Research Article
Detecting ShadowsocksR User Based on Intelligence of Cyber Entities
Table 1
Comparison of the related Shadowsocks (R) detection methods.
| | Reference | Year | Object | Main techniques | Defects |
| | [8] | 2022 | SS | Added the sliding window JS divergence feature. Includes random forest. | Method to identify smartphone applications from the network traffic of SS proxy. | | [9] | 2020 | Proxy | Uncertainty-based traffic sample selection strategy. Includes random forest. | Types of proxies that can be detected are limited. | | [10] | 2018 | SS | Bit-flow features and XGboost algorithm. | Insufficient features for traffic characterization. | | [11] | 2020 | SS | CNN. Includes random forest | Deep learning needs enough training samples. | | [12] | 2019 | SS | Novel SS detection method based on flow context and host behavior. | Applicability of the method is affected by scenario. | | [13] | 2021 | SSH + SS | CNN-BiLSTM algorithm. | Poor applicability in real network environments. | | [14] | 2017 | SS | Multi-granularity heuristic traffic detection algorithm and mixed stream division-based website fingerprint detection algorithm. | Not applicable to multi-obfuscation SSR traffic detection. | | [15] | 2020 | SSR | XGboost algorithm. | Only focused on identification of traffic camouflaged with HTTP protocol in SSR. | | [16] | 2021 | SSR | DART algorithm. | Only focused on identification of traffic camouflaged with HTTP and TLS protocols in SSR. | | [17] | 2021 | SS and SSR | Protocol analysis and GOSS algorithm. | No effective distinction between SS and SSR. |
|
|
