Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Sybil Attack By John R. Douceur Presented by Samuel Petreski March 31, 2009.

Similar presentations


Presentation on theme: "The Sybil Attack By John R. Douceur Presented by Samuel Petreski March 31, 2009."— Presentation transcript:

1 The Sybil Attack By John R. Douceur Presented by Samuel Petreski March 31, 2009

2  Terminology  Background  Motivation for Sybil Attack  Formal Model  Lemmas  Conclusion  Resources Outline

3  Entity › An entity is a collection of material resources, of specifiable minimal size, under control of a single group  Identity › Persistent information abstraction provably associated with a set of communication events  Validation › Determination of identity differences Terminology

4  Existence of multiple unique identities to mitigate possible damage by other hostile entities › Increase and improve system reliability (replication) › Protect against integrity violations (data loss) and privacy violations (data leakage)  Lowers system reliability › The same entity creates multiple identities Background

5  One entity presents multiple identities for malicious intent  Disrupt geographic and multi-path routing protocols by “being in more than one place at once” and reducing diversity  Relevant in many contexts › P2P network › Ad hoc networks › Wireless sensor networks Motivation for Sybil Attack

6  A set of infrastructural entities e  A broadcast communication cloud  A pipe connecting each entity to the cloud  Entity Subset C ( correct )  Entity Subset F ( faulty )  Links are virtual, not physical › Accounts for spoofing and packet sniffing › Does not provide for central means of ID Formal Model

7

8  Lemma 1 › “If p is the ratio of the resources of a faulty entity to the resources of a minimally capable entity, then f can present g=floor(p) distinct identities to local entity L” › Lower bound ->Upper bound  Restricting communication resources  Restricting storage resources  Restricting computation resources Lemmas (Direct Validation)

9  Lemma 2 › “If a local entity L accepts entities that are not validated simultaneously, then a single faulty entity f can present an arbitrarily large number of distinct identities to entity L”  Intrinsically temporal resources, make this lemma insurmountable  If an accepted entity ever fails to meet a challenge, we can catch a Sybil attack Lemmas (Direct Validation)

10  Lemma 3 › “If local entity L accepts any identity vouched for by q accepted identities, then a set F of faulty entities can present an arbitrarily large number of distinct to L if either |F|>=q, or the collective resources available to F at least equals q+|F| minimally capable entities” › Trivially evident Lemmas (Indirect Validation)

11  Lemma 4 › “If the correct entities in set C do not coordinate time intervals during which they accept identities, and if local entity L accepts any identity vouched for by q accepted identities, then even a minimally capable faulty entity f can present g=floor(|C|/q) distinct identities to L.” › As in Lemma 1, this shows that a faulty entity can amplify its influence, and related number of faulty entities to faulty identities. Lemmas (Indirect Validation)

12  P2P systems use redundancy to diminish dependence on hostile peers  Systems relying on implicit certification are particularly vulnerable ( eg. IPv6 )  Absence of identification authority requires issuance of ‘challenges’ to determine veracity Conclusion

13 Questions

14  John Douceur: The Sybil Attack. IPTPS /101.pdf 2/101.pdf  attack.ppt attack.ppt  Brian N. Levin: A Survey of Solutions to the Sybil Attack. e.sybil.tr.2006.pdf e.sybil.tr.2006.pdf  Wikipedia: Sybil Attack. Resources


Download ppt "The Sybil Attack By John R. Douceur Presented by Samuel Petreski March 31, 2009."

Similar presentations


Ads by Google