Routing and Privacy

Submission Deadline:

The goals of this assignment are to:

  1. Identify global routing anomalies from BGP looking glasses
  2. Experiment with attacks against the TOR anonymization network

BGP Routing Anomalies

Process the BGP messages found in routing_data.txz to identify BGP anomalies indicative of prefix hijacking. These messages are stored in MRT format. Your tool should output a stream of YAML documents with the following format:

---
hijack_attempt:
  timestamp: ${iso8601_utc_timestamp:string}
  prefix: ${ipv4_network_prefix:string}
  as_path:
    - ${first_as:int}
    - ${second_as:int}
    # ...
    - ${origin_as:int}

You are responsible for ensuring that your tool outputs properly formatted messages.

TOR Attacks

Using the shadow framework and shadow-plugin-tor, create a simulated TOR network consisting of the following nodes:

  • a set of 4 file servers \(W\)
  • a set of 56 ORs \(O\) where each is eligible to be an entry, relay, or exit
  • a set of 4 TOR clients \(C\) that each issue a GET request every second to a web server in \(W\)
  • a set of 8 malicious nodes \(M\)

Run two experiments to count the number of compromised circuits out of the total number of established circuits, first with guards enabled and then with guards disabled. Each simulation should be run for a virtual hour.

Extra Credit

Find the minimal \(|M|\) such that the expected probability of compromising one circuit for any given client in \(C\) within a week is \(\geq 0.5\).

Submission Instructions

Create a GitLab repository at ${your_gitlab_user}/routing_and_privacy. The latest commit on master will be considered your submitted solution. Push your BGP analysis code to /routing and include a /routing/Dockerfile that will execute your script against a list of chronologically-ordered BGP update files passed as command line arguments. Finally, commit a /routing/README.md that describes your detection algorithm, and justify why the anomalies it detected are indicative of attacks.

Then, commit your shadow simulation configuration to /privacy/shadow.config.xml. If you modified the TOR source code for your malicious nodes, commit that to /privacy/malicious_tor/. Commit a /privacy/README.md that describes your results. If submitting extra credit, commit a /privacy/Dockerfile that, when executed, reproduces your results for your selected \(|M|\).