Darknet Traffic Classification

Author

Nhien Rust-Nguyen, San Jose State University

Publication Date

Spring 2022

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

First Advisor

Mark Stamp

Second Advisor

Thomas Austin

Third Advisor

Fabio Di Troia

Keywords

malicious traffic detection, darknets, AC-GANs

Abstract

The anonymous nature of darknets is commonly exploited for illegal activities. Previous research has employed machine learning and deep learning techniques to automate the detection of darknet traffic to block these criminal activities. This research aims to improve darknet traffic detection by assessing Support Vector Machines (SVM), Random Forest (RF), Convolutional Neural Networks (CNN) and Auxiliary-Classifier Generative Adversarial Networks (AC-GAN) for classification of network traffic and the underlying application types. We find that our RF model outperforms the state-of-the-art machine learning techniques used by prior work with the CIC-Darknet2020 dataset. To evaluate the robustness of our RF classifier, we degrade its performance through obfuscation scenarios, confusing application types by transforming their traffic features mathematically. We demonstrate that our best-performing classifier could be defeated by obfuscation, then show how to defeat that obfuscation.

Recommended Citation

Rust-Nguyen, Nhien, "Darknet Traffic Classification" (2022). Master's Projects. 1087.
DOI: https://doi.org/10.31979/etd.58mg-xj4t
https://scholarworks.sjsu.edu/etd_projects/1087