SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks

Decentralized distributed systems such as peer-to-peer systems are particularly vulnerable to sybil attacks, where a malicious user pretends to have multiple identities (called sybil nodes). Without a trusted central authority, defending against sybil attacks is quite challenging. Among the small number of decentralized approaches, our recent SybilGuard protocol [H. Yu et al., 2006] leverages a key insight on social networks to bound the number of sybil nodes accepted. Although its direction is promising, SybilGuard can allow a large number of sybil nodes to be accepted. Furthermore, SybilGuard assumes that social networks are fast mixing, which has never been confirmed in the real world. This paper presents the novel SybilLimit protocol that leverages the same insight as SybilGuard but offers dramatically improved and near-optimal guarantees. The number of sybil nodes accepted is reduced by a factor of ominus(radicn), or around 200 times in our experiments for a million-node system. We further prove that SybilLimit's guarantee is at most a log n factor away from optimal, when considering approaches based on fast-mixing social networks. Finally, based on three large-scale real-world social networks, we provide the first evidence that real-world social networks are indeed fast mixing. This validates the fundamental assumption behind SybilLimit's and SybilGuard's approach.

[1]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[2]  Frank Thomson Leighton,et al.  An approximate max-flow min-cut theorem for uniform multicommodity flow problems with applications to approximation algorithms , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[3]  John Scott What is social network analysis , 2010 .

[4]  T. Lindvall Lectures on the Coupling Method , 1992 .

[5]  Jon M. Kleinberg,et al.  The small-world phenomenon: an algorithmic perspective , 2000, STOC '00.

[6]  Ravi Kumar,et al.  Sampling algorithms: lower bounds and applications , 2001, STOC '01.

[7]  M E J Newman,et al.  Community structure in social and biological networks , 2001, Proceedings of the National Academy of Sciences of the United States of America.

[8]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[9]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[10]  Hui Zhang,et al.  Predicting Internet network distance with coordinates-based approaches , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[11]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[12]  John Langford,et al.  CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.

[13]  Matthew Richardson,et al.  Trust Management for the Semantic Web , 2003, SEMWEB.

[14]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[15]  John Langford,et al.  Telling humans and computers apart automatically , 2004, CACM.

[16]  Ion Stoica,et al.  Robust incentive techniques for peer-to-peer networks , 2004, EC '04.

[17]  Ittai Abraham,et al.  Probabilistic quorums for dynamic systems , 2003, Distributed Computing.

[18]  Michael Mitzenmacher,et al.  Probability And Computing , 2005 .

[19]  Mao Yang,et al.  An Empirical Study of Free-Riding Behavior in the Maze P2P File-Sharing System , 2005, IPTPS.

[20]  Alice Cheng,et al.  Sybilproof reputation mechanisms , 2005, P2PECON '05.

[21]  George Danezis,et al.  Sybil-Resistant DHT Routing , 2005, ESORICS.

[22]  Mary Baker,et al.  The LOCKSS peer-to-peer digital preservation system , 2005, TOCS.

[23]  Rida A. Bazzi,et al.  On the establishment of distinct identities in overlay networks , 2005, PODC '05.

[24]  Stephen P. Boyd,et al.  Gossip algorithms: design, analysis and applications , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[25]  Adrian Perrig,et al.  Distributed detection of node replication attacks in sensor networks , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[26]  Amos Fiat,et al.  Making Chord Robust to Byzantine Attacks , 2005, ESA.

[27]  Jon M. Kleinberg,et al.  Group formation in large social networks: membership, growth, and evolution , 2006, KDD '06.

[28]  Emin Gün Sirer,et al.  Experience with an Object Reputation System for Peer-to-Peer Filesharing , 2006, NSDI.

[29]  Abraham D. Flaxman Expansion and Lack Thereof in Randomly Perturbed Graphs , 2006, WAW.

[30]  Christian Scheideler,et al.  Towards a Scalable and Robust DHT , 2006, SPAA '06.

[31]  Nick Feamster,et al.  Understanding the network-level behavior of spammers , 2006, SIGCOMM.

[32]  Abraham D. Flaxman,et al.  Expansion and Lack Thereof in Randomly Perturbed Graphs , 2007, Internet Math..

[33]  Ben Y. Zhao,et al.  An Empirical Study of Collusion Behavior in the Maze P2P File-Sharing System , 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07).

[34]  Taoufik En-Najjary,et al.  Exploiting KAD: possible uses and misuses , 2007, CCRV.

[35]  Krishna P. Gummadi,et al.  Measurement and analysis of online social networks , 2007, IMC '07.

[36]  Brian Neil Levine,et al.  Informant: Detecting Sybils Using Incentives , 2007, Financial Cryptography.

[37]  Aravind Srinivasan,et al.  Efficient lookup on unstructured topologies , 2005, IEEE Journal on Selected Areas in Communications.

[38]  Michael Kaminsky,et al.  Toward an optimal social network defense against Sybil attacks , 2007, PODC '07.

[39]  Jure Leskovec,et al.  Statistical properties of community structure in large social and information networks , 2008, WWW.

[40]  Krishna P. Gummadi,et al.  Ostra: Leveraging Trust to Thwart Unwanted Communication , 2008, NSDI.

[41]  Michael Kaminsky,et al.  SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks , 2008, S&P 2008.

[42]  Phillip B. Gibbons,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2006, IEEE/ACM Transactions on Networking.

[43]  Feng Xiao,et al.  DSybil: Optimal Sybil-Resistance for Recommendation Systems , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[44]  Lakshminarayanan Subramanian,et al.  Sybil-Resilient Online Content Voting , 2009, NSDI.

[45]  George Danezis,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2009, NDSS.

[46]  Shriram K. Vasudevan,et al.  Sybil Guard: Defending Against Sybil Attacks via Social Networks , 2010 .