DSybil: Optimal Sybil-Resistance for Recommendation Systems

Recommendation systems can be attacked in various ways, and the ultimate attack form is reached with a {\em sybil attack}, where the attacker creates a potentially unlimited number of {\em sybil identities} to vote. Defending against sybil attacks is often quite challenging, and the nature of recommendation systems makes it even harder. This paper presents {\em DSybil}, a novel defense for diminishing the influence of sybil identities in recommendation systems. DSybil provides strong provable guarantees that hold even under the worst-case attack and are optimal. DSybil can defend against an unlimited number of sybil identities over time. DSybil achieves its strong guarantees by i) exploiting the heavy-tail distribution of the typical voting behavior of the honest identities, and ii) carefully identifying whether the system is already getting ``enough help'' from the (weighted) voters already taken into account or whether more ``help'' is needed. Our evaluation shows that DSybil would continue to provide high-quality recommendations even when a million-node botnet uses an optimal strategy to launch a sybil attack.

[1]  Andrew Chi-Chih Yao,et al.  Probabilistic computations: Toward a unified measure of complexity , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[2]  Frank Thomson Leighton,et al.  An approximate max-flow min-cut theorem for uniform multicommodity flow problems with applications to approximation algorithms , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[3]  Yoram Singer,et al.  Using and combining predictors that specialize , 1997, STOC '97.

[4]  Ravi Kumar,et al.  Recommendation systems: a probabilistic analysis , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[5]  Atsuyoshi Nakamura Learning specialist decision lists , 1999, COLT '99.

[6]  Peter Auer,et al.  The Nonstochastic Multiarmed Bandit Problem , 2002, SIAM J. Comput..

[7]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[8]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[9]  Prabhakar Raghavan,et al.  Competitive recommendation systems , 2002, STOC '02.

[10]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[11]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[12]  John Riedl,et al.  Shilling recommender systems for fun and profit , 2004, WWW '04.

[13]  Mani B. Srivastava,et al.  Reputation-based framework for high integrity sensor networks , 2004, SASN '04.

[14]  John Langford,et al.  Telling humans and computers apart automatically , 2004, CACM.

[15]  Avrim Blum,et al.  Empirical Support for Winnow and Weighted-Majority Algorithms: Results on a Calendar Scheduling Domain , 2004, Machine Learning.

[16]  Ion Stoica,et al.  Robust incentive techniques for peer-to-peer networks , 2004, EC '04.

[17]  Boaz Patt-Shamir,et al.  Collaboration of untrusting peers with changing interests , 2004, EC '04.

[18]  Neil J. Hurley,et al.  Collaborative recommendation: A robustness analysis , 2004, TOIT.

[19]  Robert D. Kleinberg,et al.  Competitive collaborative learning , 2005, Journal of computer and system sciences (Print).

[20]  Alice Cheng,et al.  Sybilproof reputation mechanisms , 2005, P2PECON '05.

[21]  H. Rowaihy,et al.  Limiting Sybil Attacks in Structured Peer-to-Peer Networks , 2005 .

[22]  Boaz Patt-Shamir,et al.  Adaptive Collaboration in Peer-to-Peer Systems , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[23]  Rida A. Bazzi,et al.  On the establishment of distinct identities in overlay networks , 2005, PODC '05.

[24]  Mun Choon Chan,et al.  Pervasive Random Beacon in the Internet for Covert Coordination , 2005, Information Hiding.

[25]  Rakesh Kumar,et al.  Pollution in P2P file sharing systems , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[26]  Boaz Patt-Shamir,et al.  Improved recommendation systems , 2005, SODA '05.

[27]  Wolfgang Nejdl,et al.  Preventing shilling attacks in online recommender systems , 2005, WIDM '05.

[28]  Amos Fiat,et al.  Making Chord Robust to Byzantine Attacks , 2005, ESA.

[29]  Boaz Patt-Shamir,et al.  Tell Me Who I Am: An Interactive Recommendation System , 2006, SPAA '06.

[30]  Emin Gün Sirer,et al.  Experience with an Object Reputation System for Peer-to-Peer Filesharing , 2006, NSDI.

[31]  Gábor Lugosi,et al.  Prediction, learning, and games , 2006 .

[32]  Christian Scheideler,et al.  Towards a Scalable and Robust DHT , 2006, SPAA '06.

[33]  Nikita Borisov,et al.  Computational Puzzles as Sybil Defenses , 2006, Sixth IEEE International Conference on Peer-to-Peer Computing (P2P'06).

[34]  Boaz Patt-Shamir,et al.  Asynchronous Active Recommendation Systems , 2007, OPODIS.

[35]  Thomas F. La Porta,et al.  Limiting Sybil Attacks in Structured P2P Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[36]  Andreas Terzis,et al.  My Botnet Is Bigger Than Yours (Maybe, Better Than Yours): Why Size Estimates Remain Challenging , 2007, HotBots.

[37]  Yishay Mansour,et al.  From External to Internal Regret , 2005, J. Mach. Learn. Res..

[38]  Thomas P. Hayes,et al.  Online collaborative filtering with nearly optimal dynamic regret , 2007, SPAA '07.

[39]  Boaz Patt-Shamir,et al.  Collaborate with Strangers to Find Own Preferences , 2005, SPAA '05.

[40]  Paul Resnick,et al.  The influence limiter: provably manipulation-resistant recommender systems , 2007, RecSys '07.

[41]  Bamshad Mobasher,et al.  Towards Trustworthy Recommender Systems : An Analysis of Attack Models and Algorithm Robustness , 2007 .

[42]  John E. Hopcroft,et al.  Manipulation-Resistant Reputations Using Hitting Time , 2007, Internet Math..

[43]  Krishna P. Gummadi,et al.  Ostra: Leveraging Trust to Thwart Unwanted Communication , 2008, NSDI.

[44]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[45]  Paul Resnick,et al.  The information cost of manipulation-resistance in recommender systems , 2008, RecSys '08.

[46]  Thomas E. Anderson,et al.  Phalanx: Withstanding Multimillion-Node Botnets , 2008, NSDI.

[47]  Phillip B. Gibbons,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2006, IEEE/ACM Transactions on Networking.

[48]  Licia Capra,et al.  SOFIA: Social Filtering for Robust Recommendations , 2008, IFIPTM.

[49]  Lakshminarayanan Subramanian,et al.  Sybil-Resilient Online Content Voting , 2009, NSDI.

[50]  Cristina Nita-Rotaru,et al.  A survey of attack and defense techniques for reputation systems , 2009, CSUR.

[51]  Azadeh Iranmehr,et al.  Trust Management for Semantic Web , 2009, 2009 Second International Conference on Computer and Electrical Engineering.

[52]  Robert D. Kleinberg,et al.  Regret bounds for sleeping experts and bandits , 2010, Machine Learning.