[tor-dev] Estimating Traffic Correlation Attack ?

Salahuddin Pasha s9mdpash at stud.uni-saarland.de
Tue Jan 21 09:22:32 UTC 2014


Hi,

I am a student of Saarland University and doing research for a seminar
in which we are supposed to do Research-Paper on a certain topic.

In my group we want to make the first step towards a tool that could
help us predict via which ASNs and IXPs a route will be go. In other
words, given two IP addresses (in our case two Tor relays) through which
ASNs and IXPs do the expected route or routes go. Such a tool would help
estimating whether he would take the risk that some of the ASNs and IXPs
could potentially perform a traffic correlation attack.

As we want to avoid reinventing the wheel, we wanted to ask you the
following questions:

1) Are you aware of an open database or of client-side scripts that
could help us predict via which ASNs and IXPs a route will be go, from
one given IP address to another given IP address (in our case from one
Tor relay to another Tor relay)?

2) Are you aware of any way to map IP addresses to ASNs and IXPs like 
client-side tools or open-access databases?

We already did some research and came across the following sides,
providing tools and data concerning our questions:

1. http://www.cs.umd.edu/~nspring/scriptroute.html
2. http://asn.cymru.com/
3. https://www.robtex.com/
4. whois + RIPE/APNIC/CMYRU/ARIN to identify address spaces of and to
label ASs by iterating over the IPv4 address space, parsing the gathered
information and skipping already labeled addresses if NetRange is
provided.

However, we wanted to ask you whether you are aware of more work
concerning our research direction. It seems to us that somebody should
already have been interested in such a questions.

We would appreciate your help.

Best regards,
Salahuddin



More information about the tor-dev mailing list