Tor network simulations
Title: Tor network simulations
SNIC Project: SNIC 2021/23-320
Project Type: SNIC Small Storage
Principal Investigator: Daniel Bosk <>
Affiliation: Kungliga Tekniska högskolan
Duration: 2021-04-30 – 2021-07-01
Classification: 10201


The Tor Project is a nonprofit organization with the belief that internet users should have private access to an uncensored web. Their browser, Tor Browser, can isolate each website a user visits so that third-party trackers cannot trace anything. However, the main feature of Tor is that it can also defend against surveillance and do censorship circumvention. Tor does this through multi-layered encryption, so called onion routing. Although Tor is a better tool for security and anonymity than many other tools, its design is not flawless, and it has a trade-off in performance due to the rerouting of all traffic, which causes latency. A lot of different attacks are being performed on Tor and a lot of users are being hacked and deanonymized. We are going to study one of the key strategies, that Tor implemented alleviate such attacks. This strategy is about assigning a so-called guard node to each user, which stays from 30 to 60 days before it changes to another one. Unlike the other two nodes in the built circuit, which change for every new website a user visits or after 10 minutes of browsing the same website, the guard node stays much longer as the first node in the circuit between the user and the destination. The risk in this design is the probability that one volunteer controls both the guard and the exit node in a user’s circuit since any volunteer can run more than one node in the network. Once this happens, the user is at risk of being deanonymized. To try to find a better balance between anonymity and performance, we will focus on testing to change the time interval in which guard nodes are assigned to a user either by increasing it to 60 to 90 days or decreasing it to 15 to 30 days. As well as changing the number of guard nodes in the client’s guard node list to check if there is a better balance for anonymity and performance than the one Tor currently has. To be able to test that, we will use simulation software called COGS (Changing of the Guards) that was designed and utilized by a group of researchers that wanted to achieve a similar goal but using another approach. COGS is a simulation-based research framework that runs Tor over a simulated internet topology. The framework allows users to change the behavior of Tor by changing some of the variables that the released version of Tor runs with. Our study build on previous work in the research paper Changing of the Guards: A Framework for Understanding and Improving Entry Guard Selection in Tor. We will first reproduce the results of that paper and then test more parameters that has not been tested before.