the sybil attack, j. r. douceur, iptps 2002. clifton forlines csc2231 online social networks...
TRANSCRIPT
The Sybil Attack, J. R. Douceur, IPTPS 2002.
Clifton ForlinesCSC2231 Online Social Networks11/1/2007
Outline
• Brief overview of the paper
• Discussion on differences between P2P networks and OSN and on how this effects Sybil attacks
Sybil Attack
• “Sybil” (1973) by Flora Rheta Schreiber
• Attacker creates multiple identities to control a large portion of the network and overcome redundancy
Identity Validation
• How does an entity know that two identities come from different entities?
• Centralized server is one option• Douceur mentions three mechanisms of
testing independence of identities in P2P– Communication– Computation– Storage
Identity Validation
• Four Lemmas “prove” that Sybil attacks are always possible without centralized authority
Lemma 1
• Because entities are heterogeneous in terms of capabilities, a malicious entity can create several “minimal” identities
• Lower-bound on number of identities
Lemma 2
• Unless identities are tested simultaneously, a compromised entity can create any number of identities
• Simultaneous identity verification not practical
Lemma 3
• If a certain number of identities must vouch for a new identity for it to be accepted, then a set of compromised identities can create any number of new fake identities
Lemma 4
• Without simultaneous validation of identities by a set of trusted entities, a single faulty entity can present many identities.
• Again, simultaneous validation is difficult in real-world networks.
Overview Conclusion
• Networks require centralized authority to validate network identities
• Without one, Sybil attacks are always a possibility
Identity Validation in an OSN
• Douceur mentions three mechanisms of testing independence of identities in P2P– Communication– Computation– Storage
• What mechanisms exist for social networks?
Identity Validation
?
Identity Validation
Identity Validation
• OSN have lots of techniques to validate identities that are not present in P2P
Network
Network
Network
What about the links?
Links in a Social Network
• What are the Differences between links in a P2P network and links in an on-line social network?
Links in a Social Network
• What are the Differences between links in a P2P network and links in an on-line social network?– Links in OSN correspond to real-world links
Links in a Social Network
• What are the Differences between links in a P2P network and links in an on-line social network?– Links in OSN correspond to real-world links
– Links in OSN take time and effort to setup
Links in a Social Network
• What are the Differences between links in a P2P network and links in an on-line social network?– Links in OSN correspond to real-world links
– Links in OSN take time and effort to setup
– Links in OSN cluster and have high # of intra-cluster connections
Links in a Social Network
• What does a link in a social network signify?
Links in a Social Network
• What does a link in a social network signify?– Indicates trust
Links in a Social Network
• What does a link in a social network signify?– Indicates trust
– Vouches for individual
Links in a Social Network
• How many links can a malicious node in a P2P network create?
• How many in an OSN?
Links in a Social Network
• How many links can a malicious entity in a P2P network create? – As many as one wants. (mostly)
• How many in an OSN?– As many as one has time and effort to create.
Network
What about the links?
Network
Network
Network
Network
Network
Network
• How can we identify this type of edge without global network typology?
Summary
• OSN have lots of techniques to validate identities that are not present in P2P
• Links in an OSN– Indicates trust– Vouches for individual– correspond to real-world links– take time and effort to setup– cluster and have high # of intra-cluster connections
• Malicious entity can only create as many links as they have time and effort to create.
Other Discussion Topics
• IPv6 privacy (mentioned in paper)