Canal: scaling social network-based Sybil tolerance schemes

There has been a flurry of research on leveraging social networks to defend against multiple identity, or Sybil, attacks. A series of recent works does not try to explicitly identify Sybil identities and, instead, bounds the impact that Sybil identities can have. We call these approaches Sybil tolerance; they have shown to be effective in applications including reputation systems, spam protection, online auctions, and content rating systems. All of these approaches use a social network as a credit network, rendering multiple identities ineffective to an attacker without a commensurate increase in social links to honest users (which are assumed to be hard to obtain). Unfortunately, a hurdle to practical adoption is that Sybil tolerance relies on computationally expensive network analysis, thereby limiting widespread deployment. To address this problem, we first demonstrate that despite their differences, all proposed Sybil tolerance systems work by conducting payments over credit networks. These payments require max flow computations on a social network graph, and lead to poor scalability. We then present Canal, a system that uses landmark routing-based techniques to efficiently approximate credit payments over large networks. Through an evaluation on real-world data, we show that Canal provides up to a three-order-of-magnitude speedup while maintaining safety and accuracy, even when applied to social networks with millions of nodes and hundreds of millions of edges. Finally, we demonstrate that Canal can be easily plugged into existing Sybil tolerance schemes, enabling them to be deployed in an online fashion in real-world systems.

[1]  Gerhard Weikum,et al.  Fast and accurate estimation of shortest paths in large graphs , 2010, CIKM.

[2]  Krishna P. Gummadi,et al.  An analysis of social network-based Sybil defenses , 2010, SIGCOMM 2010.

[3]  Vern Paxson,et al.  Detecting and Analyzing Automated Activity on Twitter , 2011, PAM.

[4]  Haifeng Yu,et al.  Sybil defenses via social networks: a tutorial and survey , 2011, SIGA.

[5]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[6]  Jure Leskovec,et al.  Empirical comparison of algorithms for network community detection , 2010, WWW '10.

[7]  Ashish Goel,et al.  Liquidity in credit networks: a little trust goes a long way , 2010 .

[8]  T. C. Hu,et al.  Multi-Terminal Network Flows , 1961 .

[9]  Krishna P. Gummadi,et al.  Measurement and analysis of online social networks , 2007, IMC '07.

[10]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[11]  Douglas P. Gregor,et al.  The Parallel BGL : A Generic Library for Distributed Graph Computations , 2005 .

[12]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[13]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks , 2010, IEEE/ACM Trans. Netw..

[14]  Emin Gün Sirer,et al.  Experience with an Object Reputation System for Peer-to-Peer Filesharing , 2006, NSDI.

[15]  Chandra Prakash,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2011 .

[16]  Daniele Quercia,et al.  Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue , 2010, 2010 Proceedings IEEE INFOCOM.

[17]  Lakshminarayanan Subramanian,et al.  Optimal Sybil-resilient node admission control , 2011, 2011 Proceedings IEEE INFOCOM.

[18]  Shriram K. Vasudevan,et al.  Sybil Guard: Defending Against Sybil Attacks via Social Networks , 2010 .

[19]  Sreenivas Gollapudi,et al.  A sketch-based distance oracle for web-scale graphs , 2010, WSDM '10.

[20]  Ted Wobber,et al.  Moderately hard, memory-bound functions , 2005, TOIT.

[21]  Aart J. C. Bik,et al.  Pregel: a system for large-scale graph processing , 2010, SIGMOD Conference.

[22]  D. R. Fulkerson,et al.  Maximal Flow Through a Network , 1956 .

[23]  Hawoong Jeong,et al.  Comparison of online social relations in volume vs interaction: a case study of cyworld , 2008, IMC '08.

[24]  Leslie G. Valiant,et al.  A bridging model for parallel computation , 1990, CACM.

[25]  Erdong Chen,et al.  Facebook immune system , 2011, SNS '11.

[26]  Ben Y. Zhao,et al.  Understanding latent interactions in online social networks , 2010, TWEB.

[27]  Dorothea Wagner,et al.  Fully-Dynamic Cut Tree Construction , 2011 .

[28]  Sven Seuken,et al.  On the Sybil-Proofness of Accounting Mechanisms , 2011 .

[29]  Earl T. Barr,et al.  TrustDavis: a non-exploitable online reputation system , 2005, Seventh IEEE International Conference on E-Commerce Technology (CEC'05).

[30]  Krishna P. Gummadi,et al.  On the evolution of user interaction in Facebook , 2009, WOSN '09.

[31]  Aziz Mohaisen,et al.  Measuring the mixing time of social graphs , 2010, IMC '10.

[32]  David M. Pennock,et al.  Mechanism Design on Trust Networks , 2007, WINE.

[33]  Stefan Savage,et al.  Dirty Jobs: The Role of Freelance Labor in Web Service Abuse , 2011, USENIX Security Symposium.

[34]  Krishna P. Gummadi,et al.  Growth of the flickr social network , 2008, WOSN '08.

[35]  Krishna P. Gummadi,et al.  Exploring the design space of social network-based Sybil defenses , 2012, 2012 Fourth International Conference on Communication Systems and Networks (COMSNETS 2012).

[36]  Alan Mislove,et al.  Bazaar: Strengthening User Reputations in Online Marketplaces , 2011, NSDI.

[37]  Krishna P. Gummadi,et al.  Ostra: Leveraging Trust to Thwart Unwanted Communication , 2008, NSDI.

[38]  Nikita Borisov,et al.  Computational Puzzles as Sybil Defenses , 2006, Sixth IEEE International Conference on Peer-to-Peer Computing (P2P'06).

[39]  M. Frans Kaashoek,et al.  Whanau: A Sybil-proof Distributed Hash Table , 2010, NSDI.

[40]  M. Mitzenmacher,et al.  Probability and Computing: Chernoff Bounds , 2005 .

[41]  Ben Y. Zhao,et al.  Uncovering social network Sybils in the wild , 2011, ACM Trans. Knowl. Discov. Data.

[42]  Andrew V. Goldberg,et al.  A new approach to the maximum flow problem , 1986, STOC '86.

[43]  P. F. Tsuchiya The landmark hierarchy: a new hierarchy for routing in very large networks , 1988, SIGCOMM.

[44]  Krishna P. Gummadi,et al.  Limiting large-scale crawls of social networking sites , 2011, SIGCOMM.

[45]  Lakshminarayanan Subramanian,et al.  Sybil-Resilient Online Content Voting , 2009, NSDI.