DarkDetect: Darknet Traffic Detection and Categorization using Modified Convolution-Long Short-Term Memory

Darknet is commonly known as the epicenter of illegal online activities. An analysis of darknet traffic is essential to monitor real-time applications and activities running over the Darknet. Recognizing network traffic bound to unused Internet addresses has become undeniably significant for identif...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 9; p. 1
Main Authors Sarwar, Muhammad Bilal, Hanif, Muhammad Kashif, Talib, Ramzan, Younas, Muhammad, Sarwar, Muhammad Umer
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.01.2021
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Algorithms
Artificial intelligence
Characterization
Classification
Communications traffic
Convolution
Darknet traffic
Decision trees
Deep learning
Digital systems
Drugs
Encrypted traffic
Feature extraction
Feature selection
Internet
Machine Learning
Monitoring
Random forests
Tor
Traffic information
Virtual private networks
Visualization
VPN
Online AccessGet full text

Cover

More Information
Summary:Darknet is commonly known as the epicenter of illegal online activities. An analysis of darknet traffic is essential to monitor real-time applications and activities running over the Darknet. Recognizing network traffic bound to unused Internet addresses has become undeniably significant for identifying and examining malicious activities on the internet. Since there are no authentic hosts or devices in an unused address block, any observed network traffic must be the aftereffect of misconfiguration from spoofed source addressed and other frameworks that monitor unused address space. However, the recent advancements in artificial intelligence allow digital systems to detect and identify darknet traffic autonomously. In this paper, we propose a generalized approach for darknet traffic detection and categorization using Deep Learning. We examine the state-of-the-art complex dataset, which provides excessive information about the darknet traffic and perform data preprocessing. Next, we analyze diverse feature selection techniques to select optimal features for darknet traffic detection and categorization. We apply fine-tuned machine learning (ML) algorithms which include Decision Tree (DT), Gradient Boosting (GB), Random Forest Regressor (RFR), and Extreme Gradient Boosting (XGB) on selected features and compare the performance. Next, we apply modified Convolution-Long Short-Term Memory (CNN-LSTM) and Convolution-Gradient Recurrent Unit (CNN-GRU) deep learning techniques to recognize the network traffic more accurately. The results demonstrate that the proposed approach outperforms the existing approaches by yielding the maximum accuracy of 96% of darknet traffic detection and 89% of darknet traffic categorization through XGB as a feature selection approach and CNN-LSTM a recognition model.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2021.3105000