Identifying anonymous traffic detection API users on your website and app is crucial for fraud detection, risk analysis, and user experience. Malicious actors are often hiding behind anonymity and use a wide range of tactics to gain access to websites, accounts, and services, but they also need to be detected in order to prevent data theft, account hacking, and attacks from various attack vectors.

Detecting anonymous traffic can be challenging, since many attackers are trying to avoid detection through anonymity and other techniques. To address this issue, a number of supervised methods have been developed using machine learning techniques, but these require access to engineered datasets and significant time and resource investment for training. Moreover, they often struggle to adapt to unpredictable network environments and have limited performance when it comes to identifying anonymous traffic.

Detect Proxy Usage via API: Enhance Security with Real-Time Insights

To overcome these limitations, this article explores a new approach to anonymous traffic detection that utilizes feature engineering techniques and analyzes the characteristics of static traces of the first N packets of a flow. The ten most distinguishable features were identified and prioritized, which were then used to develop an algorithm for classifying the traffic. This algorithm converts the sequences of size and inter-arrival time into an image and applies one-dimensional convolutional neural network (1D-CNN) to categorize it. This method significantly reduces the storage and computational resource overhead while achieving comparable detection performance to state-of-the-art methods. It is shown that the method can accurately identify Tor traffic and distinguish it from non-Tor flows.