Darknet Traffic Analysis A Systematic Literature Review

TL;DR

This paper systematically reviews existing research on darknet traffic analysis, focusing on machine learning methods for classifying and monitoring encrypted and anonymous traffic to understand security and privacy challenges.

Contribution

It provides a comprehensive overview of approaches used for darknet traffic classification and attack detection employing machine learning techniques.

Findings

Machine learning effectively classifies encrypted darknet traffic.

Various techniques are used for traffic attack detection.

Research highlights challenges in monitoring anonymized traffic.

Abstract

The primary objective of an anonymity tool is to protect the anonymity of its users through the implementation of strong encryption and obfuscation techniques. As a result, it becomes very difficult to monitor and identify users activities on these networks. Moreover, such systems have strong defensive mechanisms to protect users against potential risks, including the extraction of traffic characteristics and website fingerprinting. However, the strong anonymity feature also functions as a refuge for those involved in illicit activities who aim to avoid being traced on the network. As a result, a substantial body of research has been undertaken to examine and classify encrypted traffic using machine learning techniques. This paper presents a comprehensive examination of the existing approaches utilized for the categorization of anonymous traffic as well as encrypted network traffic inside the darknet. Also, this paper presents a comprehensive analysis of methods of darknet traffic using machine learning techniques to monitor and identify the traffic attacks inside the darknet.