Skip to content

doleebest/L3_Team_Project

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

78 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

1. Website Fingerprinting on the Tor Network

📍 1.1 Overview

This project focuses on classifying websites visited over the Tor network by analyzing network traffic patterns. The goal is to evaluate the performance of website fingerprinting models in both Closed-world and Open-world scenarios.

✏️ 1.2 Problem Definition

Website fingerprinting identifies websites a user visits by analyzing encrypted network traffic patterns. Despite encryption, unique traffic patterns arise from web content like embedded resources and request-response behaviors.

In the Tor network, which ensures anonymity by encrypting and routing traffic through multiple nodes, attackers can analyze traffic at entry points to infer visited websites. Using Tor traffic data with timestamped packet sizes, we aim to classify websites by building and evaluating machine learning models.

The project focuses on two scenarios:

  1. Closed-world: Users visit only websites in the training set.
  2. Open-world: Users visit both monitored and unmonitored websites.

This project explores the full pipeline, including data preprocessing, feature extraction, model training, and evaluation, to analyze classification performance and traffic patterns.

💽 1.3 Dataset

The dataset consists of two files: mon_standard.pkl and unmon_standard10.pkl. The mon_standard.pkl file contains data from monitored websites with 95 classes representing 95 different websites. It includes 19,000 instances, where each website has 10 subpages observed 20 times. The unmon_standard10_3000.pkl file contains 3,000 instances of unmonitored websites.

In the closed-world scenario, it is assumed that users visit only monitored websites. The objective in this case is to classify traffic into the 95 monitored website classes. In the open-world scenario, users can visit both monitored and unmonitored websites. This involves two tasks: binary classification and multi-class classification. For binary classification, monitored instances are labeled as 1 (positive), and unmonitored instances are labeled as -1 (negative). For multi-class classification, monitored instances are assigned labels {0, 1, ..., 94}, and unmonitored instances are labeled as -1.

⚙️ 1.4 Experiment Environment

  • Resources
    • Total RAM: 8.00 GB
    • Available RAM: 1.41 GB
    • Total CPU Cores: 8 cores

👟 1.5 Guide to Run the Project in Jupyter Notebook

Follow these steps to execute the project in a Jupyter Notebook environment.

Step 1: Set Up the Environment

Step 2: Download the Dataset

Step 3: Install libraries

  • Python libraries
pip install numpy scikit-learn matplotlib tensorflow

2. Extra Credit

📍 2.1 Overview

This experiment evaluates the performance of website fingerprinting models on defended traffic in the Tor network. The defended traffic employs a multiple-path communication defense mechanism to reduce the amount of observable traffic for an attacker. The goal is to determine whether the implemented model can outperform the accuracy of TrafficSilver-Net, a baseline model for defended traffic scenarios.

✏️ 2.2 Problem Definition

In a traditional Tor network, attackers can infer user activity by monitoring traffic between the Entry Node and the user. A proposed defense method involves using multiple communication paths between the Tor user and middle proxies. This approach reduces the amount of traffic an attacker can observe, potentially mitigating the risk of accurate fingerprinting.

The provided defended traffic dataset simulates this defense mechanism. The task is to classify website traffic using the defended dataset and compare the model’s performance to TrafficSilver-Net.

👟 2.3 Guide to Run the Project in Jupyter Notebook

Step 1: Set Up the Environment

Step 2: Download the Dataset

Step 3: Install libraries

  • Python libraries
pip install numpy scikit-learn matplotlib tensorflow

3. Contents

📫 3.1 Closed World Multi Classification Experiments

This repository contains experimental code and results for closed-world multi classification scenarios. The project explores various techniques to improve classification performance, including feature selection, model selection, hyperparameter optimization. Use closed-multi-BEST.ipynb for the final and best-performing model configuration, along with visual insights into data and model performance. The repository is organized into the following files:

Files Overview

  • Purpose: Compares model performance using 4-feature sets: 8, 24, 32 and 26 features.
  • Details:
    • Includes results for the 8, 24, 32, 26 features model.
    • Experiments with the 24 features set are integrated into the closed-multi-BEST.ipynb file for final performance.
  • Outcome: Demonstrates the significance of feature selection in boosting model accuracy and F1-score.
  • Purpose: Uses GridSearchCV to find the best hyperparameters for the model.
  • Details:
    • Performs hyperparameter tuning experiments.
    • Finalized hyperparameters are implemented in closed-multi-BEST.ipynb.
  • Outcome: Identifies optimal hyperparameters for enhanced performance.
  • Purpose: Uses RandomizedSearchCV to find the best hyperparameters for the model.
  • Details:
    • Performs hyperparameter tuning experiments.
  • Outcome: Identifies optimal hyperparameters for enhanced performance.
  • Purpose: finds the most optimal model.
  • Details:
    • Based on 24 fixed features, experiments were conducted with three models: Extra Tree, Random Forest, and XGBoost under the same conditions.
    • Extra Tree, which performed best, is applied in the closed-multi-BEST.ipynb file.
  • Purpose: Consolidates all the best experimental results and final configurations.
  • Details:
    • Combines the 24 features set, optimized hyperparameters and model.
    • Contains the highest-performing model implementation.
    • Includes detailed result visualizations:
      • Macro-average PR Curve : Shows the overall Precision-Recall (PR) curve averaged across all classes.
        • Precision-Recall Curve per class** : Displays individual PR curves and PR AUC scores for each of the 95 classes.
      • Top 10 Precision-Recall Curve : Highlights the PR curves of the top 10 performing classes.
      • Performance at Different Threshold : Visualizes the model’s precision, recall, and F1 score performance at various classification thresholds to identify the optimal threshold.
      • ROC Curve : Presents ROC curves for each of the 95 classes along with the macro-average ROC curve.

📭 3.2 Open World Binary Classification Experiments

This repository contains experimental code and results for open-world binary classification scenarios. The project explores various techniques to improve classification performance, including feature selection, hyperparameter optimization, and upsampling methods. Use open-binary-BEST.ipynb for the final and best-performing model configuration, along with visual insights into data and model performance. The repository is organized into the following files:

Files Overview

  • Purpose: Compares model performance using two feature sets: 8 features versus 24 features.
  • Details:
    • Includes results for the 8-feature model.
    • Experiments with the expanded 24-feature set are integrated into the open-binary-BEST.ipynb file for final performance.
  • Outcome: Demonstrates the significance of feature selection in boosting model accuracy and F1-score.
  • Purpose: Uses RandomizedSearchCV to find the best hyperparameters for the model.
  • Details:
    • Performs hyperparameter tuning experiments.
    • Finalized hyperparameters are implemented in open-binary-BEST.ipynb.
  • Outcome: Identifies optimal hyperparameters for enhanced performance.
  • Purpose: Addresses dataset imbalance using SMOTE upsampling.
  • Details:
    • Balances the monitored and unmonitored datasets.
    • Final improvements, including reduced false positive rates, are reflected in the open-binary-BEST.ipynb file.
  • Purpose: Consolidates all the best experimental results and final configurations.
  • Details:
    • Combines the expanded 24-feature set, optimized hyperparameters, and balanced dataset.
    • Contains the highest-performing model implementation.
    • Includes detailed result visualizations:
      • Data Distribution Before and After SMOTE: Shows class balance improvements through upsampling.
      • Confusion Matrix: Highlights model performance in correctly classifying monitored and unmonitored data.
      • Precision-Recall Curve: Evaluates precision and recall trade-offs across different thresholds.
      • ROC Curve: Demonstrates the model’s ability to distinguish between classes with a high AUC score.

📬 3.3 Open World Multi Classification Experiments

This repository contains experimental code and results for open-world binary classification scenarios. The project explores various techniques to improve classification performance, including feature selection, hyperparameter optimization, and upsampling methods. Use open_multi_up_rf_feature26_BEST.ipynb for the final and best-performing model configuration, along with visual insights into data and model performance. The repository is organized into the following files:

Files Overview

  • Purpose: experiments with down sampled data, 8 features.
  • Details: Includes results for the 8-feature model. (3 models(random forest, gradient boosting, svm)
  • Outcome: Demonstrates that the result of down sampling with any model is poor.
  • Purpose: experiments with down sampled data, 24 features.
  • Details: Includes results for the 24-featured random forest model.
  • Outcome: Demonstrates that the result of down sampling with any model and any number of features is poor.
  • Purpose: Addresses dataset imbalance using SMOTE upsampling.
  • Details: Balances the monitored and unmonitored datasets.
  • Purpose: Addresses dataset imbalance using SMOTE upsampling.
  • Details: Balances the monitored and unmonitored datasets.
  • Purpose: Consolidates all the best experimental results and final configurations.
  • Details:
    • Combines the expanded 26-feature set, optimized hyperparameters, and balanced dataset.
    • Contains the highest-performing model implementation.
    • Includes detailed result visualizations:
      • Data Distribution Before and After SMOTE: Shows class balance improvements through upsampling.
      • Precision-Recall Curve: Evaluates precision and recall trade-offs across different thresholds.
      • ROC Curve: Demonstrates the model’s ability to distinguish between classes with a high AUC score.

💌 3.4 Extra Credit

  • Purpose:

    Classify monitored website traffic using the Deep Fingerprinting (DF) model.

  • Details:

    Parse network data, extract features, and train a neural network for multi-class classification.

  • Outcome:

    Achieved high accuracy in identifying website traffic patterns.

4. Members

Daye Jang, Hayeon Doh, Sejin Park, Sojeong Lee, Sunho Kwak

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Jupyter Notebook 100.0%