{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:41:19Z","timestamp":1759092079513,"version":"3.37.3"},"reference-count":33,"publisher":"Wiley","license":[{"start":{"date-parts":[[2022,1,31]],"date-time":"2022-01-31T00:00:00Z","timestamp":1643587200000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1804263","U1736214","62172435","214200510019"],"award-info":[{"award-number":["U1804263","U1736214","62172435","214200510019"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Zhongyuan Science and Technology Innovation Leading Talent Project","award":["U1804263","U1736214","62172435","214200510019"],"award-info":[{"award-number":["U1804263","U1736214","62172435","214200510019"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2022,1,31]]},"abstract":"<jats:p>Although the anonymous communication network Tor can protect the security of users\u2019 data and privacy during their visits to the Internet, it also facilitates illegal users to access illegal websites. Website fingerprinting attacks can identify the websites that users are visiting to discern whether they are performing illegal operations. Existing methods tend to manually extract the traffic features of users visiting websites and construct machine learning or deep learning models to classify the features. While these methods can be effective in classifying unknown website traffic, the effect of classification in the use of defensive measures or onion service scenarios is not yet ideal. This paper proposes a method to identify Tor users visiting websites based on frequency domain fingerprinting of network traffic (FDF). We extract the direction and length features of circuit sequences in access traffic and combine and transform them into the frequency domain. The classification of access traffic is accomplished by using a deep learning classification model combining CNN, FC, and Self-Attention. In this paper, the proposed FDF method is experimentally validated in common scenarios of Tor networks. The results show that FDF outperforms the existing methods for classification in different Tor scenarios. It can achieve 98.8% and 94.3% classification accuracy in undefended and WTF-PAD defense scenarios, respectively. In the onion service scenario, the accuracy is improved by 4.7% over the current state-of-the-art Tik-Tok method.<\/jats:p>","DOI":"10.1155\/2022\/3306098","type":"journal-article","created":{"date-parts":[[2022,1,31]],"date-time":"2022-01-31T23:35:06Z","timestamp":1643672106000},"page":"1-12","source":"Crossref","is-referenced-by-count":5,"title":["A Method for Identifying Tor Users Visiting Websites Based on Frequency Domain Fingerprinting of Network Traffic"],"prefix":"10.1155","volume":"2022","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3479-3590","authenticated-orcid":true,"given":"Yuchen","family":"Sun","sequence":"first","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, Henan, China"},{"name":"Key Laboratory of Cyberspace Situation Awareness of Henan Province, Zhengzhou 450001, Henan, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6062-2950","authenticated-orcid":true,"given":"Xiangyang","family":"Luo","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, Henan, China"},{"name":"Key Laboratory of Cyberspace Situation Awareness of Henan Province, Zhengzhou 450001, Henan, China"}]},{"given":"Han","family":"Wang","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, Henan, China"},{"name":"Key Laboratory of Cyberspace Situation Awareness of Henan Province, Zhengzhou 450001, Henan, China"}]},{"given":"Zhaorui","family":"Ma","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, Henan, China"},{"name":"Zhengzhou University of Light Industry, Zhengzhou 450001, Henan, China"}]}],"member":"311","reference":[{"year":"2010","key":"1","article-title":"Users\u2014tor metrics"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1109\/cnsm.2015.7367356"},{"issue":"3","key":"3","doi-asserted-by":"crossref","first-page":"662","DOI":"10.1109\/TDSC.2018.2804394","article-title":"Anonymity services tor, i2p, jondonym: classifying in the dark (web)","volume":"17","author":"A. Montieri","year":"2018","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"issue":"3","key":"4","doi-asserted-by":"crossref","first-page":"1043","DOI":"10.1109\/TNSE.2019.2901994","article-title":"A dive into the dark web: hierarchical traffic classification of anonymity tools","volume":"7","author":"A. Montieri","year":"2019","journal-title":"IEEE Transactions on Network Science and Engineering"},{"first-page":"31","article-title":"Website fingerprinting: attacking popular privacy enhancing technologies with the multinomial Na\u00efve-Bayes classifier","author":"D. Herrmann","key":"5"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1145\/2046556.2046570"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1145\/2517840.2517851"},{"first-page":"143","article-title":"Effective attacks and provable defenses for website fingerprinting","author":"T. Wang","key":"8"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23477"},{"first-page":"1187","article-title":"k-fingerprinting: a robust scalable website fingerprinting technique","author":"J. Hayes","key":"10"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2016.05.019"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23261"},{"first-page":"639","article-title":"Robust website fingerprinting through the cache occupancy channel","author":"A. Shusterman","key":"13"},{"key":"14","first-page":"3371","article-title":"Stacked denoising autoencoders: learning useful representations in a deep network with a local denoising criterion","volume-title":"Journal of Machine Learning Research","author":"P. Vincent","year":"2010"},{"first-page":"1928","article-title":"Deep fingerprinting: undermining website fingerprinting defenses with deep learning","author":"P. Sirinam","key":"15"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354217"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2019-0070"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2020-0043"},{"first-page":"2021","article-title":"How unique is your .onion?: an analysis of the fingerprintability of tor onion services","author":"R. Overdorf","key":"19"},{"volume-title":"Tor: Onion Service Protocol","year":"2019","key":"20"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_2"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1109\/tpami.2006.79"},{"key":"23","unstructured":"DingledineR.MurdochS. J.Performance Improvements on Tor or, Why Tor Is Slow and what We\u2019re Going to Do about it2009United StatesThe Tor ProjectTechnical report"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1109\/p2p.2010.5569995"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2012.28"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660362"},{"first-page":"121","article-title":"CS-BuFLO: a congestion sensitive website fingerprinting defense","author":"X. Cai","key":"27"},{"first-page":"1375","article-title":"Walkie-talkie: an efficient defense against passive website fingerprinting attacks","author":"T. Wang","key":"28"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1109\/cvpr.2015.7298594"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1109\/cvpr.2016.90"},{"volume-title":"The Top 500 Sites on the Web","year":"2016","key":"31"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1109\/tnse.2020.3009832"},{"year":"2020","author":"Wtf-Pad","key":"33"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2022\/3306098.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2022\/3306098.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2022\/3306098.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,31]],"date-time":"2022-01-31T23:35:14Z","timestamp":1643672114000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2022\/3306098\/"}},"subtitle":[],"editor":[{"given":"Weizhi","family":"Meng","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2022,1,31]]},"references-count":33,"alternative-id":["3306098","3306098"],"URL":"https:\/\/doi.org\/10.1155\/2022\/3306098","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"type":"electronic","value":"1939-0122"},{"type":"print","value":"1939-0114"}],"subject":[],"published":{"date-parts":[[2022,1,31]]}}}