Font Size: a A A

Anonymous Network Fingerprint Attack And Defense

Posted on:2023-05-17Degree:MasterType:Thesis
Country:ChinaCandidate:X Y WangFull Text:PDF
GTID:2558306848455614Subject:Artificial Intelligence Technology (Professional Degree)
Abstract/Summary:PDF Full Text Request
With the development of the Internet,people pay more and more attention to the privacy protection when browsing the web.More users tend to use anonymous communication tools,such as The Second-Generation Onion Router(Tor),which is currently the most used anonymous communication system.It can protect user privacy,but some criminals use this feature to conduct illegal activities.In this paper,the research on fingerprint attack and prevention technology for anonymous network traffic is of great significance to improve the security of anonymous communication.This paper mainly studies the algorithm based on machine learning to identify Tor encrypted traffic,classify the application types,and then use deep learning fingerprint attack to identify specific web pages in encrypted traffic.The main work and results of this paper are as follows:(1)In view of the low accuracy of Tor anonymous traffic identification and traffic classification,this paper adopts the XL-Stacking model based on ensemble learning.The first layer of the stacking model uses K-Nearest Neighbor(KNN),XGBoost,and random forest algorithm;the second layer uses the logistic regression algorithm(Logistic),which can achieve higher classification under smaller feature dimensions.Accuracy.The algorithm can quickly identify whether the user’s traffic is darknet traffic,and the accuracy rate can reach 99.7% on the data set collected by itself.By further subdividing the traffic on the dark web,you can quickly locate the traffic categories,which are divided into the following 8 categories: video,web browsing,chat,file transfer,mail,P2 P,audio,and VOIP.On the public UNB-CIC dataset,the accuracy rate is 90.3%,and the recall rate reaches 87.4%,which is better than the classification performance of similar work.(2)In view of the problem that the current website fingerprint attack requires a large amount of data and the anti-defense ability is not strong,this paper adopts the Bi GRU-Res Net fingerprint attack model based on space and time,and makes full use of the Tor website fingerprint sequence,including time,space and website information.It integrates the spatiotemporal multimodality and improves the efficiency and accuracy of model recognition.In the closed world scene,the accuracy rate of 98.46% was achieved,and when the number of instances of each monitoring page was 100,the accuracy rate reached 87.51%,which proves that the model can also perform well in the case of small training samples.The effect is to reduce the cost of supervision of the Tor anonymous network by regulators.In the open world scene,the true positive rate of 86.26% is obtained.And in the currently popular WTF-PAD and Walkie-Talkie defense scenarios.The anti-defense capability and effectiveness of BiGRU-ResNet are verified.
Keywords/Search Tags:Anonymous network, Tor, Traffic identification, Website fingerprinting attack, Website fingerprinting defense
PDF Full Text Request
Related items