06-04-2012, 12:23 PM
09-08-2012, 09:40 AM
A Near-Optimal Social Network Defense Against Sybil Attacks
[attachment=30670]
ABSTRACT
SYBIL attacks refer to individual malicious users creating multiple fake identities (called sybil identities or Sybil nodes) in open-access distributed systems (such as peer-to-peer systems). These open-access systems aim to provide service to any user who wants to use the service. Sybil attacks have already been observed in the real world in the Maze peer-to-peer system. Researchers have also demonstrated that it is surprisingly easy to launch sybil attacks in the widely used eMule system. When a malicious user’s sybil nodes comprise a large fraction of the nodes in the system, that one user is able to “outvote” the honest users in a wide variety of collaborative tasks. The exact form of such collaboration and the exact fraction of sybil nodes these collaborative tasks can tolerate may differ from case to case. However, a generic requirement for thwarting such attacks is that the number of Sybil nodes (compared to the number of honest users) needs to be properly bounded. Sybil attacks can be thwarted by a trusted central authority if the authority can tie identities to actual human beings, but implementing such a capability can be difficult or impossible, especially given the privacy concern of the users. Another approach is for the central authority to impose a monetary charge on each identity, which is, however, undesirable in many applications.
[attachment=30670]
ABSTRACT
SYBIL attacks refer to individual malicious users creating multiple fake identities (called sybil identities or Sybil nodes) in open-access distributed systems (such as peer-to-peer systems). These open-access systems aim to provide service to any user who wants to use the service. Sybil attacks have already been observed in the real world in the Maze peer-to-peer system. Researchers have also demonstrated that it is surprisingly easy to launch sybil attacks in the widely used eMule system. When a malicious user’s sybil nodes comprise a large fraction of the nodes in the system, that one user is able to “outvote” the honest users in a wide variety of collaborative tasks. The exact form of such collaboration and the exact fraction of sybil nodes these collaborative tasks can tolerate may differ from case to case. However, a generic requirement for thwarting such attacks is that the number of Sybil nodes (compared to the number of honest users) needs to be properly bounded. Sybil attacks can be thwarted by a trusted central authority if the authority can tie identities to actual human beings, but implementing such a capability can be difficult or impossible, especially given the privacy concern of the users. Another approach is for the central authority to impose a monetary charge on each identity, which is, however, undesirable in many applications.