[tor-dev] Interested in contributing to Tor Project - IP Hijacking detection for Tor relays

Nikhil rnikhil275 at gmail.com
Thu Dec 29 11:50:12 UTC 2016


I am Nikhil. R, a student from India. You can know more about me from 
here[1] and here[2]. I have been running a Tor relay for sometime and 
now I am interested in contributing to the Tor Project. Specifically, I 
would like to work on IP Hijacking detection for Tor relays. I 
understand this does not involve directly with the Tor core hence I 
think this project is ideal in getting my feet wet with the Tor 
Community and get me started for further contributions to the Tor Project.

BGP hijacking is difficult without inside help from ISP's(I think ?) but 
state run adversaries don't necessarily have this problem. This has a 
great risk of exposing all Tor clients or even mess around with the name 
resolution in exit relays. I have also read about incidents where an 
attacker using BGP hijacking, hijacked a portion of a Bitcoin mining 
pool traffic to pay himself instead of the people contributing the 
processing power. I feel BGP has major security implications in this 
aspect and a monitoring service is necessary. There are many monitoring 
services and we can possibly leverage one of them for the routing data.

The main motive of the service would be to find anomalies/ malicious 
changes in the routing information compared to previous snapshots of the 
same. How do we actually do this comparison ? Any pointers for that ? 
The project also mentions that the service should be Tor-aware. What 
exactly does this mean ? Does it mean that, it should monitor all tor 
relays ip addresses ? It would be wonderful if you could elaborate on 
the project in a little more detail.

I am a beginner in this area and please excuse me if any of the above 
questions are too stupid.

Nikhil. R


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20161229/6aad3abc/attachment-0001.html>

More information about the tor-dev mailing list