SybilGuard: Defending Against Sybil Attacks via Social Networks - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

SybilGuard: Defending Against Sybil Attacks via Social Networks

Description:

Graph Theoretic Model and Problem Formulation. Overview of ... As the scale of a decentralized distributed system increases. Malicious behavior become a norm ... – PowerPoint PPT presentation

Number of Views:247
Avg rating:3.0/5.0
Slides: 18
Provided by: arlW
Category:

less

Transcript and Presenter's Notes

Title: SybilGuard: Defending Against Sybil Attacks via Social Networks


1
SybilGuard Defending Against Sybil Attacksvia
Social Networks
Presented by Sailesh Kumar
2
Overview
  • Introduction to sybil attack
  • Graph Theoretic Model and Problem Formulation
  • Overview of SybilGuard
  • Complete Design
  • Simulation Results and Analysis
  • Conclusion

3
Introduction to the Problem
  • As the scale of a decentralized distributed
    system increases
  • Malicious behavior become a norm
  • If 1/3 nodes are malicious gt no guarantee
  • Sybil attacks a user takes multiple identities
  • Can easily create n/3 sybil nodes
  • Using Central Authority
  • Can Control Sybil attacks
  • Worldwide trusted central authority is
    problematic
  • Central authority may become the bottleneck
  • DoS
  • May scare away potential users
  • Defending against sybil attacks is difficult
  • IP address harvesting
  • Intelligent adversary

4
Problem Formulation and Objective
  • Social network
  • n honest human users
  • 1 malicious users multiple sybil identities
  • Devise a defense system against sybil attacks
  • SybilGuard enables an honest node to identify
    other nodes
  • Verifier node V can verify if suspect node S is
    malicious
  • Guaranteed bound on number of sybil groups
  • Divides n nodes into m equivalence classes
  • A group is sybil if it contains 1 sybil nodes
  • Guaranteed bound on size of sybil groups
  • In a group, at most w sybil nodes
  • Completely decentralized
  • An honest node accepts honest nodes with high
    probability
  • Rejects malicious nodes with high probability
  • Accepts bounded number of sybil nodes

5
Social Network
  • Millions of users (nodes)
  • Friends are connected by an edge (friends)
  • Usually degree of a nodes is small (30)
  • A malicious user fools an honest user
  • Creates an attack edge
  • SybilGuard limits number of attack edges
  • Independent of number of sybil identities
  • Friends share a secret edge key
  • Edge keys are assigned out-of-band

6
Trends
  • Social networks are fast mixing
  • Many sybil nodes disrupts this property
  • Creates a low quotient cut in the graph
  • We assume that number of attack edges are few
  • Out-of-band edge creation
  • In real life a malicious user can not create many
    real friends
  • Multiple identities are not useful
  • SybilGuard does not try to
  • detect low quotient cuts
  • but rather proposes an
  • effective decentralized
  • approach

7
Random Routes
  • Foundation of SybilGuard different from random
    walk
  • Random route begins at a random edge of a node
  • At every node
  • For an incoming edge i, there is a unique
    outgoing edge j
  • Thus, input to output is one-to-one mapped
  • A node A with d neighbors uniformly randomly
    chooses a permutation x1,x2, . . . ,xd among
    all permutations of 1,2, . . . ,d.
  • If a random route comes from the ith edge, A uses
    edge xi as the next hop.

8
Properties of Random Routes
  • Convergence
  • Once two routes merge, they will remain merged
  • Routes are back-traceable
  • There can be only one route with length w that
    traverses e along the given direction at its ith
    hop
  • If two random routes ever share an edge in the
    same direction, then one of them must start in
    the middle of the other
  • Cycles can exist, but with low probability
  • Prob. (diameter k cycle) 1/d(k-2)

9
SybilGuard Algorithm
  • node V verify node S
  • V computes d random routes (length w)
  • S computes d random routes (length w)
  • If d/2 random routes intersects, accept S
  • Else reject S
  • If few attack edges, then a sybil nodes random
    route is less likely to reach honest region
  • And vice-versa

10
SybilGuard Design
  • Decentralized design
  • Each node performs d random routes
  • A node registers with all nodes along its random
    routes
  • Registration is done using public-private key

11
SybilGuard Design
  • Witness tables
  • Reverse registration table
  • Stores all downstream nodes along a random route
  • Registration table stores upstream nodes
  • This table also contains IP addresses of the
    nodes
  • Will see why?

12
Validation Process (V verifies S)
  • S sends all its witness tables to V
  • V intersects its own witness tables with those of
    S
  • If intersection point X
  • V contacts X (using IP address in witness table)
  • Authenticates with private key of X
  • Checks if V is present in Xs registry table
  • If yes, then this route accepts S
  • If d/2 routes accept S, then V accepts S

V
X
S
13
Length of Random Routes
  • It has been shown that
  • If w T(vnlogn), then honest routes will
    intersect with high probability
  • Also the probability that a honest random route
    will reach sybil region is low
  • Nodes locally determine w
  • Node A does small random walk and lets say
    reaches node B
  • A and B intersects their witness table
  • The distance m of first intersection point
    determines w
  • w 2.1m
  • 2.1 is derived from analysis of Birthday Paradox
    distributions

14
SybilGuard Dynamics
  • Dealing with offline nodes
  • Bypass them
  • Use lookahead routing tables
  • Store information about next k hops
  • Incremental routing table maintenance
  • New nodes only slightly changes current routing
    permutation
  • Like DHT

15
Probability of Intersection
  • Probability of intersection of honest routes
  • 1 million nodes
  • Node degree 24

24 random routes, Accept if 10 intersections
16
Probability of False Detection
  • Probability that honest routes remain in honest
    region

17
Discussion
  • An honest node accepts other honest nodes with
    99.8 prob?
  • How about remaining 0.2 probability?
  • How to apply SybilGuard to completely virtual
    social networks where there are few real friends?
  • Compromised computers
  • Hundreds of thousands
  • Millions of attacks edges
  • SybilGuard will fail
  • Are Social networks indeed big or small?
Write a Comment
User Comments (0)
About PowerShow.com