A NEURAL NETWORK BASED INTRUSION DETECTION AND USER IDENTIFICATION SYSTEM FOR TOR NETWORKS: PERFORMANCE EVALUATION FOR DIFFERENT NUMBER OF HIDDEN UNITS USING FRIEDMAN TEST

Authors

  • TARO ISHITAKI Graduate School of Engineering, Fukuoka Institute of Technology (FIT) 3-30-1, Wajiro-Higashi, Higashi-Ku, Fukuoka 811-0295, Japan
  • TETSUYA ODA Graduate School of Engineering, Fukuoka Institute of Technology (FIT) 3-30-1, Wajiro-Higashi, Higashi-Ku, Fukuoka 811-0295, Japan
  • YI LIU Graduate School of Engineering, Fukuoka Institute of Technology (FIT) 3-30-1, Wajiro-Higashi, Higashi-Ku, Fukuoka 811-0295, Japan
  • DONALD ELMAZI Graduate School of Engineering, Fukuoka Institute of Technology (FIT) 3-30-1, Wajiro-Higashi, Higashi-Ku, Fukuoka 811-0295, Japan
  • KEITA MATSUO Fukuoka Prefectural Fukuoka Technical High School 2-19-1 Arae, Sawara-Ku, Fukuoka 814-8520, Japan
  • LEONARD BAROLLI Department of Information and Communication Engineering, Fukuoka Institute of Technology (FIT) 3-30-1 Wajiro-Higashi, Higashi-Ku, Fukuoka 811?0295, Japan

Keywords:

Neural Networks, Friedman Test, User Identification, Intrusion Detection, Tor Networks, Deep Web, Hidden Unit

Abstract

Due to the amount of anonymity afforded to users of the Tor infrastructure, Tor has become a useful tool for malicious users. With Tor, the users are able to compromise the non-repudiation principle of computer security. Also, the potentially hackers may launch attacks such as DDoS or identity theft behind Tor. For this reason, there are needed new systems and models to detect the intrusion in Tor networks. In this paper, we present the application of Neural Networks (NNs) and Friedman test for intrusion detection and user identification in Tor networks. We used the Back-propagation NN and constructed a Tor server, a Deep Web browser (Tor client) and a Surface Web browser. Then, the client sends the data browsing to the Tor server using the Tor network. We used Wireshark Network Analyzer to get the data and then used the Back-propagation NN to make the approximation. We present many simulation results for different number of hidden units considering Tor client and Surface Web client. The simulation results show that our simulation system has a good approximation and can be used for intrusion detection and user identification in Tor networks.

 

Downloads

Download data is not yet available.

References

“Tor project web site,” http://www. torproject.org/.

R. Dingledine, N. Mathewson, and P. Syverson, “Deploying low-latency anonymity: Design challenges

and social factors,” IEEE Security Privacy, vol. 5, no. 5, pp. 83–87, September 2007.

R. Dingledine, N. Mathewson, and P. Syverson, “Tor: the second-generation onion router,” Proc.

of the 13th conference on USENIX Security Symposium (SSYM-2004), vol. 13, p. 21, 2004.

Z. Ling, J. Luo, K. Wu, W. Yu, and X. Fu,” Proc. of IEEE INFOCOM 2014, pp. 1402–1410, 2014.

E. K. Reddy, “Neural networks for intrusion detection and its applications,” Proc. of the World

Congress on Engineering 2013 Vol. II (WCE-2013), July 2013.

O. Linda, T. Vollmer, and M. Manic, “Neural network based intrusion detection system for critical

infrastructures,” Proc. of International Joint Conference on Neural Networks (IJCNN-2009), pp.

–1834, June 2009.

J. Shum, H. A. Malki, “Network intrusion detection system using neural networks,” Proc. of Fourth

International Conference on Natural Computation (ICNC-2008), pp. 242–246, October 2008.

S. T. F. Al-Janabi, H. A. Saeed, “A neural network based anomaly intrusion detection system,”

Developments in E-systems Engineering (DeSE-2011), pp. 221–226, December 2011.

Jer Lang Hong, “Deep web data extraction,” In Proc. of IEEE International Conference on Sys-

tems Man and Cybernetics (SMC-2010), pp. 3420–3427, October 2010.

M. P. Singh, “Deep web structure,” IEEE Internet Computing, vol. 6, no. 5, pp. 4–5, 2002.

D. Stupples, “Security challenge of tor and the deep web,” 8th International Conference for In-

ternet Technology and Secured Transactions (ICITST-2013), p. 14, December 2013.

A. Biryukov, “Trawling for tor hidden services: Detection, measurement, deanonymization,” In

Proc. of IEEE Symposium on Security and Privacy (SP-2013), pp. 80–94, November 2013.

P. Dhungel, M. Steiner, I. Rimac, V. Hilt, and K. W. Ross, “Waiting for anonymity: Understanding

delays in the tor overlay,” In Proc. of IEEE Tenth International Conference on Peer-to-Peer

Computing (P2P-2010), pp. 1–4, August 2010.

L. Xin, W. Neng, “Design improvement for tor against low-cost traffic attack and low-resource

routing attack,” In Proc. of WRI International Conference on Communications and Mobile Com-

puting (CMC '09), pp. 549–554, January 2009.

P. Syverson, “A peel of onion,” Proc. of ACSAC-2011, pp. 123–135, December 2011.

H. Jaeger, “Tutorial on training recurrent neural networks, covering bppt, rtrl, ekf and the ”echo

state network” approach,” GMD Report 159, German National Research Center for Information

Technology, 2002.

S. O. Haykin, Neural Networks and Learning Machines (3rd Edition). Prentice Hall, November

A. K. Jain, “Artificial neural networks: a tutorial,” Computer, vol. 29, no. 3, pp. 31–44, 1996.

“The r project for statistical computing,” http://www.r-project.org/.

“Wireshark web site.” http://www. wireshark.org/.

M. Friedman, “The Use of Ranks to Avoid the Assumption of Normality Implicit in the Analysis

of Variance,” Journal of the American Statistical Association, vol. 32, no. 200, pp. 675–701, 1937.

Downloads

Published

2015-07-26

Issue

Section

Articles