Anonymous communication networks, like Tor, partially protect the confidentiality of user traffic by encrypting all communications within overlay network. However, Tor is not only used for good; a great deal in networks fact port scans, hacking attempts, exfiltration stolen data and other forms online criminality. The anonymity network often misused hackers criminals order to remotely control hacked computers. In this paper we present our methodology detecting any connection or from Our detection method based on list servers. We process match source destination IP addresses each with servers list. automatically updated day real time. applied campus live showed that it can detect connections also packet capture (pcap) files which contain long-lived malware proved successfully connections.

Load

Load