390 likes | 770 Views
Defending Against Sybil Attacks via Social Networks. Haifeng Yu School of Computing National University of Singapore. Acknowledgments. Talk based on three papers [SIGCOMM’06, ToN’08] (SybilGuard) [IEEE S&P’08] (SybilLimit) Available on my homepage – google my name Co-authors:
E N D
Defending Against Sybil Attacks via Social Networks Haifeng Yu School of Computing National University of Singapore
Acknowledgments • Talk based on three papers • [SIGCOMM’06, ToN’08] (SybilGuard) • [IEEE S&P’08] (SybilLimit) • Available on my homepage – google my name • Co-authors: • Phillip B. Gibbons • Michael Kaminsky • Feng Xiao • Abie Flaxman Haifeng Yu, National University of Singapore
launch sybil attack Background: Sybil Attack honest • Sybil attack: Single user pretends many fake/sybil identities • I.e., Creating multiple accounts • Already observed in real-world p2p systems • Sybil identities can become a large fraction of all identities malicious Haifeng Yu, National University of Singapore
Background: Sybil Attack • Enables malicious users to easily “out-vote” honest users • Byzantine consensus – exceed the 1/3 threshold • Majority voting – cast more than one vote • DHT – control a large portion of the ring • Recommendation systems – manipulate the recommendations Haifeng Yu, National University of Singapore
Background: Defending Against Sybil Attack • Using trusted central authority to tie identities to human beings – not always desirable • Much harder without a trusted central authority [Douceur’02] • Resource challenges not sufficient • IP address-based approach not sufficient • Widely considered as real & challenging: • Over 40 papers acknowledging the problem of sybil attack, without having a distributed solution Haifeng Yu, National University of Singapore
SybilGuard / SybilLimit Basic Insight: Leveraging Social Networks • Nodes = identities • Undirected edges = strong mutual trust • E.g., colleagues, relatives in real-world • Not online friends! SybilGuard / SybilLimit is the first to use social networks for thwarting sybil attacks with provable guarantees. Haifeng Yu, National University of Singapore
sybil nodes sybil nodes may collude – the adversary SybilGuard / SybilLimit Basic Insight • n honest users: One identity/node each • Malicious users: Multiple identities each (sybil nodes) honest nodes attack edges malicious users Observation: Adversary cannot create extra edges between honest nodes and sybil nodes Haifeng Yu, National University of Singapore
SybilGuard/SybilLimit Basic Insight Dis-proportionally small cut disconnecting a large number of identities But cannot search brute-force… attack edges honest nodes sybil nodes Haifeng Yu, National University of Singapore
SybilGuard / SybilLimit End Guarantees • Completely decentralized • Enables any given verifier node to decide whether to accept any given suspectnode • Accept: Provide service to / receive service from • Ideally: Accept and only accept honest nodes – unfortunately not possible • SybilGuard / SybilLimit provably • Bound # of accepted sybil nodes (w.h.p.) • Accept all honest nodes except a small fraction (w.h.p.) Haifeng Yu, National University of Singapore
Example Application Scenarios Haifeng Yu, National University of Singapore
~10 ~2000 ~10 We also prove that SybilLimit is away from optimal SybilGuard vs. SybilLimit # sybil nodes accepted (smaller is better) per attack edge between unbounded and Haifeng Yu, National University of Singapore
Outline • Motivation, basic insight, and end guarantees • SybilLimit design • Will focus on intuition • Evaluation results on real-world social networks Haifeng Yu, National University of Singapore
Cryptographic Keys • Each edge in social network corresponds to a symmetric edge key • Established out of band • Each node (honest or sybil) has a locally generated public/private key pair • “Identity”: V accepts S = V accepts S’s public key KS • When running SybilLimit, every suspect S is allowed to “register” KS on some other nodes Haifeng Yu, National University of Singapore
K K K K K K K K K K SybilLimit: Strawman Design – Step 1 K: registered keys of sybil nodes • Ensure that sybil nodes (collectively) register only on limited number of honest nodes • Still provide enough “registration opportunities” for honest nodes K: registered keys of honest nodes K K K K K K honest region sybil region Haifeng Yu, National University of Singapore
SybilLimit: Strawman Design – Step 2 K: registered keys of sybil nodes • Accept S iff KS is register on sufficiently many honest nodes • Without knowing where the honest region is ! • Circular design? We can break this circle… K: registered keys of honest nodes K K K K K K K K K K K K K K K K honest region sybil region Haifeng Yu, National University of Singapore
Three Interrelated Key Techniques • Technique 1: Use the tails of random routes for registration • Will achieve Step 1 • SybilGuard novelty: Random routes • SybilLimit novelty: The use of tails • SybilLimit novelty: The use of multiple independent instances of shorter random routes Haifeng Yu, National University of Singapore
Three Interrelated Key Techniques • Technique 2: Use intersection condition and balance condition to verify suspects • Will break the circular design and achieve Step 2 • SybilGuard novelty: Intersection on nodes • SybilLimit novelty: Intersection on edges • SybilLimit novelty: Balance condition • Technique 3: Use benchmarking technique to estimate unknown parameters • Breaks another seemingly circular design… • SybilLimit novelty: Benchmarking technique Haifeng Yu, National University of Singapore
Random 1 to 1 mapping between incoming edge and outgoing edge Random Route: Convergence f a e b d a d d e c randomized routing table e d b a c b f f d c Using routing table gives Convergence Property: Routes merge if crossing the same edge Haifeng Yu, National University of Singapore
edge “CD” is the tail of A’s random route B C D Securely Registering Public Keys record KA under name “CD” • All random routes in SybilLimit are of length w • All nodes know w • Nodes communicate via authenticated channels A i = 1 KA i = 2 KA i = 3 KA i = 3 KA To register KA, A initiates a random route (assuming w = 3) Haifeng Yu, National University of Singapore
tainted tail Tails of Sybil Suspects • Imagine that every sybil suspect initiates a random route from itself sybil nodes honest nodes total 1 tainted tail Haifeng Yu, National University of Singapore
Counting The Number of Tainted Tails attack edge • Claim: There are at most w tainted tails per attack edge • Proof: By the Convergence property • Regardless of whether sybil nodes follow the protocol honest nodes sybil nodes Haifeng Yu, National University of Singapore
Back to the Strawman Design Step 1 K: registered keys of sybil nodes K: registered keys of honest nodes • # of K’s gw • Independent of # sybil nodes • # of K’s n – gw • From “backtrace-ability” property of random routes • See paper… K K K K honest region K K K Step 1 achieved ! Haifeng Yu, National University of Singapore
Independent Instances • SybilLimit uses independent instances of the registration protocol • m: # of edges in the honest region • Number of K’s: • Number of K’s: • Goal: Accept S iff KS is registered on tails in the honest region • Sybil suspects accepted: • Honest suspects accepted: Haifeng Yu, National University of Singapore
Three Techniques • Technique 1: Use novel random routes to register public keys • Will achieve Step 1 • Technique 2: Use intersection condition and balance condition to verify suspects • Challenge: SybilLimit does not know which region is the honest region • Technique 3: Use benchmarking technique to estimate unknown parameters Haifeng Yu, National University of Singapore
The Intersection Condition • Verifier V obtains tails by doing random routes of length w • Using different instances – see paper… • Some tails are in the sybil region – ignore for now… • S satisfies intersection condition if: • S’s and V’s tails intersect • S’s public key is registered with the intersecting tail Haifeng Yu, National University of Singapore
AB 1. request S’s set of tails 2. I have three tails AB; CD; EF 4. Is KS registered? EF CD F 5. Yes. Intersection Condition: Verification Procedure S V 3.common tail: EF 4 messages involved S satisfies intersection condition Haifeng Yu, National University of Singapore
Leveraging Known Random Walk Theory • (Approximate) Theorem: • If w is roughly the mixing time of the social network, then all tails (V’s and S’s) are roughly uniformly random edges • If social networks have mixing time, then Haifeng Yu, National University of Singapore
Help to bound # of sybil nodes accepted Leveraging a Sharp Distribution Assuming V has tails in the honest region Intersection prob p 1.0 Birthday paradox This is why SybilLimit does edge intersection … 0 # of S’s tails in honest region Haifeng Yu, National University of Singapore
Back to the Strawman Design Step 2 K: registered keys of sybil nodes • Accept S iff KS is register on sufficiently many honest nodes • “Sufficiently many” = • Intersection occurs iff S has tails in the honest region K: registered keys of honest nodes K K K K K K K K K K K K K K K K honest region sybil region Haifeng Yu, National University of Singapore
Omitted Challenges … • Some of V’s tails are in the sybil region • We do not know which tails are in the sybil region • Balance condition – hardest part to prove in SybilLimit… • Adversary has many strategies to allocated the tainted tails… • Tainted tails are not uniformly random… • See paper for details… Haifeng Yu, National University of Singapore
Three Interrelated Key Techniques • Technique 1: Random routes • Technique 2: Intersection condition and balance condition • Technique 3: Novel and counter-intuitive benchmarking technique • Avoids another seemingly circular design… • See paper… • Claims on near-optimality: See paper… Haifeng Yu, National University of Singapore
Performance Aspects • Random routes are performed only once • Re-do only when social network changes – infrequently • Can be done incrementally • Doing random routes is not time-critical • Only delays a new suspect being accepted • Churn is a non-problem… • Verification involves O(1) messages • See paper… Haifeng Yu, National University of Singapore
Outline • Motivation, basic insight, and end guarantees • SybilLimit design • Evaluation results on real-world social networks Haifeng Yu, National University of Singapore
Validation on Real-World Social Networks • SybilGuard / SybilLimit assumption: Honest nodes are not behind disproportionally small cuts • Rigorously: Social networks (without sybil nodes) have small mixing time • Mixing time affects # sybil nodes accepted • Synthetic social networks – proof in [SIGCOMM’06] • Real-world social networks? • Social communities, social groups, …. Haifeng Yu, National University of Singapore
Simulation Setup Crawled online social networks used in experiments • We experiment with: • Different number and placement of attack edges • Different graph sizes -- full size to 100-node sub-graphs • Sybil attackers use the optimal strategy Haifeng Yu, National University of Singapore
Brief Summary of Simulation Results • In all cases we experimented with: • Average honest verifier accepts ~95% of all honest suspects • Average honest suspect is accepted by ~95% of all honest verifiers • # sybil nodes accepted: • ~10 per attack edge for Friendster and LiveJournal • ~15 per attack edge for DBLP Haifeng Yu, National University of Singapore
Other Social Networks? • Other social networks likely to have small mixing time too (DBLP as a worst-case) • What if the mixing time is large? • Graceful degradation of SybilLimit’s guarantees -- Accept more sybil nodes Haifeng Yu, National University of Singapore
Conclusions • Sybil attack: • Widely considered as a real and challenging problem • SybilLimit: Fully decentralized defense protocol based on social networks • Provable near-optimal guarantees • Experimental validation on real-world social networks • Future work: Implement SybilLimit with real apps Haifeng Yu, National University of Singapore
Post Doc Opening • NUS: Ranked 31st globally by Newsweek • E.g., we have 11 SIGMOD papers in 2008 • I have post doc opening in distributed systems and distributed algorithms • Minimum 1 year, renewable up to multiple years • 2 years funding already committed • Main job duty: Publish in top venues • Help you to build up track record for career after post doc • Salary: Comparable (if not better) than US post docs • Singapore living cost and tax are lower than US • Contact me to inquire or apply – google my name Haifeng Yu, National University of Singapore