Machine learning approach for detection of non-Tor Traffic

Hodo, Elike and Bellekens, Xavier and Iorkyase, Ephraim and Hamilton, Andrew and Tachtatzis, Christos and Atkinson, Robert (2017) Machine learning approach for detection of non-Tor Traffic. Journal of Cyber Security and Mobility, 6 (2). pp. 171-194. 4. ISSN 2245-4578 (

[thumbnail of Hodo-etal-JCSM-2017-Machine-learning-approach-for-detection-of-non-Tor]
Text. Filename: Hodo_etal_JCSM_2017_Machine_learning_approach_for_detection_of_non_Tor.pdf
Final Published Version

Download (2MB)| Preview


Intrusion detection has attracted a considerable interest from researchers and industry. After many years of research the community still faces the problem of building reliable and efficient intrusion detection systems (IDS) capable of handling large quantities of data with changing patterns in real time situations. The Tor network is popular in providing privacy and security to end user by anonymizing the identity of internet users connecting through a series of tunnels and nodes. This work identifies two problems; classification of Tor traffic and nonTor traffic to expose the activities within Tor traffic that minimizes the protection of users in using the UNB-CIC Tor Network Traffic dataset and classification of the Tor traffic flow in the network. This paper proposes a hybrid classifier; Artificial Neural Network in conjunction with Correlation feature selection algorithm for dimensionality reduction and improved classification performance. The reliability and efficiency of the propose hybrid classifier is compared with Support Vector Machine and naïve Bayes classifiers in detecting nonTor traffic in UNB-CIC Tor Network Traffic dataset. Experimental results show the hybrid classifier, ANN-CFS proved a better classifier in detecting nonTor traffic and classifying the Tor traffic flow in UNB-CIC Tor Network Traffic dataset.