[tor-project] Moar Project Ideas!!
aagbsn at extc.org
Tue Mar 8 15:14:57 UTC 2016
On 2016-03-03 15:58, Damian Johnson wrote:
> Thanks Aaron. I assume you, Donncha, and Yawnbox would all be mentors?
I would be happy to mentor this project.
> Personally I'm not fully groking the idea though on first read I'm
> unsure why this would take three months (or be enough for a full GSoC
> project). This sounds similar to DocTor checks with some sort of
> Routeviews and BGPStream integration.
I think that a new GSoC student might take a bit more time to get up to
speed on Tor - and there should be sufficient time to research the
problem space more completely to understand the criteria for alerts, and
to allow for time to package and deploy the software properly. I think
this space is sufficiently interesting and useful that it ought to be a
full project, but perhaps some other people have suggestions for
expanding the scope? Ideally, the appropriate student will have some
additional ideas of their own.
> Cheers! -Damian
> On Thu, Mar 3, 2016 at 5:47 AM, Aaron Gibson <aagbsn at extc.org> wrote:
>> On 2016-02-29 21:18, Donncha O'Cearbhaill wrote:
>>> Damian Johnson:
>>>> Hi all, pulled the trigger on this...
>>>> Folks are coming out of the woodwork to mentor so we still have ten
>>>> projects (yay!), but not much concerning core tor. if you'd care to
>>>> mentor one of these then more than happy to add it back to our page.
>>> Great work on getting the GSoC program together, and getting
>>> I'd be happy to be the second mentor for any Python-based project,
>>> particular if it's related to hidden services or network monitoring.
>> A project I discussed last night with Donncha and Yawnbox is
>> IP hijacking detection for the Tor Network.
>> IP hijacking (https://en.wikipedia.org/wiki/IP_hijacking) occurs when
>> a bad
>> actor creates false routing information to redirect Internet traffic
>> to or
>> through themselves. This activity is straightforward to detect,
>> because the
>> Internet routing tables are public information, but currently there
>> are no
>> public services that monitor the Tor network. The Tor Network is a
>> set of relays, so monitoring must be Tor-aware in order to keep the
>> set of
>> monitored relays accurate. Additionally, consensus archives and
>> Internet routing table snapshots are publicly available, and this
>> can be performed retroactively.
>> The implications of IP hijacking are that Tor traffic can be
>> through a network that an attacker controls, even if the attacker does
>> normally have this capability - i.e. they are not in the network path.
>> example, an adversary could hijack the prefix of a Tor Guard relay, in
>> to learn who its clients are, or hijack a Tor Exit relay to tamper
>> requests or name resolution.
>> This project comprises building a service that compares network
>> prefixes of
>> relays in the consensus with present and historic routing table
>> from looking glass services such as Routeviews
>> (http://routeviews.org), or
>> aggregators such as Caida BGPStream (https://bgpstream.caida.org) and
>> issues email alerts to the contact-info in the relay descriptor and a
>> mailing list. Network operators are responsive to route injections,
>> these alerts can be used to notify network operators to take immediate
>> action, as well as collect information about the occurrence of these
>> type of
>> Estimated time to build this service: 3 months
>> tor-project mailing list
>> tor-project at lists.torproject.org
> tor-project mailing list
> tor-project at lists.torproject.org
More information about the tor-project