Ali Hadi

Work place: Princess Sumaya University for Technology (PSUT), Amman, Jordan

E-mail: a.hadi@psut.edu.jo

Website:

Research Interests: Computer systems and computational processes, Computer Architecture and Organization, Operating Systems, Network Architecture, Network Security, Program Analysis and Transformation

Biography

Dr. Hadi received the B.S. degree in computer science from Philadelphia University, Jordan, in 2002 and the M.Sc. and Ph.D. degree in computer information system from University of Banking and Financial Sciences, College of Information Technology, Jordan, in 2004 and 2010, respectively.

He's a Senior Level Information Security Officer with 14+ years of professional experience working for different high-reputed companies. Since 2011 he's been teaching different computer security, digital forensics, and networking courses for both graduates and undergraduates. He's also an author, speaker, and freelance instructor. His research interests include digital forensics, operating systems internals, malware forensic analysis, and network security.

Author Articles
A Model for Detecting Tor Encrypted Traffic using Supervised Machine Learning

By Alaeddin Almubayed Ali Hadi Jalal Atoum

DOI: https://doi.org/10.5815/ijcnis.2015.07.02, Pub. Date: 8 Jun. 2015

Tor is the low-latency anonymity tool and one of the prevalent used open source anonymity tools for anonymizing TCP traffic on the Internet used by around 500,000 people every day. Tor protects user’s privacy against surveillance and censorship by making it extremely difficult for an observer to correlate visited websites in the Internet with the real physical-world identity. Tor accomplished that by ensuring adequate protection of Tor traffic against traffic analysis and feature extraction techniques. Further, Tor ensures anti-website fingerprinting by implementing different defences like TLS encryption, padding, and packet relaying. However, in this paper, an analysis has been performed against Tor from a local observer in order to bypass Tor protections; the method consists of a feature extraction from a local network dataset. Analysis shows that it’s still possible for a local observer to fingerprint top monitored sites on Alexa and Tor traffic can be classified amongst other HTTPS traffic in the network despite the use of Tor’s protections. In the experiment, several supervised machine-learning algorithms have been employed. The attack assumes a local observer sitting on a local network fingerprinting top 100 sites on Alexa; results gave an improvement amongst previous results by achieving an accuracy of 99.64% and 0.01% false positive.

[...] Read more.
Other Articles