AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
Powered by AMiner. Clicking this button will take you away from SciOpen.
Home Intelligent and Converged Networks Article
PDF (8.5 MB)
Cite
EndNote(RIS) BibTeX
Collect
Submit Manuscript AI Chat Paper
Show Outline
Outline
Show full outline
Hide outline
Outline
Show full outline
Hide outline
Open Access

Analyzing darknet traffic through machine learning and neucube spiking neural networks

Information Systems Department, College of Computing & Informatics, University of Sharjah, Sharjah, United Arab Emirates
Department of Information Security, Faculty of Information Technology, University of Petra, Amman 11196, Jordan
Faculty of Computer Studies, Arab Open University, Riyadh 11681, Saudi Arabia
Department of Information Technology, Al-Huson University College, Al-Balqa Applied University, Irbid 19117, Jordan
Department of Computer Science and Information Engineering, Asia University, Taichung 413, China, Symbiosis Centre for Information Technology, Symbiosis International (Deemed University), Pune 412115, India
Centre of Inter-disciplinary Research & Innovation, University of Petroleum and Energy Studies, Dehradun 248007, India
Department of Computer Information Science, Higher Colleges of Technology, Sharjah, United Arab Emirates
Show Author Information

Abstract

The rapidly evolving darknet enables a wide range of cybercrimes through anonymous and untraceable communication channels. Effective detection of clandestine darknet traffic is therefore critical yet immensely challenging. This research demonstrates how advanced machine learning and specialized deep learning techniques can significantly enhance darknet traffic analysis to strengthen cybersecurity. Combining diverse classifiers such as random forest and naïve Bayes with a novel spiking neural network architecture provides a robust foundation for identifying concealed threats. Evaluation on the CIC-Darknet2020 dataset establishes state-of-the-art results with 98% accuracy from the random forest model and 84.31% accuracy from the spiking neural network. This pioneering application of artificial intelligence advances the frontiers in analyzing the complex characteristics and behaviours of darknet communication. The proposed techniques lay the groundwork for improved threat intelligence, real-time monitoring, and resilient cyber defense systems against the evolving landscape of cyber threats.

Keywords

darknet trafficmachine learningdeep learningspiking neural networkPCA

References

[1]

R. Niranjana, V. A. Kumar, and S. Sheen, Darknet traffic analysis and classification using numerical AGM and mean shift clustering algorithm, SN Comput. Sci., vol. 1, no. 1, p. 16, 2019.
Crossref Google Scholar
[2]

C. Fachkha and M. Debbabi, Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization, IEEE Commun. Surv. Tutor., vol. 18, no. 2, pp. 1197–1227, 2016.
Crossref Google Scholar
[3]

J. Hawdon, Cybercrime: victimization, perpetration, and techniques, Am. J. Crim. Justice, vol. 46, no. 6, pp. 837–842, 2021.
Crossref Google Scholar
[4]
M. Lebediev, Darknet, https://er.knutd.edu.ua/handle/123456789/11429, 2018.
[5]
R. Dingledine, N. Mathewson, and P. Syverson, Tor: The second-generation onion router, Technical Report, Naval Research Lab Washington, 2004.
Crossref
[6]
C. Chen, D. E. Asoni, D. Barrera, G. Danezis, and A. Perrig, HORNET: High-speed onion routing at the network layer, in Proc. 22nd ACM SIGSAC Conf. Computer and Communications Security, Denver, CO, USA, 2015, pp. 1441–1454.
Crossref
[7]

Q. Abu Al-Haija, M. Krichen, and W. Abu Elhaija, Machine-learning-based darknet traffic detection system for IoT applications, Electronics, vol. 11, no. 4, p. 556, 2022.
Crossref Google Scholar
[8]
L. A. Iliadis and T. Kaifas, Darknet traffic classification using machine learning techniques, in Proc. 10th Int. Conf. Modern Circuits and Systems Technologies (MOCAST ).Thessaloniki, Greece, 2021, pp. 1–4.
Crossref
[9]
Y. Hu, F. Zou, L. Li, and P. Yi, Traffic classification of user behaviors in tor, I2P, ZeroNet, Freenet, in Proc. IEEE 19th Int. Conf. Trust, Security and Privacy in Computing and Communications (TrustCom ), Guangzhou, China, 2020, pp. 418–424.
Crossref
[10]

E. Figueras-Martín, R. Magán-Carrión, and J. Boubeta-Puig, Drawing the web structure and content analysis beyond the tor darknet: Freenet as a case of study, J. Inf. Secur. Appl., vol. 68, p. 103229, 2022.
Crossref Google Scholar
[11]
A. Habibi Lashkari, G. Kaur, and A. Rahali, DIDarknet: A contemporary approach to detect and characterize the darknet traffic using deep image learning, in Proc. 2020 10th Int. Conf. Communication and Network Security, Tokyo, Japan, 2020, pp. 1–13.
Crossref
[12]

M. B. Sarwar, M. K. Hanif, R. Talib, M. Younas, and M. U. Sarwar, DarkDetect: Darknet traffic detection and categorization using modified convolution-long short-term memory, IEEE Access, vol. 9, pp. 113705–113713, 2021.
Crossref Google Scholar
[13]

N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer, SMOTE: synthetic minority over-sampling technique, J. Artif. Intell. Res., vol. 16, pp. 321–357, 2002.
Crossref Google Scholar
[14]
S. Zhong, D. Liu, L. Lin, M. Zhao, X. Fu, and F. Guo, A novel anomaly detection method for gas turbines using weight agnostic neural network search, in Proc. Asia-Pacific Int. Symp. on Advanced Reliability and Maintenance Modeling (APARM ), Vancouver, Canada, 2020, pp. 1–6.
Crossref
[15]
H. Karagöl, O. Erdem, B. Akbas, and T. Soylu, Darknet traffic classification with machine learning algorithms and SMOTE method, in Proc. 7th Int. Conf. Computer Science and Engineering (UBMK ), Diyarbakir, Türkiye, 2022, pp. 374–378.
Crossref
[16]

H. Mohanty, A. H. Roudsari, and A. H. Lashkari, Robust stacking ensemble model for darknet traffic classification under adversarial settings, Comput. Secur., vol. 120, p. 102830, 2022.
Crossref Google Scholar
[17]

J. Lan, X. Liu, B. Li, Y. Li, and T. Geng, DarknetSec: A novel self-attentive deep learning method for darknet traffic classification and application identification, Comput. Secur., vol. 116, p. 102663, 2022.
Crossref Google Scholar
[18]
J. Kennedy and R. Eberhart, Particle swarm optimization, in Proc. ICNN'95-Int. Conf. Neural Networks, Perth, Australia, 1995, pp. 1942–1948.
Crossref
[19]

Z. H. Zhou and J. Feng, Deep forest, Natl. Sci. Rev., vol. 6, no. 1, pp. 74–86, 2019.
Crossref Google Scholar
[20]

M. Coutinho Marim, P. V. B. Ramos, A. B. Vieira, A. Galletta, M. Villari, R. M. de Oliveira, and E. F. Silva, Darknet traffic detection and characterization with models based on decision trees and neural networks, Intell. Syst. Appl., vol. 18, p. 200199, 2023.
Crossref Google Scholar
[21]

N. Rust-Nguyen, S. Sharma, and M. Stamp, Darknet traffic classification and adversarial attacks using machine learning, Comput. Secur., vol. 127, p. 103098, 2023.
Crossref Google Scholar
[22]

A. Almomani, Darknet traffic analysis, and classification system based on modified stacking ensemble learning algorithms, Inf. Syst. e-Bus. Manag., pp. 1–32, 2023.
Crossref Google Scholar
[23]

R. Li, S. Chen, J. Yang, and E. Luo, Edge-based detection and classification of malicious contents in tor darknet using machine learning, Mob. Inf. Syst., vol. 2021, p. 8072779, 2021.
Crossref Google Scholar
[24]

K. Demertzis, K. Tsiknas, D. Takezis, C. Skianis, and L. Iliadis, Darknet traffic big-data analysis and network management for real-time automating of the malicious intent detection process by a weight agnostic neural networks framework, Electronics, vol. 10, no. 7, pp. 781, 2021.
Crossref Google Scholar
[25]

X. Tong, C. Zhang, J. Wang, Z. Zhao, and Z. Liu, Dark-forest: Analysis on the behavior of dark web traffic via DeepForest and PSO algorithm, Comput. Model. Eng. Sci., vol. 135, no. 1, pp. 561–581, 2023.
Crossref Google Scholar
[26]

A. Naik and L. Samant, Correlation review of classification algorithm using data mining tool: WEKA, rapidminer, Tanagra, orange and knime, Procedia Comput. Sci., vol. 85, pp. 662–668, 2016.
Crossref Google Scholar
[27]
R. O’Loughlin, Learning rules and topologies for liquid state machines: A survey of performance and representational dynamics for image and speech recognition, master thesis, University of Groningen, The Netherlands, 2022.
[28]

N. K. Kasabov, NeuCube: A spiking neural network architecture for mapping, learning and understanding of spatio-temporal brain data, Neural Netw., vol. 52, pp. 62–76, 2014.
Crossref Google Scholar
[29]

C. Tan, M. Šarlija, and N. Kasabov, Spiking neural networks: Background, recent development and the NeuCube architecture, Neural Process. Lett., vol. 52, no. 2, pp. 1675–1701, 2020.
Crossref Google Scholar
[30]

S. Song, K. D. Miller, and L. F. Abbott, Competitive Hebbian learning through spike-timing-dependent synaptic plasticity, Nat. Neurosci., vol. 3, no. 9, pp. 919–926, 2000.
Crossref Google Scholar
Intelligent and Converged Networks
Volume 5 Issue 4,
December 2024
Pages 265-283
DOI: 10.23919/ICN.2024.0022
Cite this article:
Akour I, Alauthman M, Nahar KMO, et al. Analyzing darknet traffic through machine learning and neucube spiking neural networks. Intelligent and Converged Networks, 2024, 5(4): 265-283. https://doi.org/10.23919/ICN.2024.0022

180

Views

32

Downloads

0

Crossref

0

Scopus

Altmetrics
Received: 05 January 2024
Revised: 21 March 2024
Accepted: 05 June 2024
Published: 31 December 2024
© All articles included in the journal are copyrighted to the ITU and TUP.

This work is available under the CC BY-NC-ND 3.0 IGO license:https://creativecommons.org/licenses/by-nc-nd/3.0/igo/
Return