All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Tor-based Malware and Tor Connection Detection

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F14%3A00080503" target="_blank" >RIV/00216224:14330/14:00080503 - isvavai.cz</a>

  • Result on the web

    <a href="http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7141237&newsearch=true&searchWithin=%22First%20Name%22:Ibrahim&searchWithin=%22Last%20Name%22:Ghafir" target="_blank" >http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7141237&newsearch=true&searchWithin=%22First%20Name%22:Ibrahim&searchWithin=%22Last%20Name%22:Ghafir</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1049/cp.2014.1411" target="_blank" >10.1049/cp.2014.1411</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Tor-based Malware and Tor Connection Detection

  • Original language description

    Anonymous communication networks, like Tor, partially protect the confidentiality of user traffic by encrypting all communications within the overlay network. However, Tor is not only used for good; a great deal of the traffic in the Tor networks is in fact port scans, hacking attempts, exfiltration of stolen data and other forms of online criminality. The anonymity network Tor is often misused by hackers and criminals in order to remotely control hacked computers. In this paper we present our methodology for detecting any connection to or from Tor network. Our detection method is based on a list of Tor servers. We process the network traffic and match the source and destination IP addresses for each connection with Tor servers list. The list of Tor servers is automatically updated each day and the detection is in the real time. We applied our methodology on campus live traffic and showed that it can automatically detect Tor connections in the real time.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    IN - Informatics

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/OFMASUN201301" target="_blank" >OFMASUN201301: CIRC - Mobile dedicated devices to fulfilling ability to respond to cyber incidents</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2014

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Proceedings of International Conference on Frontiers of Communications, Networks and Applications

  • ISBN

    9781785610721

  • ISSN

  • e-ISSN

  • Number of pages

    6

  • Pages from-to

    1-6

  • Publisher name

    IEEE Xplore Digital Library

  • Place of publication

    Kuala Lumpur, Malaysia

  • Event location

    Kuala Lumpur, Malaysia

  • Event date

    Nov 3, 2014

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

Increasing Trust in Tor Node List Using BlockchainTor anonymity networkFuzzy Control of Configuration of Web Anonymization using TOR