Live Tor network experiments are difficult due to Tor’s distributed nature and the privacy requirements of its client base. Alternative experimentation approaches, such as simulation and emulation, must make choices about how to model various aspects of the Internet and Tor that are not possible or not desirable to duplicate or implement directly. This paper methodically models the Tor network by exploring and justifying every modeling choice required to produce accurate Tor experimentation environments. We validate our model using two state-of-the-art Tor experimentation tools and measurements from the live Tor network. We find that our model enables experiments that characterize Tor’s load and performance with reasonable accuracy.
|Original language||English (US)|
|State||Published - 2012|
|Event||5th Workshop on Cyber Security Experimentation and Test, CSET 2012 - Bellevue, United States|
Duration: Aug 6 2012 → …
|Conference||5th Workshop on Cyber Security Experimentation and Test, CSET 2012|
|Period||8/6/12 → …|
Bibliographical noteFunding Information:
Third, determining a better client model would further increase confidence in experimental results. Producing a more robust client model will likely require the development of algorithms for collecting client statistics in a way that mitigates privacy risks. While this is challenging since client behaviors are dynamic and hard to capture in a representative fashion, it would allow us to increase faithfulness to the live Tor network and its users. Finally, modeling malicious adversaries and their behaviors may be of specific interest to future research that analyzes the security of Tor or its algorithms. Acknowledgments. The authors thank Ian Goldberg, Aaron Johnson, Harsha Madhyastha, Micah Sherr, Paul Syverson, and Chris Wacek for discussions regarding this work, and the anonymous reviewers for their comments. This work was supported by ONR and DARPA.
© 2012 USENIX Association. All rights reserved.