GraphGists

Tor网络图谱

本交互式Neo4j教程涵盖了一个Tor网络中的场景,该网络具有大型基础设施,其中包括许多主机和服务器、一个隐藏的Web服务器以及用于监控Tor网络状态的ARM应用程序。

Tor网络元模型

bb5cc290

数据库设置

下面您将找到在Neo4j中创建Tor网络图谱的完整Cypher脚本。这个简单的脚本是我们将稍后对其进行分析的数据集的完整设置。

// Create Alice
CREATE (alice:TorHost {
			name:'alice-pc.onion',
			isTorNode: true
		})

// Create Dave
CREATE (dave:Server {
			name:'dave-server.onion',
			type: 'Directory',
			isTorNode: true
		})

// Create Node1
CREATE (node1:Host {
			name:'node1-router.onion',
			isTorNode: false
		})


// Create Node2
CREATE (node2:TorHost {
			name:'node2-pc.onion',
			isTorNode: true
		})

// Create Node3
CREATE (node3:Host {
			name:'node3-pc.onion',
			isTorNode: false
		})


// Create Node4
CREATE (node4:Host {
			name:'node4-pc.onion',
			isTorNode: true
		})


// Create Node5
CREATE (node5:Host {
			name:'node5-pc.onion',
			isTorNode: false
		})

// Create Bob
CREATE (bob:TorHost {
			name:'bob-mac.onion',
			isTorNode: true
		})

// Create Bob
CREATE (chuck:TorHost {
			name:'chuck-ubuntu.onion',
			isTorNode: true
		})

// Create Hidden service
CREATE (webServer:HiddenService {
			name:'Web Server',
			publicKey:'3048 0241 ...',
			port: '9999'
		})

// Create Hidden service
CREATE (arm:Application {
			name:'Anonymizing Relay Monitor'
		})

// Connect Alice to Directory Server Dave
CREATE (alice)-[:DEPENDS_ON]->(dave)

// Connect Alice to Node-1
CREATE (alice)-[:CONNECTS]->(node1)

// Connect Node-1 to Node-2
CREATE (node1)-[:CONNECTS]->(node2)

// Connect Node-2 to Node-3
CREATE (node2)-[:CONNECTS]->(node3)

// Connect Node-3 to Bob
CREATE (node3)-[:CONNECTS]->(bob)

// Connect Chuck to Node-3
CREATE (chuck)-[:CONNECTS]->(node3)


// Connect Node-5 to Node-2
CREATE (node5)-[:CONNECTS]->(node2)

// Connect Node-4 to Node-5
CREATE (node4)-[:CONNECTS]->(node5)

// Connect Node-1 to Node-4
CREATE (node1)-[:CONNECTS]->(node4)

// Connect Node-3 to Node-4
CREATE (node3)-[:CONNECTS]->(node4)

// Connect Chuck to Node-3
CREATE (chuck)-[:CONNECTS]->(node3)

// Connect Chuck to ARM
CREATE (chuck)-[:RUNS]->(arm)

// Connect Bob to WebServer
CREATE (bob)-[:RUNS]->(webServer)

RETURN *

交互式图谱可视化

Tor的网络资产清单

下面的查询生成了一个数据表,可以快速概述Tor的网络基础设施。

MATCH 	(n)
RETURN 	labels(n)[0] as type,
		count(*) as count,
		collect(n.name) as names

查找连接最多的组件

下面的查询查找了Tor网络基础设施中连接最紧密的组件。正如预期,最依赖的组件是Node 5。

MATCH 		(n)<-[:CONNECTS*]-(connect)
RETURN 		n.name as Host,
			count(DISTINCT connect) AS Connects
ORDER BY 	Connects DESC
LIMIT 		1

查找组件的依赖链:ARM

下面的查询查找了Tor的ARM应用程序从左到右的依赖组件路径。如果ARM应用程序右侧的任何一个组件发生故障,ARM应用程序将随之故障。

MATCH 		(dependency)<-[:CONNECTS*]-(dependent)
WITH 		dependency, count(DISTINCT dependent) AS Dependents
ORDER BY 	Dependents DESC
LIMIT		1
WITH		dependency
MATCH 		p=(resource)-[:CONNECTS*]->(dependency)
WHERE		resource.system = "arm"
RETURN		"[" + head(nodes(p)).name + "]" +
			reduce(s = "", n in tail(nodes(p)) | s + " -> " + "[" + n.name + "]") as Chain
© . All rights reserved.