Safeguarding Against Sybil Attacks via Social Networks and Multipath Routing

Peer-to-peer (P2P) overlay networks are currently being used to build large scale distributed systems running various decentralized applications like distributed storage, content distribution, collaborative scheduling, and leader election. Although we have protocols like Byzantine agreement, voting schemes etc. for building resilient distributed applications; we have very few solutions available for safeguarding these distributed protocols from Sybil attacks. In a Sybil attack, an adversary could forge multiple identities and create multiple, distinct nodes in the system hence overthrowing any upper bound on number of malicious nodes in these protocols. In this paper, we present a multipath routing protocol using graph theoretic approach to group the Sybil nodes first and then to poll them using host identity protocol (HIP) to decide upon whether they really belong to a Sybil group. HIP clearly separates participating users from overlay nodes. It overcomes P2P network challenges like stability over time and identity differentiation. We also use a social network where the attack edges are minimum. An attack edge between a malicious user and an honest user indicates that the malicious user is able to establish a trust relationship with the honest user by some means. We perform simulations to show the feasibility of our distributed protocol.

[1]  Alice Cheng,et al.  Sybilproof reputation mechanisms , 2005, P2PECON '05.

[2]  Ravi Kumar,et al.  Structure and evolution of online social networks , 2006, KDD '06.

[3]  Hannes Hartenstein,et al.  Defending the Sybil attack in P2P networks: taxonomy, challenges, and a proposal for self-registration , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[4]  P. Thompson Digital Identity , 2003 .

[5]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[6]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[7]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[8]  Amos Fiat,et al.  Making Chord Robust to Byzantine Attacks , 2005, ESA.

[9]  Petri Jokela Using ESP transport format with HIP , 2005 .

[10]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[11]  Rida A. Bazzi,et al.  On the establishment of distinct identities in overlay networks , 2005, PODC '05.

[12]  Jon M. Kleinberg,et al.  The small-world phenomenon: an algorithmic perspective , 2000, STOC '00.

[13]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[14]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[15]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[16]  George Danezis,et al.  Sybil-Resistant DHT Routing , 2005, ESORICS.

[17]  Pekka Nikander,et al.  Host Identity Protocol (HIP) Architecture , 2006, RFC.

[18]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[19]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[20]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[21]  Wenjie Wang,et al.  A contextual framework for combating identity theft , 2006, IEEE Security & Privacy.