• Convergence Security Journal
• /
• v.21 no.3
• /
• pp.31-38
• /
• 2021

Tor, known as Onion Router, guarantees strong anonymity. For this reason, Tor is actively used not only for criminal activities but also for hacking attempts such as rapid port scan and the ex-filtration of stolen credentials. Therefore, fast and accurate detection of Tor traffic is critical to prevent the crime attempts in advance and secure the organization's information system. This paper proposes a novel classification model that can detect Tor traffic and classify the traffic types based on CNN(Convolutional Neural Network). We use UNB Tor 2016 Dataset to evaluate the performance of our model. The experimental results show that the accuracy is 99.98% and 97.27% in binary classification and multiclass classification respectively.

• Journal of Communications and Networks
• /
• v.16 no.4
• /
• pp.415-420
• /
• 2014

Since the day the Internet became a common and reliable mechanism for communication and data transfer, security officers and enthusiasts rallied to enforce security standards on data transported over the globe. Whenever a user tries communicating with another recipient on the Internet, vital information is sent over different networks until the information is dropped, intercepted, or normally reaches the recipient. Critical information traversing networks is usually encrypted. In order to conceal the sender's identity, different implementations have proven successful - one of which is the invention of anonymous networks. This paper thoroughly investigates one of the most common and existing techniques used during data communication for avoiding traffic analysis as well as assuring data integrity - the onion router (TOR). The paper also scrupulously presents the benefits and drawbacks of TOR.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.705-707
• /
• 2013

The second-generation onion routing(Tor)는 전 세계의 Tor 사용자들이 자발적으로 Onion router(OR)이 되어서 다른 Tor 사용자들의 인터넷 익명성을 보장해 준다. 이때 Tor는 수 많은 OR들 중에서 임의적으로 그리고 일정 기준을 통과한 3개를 선택하여 Tor circuit 을 생성하게 된다. Tor를 연구하는데 있어서 가장 큰 문제점은 전세계 다양한 OR을 통과하여 이동하기 때문에 Tor 네트워크를 통해서 이동하는 패킷에 대한 내용을 확인하기 어렵다는 점이다. 하지만 Tor circircuit 구성하는 과정에서 자신이 지정한 OR들을 통해 패킷이 이동한다면 Tor 네트워크의 특징을 연구하는데 큰 도움이 된다. 이를 위해 사용자가 지정한 OR을 이용하도록 소스코드를 수정해 보았다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.4
• /
• pp.127-132
• /
• 2022

An anonymous encrypted communication networks that make it difficult to identify the trace of a user's access by passing through several virtual computers and/or networks, such as Tor, provides user and data privacy in the process of Internet communications. However, when it comes to abuse for inappropriate purposes, such as sharing of illegal contents, arms trade, etc. through such anonymous encrypted communication networks, it is difficult to detect and take appropriate countermeasures. In this paper, by extending the website fingerprinting technique that can identify access to a specific site even in anonymous encrypted communication, a method for specifying and classifying service types of websites for not only well-known sites but also unknown sites is proposed. This approach can be used to identify hidden sites that can be used for malicious purposes.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.31-37
• /
• 2011

Recently on tile network to ensure the anonymity of Mixed networking has been actively researched. It uses encrypted communications between Nodes and communications path is changed often to the attacker traceback and response, including the difficult thing is the reality. National institutions and infrastructure in these circumstances, the attack on the national level, if done on a large scale can be disastrous in. However, an anonymous network technology to cover up their own internet communication, it malicious form of Internet use by people who enjoy being continually updated and new forms of technology being developed is a situation continuously. In addition, attacks in the future application of these technologies is expected to continue to emerge. However, this reality does not deserve this thesis is prepared. In this paper, anonymously using a network to respond effectively to a cyber attack on the early detection research is to proceed.