyanendra Singh. "Dark Web and Trading of Illegal Drugs." J Forensic Science & Criminal Investigation 9, no. 4 (2018): 555766.
  31. Naseem, Iflah, Ashirr K. Kashyap, and Dheeraj Mandloi. "Exploring anonymous depths of invisible web and the digiunderworld." International Journal of Computer Applications, NCC 3 (2016): 21-25.
  32. Kaur, Shubhdeep, and Sukhchandan Randhawa. "Dark web: a web of crimes." Wireless Personal Communications 112, no. 4 (2020): 2131-2158. https://doi.org/10.1007/s11277-020-07143-2
  33. Rajawat, Anand Singh, Pradeep Bedi, S. B. Goyal, Sandeep Kautish, Zhang Xihua, Hanan Aljuaid, and Ali Wagdy Mohamed. "Dark Web Data Classification Using Neural Network." Computational Intelligence and Neuroscience 2022 (2022).
  34. Steingartner, William, Darko Galinec, and Andrija Kozina. "Threat defense: Cyber deception approach and education for resilience in hybrid threats model." Symmetry 13, no. 4 (2021): 597.
  35. Bilen, Abdulkadir, and Ahmet Bedri Ozer. "Cyber-attack method and perpetrator prediction using machine learning algorithms." PeerJ Computer Science 7 (2021): e475.
  36. Demertzis, Konstantinos, Konstantinos Tsiknas, Dimitrios Takezis, Charalabos Skianis, and Lazaros Iliadis. "Darknet traffic big-data analysis and network management for realtime automating of the malicious intent detection process by a weight agnostic neural networks framework." Electronics 10, no. 7 (2021): 781.
  37. Samrin, Rafath, and D. Vasumathi. "Review on anomaly based network intrusion detection system." In 2017 international conference on electrical, electronics, communication, computer, and optimization techniques (ICEECCOT), pp. 141-147. IEEE, 2017.
  38. Devaraju, S., and S. Ramakrishnan. "PERFORMANCE COMPARISON FOR INTRUSION DETECTION SYSTEM USING NEURAL NETWORK WITH KDD DATASET." ICTACT Journal on Soft Computing 4, no. 3 (2014).
  39. Kwon, Donghwoon, Hyunjoo Kim, Jinoh Kim, Sang C. Suh, Ikkyun Kim, and Kuinam J. Kim. "A survey of deep learningbased network anomaly detection." Cluster Computing 22, no. 1 (2019): 949-961. https://doi.org/10.1007/s10586-017-1117-8
  40. Dhanabal, L., and S. P. Shantharajah. "A study on NSL-KDD dataset for intrusion detection system based on classification algorithms." International journal of advanced research in computer and communication engineering 4, no. 6 (2015): 446-452.
  41. Pacheco, Fannia, Ernesto Exposito, Mathieu Gineste, Cedric Baudoin, and Jose Aguilar. "Towards the deployment of machine learning solutions in network traffic classification: A systematic survey." IEEE Communications Surveys & Tutorials 21, no. 2 (2018): 1988-2014. https://doi.org/10.1109/COMST.2018.2883147
  42. Pacheco, Fannia, Ernesto Exposito, Mathieu Gineste, Cedric Baudoin, and Jose Aguilar. "Towards the deployment of machine learning solutions in network traffic classification: A systematic survey." IEEE Communications Surveys & Tutorials 21, no. 2 (2018): 1988-2014. https://doi.org/10.1109/COMST.2018.2883147
  43. Dhote, Yogesh, Shikha Agrawal, and Anjana Jayant Deen. "A survey on feature selection techniques for internet traffic classification." In 2015 International Conference on Computational Intelligence and Communication Networks (CICN), pp. 1375-1380. IEEE, 2015.
  44. Sun, Xiaochuan, Guan Gui, Yingqi Li, Ren Ping Liu, and Yongli An. "ResInNet: A novel deep neural network with feature reuse for Internet of Things." IEEE Internet of Things Journal 6, no. 1 (2018): 679-691. https://doi.org/10.1109/JIOT.2018.2853663
  45. Pustokhina, Irina Valeryevna, Denis Alexandrovich Pustokhin, Deepak Gupta, Ashish Khanna, Kannan Shankar, and Gia Nhu Nguyen. "An effective training scheme for deep neural network in edge computing enabled Internet of medical things (IoMT) systems." IEEE Access 8 (2020): 107112-107123. https://doi.org/10.1109/ACCESS.2020.3000322
  46. Shaikh, Farooq, Elias Bou-Harb, Jorge Crichigno, and Nasir Ghani. "A machine learning model for classifying unsolicited iot devices by observing network telescopes." In 2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC), pp. 938-943. IEEE, 2018.
  47. Yang, Ying, Lina Yang, Meihong Yang, Huanhuan Yu, Guichun Zhu, Zhenya Chen, and Lijuan Chen. "Dark web forum correlation analysis research." In 2019 IEEE 8th Joint International Information Technology and Artificial Intelligence Conference (ITAIC), pp. 1216-1220. IEEE, 2019.
  48. Yang, Ying, Huanhuan Yu, Lina Yang, Ming Yang, Lijuan Chen, Guichun Zhu, and Liqiang Wen. "Hadoop-based dark web threat intelligence analysis framework." In 2019 IEEE 3rd Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), pp. 1088-1091. IEEE, 2019.
  49. Samrin, Rafath, and D. Vasumathi. "Review on anomaly based network intrusion detection system." In 2017 international conference on electrical, electronics, communication, computer, and optimization techniques (ICEECCOT), pp. 141-147. IEEE, 2017.
  50. Summerville, D. H., N. Nwanze, and V. A. Skormin. "Anomalous packet identification for network intrusion detection." In Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004., pp. 60-67. IEEE, 2004.
  51. Kwon, Donghwoon, Hyunjoo Kim, Jinoh Kim, Sang C. Suh, Ikkyun Kim, and Kuinam J. Kim. "A survey of deep learningbased network anomaly detection." Cluster Computing 22, no. 1 (2019): 949-961. https://doi.org/10.1007/s10586-017-1117-8
  52. Tavallaee, Mahbod, Ebrahim Bagheri, Wei Lu, and Ali A. Ghorbani. "A detailed analysis of the KDD CUP 99 data set." In 2009 IEEE symposium on computational intelligence for security and defense applications, pp. 1-6. Ieee, 2009.
  53. Demertzis, Konstantinos, and Lazaros Iliadis. "A hybrid network anomaly and intrusion detection approach based on evolving spiking neural network classification." In International Conference on e-Democracy, pp. 11-23. Springer, Cham, 2013.
  54. Zhang, Jiong, and Mohammad Zulkernine. "Anomaly based network intrusion detection with unsupervised outlier detection." In 2006 IEEE International Conference on Communications, vol. 5, pp. 2388-2393. IEEE, 2006.
  55. Singh, Pradeep, and M. Venkatesan. "Hybrid approach for intrusion detection system." In 2018 International Conference on Current Trends towards Converging Technologies (ICCTCT), pp. 1-5. IEEE, 2018.
  56. Song, Hongchao, Zhuqing Jiang, Aidong Men, and Bo Yang. "A hybrid semi-supervised anomaly detection model for high-dimensional data." Computational intelligence and neuroscience 2017 (2017).
  57. HaddadPajouh, Hamed, Ali Dehghantanha, Raouf Khayami, and Kim-Kwang Raymond Choo. "A deep recurrent neural network based approach for internet of things malware threat hunting." Future Generation Computer Systems 85 (2018): 88-96. https://doi.org/10.1016/j.future.2018.03.007
  58. Sharma, Rishabh, and Shashi Shekhar. "An Automatic Pun Word Identification Framework for Code Mixed Text." In 2021 5th International Conference on Information Systems and Computer Networks (ISCON), pp. 1-5. IEEE, 2021.
  59. Nourani, Vahid, and Nazanin Behfar. "Multi-station runoffsediment modeling using seasonal LSTM models." Journal of Hydrology 601 (2021): 126672.
  60. Nazah, Saiba, Shamsul Huda, Jemal H. Abawajy, and Mohammad Mehedi Hassan. "An Unsupervised Model for Identifying and Characterizing Dark Web Forums." IEEE Access 9 (2021): 112871-112892.  https://doi.org/10.1109/ACCESS.2021.3103319