Cybersecurity uses Stacking Ensemble Learning for Darknet Classification
Article Sidebar
Main Article Content
Abstract
Cyber intelligence services sometimes refer to the "darknet," the part of the internet that consumers don't often anticipate to be accessible for machine-to-machine communication. Before building security, it is important to analyze the network's risks. To examine and classify darknet data, this study suggests new classification methods for machine learning called stacking ensemble learning. This study used ensembles of machine learning methods on the newly published CIC-Darknet2020 dataset to accurately distinguish between Darknet and Benign traffic, achieving a 98% accuracy rate. Furthermore, it successfully identified the specific kind of application running behind the Darknet traffic with a 97% accuracy rate. In addition, we used an approach based on game theory to assess the output of the models developed using machine learning and showcase the impact of the features, intending to gain a deeper understanding of the Darknet traffic behavior. To the best of our knowledge, this research is the first one conducted on this dataset, as confirmed by the dataset producers.
Downloads
Article Details
Section
This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite
References
Gayard, Laurent (2018). Darknet: Geopolitics and Uses. Hoboken, NJ: John Wiley & Sons. p. 158. ISBN 9781786302021.
Pradhan, Sayam (2020). "Anonymous". The Darkest Web: The Dark Side of the Internet. India. p. 9. ISBN 9798561755668.
Press Foundation, Freedom of the. "SecureDrop". GitHub. Freedom of the Press Foundation. Retrieved 28 January 2019.
Abu Al-Haija, Q. Top-Down Machine Learning-Based Architecture for Cyberattacks Identification and Classification in IoT Communication Networks. Front. Big Data 2022, 4, 782902.
Abu Al-Haija, Q.; Al-Badawi, A. Attack-Aware IoT Network Traffic Routing Leveraging Ensemble Learning. Sensors 2021, 22, 241.
Zavrak, S.; Iskefiyeli, M. Anomaly-Based Intrusion Detection from Network Flow Features Using Variational Autoencoder. IEEE Access 2020, 8, 108346–108358.
Wang, L.; Mei, H.; Sheng, V.S. Multilevel Identification and Classification Analysis of Tor on Mobile and PC Platforms. IEEE Trans. Ind. Inform. 2021, 17, 1079–1088.
Demertzis, K.; Tsiknas, K.; Takezis, D.; Skianis, C.; Iliadis, L. Darknet Traffic Big-Data Analysis and Network Management for Real-Time Automating of the Malicious Intent Detection Process by a Weight Agnostic Neural Networks Framework. Electronics 2021, 10, 781.
Mishra A, Gupta N, Gupta B. Defense mechanisms against DDoS attack based on entropy in SDN-cloud using POX controller. Telecommun Syst. 2021;77(1):47–62. doi: 10.1007/s11235-020-00747-w.
Ozawa S, Ban T, Hashimoto N, Nakazato J, Shimamura J. A study of IoT malware activities using association rule learning for darknet sensor data. Int J Inf Secur. 2020;19(1):83–92. doi: 10.1007/s10207-019-00439-w
Varghese, J.E.; Muniyal, B. A Pilot Study in Software-Defined Networking Using Wireshark for Analyzing Network Parameters to Detect DDoS Attacks. In Information and Communication Technology for Competitive Strategies (ICTCS 2020); Springer: Singapore, 2021; pp. 475–487.
Han, C.; Shimamura, J.; Takahashi, T.; Inoue, D.; Takeuchi, J.I.; Nakao, K. Real-Time Detection of Global Cyberthreat Based on Darknet by Estimating Anomalous Synchronization Using Graphical Lasso. IEICE Trans. Inf. Syst. 2020, E103-D, 2113–2124.