Defending Against Sybil Attacks via Social Networks - PowerPoint PPT Presentation

About This Presentation

Title:

Defending Against Sybil Attacks via Social Networks

Description:

Defending Against Sybil Attacks. via Social Networks. Haifeng Yu ... Talk based on three papers [SIGCOMM'06, ToN'08] (SybilGuard) [IEEE S&P'08] (SybilLimit) ... – PowerPoint PPT presentation

Number of Views:1490

Avg rating:3.0/5.0

Slides: 40

Provided by: compN

Category:

more less

Transcript and Presenter's Notes

Title: Defending Against Sybil Attacks via Social Networks

1
Defending Against Sybil Attacks via Social
Networks

Haifeng Yu
School of Computing
National University of Singapore

2
Acknowledgments

Talk based on three papers
SIGCOMM06, ToN08 (SybilGuard)
IEEE SP08 (SybilLimit)
Available on my homepage google my name
Co-authors
Phillip B. Gibbons
Michael Kaminsky
Feng Xiao
Abie Flaxman

3
Background Sybil Attack
honest

Sybil attack Single user pretends many
fake/sybil identities
I.e., Creating multiple accounts
Already observed in real-world p2p systems
Sybil identities can become a large fraction of
all identities

malicious
4
Background Sybil Attack

Enables malicious users to easily out-vote
honest users
Byzantine consensus exceed the 1/3 threshold
Majority voting cast more than one vote
DHT control a large portion of the ring
Recommendation systems manipulate the
recommendations

5
Background Defending Against Sybil Attack

Using trusted central authority to tie identities
to human beings not always desirable
Much harder without a trusted central authority
Douceur02
Resource challenges not sufficient
IP address-based approach not sufficient
Widely considered as real challenging
Over 40 papers acknowledging the problem of sybil
attack, without having a distributed solution

6
SybilGuard / SybilLimit Basic Insight
Leveraging Social Networks
SybilGuard / SybilLimit is the first to use
social networks for thwarting sybil attacks with
provable guarantees.

Nodes identities
Undirected edges strong mutual trust
E.g., colleagues, relatives in real-world
Not online friends!

7
SybilGuard / SybilLimit Basic Insight

n honest users One identity/node each
Malicious users Multiple identities each (sybil
nodes)

honest nodes
attack edges
malicious users
Observation Adversary cannot create extra edges
between honest nodes and sybil nodes
8
SybilGuard/SybilLimit Basic Insight

Dis-proportionally small cut disconnecting a
large number of identities

But cannot search brute-force
attack edges
honest nodes
sybil nodes
9
SybilGuard / SybilLimit End Guarantees

Completely decentralized
Enables any given verifier node to decide whether
to accept any given suspect node
Accept Provide service to / receive service from
Ideally Accept and only accept honest nodes
unfortunately not possible
SybilGuard / SybilLimit provably
Bound of accepted sybil nodes (w.h.p.)
Accept all honest nodes except a small ? fraction
(w.h.p.)

10
Example Application Scenarios
If of sybil nodes accepted Then applications can do
lt n majority voting
lt n/2 byzantine consensus
lt n/c for some constant c secure DHT Awerbuch06, Castro02, Fiat05

11
SybilGuard vs. SybilLimit
sybil nodes accepted (smaller is better) per
attack edge
total number of attack edges SybilGuard SIGCOMM06 SybilLimit Oakland08

between
unbounded
and
12
Outline

Motivation, basic insight, and end guarantees
SybilLimit design
Will focus on intuition
Evaluation results on real-world social networks

13
Cryptographic Keys

Each edge in social network corresponds to a
symmetric edge key
Established out of band
Each node (honest or sybil) has a locally
generated public/private key pair
Identity V accepts S V accepts Ss public
key KS
When running SybilLimit, every suspect S is
allowed to register KS on some other nodes

14
SybilLimit Strawman Design Step 1
K registered keys of sybil nodes

Ensure that sybil nodes (collectively) register
only on limited number of honest nodes
Still provide enough registration opportunities
for honest nodes

K registered keys of honest nodes
K
K
K
K
K
K
sybil region
honest region
15
SybilLimit Strawman Design Step 2
K registered keys of sybil nodes

Accept S iff KS is register on sufficiently many
honest nodes
Without knowing where the honest region is !
Circular design? We can break this circle

K registered keys of honest nodes
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
sybil region
honest region
16
Three Interrelated Key Techniques

Technique 1 Use the tails of random routes for
registration
Will achieve Step 1
SybilGuard novelty Random routes
SybilLimit novelty The use of tails
SybilLimit novelty The use of multiple
independent instances of shorter random routes

17
Three Interrelated Key Techniques

Technique 2 Use intersection condition and
balance condition to verify suspects
Will break the circular design and achieve Step 2
SybilGuard novelty Intersection on nodes
SybilLimit novelty Intersection on edges
SybilLimit novelty Balance condition
Technique 3 Use benchmarking technique to
estimate unknown parameters
Breaks another seemingly circular design
SybilLimit novelty Benchmarking technique

18
Random Route Convergence
f
a
e
b
d
a ? d
d ? e
c
randomized routing table
b ? a
e ? d
c ? b
f ? f
d ? c
Using routing table gives Convergence Property
Routes merge if crossing the same edge
19
Securely Registering Public Keys
record KA under name C?D
A
i 1 KA
i 2 KA
i 3 KA
i 3 KA
To register KA, A initiates a random route
(assuming w 3)

All random routes in SybilLimit are of length w
All nodes know w
Nodes communicate via authenticated channels

20
Tails of Sybil Suspects

Imagine that every sybil suspect initiates a
random route from itself

sybil nodes
honest nodes
total 1 tainted tail
21
Counting The Number of Tainted Tails
attack edge
honest nodes
sybil nodes

Claim There are at most w tainted tails per
attack edge
Proof By the Convergence property
Regardless of whether sybil nodes follow the
protocol

22
Back to the Strawman Design Step 1

of K s ? g?w
Independent of sybil nodes
of K s ? n g?w
From backtrace-ability property of random
routes
See paper

K registered keys of sybil nodes K registered
keys of honest nodes
K
K
K
K
honest region
K
K
K
Step 1 achieved !
23
Independent Instances

SybilLimit uses independent instances
of the registration protocol
m of edges in the honest region
Number of Ks
Number of Ks
Goal Accept S iff KS is registered on
tails in the honest region
Sybil suspects accepted
Honest suspects accepted

24
Three Techniques

Technique 1 Use novel random routes to register
public keys
Will achieve Step 1
Technique 2 Use intersection condition and
balance condition to verify suspects
Challenge SybilLimit does not know which region
is the honest region
Technique 3 Use benchmarking technique to
estimate unknown parameters

25
The Intersection Condition

Verifier V obtains tails by doing
random routes of length w
Using different instances see paper
Some tails are in the sybil region ignore for
now
S satisfies intersection condition if
Ss and Vs tails intersect
Ss public key is registered with the
intersecting tail

26
Intersection Condition Verification Procedure
S
V
3.common tail E?F
4 messages involved
S satisfies intersection condition
27
Leveraging Known Random Walk Theory

(Approximate) Theorem
If w is roughly the mixing time of the social
network, then all tails (Vs and Ss) are roughly
uniformly random edges
If social networks have mixing
time, then

28
Leveraging a Sharp Distribution

Assuming V has tails in the honest
region

Intersection prob p
1.0
Birthday paradox
This is why SybilLimit does edge intersection
0
of Ss tails in honest region
29
Back to the Strawman Design Step 2
K registered keys of sybil nodes

Accept S iff KS is register on sufficiently many
honest nodes
Sufficiently many
Intersection occurs iff S has tails
in the honest region

K registered keys of honest nodes
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
sybil region
honest region
30
Omitted Challenges

Some of Vs tails are in the sybil region
We do not know which tails are in the sybil
region
Balance condition hardest part to prove in
SybilLimit
Adversary has many strategies to allocated the
tainted tails
Tainted tails are not uniformly random
See paper for details

31
Three Interrelated Key Techniques

Technique 1 Random routes
Technique 2 Intersection condition and balance
condition
Technique 3 Novel and counter-intuitive
benchmarking technique
Avoids another seemingly circular design
See paper
Claims on near-optimality See paper

32
Performance Aspects

Random routes are performed only once
Re-do only when social network changes
infrequently
Can be done incrementally
Doing random routes is not time-critical
Only delays a new suspect being accepted
Churn is a non-problem
Verification involves O(1) messages
See paper

33
Outline

Motivation, basic insight, and end guarantees
SybilLimit design
Evaluation results on real-world social networks

34
Validation on Real-World Social Networks

SybilGuard / SybilLimit assumption Honest nodes
are not behind disproportionally small cuts
Rigorously Social networks (without sybil nodes)
have small mixing time
Mixing time affects sybil nodes accepted
Synthetic social networks proof in SIGCOMM06
Real-world social networks?
Social communities, social groups, .

35
Simulation Setup
Crawled online social networks used in experiments
nodes edges
Friendster 0.9M 7.8M
Livejournal 0.9M 8.7M
DBLP 0.1M 0.6M

We experiment with
Different number and placement of attack edges
Different graph sizes -- full size to 100-node
sub-graphs
Sybil attackers use the optimal strategy

36
Brief Summary of Simulation Results

In all cases we experimented with
Average honest verifier accepts 95 of all
honest suspects
Average honest suspect is accepted by 95 of all
honest verifiers
sybil nodes accepted
10 per attack edge for Friendster and
LiveJournal
15 per attack edge for DBLP

37
Other Social Networks?

Other social networks likely to have small mixing
time too (DBLP as a worst-case)
What if the mixing time is large?
Graceful degradation of SybilLimits guarantees
-- Accept more sybil nodes

38
Conclusions