Presentation is loading. Please wait.

Presentation is loading. Please wait.

SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan."— Presentation transcript:

1 SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan Carr Slides adapted from a presentation by Haifeng Yupresentation

2 Haifeng Yu, Intel Research / CMU  National University of Singapore 2 Background: Sybil Attack  Sybil attack: Single user obtains many fake identities  Creating multiple accounts from different IP addresses  Sybil identities can become a large fraction of all identities  Out-vote honest users in collaborative tasks launch sybil attack honest malicious

3 Haifeng Yu, Intel Research / CMU  National University of Singapore 3 Background: Defending Against Sybil Attack  Using a trusted central authority  Tie identities to actual human beings  Not always desirable  Can be hard to find such authority  Sensitive info may scare away users  Potential bottleneck and target of attack  Without a trusted central authority  Impossible unless using special assumptions [Douceur’02]  Resource challenges not sufficient -- adversary can have much more resources than typical user

4 Haifeng Yu, Intel Research / CMU  National University of Singapore 4 SybilGuard Basic Insight: Leveraging Social Networks  Undirected graph  Nodes = identities  Edges = strong trust  e.g., colleagues, relatives Our Social Network Definition

5 Haifeng Yu, Intel Research / CMU  National University of Singapore 5 SybilGuard Basic Insight malicious user honest nodes sybil nodes Observation: Adversary cannot create extra edges between honest nodes and sybil nodes attack edges  n honest users: One identity/node each  Malicious users: Multiple identities each (sybil nodes)‏ All Sybil nodes can collude Sybil nodes = The Adversary

6 Haifeng Yu, Intel Research / CMU  National University of Singapore 6 SybilGuard Basic Insight honest nodes sybil nodes Disproportionally small cut disconnecting a large number of identities But cannot search for such cut via brute-force…

7 Haifeng Yu, Intel Research / CMU  National University of Singapore 7 Outline  Motivation and SybilGuard basic insight  Overview of SybilGuard: Random routes  Properties of SybilGuard protocol  Evaluation results  Conclusions

8 Haifeng Yu, Intel Research / CMU  National University of Singapore 8 Goal of Sybil Defense  Goal: Enable a verifier node to decide whether to accept another suspect node  Accept: Provide service to / receive service from  Idealized guarantee: An honest node accepts and only accepts other honest nodes  SybilGuard:  Bounds the number of sybil nodes accepted  Guarantees are with high probability  Approach: Acceptance based on random route intersection between verifier and suspect

9 Haifeng Yu, Intel Research / CMU  National University of Singapore 9 Random Walk Review pick random edge d pick random edge c pick random edge e a bd e f c

10 Haifeng Yu, Intel Research / CMU  National University of Singapore 10 Random 1 to 1 mapping between incoming edge and outgoing edge Random Route: Convergence a -> d b -> a c -> b d -> c d -> e e -> d f -> f a b c d e f randomized routing table Using routing table gives Convergence Property: Routes merge if crossing the same edge

11 Haifeng Yu, Intel Research / CMU  National University of Singapore 11 Random Route: Back-traceable a -> d b -> a c -> b d -> c d -> e e -> d f -> f a b c d e f Using 1-1 mapping gives Back-traceable Property: Routes may be back-traced If we know the route traverses edge e, then we know the whole route

12 Haifeng Yu, Intel Research / CMU  National University of Singapore 12 Random Route Intersection: Honest Nodes  Verifier accepts a suspect if the two routes intersect  Route length w:  W.h.p., verifier’s route stays within honest region  W.h.p., routes from two honest nodes intersect sybil nodeshonest nodes Verifier Suspect

13 Haifeng Yu, Intel Research / CMU  National University of Singapore 13 Random Route Intersection: Sybil Nodes  SybilGuard bounds the number of accepted sybil nodes within g*w  g: Number of attack edges  w: Length of random routes  Next …  Convergence property to bound the number of intersections within g  Back-traceable property to bound the number of accepted sybil nodes per intersection within w

14 Haifeng Yu, Intel Research / CMU  National University of Singapore 14 Bound # Intersections Within g  Convergence: Each attack edge gives one intersection At most g intersections with g attack edges sybil nodeshonest nodes Verifier Suspect must cross attack edge to intersect even if sybil nodes do not follow the protocol same intersection Intersection = (node, incoming edge

15 Haifeng Yu, Intel Research / CMU  National University of Singapore 15 Bound # Sybil Nodes Accepted per Intersection within w  Back-traceable: Each intersection should correspond to routes from at most w honest nodes  Verifier accepts at most w nodes per intersection  Will not hurt honest nodes Verifier for a given intersection

16 Haifeng Yu, Intel Research / CMU  National University of Singapore 16 Summary of SybilGuard Guarantees  Power of the adversary:  Unlimited number of colluding sybil nodes  Sybil nodes may not follow SybilGuard protocol  W.h.p., honest node accepts ≤ g*w sybil nodes  g: # of attack edges  w: Length of random route effective replication not much larger than n majority voting n byzantine consensus n/2n/2 Then apps can do If SybilGuard bounds # accepted sybil nodes within

17 Haifeng Yu, Intel Research / CMU  National University of Singapore 17 Outline  Motivation and SybilGuard basic insight  Overview of SybilGuard: Random routes  Properties of SybilGuard protocol  Evaluation results  Conclusions

18 Haifeng Yu, Intel Research / CMU  National University of Singapore 18 SybilGuard Protocol  Security:  Protocol ensures that nodes cannot lie about their random routes in the honest region  Decentralized:  No one has global view  Nodes only communicate with direct neighbors in the social network when doing random routes

19 Haifeng Yu, Intel Research / CMU  National University of Singapore 19   Efficiency: Random routes are performed only once and then “remembered”   No more message exchanges needed unless the social network changes   Verifier incurs O(1) messages to verify a suspect   User and node dynamics:   Different from DHTs, node churn is a non-problem in SybilGuard …   See paper for all the details … SybilGuard Protocol (continued)‏

20 Haifeng Yu, Intel Research / CMU  National University of Singapore 20 Outline  Motivation and SybilGuard basic insight  Overview of SybilGuard: Random routes  Properties of SybilGuard protocol  Evaluation results  Conclusions

21 Haifeng Yu, Intel Research / CMU  National University of Singapore 21 Evaluation Results  Simulation based on synthetic social network model [Kleinberg’00] for 10 6, 10 4, 10 2 nodes  With 2500 attack edges (i.e., adversary has acquired 2500 social trust relationships):  Honest node accepts honest node with 99.8% prob  99.8% honest node properly bounds the number of accepted sybil nodes  See paper for full results …

22 Haifeng Yu, Intel Research / CMU  National University of Singapore 22 Outline  Motivation and SybilGuard basic insight  Overview of SybilGuard: Random routes  Properties of SybilGuard protocol  Evaluation results  Conclusions

23 Haifeng Yu, Intel Research / CMU  National University of Singapore 23 Conclusions  Sybil attack: Serious threat to collaborative tasks in decentralized systems  SybilGuard: Fully decentralized defense protocol  Based on random routes on social networks  Effectiveness shown via simulation and analysis  Future work:  Implementation nearly finished  Evaluation using real and large-scale social networks

24 SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip Gibbons, Abraham Flaxman Full Technical Report available at: http://www.cs.cmu.edu/~yhf or Google “SybilGuard”

Download ppt "SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan."

Similar presentations

An analysis of Social Network-based Sybil defenses Bimal Viswanath § Ansley Post § Krishna Gummadi § Alan Mislove ¶ § MPI-SWS ¶ Northeastern University.

An analysis of Social Network-based Sybil defenses Bimal Viswanath § Ansley Post § Krishna Gummadi § Alan Mislove ¶ § MPI-SWS ¶ Northeastern University.
Chris Karlof and David Wagner

Chris Karlof and David Wagner
I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.

I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Krishna P. Gummadi Networked Systems Research Group MPI-SWS

Krishna P. Gummadi Networked Systems Research Group MPI-SWS
Identity Theft Protection in Structured Overlays Lakshmi Ganesh Ben Y. Zhao University of California, Santa Barbara NPSec 2005.

Identity Theft Protection in Structured Overlays Lakshmi Ganesh Ben Y. Zhao University of California, Santa Barbara NPSec 2005.
Authors Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, Abraham Flaxman Presented by: Jonathan di Costanzo & Muhammad Atif Qureshi 1.

Authors Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, Abraham Flaxman Presented by: Jonathan di Costanzo & Muhammad Atif Qureshi 1.
An Analysis of Social Network-Based Sybil Defenses Sybil Defender

An Analysis of Social Network-Based Sybil Defenses Sybil Defender
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
TRUST Spring Conference, April 2-3, 2008 Write Markers for Probabilistic Quorum Systems Michael Merideth, Carnegie Mellon University Michael Reiter, University.

TRUST Spring Conference, April 2-3, 2008 Write Markers for Probabilistic Quorum Systems Michael Merideth, Carnegie Mellon University Michael Reiter, University.
Toward an Optimal Social Network Defense Against Sybil Attacks Haifeng Yu National University of Singapore Phillip B. Gibbons Intel Research Pittsburgh.

Toward an Optimal Social Network Defense Against Sybil Attacks Haifeng Yu National University of Singapore Phillip B. Gibbons Intel Research Pittsburgh.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
A Distributed and Oblivious Heap Christian Scheideler and Stefan Schmid Dept. of Computer Science University of Paderborn.

A Distributed and Oblivious Heap Christian Scheideler and Stefan Schmid Dept. of Computer Science University of Paderborn.
A Sybil-proof DHT using a social network Socialnets workshop April 1, 2008 Chris Lesniewski-Laas MIT CSAIL.

A Sybil-proof DHT using a social network Socialnets workshop April 1, 2008 Chris Lesniewski-Laas MIT CSAIL.
Haifeng Yu National University of Singapore

Haifeng Yu National University of Singapore
L-27 Social Networks and Other Stuff. Overview Social Networks Multiplayer Games Class Feedback Discussion 2.

L-27 Social Networks and Other Stuff. Overview Social Networks Multiplayer Games Class Feedback Discussion 2.
Sybil Attack Hyeontaek Lim 15-744 November 12, 2010.

Sybil Attack Hyeontaek Lim November 12, 2010.
1 Defragmenting DHT-based Distributed File Systems Jeffrey Pang, Srinivasan Seshan Carnegie Mellon University Phillip B. Gibbons, Michael Kaminsky Intel.

1 Defragmenting DHT-based Distributed File Systems Jeffrey Pang, Srinivasan Seshan Carnegie Mellon University Phillip B. Gibbons, Michael Kaminsky Intel.
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
1 SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu Michael Kaminsky Phillip B. Gibbons Abraham Flaxman Presented by John Mak,

1 SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu Michael Kaminsky Phillip B. Gibbons Abraham Flaxman Presented by John Mak,

Similar presentations

Ads by Google