Abstract—In order to detect copyright infringement that contents are shared illegally on Tor network, traffic has been collected and analyzed efficiently. A Tor traffic collection system has been designed and implemented using multiple virtual machines. A number of virtual machines and Mini PC’s are used as clients to connect the Tor network, and collection and refinement processes in the traffic collection server have automated through script-based test client software. The client PCs that make up the system collect and refine traffic through the C & C server, and share and store the collected traffic using the CIFS protocol. Through this system, only Tor network traffic and necessary field data can be stored, and the performance of recognizing and refining Tor traffic only is achieved more the 95%. The collected traffic will be used for research such as ‘Traffic Pattern Analysis’ and ‘Traffic Fingerprinting’.
Index Terms—Tor network, virtual machine, traffic collection, refining.
Hyun-Jae Choi, Hyun-Soo Kim, and Dong-Myung Shin are with the LSware, Korea (e-mail: esther@lsware.co.kr, hskim94@lsware.co.kr, ronald@lsware.co.kr).
[PDF]
Cite: Hyun-Jae Choi, Hyun-Soo Kim, and Dong-Myung Shin, "Design and Implementation of Tor Traffic Collection System Using Multiple Virtual Machines," International Journal of Knowledge Engineering vol. 5, no. 2, pp. 68-71, 2019.