Opened 9 years ago

Closed 8 years ago

#3237 closed enhancement (wontfix)

Develop consensus tracker for metrics website

Reported by: karsten Owned by:
Priority: Low Milestone:
Component: Metrics/Analysis Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Damian wrote a consensus tracker script that parses network status consensuses and compares them to a local database to identify possible Sybil attacks on the Tor network. Whenever it suspects an attack, it sends out an email for a human to check.

AFAIK, this script uses a simple approach of counting new relays and deciding whether this number exceeds a given threshold. This is a good start, but maybe we can do better.

We should sit down and analyze how we can detect Sybil attacks. We should also analyze past network statuses to see how many false positives we'd have and whether there might have been Sybil attacks in the past. Obviously, we won't detect all such attacks, in particular when making the detection code public and allowing smart attackers to adapt. But we can make sure that the dumbest attacks don't go unnoticed.

This is an Analysis ticket until we have finished the analysis of network statuses and come up with a design we can implement. Then it should become a Metrics Website ticket, because metrics-web is probably the most useful place to implement this. An alternative would be to write a standalone tool and put it in metrics-utils, but that would mean duplicating code that's already present in metrics-web.

Child Tickets

Change History (1)

comment:1 Changed 8 years ago by karsten

Resolution: wontfix
Status: newclosed

#4407 is a better place to discuss creating a basic monitoring infrastructure. Closing this ticket.

Note: See TracTickets for help on using tickets.