Alaeddin Almubayed

Work place: Yahoo Inc., California, US



Research Interests: Computational Engineering, Computer systems and computational processes, Computer Architecture and Organization, Information Security


Mr. Almubayed is a security researcher was born in 1985 and received his B.S degree from Al-Balqa applied university (BAU) in 2008. Recently he has completed his MS degree in information security and digital crimes from Princess Sumaya University for Technology (PSUT), Amman in 2014.

Mr. Almubayed worked as a software developer with various software companies in Jordan. In 2009, he joined Maktoob, which later acquired by Yahoo Inc. He is currently based in Sunnyvale, California, and works with Yahoo inc!, as a security engineer. Mr. Almubayed has conducted researches in various areas, including web defensive tools, employing machine learning for traffic classifications, and he has more than 5 years of experience in the fields of information security, ethical hacking, reverse engineering, risk management, and computer programming.

Author Articles
A Model for Detecting Tor Encrypted Traffic using Supervised Machine Learning

By Alaeddin Almubayed Ali Hadi Jalal Atoum

DOI:, Pub. Date: 8 Jun. 2015

Tor is the low-latency anonymity tool and one of the prevalent used open source anonymity tools for anonymizing TCP traffic on the Internet used by around 500,000 people every day. Tor protects user’s privacy against surveillance and censorship by making it extremely difficult for an observer to correlate visited websites in the Internet with the real physical-world identity. Tor accomplished that by ensuring adequate protection of Tor traffic against traffic analysis and feature extraction techniques. Further, Tor ensures anti-website fingerprinting by implementing different defences like TLS encryption, padding, and packet relaying. However, in this paper, an analysis has been performed against Tor from a local observer in order to bypass Tor protections; the method consists of a feature extraction from a local network dataset. Analysis shows that it’s still possible for a local observer to fingerprint top monitored sites on Alexa and Tor traffic can be classified amongst other HTTPS traffic in the network despite the use of Tor’s protections. In the experiment, several supervised machine-learning algorithms have been employed. The attack assumes a local observer sitting on a local network fingerprinting top 100 sites on Alexa; results gave an improvement amongst previous results by achieving an accuracy of 99.64% and 0.01% false positive.

[...] Read more.
Other Articles