Abstract
Due to the amount of anonymity afforded to users of the Tor infrastructure, Tor has become a useful tool for malicious users. With Tor, the users are able to compromise the non-repudiation principle of computer security. Also, the potentially hackers may launch attacks such as DDoS or identity theft behind Tor. For this reason, there are needed new systems and models to detect the intrusion in Tor networks. In this paper, we present the application of Autoregression Integrated Moving Average (ARIMA) for prediction of user behavior in Tor networks. We constructed a Tor server and a Deep Web browser (Tor client) in our laboratory. Then, the client sends the data browsing to the Tor server using the Tor network. We used Wireshark Network Analyzer to get the data and then used the ARIMA model to make the prediction. The simulation results show that proposed system has a good prediction of user behavior in Tor networks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Tor Project Web Site. http://www.torproject.org/
Dingledine, R., Mathewson, N., Syverson, P.: Deploying low-latency anonymity: design challenges and social factors. IEEE Secur. Priv. 5(5), 83–87 (2007)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation Onion Router. In: Proceedings of the 13th Conference on USENIX Security Symposium (SSYM-2004), vol. 13, p. 21 (2004)
Ling, Z., Luo, J., Wu, K., Yu, W., Fu, X.: TorWard: discovery of malicious traffic over Tor. In: Proceedings of IEEE INFOCOM 2014, pp. 1402–1410, April 2014
Reddy, E.K.: Neural networks for intrusion detection and its applications. In: Proceedings of the World Congress on Engineering 2013 Vol. II, WCE-2013, July 2013
Linda, O., Vollmer, T., Manic, M.: Neural network based intrusion detection system for critical infrastructures. In: Proceedings of International Joint Conference on Neural Networks (IJCNN-2009), pp. 1827–1834, June 2009
Shum, J., Malki, H.A.: Network intrusion detection system using neural networks. In: Proceedings of Fourth International Conference on Natural Computation (ICNC-2008), pp. 242–246, October 2008
Al-Janabi, S.T.F., Saeed, H.A.: A neural network based anomaly intrusion detection system. In: Developments in E-systems Engineering (DeSE), pp. 221–226, December 2011
Niyaz, Q., Sun, W., Javaid, A.Y., Alam, M.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (Formerly BIONETICS), BICT-15, vol. 15, pp. 21–26 (2015)
Lang Hong, J.: Deep web data extraction. In: Proceedings of IEEE International Conference on Systems Man and Cybernetics (SMC-2010), pp. 3420–3427, October 2010
Singh, M.P.: Deep web structure. IEEE Internet Comput. 6(5), 4–5 (2002)
Stupples, D.: Security challenge of Tor and the deep web. In: 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013), December 2013
Biryukov, A.: Trawling for Tor hidden services: detection, measurement, deanonymization. In: Proceedings of IEEE Symposium on Security and Privacy (SP-2013), pp. 80–94, November 2013
Dhungel, P., Steiner, M., Rimac, I., Hilt, V., Ross, K.W.: Waiting for anonymity: understanding delays in the Tor overlay. In: Proceedings of IEEE Tenth International Conference on Peer-to-Peer Computing (P2P-2010), pp. 1–4, August 2010
Xin, L., Neng, W.: Design improvement for Tor against low-cost traffic attack and low-resource routing attack. In: Proceedings of WRI International Conference on Communications and Mobile Computing (CMC-2009), pp. 549–554, January 2009
Syverson, P.: A peel of onion. In: Proceedings of ACSAC-2011, pp. 123–135, December 2011
Min, Y., Bin, W., Liang-Ii, Z., Xi, C.: Wind speed forecasting based on EEMD and ARIMA. In: Chinese Automation Congress (CAC-2015), pp. 1299–1302 (2015)
The R Project for Statistical Computing. http://www.r-project.org/
WireShark Web Site. http://www.wireshark.org/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Oda, T., Cuka, M., Obukata, R., Ikeda, M., Barolli, L. (2018). A User Prediction and Identification System for Tor Networks Using ARIMA Model. In: Barolli, L., Zhang, M., Wang, X. (eds) Advances in Internetworking, Data & Web Technologies. EIDWT 2017. Lecture Notes on Data Engineering and Communications Technologies, vol 6. Springer, Cham. https://doi.org/10.1007/978-3-319-59463-7_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-59463-7_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-59462-0
Online ISBN: 978-3-319-59463-7
eBook Packages: EngineeringEngineering (R0)