defending against sybil attacks via social networks

Defending Against Sybil Attacks Defending Against Sybil Attacks via Social Networksvia Social Networks

Haifeng Yu

School of Computing

National University of Singapore

Haifeng Yu, National University of Singapore 2

AcknowledgmentsAcknowledgments

Talk based on three papers [SIGCOMM’06, ToN’08] (SybilGuard)

[IEEE S&P’08] (SybilLimit)

Available on my homepage – google my name

Co-authors: Phillip B. Gibbons

Michael Kaminsky

Feng Xiao

Abie Flaxman


Background: Sybil AttackBackground: Sybil Attack

Sybil attack: Single user pretends many fake/sybil identities I.e., Creating multiple accounts

Already observed in real-world p2p systems

Sybil identities can become a large fraction of all identities

launchsybilattack

honest

malicious


Background: Sybil AttackBackground: Sybil Attack

Enables malicious users to easily “out-vote” honest users Byzantine consensus – exceed the 1/3 threshold

Majority voting – cast more than one vote

DHT – control a large portion of the ring

Recommendation systems – manipulate the recommendations


Background: Defending Against Sybil AttackBackground: Defending Against Sybil Attack Using trusted central authority to tie identities to

human beings – not always desirable

Much harder without a trusted central authority [Douceur’02] Resource challenges not sufficient

IP address-based approach not sufficient

Widely considered as real & challenging: Over 40 papers acknowledging the problem of sybil

attack, without having a distributed solution


SybilGuard / SybilLimit Basic Insight: SybilGuard / SybilLimit Basic Insight: Leveraging Social NetworksLeveraging Social Networks

Nodes = identities

Undirected edges = strong mutual trust E.g., colleagues,

relatives in real-world

Not online friends!

SybilGuard / SybilLimit is the first to use social networks for thwarting sybil attacks with provable guarantees.


SybilGuard / SybilLimit Basic InsightSybilGuard / SybilLimit Basic Insight

malicioususers

honestnodes

Observation: Adversary cannot create extra edges between honest nodes and sybil nodes

attack edges

n honest users: One identity/node each

Malicious users: Multiple identities each (sybil nodes)

sybil nodes

sybil nodes may collude – the adversary


SybilGuard/SybilLimit Basic InsightSybilGuard/SybilLimit Basic Insight

honest nodes sybil nodes

Dis-proportionally small cut disconnecting a large number of identities

But cannot search brute-force…attack

edges


SybilGuard / SybilLimit End GuaranteesSybilGuard / SybilLimit End Guarantees

Completely decentralized

Enables any given verifier node to decide whether to accept any given suspect node Accept: Provide service to / receive service from

Ideally: Accept and only accept honest nodes – unfortunately not possible

SybilGuard / SybilLimit provably Bound # of accepted sybil nodes (w.h.p.)

Accept all honest nodes except a small fraction (w.h.p.)


Example Application ScenariosExample Application Scenarios

If # of sybil nodes accepted

Then applications can do

< n majority voting

< n/2 byzantine consensus

< n/c for some constant c secure DHT [Awerbuch’06, Castro’02,

Fiat’05]

… …


total number of attack edges

SybilGuard [SIGCOMM’06]

SybilLimit [Oakland’08]

nnOg log/ )log( nn )(log n

)(log nunbounded

# sybil nodes accepted (smaller is better) per attack edge

nn log/ nnO log/

g between

and

g

~2000 ~10

~10

SybilGuard vs. SybilLimitSybilGuard vs. SybilLimit

We also prove that SybilLimit is away from optimal)(log nO


OutlineOutline

Motivation, basic insight, and end guarantees

SybilLimit design Will focus on intuition

Evaluation results on real-world social networks


Cryptographic KeysCryptographic Keys

Each edge in social network corresponds to a symmetric edge key Established out of band

Each node (honest or sybil) has a locally generated public/private key pair “Identity”: V accepts S = V accepts S’s public key KS

When running SybilLimit, every suspect S is allowed to “register” KS on some other nodes


SybilLimit: Strawman Design – Step 1SybilLimit: Strawman Design – Step 1

Ensure that sybil nodes (collectively) register only on limited number of honest nodes

Still provide enough “registration opportunities” for honest nodes

sybil regionhonest region

K: registered keys of sybil nodes

K K

K

KK

K

K K

K

K

K

K

K

KK K

K: registered keys of honest nodes


SybilLimit: Strawman Design – Step 2SybilLimit: Strawman Design – Step 2

Accept S iff KS is

register on sufficiently many honest nodes

Without knowing where the honest region is !

Circular design? We can break this circle…

K K

K

KK

K

K K

K

K

K

K

K

KK K





Three Interrelated Key TechniquesThree Interrelated Key Techniques

Technique 1: Use the tails of random routes for registration Will achieve Step 1

SybilGuard novelty: Random routes

SybilLimit novelty: The use of tails

SybilLimit novelty: The use of multiple independent instances of shorter random routes


Three Interrelated Key TechniquesThree Interrelated Key Techniques Technique 2: Use intersection condition and

balance condition to verify suspects Will break the circular design and achieve Step 2

SybilGuard novelty: Intersection on nodes

SybilLimit novelty: Intersection on edges

SybilLimit novelty: Balance condition

Technique 3: Use benchmarking technique to estimate unknown parameters Breaks another seemingly circular design…

SybilLimit novelty: Benchmarking technique


Random 1 to 1 mapping between incoming edge and outgoing edge

Random Route: ConvergenceRandom Route: Convergence

a db ac bd c

d ee df f

a

b

c

d e

f

randomized

routing table

Using routing table gives Convergence Property:

Routes merge if crossing the same edge


Securely Registering Public KeysSecurely Registering Public Keys

All random routes in SybilLimit are of length w All nodes know w

Nodes communicate via authenticated channels

A B C D

To register KA, A initiates a random route (assuming w = 3)

i = 1

KA

i = 2

KA

i = 3

KA

i = 3

KA

record KA

under name “CD”

edge “CD” is the tail of A’s random route


Tails of Sybil SuspectsTails of Sybil Suspects Imagine that every sybil suspect initiates a

random route from itself

total 1 tainted tail

honestnodes

sybilnodes

tainted tail


Counting The Number of Tainted TailsCounting The Number of Tainted Tails

Claim: There are at most w tainted tails per attack edge Proof: By the Convergence property

Regardless of whether sybil nodes follow the protocol

honestnodes

sybilnodes

attack edge


Back to the Strawman Design Step 1Back to the Strawman Design Step 1

# of K ’s gw Independent of # sybil

nodes

# of K ’s n – gw From “backtrace-ability”

property of random routes

See paper…

honest region

K

K

K

K

K

K

KStep 1 achieved !




Independent InstancesIndependent Instances

SybilLimit uses independent instances of the registration protocol m: # of edges in the honest region

Number of K’s:

Number of K’s:

Goal: Accept S iff KS is registered on

tails in the honest region Sybil suspects accepted:

Honest suspects accepted:

m

mwgn )(

mwg

m

wgn

wg


Three TechniquesThree Techniques Technique 1: Use novel random routes to

register public keys Will achieve Step 1

Technique 2: Use intersection condition and balance condition to verify suspects Challenge: SybilLimit does not know which region is

the honest region

Technique 3: Use benchmarking technique to estimate unknown parameters


The Intersection ConditionThe Intersection Condition

Verifier V obtains tails by doing random routes of length w Using different instances – see paper…

Some tails are in the sybil region – ignore for now…

S satisfies intersection condition if: S’s and V’s tails intersect

S’s public key is registered with the intersecting tail

m m


4. Is KS registered?

Intersection Condition: Verification ProcedureIntersection Condition: Verification Procedure

VS

1. request S’s set of tails AB

CDEF

F

2. I have three tails

AB; CD; EF

3.common tail: EF

5. Yes.4 messages involved

S satisfies intersection condition


Leveraging Known Random Walk TheoryLeveraging Known Random Walk Theory

(Approximate) Theorem: If w is roughly the mixing time of the social network,

then all tails (V’s and S’s) are roughly uniformly random edges

If social networks have mixing time, then

)(log nO)(log nOw


Leveraging a Sharp DistributionLeveraging a Sharp Distribution

Assuming V has tails in the honest region

1.0

0

Intersection prob p

# of S’s tails in honest region

m

m

1p

m

0pBirthday paradox

m

Help to bound # of sybil nodes accepted

This is why SybilLimit does edge intersection …


Back to the Strawman Design Step 2Back to the Strawman Design Step 2

Accept S iff KS is

register on sufficiently many honest nodes

“Sufficiently many” =

Intersection occurs iff S has tails in the honest region

K K

K

KK

K

K K

K

K

K

K

K

KK K




m

m


Omitted Challenges …Omitted Challenges …

Some of V’s tails are in the sybil region We do not know which tails are in the sybil region

Balance condition – hardest part to prove in SybilLimit…

Adversary has many strategies to allocated the tainted tails…

Tainted tails are not uniformly random…

See paper for details…


Three Interrelated Key TechniquesThree Interrelated Key Techniques

Technique 1: Random routes

Technique 2: Intersection condition and balance condition

Technique 3: Novel and counter-intuitive benchmarking technique Avoids another seemingly circular design…

See paper…

Claims on near-optimality: See paper…


Performance AspectsPerformance Aspects Random routes are performed only once

Re-do only when social network changes – infrequently

Can be done incrementally

Doing random routes is not time-critical Only delays a new suspect being accepted

Churn is a non-problem…

Verification involves O(1) messages

See paper…


OutlineOutline

Motivation, basic insight, and end guarantees

SybilLimit design

Evaluation results on real-world social networks


Validation on Real-World Social NetworksValidation on Real-World Social Networks

SybilGuard / SybilLimit assumption: Honest nodes are not behind disproportionally small cuts Rigorously: Social networks (without sybil nodes) have

small mixing time

Mixing time affects # sybil nodes accepted

Synthetic social networks – proof in [SIGCOMM’06]

Real-world social networks? Social communities, social groups, ….


Simulation SetupSimulation Setup

We experiment with: Different number and placement of attack edges

Different graph sizes -- full size to 100-node sub-graphs

Sybil attackers use the optimal strategy

# nodes # edges

Friendster 0.9M 7.8M

Livejournal 0.9M 8.7M

DBLP 0.1M 0.6M

Crawled online social networks used in experiments


Brief Summary of Simulation ResultsBrief Summary of Simulation Results

In all cases we experimented with:

Average honest verifier accepts ~95% of all honest suspects

Average honest suspect is accepted by ~95% of all honest verifiers

# sybil nodes accepted: ~10 per attack edge for Friendster and LiveJournal

~15 per attack edge for DBLP


Other Social Networks?Other Social Networks?

Other social networks likely to have small mixing time too (DBLP as a worst-case)

What if the mixing time is large? Graceful degradation of SybilLimit’s guarantees --

Accept more sybil nodes


ConclusionsConclusions

Sybil attack: Widely considered as a real and challenging problem

SybilLimit: Fully decentralized defense protocol based on social networks Provable near-optimal guarantees

Experimental validation on real-world social networks

Future work: Implement SybilLimit with real apps


Post Doc OpeningPost Doc Opening NUS: Ranked 31st globally by Newsweek

E.g., we have 11 SIGMOD papers in 2008

I have post doc opening in distributed systems and distributed algorithms Minimum 1 year, renewable up to multiple years

2 years funding already committed

Main job duty: Publish in top venues Help you to build up track record for career after post doc

Salary: Comparable (if not better) than US post docs Singapore living cost and tax are lower than US

Contact me to inquire or apply – google my name

defending against sybil attacks via social networks

Documents

sybil attackusing

sybil attacksybil attack

problem of sybil attack

accepted sybil nodes

thwarting sybil attacks

large number of identities

multiple identities

bandeach node honest