An efficient technique to detect slow rate DDoS attack from a private Tor network Online publication date: Fri, 11-Dec-2020
by Yogita Deepak Mane; Uday Pandit Khot
International Journal of Electronic Security and Digital Forensics (IJESDF), Vol. 13, No. 1, 2021
Abstract: A roBOT NETwork is a collection of insecure computers connected via internet. All the activities of insecure computers are controlled by BotMaster. Lately, the BotMaster moved his activities to Tor browser because the secured Tor network makes the detection of Botnet more difficult. The purpose of this paper is to identify Tor based Bot. As the Tor browser is highly secure and doing practical experiment on it is not advisable as it rises ethical issues which could affect the performance and functionality of Tor. Thus, in the proposed system private Tor network (PTN) on physical machines under LAN infrastructure with dedicated resources had been created. The paper shows the detection and deactivation of 'Tor'sHammer' Bot. For detection, delta time (TΔ) is calculated and set the threshold value. For αnormal it is minimum 100 ms and αattack it is less than equal to 10 ms. The TPr is 86.79% and FNr is 13.21%.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Electronic Security and Digital Forensics (IJESDF):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook