SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks - PowerPoint PPT Presentation

Loading...

PPT – SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks PowerPoint presentation | free to download - id: 242efe-ZDc1Z



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks

Description:

SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks ... The first to leverage social networks for thwarting sybil attacks with provable ... – PowerPoint PPT presentation

Number of Views:321
Avg rating:3.0/5.0

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks


1
SybilLimit A Near-Optimal Social Network Defense
Against Sybil Attacks
  • Haifeng Yu National University of Singapore
  • Phillip B. Gibbons Intel Research Pittsburgh
  • Michael Kaminsky Intel Research Pittsburgh
  • Feng Xiao National University of Singapore

2
Background Sybil Attack
honest
  • Sybil attack Single user pretends many
    fake/sybil identities
  • Already observed in real-world p2p systems
  • Sybil identities can become a large fraction of
    all identities
  • Out-vote honest users in collaborative tasks

malicious
3
Background Defending Against Sybil Attack
  • Using trusted central authority to tie identities
    to human beings not always desirable
  • Much harder without a trusted central authority
    Douceur02
  • Resource challenges not sufficient
  • IP address-based approach not sufficient
  • Widely considered as real challenging
  • Over 40 papers acknowledging the problem of sybil
    attack, without having a distributed solution

4
SybilGuard / SybilLimit Basic Insight
Leveraging Social Networks
SybilGuard SIGCOMM06 / SybilLimit
Oakland08 The first to leverage social
networks for thwarting sybil attacks with
provable guarantees.
  • Nodes identities
  • Undirected edges strong mutual trust
  • E.g., colleagues, relatives in real-world
  • Not online friends !

5
Attack Model
  • n honest users One identity/node each
  • Malicious users Multiple identities each (sybil
    nodes)

honest nodes
attack edges
malicious users
Observation Adversary cannot create extra edges
between honest nodes and sybil nodes
6
SybilGuard/SybilLimit Basic Insight
  • Dis-proportionally small cut disconnecting a
    large number of identities

But cannot search brute-force
attack edges
honest nodes
sybil nodes
7
SybilGuard / SybilLimit End Guarantees
  • Completely decentralized
  • Enables any given verifier node to decide whether
    to accept any given suspect node
  • Accept Provide service to / receive service from
  • Ideally Accept and only accept honest nodes
    unfortunately not possible
  • SybilGuard / SybilLimit provably
  • Bound of accepted sybil nodes (w.h.p.)
  • Accept all honest nodes except a small ? fraction
    (w.h.p.)

8
Example Application Scenarios
If of sybil nodes accepted Then applications can do
lt n/2 byzantine consensus
lt n majority voting
lt n/c for some constant c secure DHT Awerbuch06, Castro02, Fiat05

9
SybilLimit Contribution 1 Pushing the Limit
sybil nodes accepted (smaller is better) per
attack edge
total number of attack edges SybilGuard SIGCOMM06 SybilLimit Oakland08


between
unbounded
and
10
Outline
  • Motivation, basic insight, and end guarantees
  • SybilLimit Contribution 1 Pushing the Limit
  • The near-optimal SybilLimit design
  • SybilLimit Contribution 2 Validation on
    Real-World Social Networks

11
Identity Registration in SybilLimit
  • Each node (honest or sybil) has a locally
    generated public/private key pair
  • Identity V accepts S V accepts Ss public
    key KS
  • We do not assume/need PKI
  • In SybilLimit, every suspect S registers KS on
    some other nodes

12
SybilLimit Strawman Design Step 1
K registered keys of sybil nodes
  • Ensure that sybil nodes (collectively) register
    only on limited number of honest nodes
  • Still provide enough registration opportunities
    for honest nodes

K registered keys of honest nodes
K
K
K
K
K
K
sybil region
honest region
13
SybilLimit Strawman Design Step 2
K registered keys of sybil nodes
  • Accept S only if KS is register on sufficiently
    many honest nodes
  • Without knowing where the honest region is !
  • Circular design? We can break this circle

K registered keys of honest nodes
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
sybil region
honest region
14
Three Interrelated Key Techniques
  • Technique 1 Use the tails of random routes for
    registration
  • Will achieve Step 1
  • Random routes are from SybilGuard
  • Novelty The use of tails
  • Novelty The use of multiple independent
    instances of shorter random routes

15
Three Interrelated Key Techniques
  • Technique 2 Use intersection condition and
    balance condition to verify suspects
  • Will break the circular design and achieve Step 2
  • SybilGuard also has intersection condition
  • Novelty Intersection on edges
  • Novelty SybilGuard has no balance condition
  • Technique 3 Use benchmarking technique to
    estimate unknown parameters
  • Breaks another seemingly circular design
  • Novelty SybilGuard has no such technique

16
Three Interrelated Key Techniques
  • Technique 1 Use the tails of random routes for
    registration
  • Will achieve Step 1
  • Random routes are from SybilGuard
  • Novelty The use of tails
  • Novelty The use of multiple independent
    instances of shorter random routes

17
Random Route Convergence
f
a
e
b
d
a ? d
d ? e
c
randomized routing table
b ? a
e ? d
c ? b
f ? f
d ? c
Using routing table gives Convergence Property
Routes merge if crossing the same edge
18
Registering Public Keys with Tails
  • Every node initiates a secure random route of
    length w from itself
  • See paper for discussion on w
  • See paper for how to make it secure

edge C?D is the tail of As random route
w 3
A
D records KA under name C?D
19
Tails of Sybil Suspects
  • Imagine that every sybil suspect initiates a
    random route from itself

sybil nodes
honest nodes
total 1 tainted tail
20
Counting The Number of Tainted Tails
attack edge
honest nodes
sybil nodes
  • Claim There are at most w tainted tails per
    attack edge
  • Convergence At most w tainted tails per attack
    edge
  • Regardless of whether sybil nodes follow the
    protocol

21
Back to the Strawman Design Step 1
  • of K s ? g?w
  • Independent of sybil nodes
  • of K s ? n g?w
  • From backtrace-ability property of random
    routes
  • See paper

K registered keys of sybil nodes K registered
keys of honest nodes
K
K
K
K
honest region
K
K
K
Step 1 achieved !
22
Outline
  • SybilLimit Contribution 1 Pushing the Limit
  • Independent instances, intersection condition,
    balance condition, benchmarking technique
  • Avoids multiple seemingly circular designs
    (hardest part)
  • Also see paper for
  • Performance overheads
  • Near-optimality
  • SybilLimit Contribution 2 Validation on
    Real-World Social Networks

23
Validation on Real-World Social Networks
  • SybilGuard / SybilLimit assumption Honest nodes
    are not behind disproportionally small cuts
  • Rigorously Social networks (without sybil nodes)
    have small mixing time
  • Mixing time affects sybil nodes accepted and
    honest nodes accepted
  • Synthetic social networks proof in SIGCOMM06
  • Real-world social networks?
  • Social communities, social groups, .

24
Simulation Setup
Crawled online social networks used in experiments
nodes edges
Friendster 0.9M 7.8M
Livejournal 0.9M 8.7M
DBLP 0.1M 0.6M
  • We experiment with
  • Different number and placement of attack edges
  • Different graph sizes -- full size to 100-node
    sub-graphs
  • Sybil attackers use the optimal strategy

25
Brief Summary of Simulation Results
  • In all cases we experimented with
  • Fraction of honest nodes accepted
  • 95
  • sybil nodes accepted
  • 10 per attack edge for Friendster and
    LiveJournal
  • 15 per attack edge for DBLP

26
Conclusions
  • Sybil attack
  • Widely considered as a real and challenging
    problem
  • SybilLimit Fully decentralized defense protocol
    based on social networks
  • Provable near-optimal guarantees
  • Experimental validation on real-world social
    networks
  • Future work Implement SybilLimit with real apps
About PowerShow.com