-
The homepage of the project with graph and details of the nodes.
-
The timeline of the nodes in the network.
-
The report file which can be downloaded from the homepage.
We came across the TN Cyber Crime Hackathon’s problem statement that would provide an overview of the types of cyber crimes committed over the TOR network and the challenges associated with monitoring, investigating and prosecuting those types of crimes. We realized that the problem statement provided insight into just how limited the visibility would be into the TOR network itself. Additionally, we would discover that it was nearly impossible for law enforcement and financial industry analysts to track down the malicious relay nodes, the suspicious circuits, or the onion service traffic patterns based on their existing tools.
Thus with an understanding of this current real-world challenge, we decided to develop a solution called OnionSight Sec, which is a visually based, interactive interface allowing users to see where the TOR nodes are located and how the traffic systems operate helping analysts and law enforcement personnel to better understand the routing patterns of darknet traffic in a more simplified manner.piration
The goal of this project is to create a simulation of TOR's (The Onion Router) network by using visible and historical data on TOR users to determine their traffic patterns, identify nodes, routers and exit points to illustrate where data is sent and received in real time.
We constructed the simulation using a Python-based backend, custom-built from the ground up to allow node and circuit creation, with a method to select paths based on TOR's algorithm and a D3.js graph to visualize the traffic in real-time.
The biggest obstacles to overcome were creating an easy-to-read and stable graph that looked and behaved as properly as it should, to create realistic simulations based on observed users without having access to actual network data, and keeping performance as smooth as possible when displaying hundreds of nodes.
Once we completed our simulation, we will have built a complete end-to-end visualizer for viewing TOR paths, with a user-friendly interface that explains how darknet traffic is routed, and a consistently reliable method for generating paths.
Through this experience, we learned a lot about TOR routing and routing algorithms in general, as well as how to create interactive force-graphs, and how to turn a question regarding cybercriminal activity into a usable demonstration.
Log in or sign up for Devpost to join the conversation.