Mitigating Cybercrime Through Automated Darknet Traffic Detection Using CNNs

Friday, 08 Aug 2025·

Pitpimon Choorod

Sasin Janpuangtong

George R. S. Weir

Andreas Aßmuth

· 0 min read

Cite DOI

Abstract

The rise in cybercrime activities on the darknet highlights the critical need for advanced techniques to detect and classify darknet traffic. The Tor network serves as a gateway to the darknet and dark web, enabling illicit activities such as unauthorized data exchanges, financial fraud, and cyberattacks. This paper proposes a novel approach to mitigating cybercrime through automated darknet traffic detection using Convolutional Neural Networks (CNNs). Our method employs automated encrypted payload extraction in hexadecimal format as distinguishing features, enabling the CNN model to capture unique encryption patterns inherent to Tor’s onion-routing protocol. The proposed model achieves 99.66% accuracy in identifying Tor traffic, demonstrating its effectiveness in darknet traffic classification. Additionally, a Random Forest-based feature importance analysis enhances computational efficiency by reducing training and inference times. The findings of this study contribute to cybersecurity by introducing a real-time, automated solution for mitigating cybercrime through darknet traffic detection.

Type

Conference paper

Publication

2025 22nd International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON)

Last updated on Friday, 08 Aug 2025

Training Dark Web Accuracy Computational Modeling Feature Extraction Real-Time Systems Computational Efficiency Convolutional Neural Networks Computer Crime Payloads Darknet Traffic Detection Raw Encrypted Payloads Cybercrime

← The Role of Entropy-Based Features in Classifying Tor Traffic Using Machine Learning Friday, 10 Oct 2025

Cloud Computing 2025, The Sixteenth International Conference on Cloud Computing, GRIDs, and Virtualization Sunday, 06 Apr 2025 →