1. What project would you like to work on? Use our ideas lists as a starting
point or make up your own idea. Your proposal should include high-level
descriptions of what you're going to do, with more details about the parts you
expect to be tricky. Your proposal should also try to break down the project
into tasks of a fairly fine granularity, and convince us you have a plan for
finishing it.
The Snakes on a Tor exit scanner has the potential to dramatically improve the
safety of Tor users by ferreting out misconfigured and malicious exit nodes.
At present it suffers from certain stability issues which prevent it from being
run for long periods of time, and from an overabundance of false positives in
the results it generates. While I would ideally like to work on designing new
routines for detecting subtle content modifications and for better handling
dynamic content -- the issues of stability and false positives need to be
addressed first. I've begun looking at the SoaT source code and running some
preliminary experiments, identifying several small stability issues. In the
coming weeks I'll begin to collect a body of false positives which I'll study
and design new filters around. The most difficult part of this project may be
determining what actual positive results look like, and developing a threat
model that predicts the kinds of modifications which malicious exit nodes are
likely to make. I'm sure this question has been addressed by members of the Tor
community, so much of my early work this summer will involve talking to
community members to better understand the kinds of malicious exit nodes which
have been seen in the past, and determining how well the current SoaT
implementation performs against these known attacks.
Timeline:
April 26 - May 24:
* Start to get an idea of what the threat model looks like, continue
performing stability tests and gathering a diverse collection of results
to study.
May 24 - June 17:
* Throw everything I can at SoaT - make it crash and fix the bugs.
* Keep collecting data!
June 17 - July 17:
* In depth analysis of false positives. Use both false positives and real
modifications (or modifications generated by myself which emulate the
types of things predicted by the threat model) to develop a data set that
SoaT's filters can be evaluated against offline.
* Use the data set to improve existing filters and create new ones.
July 17 - August 2:
Here the timeline splits depending on progress thus far.
Case 1 - There are still too many false positives:
