Publication Date

Fall 2023

Degree Type

Thesis

Degree Name

Master of Science (MS)

Department

Computer Engineering

Advisor

Younghee Park; Stas Tiomkin; Mahima Agumbe Suresh

Abstract

Anonymous networks have been popularly utilized to protect user anonymity and facilitate network security for a decade. However, such networks have been a platform for adversarial affairs and various network attacks including suspicious traffic generators. As a result, detecting anonymous network traffic is one critical task to defend a network against unpredictable attacks. Many new methods using machine learning and deep learning techniques have been proposed. However, many of them rely heavily on a vast amount of labeled data and have complicated architectures. Since network traffic always fluctuates under different network environments, those techniques may degrade in performance due to the network dynamics in real time. Aiming to mitigate reliance on labeled data and simplify the structures of machine learning models, this study introduces a lightweight system to detect real-time anonymous network traffic leveraging the principles of reinforcement learning. Initially, the historical traces of anonymous traffic are analyzed to identify the crucial attributes that characterize anonymous and regular network traffic. Building on these important attributes, we design three components within the reinforcement learning framework: states, actions, and rewards. More importantly, decision-making thresholds that reflect the system’s observations are set. Operating autonomously, the system employs these elements to discern network traffic categories in an unsupervised mode. Empirical results demonstrate that the system can identify patterns in anonymous traffic with an accuracy rate surpassing 80%.

Download

Share

COinS