Mistaking friends for foes: an analysis of a social network-based Sybil defense in mobile networks

The Sybil attack is very challenging in the context of distributed systems; Sybil nodes with multiple identities try to deviate the behavior of the overall system from normal behavior. Recently, there have been a lot of interests in social-network based Sybil defenses weighing the trust in social networks to detect Sybil nodes. Such defenses use some algorithmic properties relating to the topological structure of the social networks. However, the use of those properties without validating them in realistic settings makes their applicability impossible in the real-world applications. In this paper, we discuss such inapplicability by analyzing MobID, a recently proposed defense for mobile environments which claims that existing defenses have largely been designed for peer-to-peer networks. MobID uses the betweenness, a graph-theoretic property in the social graph, as a metric of the goodness of nodes in order to defend against the Sybil attacks. By using this betweenness, MobID operates on two fundamental assumptions: i) highly enmeshed nodes in the social graphs have a nonzero betweenness, and ii) verifiers and suspects in an honest social graph have common friends. However, extensive experiments and detailed analysis with real-world social network traces show that these assumptions do not hold well. Accordingly, MobID does not work for a great portion of the network, which is in some cases greater than 50% of the network size, even when not using a threshold on the betweenness. By setting a very low, highly-precise threshold of the betweenness (e.g., less than 10-4), we observe a dramatic loss in the performance of MobID, which corresponds to 8%--30% overall acceptance rates of honest nodes (and the remaining nodes are rejected). On the other hand, we observe that existing work, as well as other recently proposed work that is based on the community structure, can be used as an alternative for Sybil defenses in the same context.

[1]  Chandra Prakash,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2011 .

[2]  Nikita Borisov,et al.  Computational Puzzles as Sybil Defenses , 2006, Sixth IEEE International Conference on Peer-to-Peer Computing (P2P'06).

[3]  Aziz Mohaisen,et al.  Keep your friends close: Incorporating trust into social network-based Sybil defenses , 2011, 2011 Proceedings IEEE INFOCOM.

[4]  Krishna P. Gummadi,et al.  An analysis of social network-based Sybil defenses , 2010, SIGCOMM 2010.

[5]  M. Frans Kaashoek,et al.  Whanau: A Sybil-proof Distributed Hash Table , 2010, NSDI.

[6]  Thomas E. Anderson,et al.  Privacy-preserving P2P data sharing with OneSwarm , 2010, SIGCOMM '10.

[7]  Sébastien Tixeuil,et al.  Universe Detectors for Sybil Defense in Ad Hoc Wireless Networks , 2008, SSS.

[8]  Heon Young Yeom,et al.  Load-Balanced and Sybil-Resilient File Search in P2P Networks , 2008, OPODIS.

[9]  Chris Lesniewski-Laas,et al.  A Sybil-proof one-hop DHT , 2008, SocialNets '08.

[10]  Dahlia Malkhi,et al.  On spreading recommendations via social gossip , 2008, SPAA '08.

[11]  Jennifer Neville,et al.  Modeling relationship strength in online social networks , 2010, WWW '10.

[12]  Jure Leskovec,et al.  Statistical properties of community structure in large social and information networks , 2008, WWW.

[13]  John M. Brooke,et al.  Authentication Mechanisms for Mobile Ad-Hoc Networks and Resistance to Sybil Attack , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[14]  Leonard M. Freeman,et al.  A set of measures of centrality based upon betweenness , 1977 .

[15]  Michael Kaminsky,et al.  Toward an optimal social network defense against Sybil attacks , 2007, PODC '07.

[16]  Krishna P. Gummadi,et al.  Measurement and analysis of online social networks , 2007, IMC '07.

[17]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[18]  Daniele Quercia,et al.  Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue , 2010, 2010 Proceedings IEEE INFOCOM.

[19]  Matteo Dell Amico A Measurement of Mixing Time in Social Networks , 2009 .

[20]  Michael Ley,et al.  The DBLP Computer Science Bibliography: Evolution, Research Issues, Perspectives , 2002, SPIRE.

[21]  Aziz Mohaisen,et al.  Measuring the mixing time of social graphs , 2010, IMC '10.

[22]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[23]  Peng Ning,et al.  Privacy-Preserving Detection of Sybil Attacks in Vehicular Ad Hoc Networks , 2007, 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services (MobiQuitous).

[24]  Lakshminarayanan Subramanian,et al.  Sybil-Resilient Online Content Voting , 2009, NSDI.

[25]  Jure Leskovec,et al.  Predicting positive and negative links in online social networks , 2010, WWW '10.

[26]  Ben Y. Zhao,et al.  User interactions in social networks and their implications , 2009, EuroSys '09.

[27]  Wen-Chung Chang,et al.  Detecting Sybil attacks in Wireless Sensor Networks using neighboring information , 2009, Comput. Networks.

[28]  Krishna P. Gummadi,et al.  You are who you know: inferring user profiles in online social networks , 2010, WSDM '10.

[29]  Lakshminarayanan Subramanian,et al.  Brief announcement: improving social-network-based sybil-resilient node admission control , 2010, PODC '10.

[30]  Peng Ning,et al.  Defending against Sybil attacks in sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[31]  Seungyeop Han,et al.  Analysis of topological characteristics of huge online social networking services , 2007, WWW '07.

[32]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[33]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks , 2010, IEEE/ACM Trans. Netw..