Few days ago researchers from the University of Waterloo and the US Naval Research Laboratory. presented the results of the development of a Tor network simulator which is comparable in number of nodes and users to the main Tor network and allows experiments that are close to real conditions.
The network modeling toolkit and methodology made during the experiment allowed to simulate the operation of a network of 6489 Tor nodes on a computer with 4 TB of RAM, to which 792 thousand virtual users are simultaneously connected.
Note that this is the first large-scale simulation of the Tor network, the number of nodes of which corresponds to the real network (The working Tor network has about 6 thousand nodes and 2 million connected users).
A complete simulation of the Tor network is of interest in terms of identifying bottlenecks, modeling attack behavior, testing new optimization techniques under real-life conditions, and proof of security-related concepts.
With a complete simulator, Tor developers will be able to move away from the practice of conducting experiments on the mainnet or on nodes individual workstations, which creates additional risks of violating user privacy and does not eliminate the possibility of failure. For example, in the coming months, Tor is expected to introduce support for a new congestion control protocol, and the simulation will allow you to fully study how it works before implementing it in a real network.
In addition to eliminating the impact of the experiments on the confidentiality and reliability of thee the main Tor network, the presence of separate testnets will make it possible to quickly test and debug new code during development, deploy changes immediately to all nodes and users without waiting for long intermediate deployments to complete, build and run prototypes faster with the implementation of new ideas.
Work is being done to improve the toolkit which, according to the developers, will reduce resource consumption by 10 times and will allow the operation of networks that exceed the real network to be simulated on the same computer, which may be necessary to identify possible problems. with Tor scaling. In the course of the work, several new network modeling methods have also been created that make it possible to predict the change in network state over time and use background traffic generators to simulate user activity.
Los investigadores also studied the pattern between the size of the simulated network and the reliability of projecting the results of the experiments in the real network. During Tor development, changes and optimizations are pre-tested on small test networks, which contain significantly fewer nodes and users than a real network.
It was found that the statistical errors of the forecasts obtained during small simulations can be compensated for by repeated repetition of independent experiments with different initial data sets, whereas the larger the simulated network, the fewer retests are required to obtain statistically significant conclusions.
To model and simulate the Tor network, researchers are developing several open source projects distributed under the BSD license:
- Shadow: a universal network simulator that allows you to run real network application code to recreate the operation of distributed systems with thousands of network processes. To simulate systems based on real unmodified applications.
- Tornettools: a set of tools for generating realistic models of the Tor network that can be run in the Shadow environment, as well as for running and customizing the simulation process, accumulating and visualizing the results. Metrics that reflect the performance of the actual Tor network can be used as templates for network generation.
- TGen: generator of traffic flows based on the parameters established by the user (size, delays, number of flows, etc.). Traffic shaping schemes can be established based on special scenarios in the GraphML format and using probabilistic Markov models for the distribution of TCP streams and packets.
- OnionTrace: a set of tools for monitoring performance and events in a simulated Tor network, as well as for recording and replaying information about the formation of chains of Tor nodes and linking traffic flows to them.
Finally, if you are interested in being able to know more about it, you can consult the details in the following link