1 / 24

The Sybil Attack in P2P Networks

The Sybil Attack in P2P Networks. Md. Tanvir Al Amin 04 09 05 2064 Shah Md. Rifat Ahsan 10 09 05 2060. CSE 6809 – Distributed Search Techniques. Inception. A 1973 book by F. R. Schreiber about a patient called “Sybil Dorsett” (pseudonym)

avi
Download Presentation

The Sybil Attack in P2P Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Sybil Attack in P2P Networks Md. Tanvir Al Amin 04 09 05 2064 Shah Md. RifatAhsan 10 09 05 2060 CSE 6809 – Distributed Search Techniques

  2. Inception • A 1973 book by F. R. Schreiber about a patient called “Sybil Dorsett” (pseudonym) • “Sybil” was suffering from dissociative identity disorder • She manifested 16 different personalities • Douceur [IPTPS 2002] was the • first to consider the multiple identity problem in the context of structured peer-to-peer networks, which was named "Sybil Attack"

  3. What is the Sybil Attack • In a sybil attack, a malicious user obtains multiple fake identities and pretends to be multiple, distinct nodes in the system. • Is found in both P2P and non P2P systems.

  4. Sybil Attack in Structured Overlays • Structured overlays are efficient node lookup systems. • They are highly scalable, efficient, and reliable. • These characteristics are achieved by deterministically replicating and recalling content within awidely distributed and decentralized network. • One practical limitation of these networks is that they are frequently subject to Sybil attacks • Malicious parties can compromise the network by generating and controlling large numbers of shadow identities.

  5. Practical Examples • Rig Internet polling by using multiple IP addresses to submit votes. • Increase Google Page-Rank rating of a page. • Reputation systems are a common target for Sybil attacks. • Bugmenot.com • Sharing of iTunes passwords for shared media access • Sybil attacks have been observed in the Maze P2P system (Lian et al., ICDCS 2007) • Steiner et al., CCR 2007 Demonstrated to be surprisingly easy in practice, e.g., in the widely-used eMule system

  6. Example • Structured P2P networks such as Chord take very limited measures against a Sybil attack, an attacker can obtain many IDs and hence many nodes in the network. This will allow an attacker to take advantage of two major vulnerabilities from which such networks suffer, • routing mechanism and • object serving mechanism.

  7. Impact • Sybil nodes can be malicious. They can provide wrong information • Think about a sybil node taking part at SETI@HOME project • Sybil nodes can launch a DoS attack on a P2P system • Suppose the DHT lookup includes a sybil node • You may fall in Infinite loop !! • Or the Sybil node may provide ostensibly wrong data !! • A virus in place of a program

  8. The Byzantine Dissidents • Imagine that there is network of dissident free-thinkers (called honest nodes) in the Byzantine Empire • They are connected by social links • Each dissident keeps track of his immediate friends, so they are always in contact.

  9. The Byzantine Dissidents • The regime employs a number of spies (Sybil nodes) who infiltrate the network by gaining the trust of honest nodes. • A link between an honest node and a Sybil node is called an attack edge. Honest nodes cannot distinguish between attack edges and honest edges, and furthermore, spies can create an arbitrary number of connections to an arbitrary number of other spies (the regime’s Sybil identities).

  10. Even in Social Networks

  11. Sybil state of the art P2P mania! Chord, Pastry, Tapestry, CAN The Sybil Attack [Douceur], Security Considerations [Sit, Morris] Restricted tables [Castro et al] BFT [Rodrigues, Liskov] SPROUT, Turtle, Bootstrap graphs Puzzles [Borisov] CAPTCHA [Rowaihy et al] SybilLimit [Yu et al] SybilInfer, SumUp, DSybil Whanau P2P mania!

  12. Basic Solution : Trusted Authority • Because Sybil attacks result from entities misidentifying themselves, requiring all nodes to authenticate with public keys is a one approach to securing these networks. • Douceur showed that without the use of a centralized authority that certifies all nodes, it is impossible to prevent this attack.

  13. Basic Solution • Srivatsa and Liu [18] suggested the use of certificates with limited lifetime issued by the bootstrap entry point that bind a node with a unique ID. This would limit the number of IDs an adversary can obtain during a time period and will depend on the lifetime of the ticket. However, requiring all nodes to obtain a certificate that will bind it with a unique ID is not only expensive but will require either releasing private information or paying an amount of money for the service. • Decentralized mechanisms for limiting Sybil attacks are therefore more palatable.

  14. Detection Models for Sybil Attack Threshold-based protocols: In this scheme, a new node becomes the part of the network if it gets a pre-specified number of trust certificates from a group of trusted nodes. This method does not provide high-level security because a Sybil attacker can take control of the network by generating the identities to meet the threshold requirements. Sybil Resisting DHT Routing:A routing strategy that is performed using a diverse set of nodes that minimizes the reliance only on the local nodes which may be controlled by the malicious node. Reduced number of corrupted nodes in the honest node's routing table makes a significant difference on the performance of DHTs.

  15. Detection Models for Sybil Attack Trusted Devices: In this scheme, entities in an application can be linked in some secure fashion to a specific hardware device. Here exists no special methods of preventing an attacker from obtaining multiple devices. The idea is that the cost of acquiring multiple devices is high.

  16. Detection Models for Sybil Attack • Storage • Give each node a large amount of uncompressible data and randomly verify small excerpts. • Computation • Ask the node to solve a difficult computational puzzle whose solution is easy to check. • Money • Charge some amount of money for each new Money: Charge some amount of money for each new identity.

  17. Latest Trends : Social Network • Sybil-proof routing using social networkA set of honest nodes connected by trust relationship and there is no idea of central trusted node. • An adversary node creates multiple identities and try to gain the trust of the honest nodes. • But the assumption here is that most honest nodes have more social connection to other honest nodes than the sybils.

  18. Social Networks • SybilGuard: Defending Against Sybil Attacks via Social Networks • Haifeng Yu Michael Kaminsky Phillip B. Gibbons Abraham Flaxman • SIGCOMM 2006 • SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks • Haifeng Yu Michael Kaminsky Phillip B. Gibbons Feng Xiao • Oakland 2008 • A Sybil-Proof Distributed Hash Table • Chris Lesniewski-Laas, M. Frans Kaashoek • NSDI 2010

  19. Social links created Slide courtesy Kaashoek, Lesniewski-Laas

  20. Social links maintained over Internet Slide courtesy Kaashoek, Lesniewski-Laas

  21. Social network Sybil region Honest region Attack edges … Slide courtesy Kaashoek, Lesniewski-Laas

  22. Our idea • We want to incorporate AI based features in Sybil detection. • Trusted voting mechanism • Learning mechanism (Bayesian learning or some other advanced learning) • Feature discovery options for Trust zone and Sybil zone. • Maximum likelihood Framework • Efficient DHT lookup bypassing Sybil nodes • Learning mechanism • Redundancy in lookup • Effective use of majority voting

  23. References • The Sybil Attack -John R.Douceur,Microsoft Research • Security Considerations for Peer-to-Peer Distributed Hash Tables -Emil Sit and Robert Morris • Sybil-resistant DHT routing -George Danezis1, Chris Lesniewski-Laas,M. Frans Kaashoek2, and Ross Anderson1 • Computational Puzzles as Sybil Defenses- Nikita Borisov • SybilGuard: Defending Against Sybil Attacks via Social Networks - Haifeng Yu Michael Kaminsky, Phillip B. Gibbons Abraham Flaxman • A Survey of Solutions to the Sybil Attack - Brian Neil Levine1 Clay Shields2 N. Boris Margolin1

  24. Do you know my name is Cybil too ?? THANK YOU

More Related