Mitigation of Sybil Attacks in Structured P2P Overlay Networks

Sybils, i.e., the bane of malicious identities under a common control entity, are commonly controlled by an attacker. In Sybil attack, a single malicious user forges multiple fake identities and pretends to be multiple, distinct physical node in the system. However, Sybil attack is one of the most dangerous attacks that plague current structured Peer-to-Peer overlay networks. This attack is employed to target honest peers and hence subvert the system. In this paper, we describe a new methodology to analyze, detect, and mitigate Sybil attacks. We examine in detail this attack, the most challenging problem that currently propagates in structured Peer-to-Peer overlay networks. We identify features and search for behavioral attributes that may serve to identify such attacks. We were able to analyze them in depth, using honey pots, which allows us to collect information to distinguish Sybil nodes from honest nodes. Furthermore, we introduce a mitigation strategy that alleviates some of the effects of such an attack by injecting some commands into the Sybil node or subvert the communication channel.

[1]  Hannes Hartenstein,et al.  Defending the Sybil attack in P2P networks: taxonomy, challenges, and a proposal for self-registration , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[2]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[3]  Antony I. T. Rowstron,et al.  PAST: a large-scale, persistent peer-to-peer storage utility , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[4]  Margo I. Seltzer,et al.  Distributed, secure load balancing with skew, heterogeneity and churn , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[5]  Gade Krishna,et al.  A scalable peer-to-peer lookup protocol for Internet applications , 2012 .

[6]  Thomas F. La Porta,et al.  Limiting Sybil Attacks in Structured P2P Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[7]  Ben Y. Zhao,et al.  Tapestry: a resilient global-scale overlay for service deployment , 2004, IEEE Journal on Selected Areas in Communications.

[8]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[9]  Rida A. Bazzi,et al.  On the establishment of distinct identities in overlay networks , 2005, PODC '05.

[10]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[11]  Christian Scheideler,et al.  Group Spreading: A Protocol for Provably Secure Distributed Name Service , 2004, ICALP.

[12]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[13]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[14]  D. Janaki Ram,et al.  SyMon: Defending large structured P2P systems against Sybil attack , 2009, 2009 IEEE Ninth International Conference on Peer-to-Peer Computing.

[15]  Brian Neil Levine,et al.  A Survey of Solutions to the Sybil Attack , 2006 .

[16]  Nikita Borisov,et al.  Computational Puzzles as Sybil Defenses , 2006, Sixth IEEE International Conference on Peer-to-Peer Computing (P2P'06).

[17]  Felix C. Freiling,et al.  The Nepenthes Platform: An Efficient Approach to Collect Malware , 2006, RAID.