TY - JOUR
T1 - Multilevel Identification and Classification Analysis of Tor on Mobile and PC Platforms
AU - Wang, Liangmin
AU - Mei, Hantao
AU - Sheng, Victor S.
N1 - Funding Information:
Manuscript received December 19, 2019; revised February 29, 2020; accepted April 1, 2020. Date of publication April 20, 2020; date of current version November 18, 2020. This work was supported in part by the National Natural Science Foundation of China under Grant U1736216. Paper no. TII-19-5411. (Corresponding author: Liangmin Wang; Victor S. Sheng.) Liangmin Wang and Hantao Mei are with the School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang 212013, China (e-mail: wanglm@ujs.edu.cn; meihantao@gmail.com).
Publisher Copyright:
© 2005-2012 IEEE.
PY - 2021/2
Y1 - 2021/2
N2 - In digitalized and automated systems, more and more intelligent devices have become an import part of industrial Internet of Things (IIOT). However, the lack of security in IIOT makes people facing unprecedented threats from the Dark web. Traffic classification is an important means to prevent anonymous attacks. However, the growing usage of smartphones in daily life is deeply changing the nature of network traffic, which makes traffic classification more challenging. In this article, we propose a Tor traffic identification and multilevel classification framework based on network flow features, which realizes the identification of anonymous traffic (L1), traffic types (L2) of anonymous traffic, and applications (L3) on a mobile and a PC platform, respectively. We further analyze differences between the mobile and the PC platform. We conclude that the impact of time-related features is higher than that of the nontime-related features on the mobile platform, while it is opposite on the PC platform. And it is more difficult to identify and classify Tor types (L2) and specific Tor applications (L3) on the mobile platform than on the PC platform, including using different number of features and early identification and classification.
AB - In digitalized and automated systems, more and more intelligent devices have become an import part of industrial Internet of Things (IIOT). However, the lack of security in IIOT makes people facing unprecedented threats from the Dark web. Traffic classification is an important means to prevent anonymous attacks. However, the growing usage of smartphones in daily life is deeply changing the nature of network traffic, which makes traffic classification more challenging. In this article, we propose a Tor traffic identification and multilevel classification framework based on network flow features, which realizes the identification of anonymous traffic (L1), traffic types (L2) of anonymous traffic, and applications (L3) on a mobile and a PC platform, respectively. We further analyze differences between the mobile and the PC platform. We conclude that the impact of time-related features is higher than that of the nontime-related features on the mobile platform, while it is opposite on the PC platform. And it is more difficult to identify and classify Tor types (L2) and specific Tor applications (L3) on the mobile platform than on the PC platform, including using different number of features and early identification and classification.
KW - Anonymous network
KW - The Onion Router (Tor)
KW - Tor identification
KW - mobile anonymous network
KW - traffic classification
UR - http://www.scopus.com/inward/record.url?scp=85096644183&partnerID=8YFLogxK
U2 - 10.1109/TII.2020.2988870
DO - 10.1109/TII.2020.2988870
M3 - Article
AN - SCOPUS:85096644183
VL - 17
SP - 1079
EP - 1088
JO - IEEE Transactions on Industrial Informatics
JF - IEEE Transactions on Industrial Informatics
SN - 1551-3203
IS - 2
M1 - 9072571
ER -