Cloud Network Performance

Download PDF
2 downloads 0 Views 1MB Size Report
Comment
A Dive into the Dark Web: Hierarchical. Traffic Classification of Anonymity Tools. Antonio Montieri1, Domenico Ciuonzo2, Valerio Persico1,2, Antonio Pescapé1, ...
A Dive into the Dark Web: Hierarchical Traffic Classification of Anonymity Tools Antonio Montieri1, Domenico Ciuonzo2, Valerio Persico1,2, Antonio Pescapé1,2 1University of Napoli “Federico II” (Italy), 2NM2 srl (Italy) {antonio.montieri, valerio.persico, pescape}@unina.it, [email protected]

Anonymity Tools Traffic Classification Anonymity Tools (ATs)

Proposed Approach

Traffic Classification of ATs

ATs are employed by Internet users

Hierarchical Classification Framework

to achieve privacy by hiding

Associating traffic objects with the

✓ communication content and nature

specific anonymity tool generating them

✓ source and destination identity

✓ provides hints on their effectiveness

✓ Machine Learning classifiers arranged in a tree fashion ✓ “Divide-et-impera” approach

✓ enforces informed policies

✓Scalability enhancement

✓ prevents unwanted user-actions

✓Per-node tuning and performance

Hierarchical Classification Framework for Anonymity Tools Traffic Hierarchical Classification Framework

Design Choices ✓ Classification Levels [1] ✓ Anonymous Network → L1 - 3 classes ✓ Traffic Type → L2 - 7 classes ✓ Application → L3 - 21 classes ✓ Classification Algorithms [2] ✓ Decision Trees → RF & C4.5 ✓ Bayesian Family → NB_SD & BN_TAN ✓ Feature Sets [1] ✓ Flow-based → 74 statistics ✓ Early-based → (PL, IAT) of the first 𝐾 packets ✓ Non-Mandatory Node Prediction → “Reject Option” Adoption

Preliminary Experimental Results Improvement with Hierarchical Framework

Per-node Performance Breakdown

Each node is optimized in terms of number of features and classifier type

RF is the best classifier for each node except BN_TAN for TorApp node

F-measure gains • L2 → +1.51% • L3 → +4.42%

Significant degradation at L3 for I2PApp80BW • Accuracy → 48.94% • F-measure → 48.90%

Fine-grained Performance

Performance with Reject Option

From Flat to Hierarchical

[1] K. Shahbar and A. N. Zincir-Heywood, “Packet momentum for identification of anonymity networks,” Journal of Cyber Security and Mobility, vol. 6, no. 1, pp. 27–56, 2017. [2] A. Montieri, D. Ciuonzo, G. Aceto, and A. Pescape, “Anonymity services Tor, I2P, JonDonym: Classifying in the dark (web),” EEE Trans. Depend. Sec. Comput., pp. 1–1, 2018.